Cyber Security: Social engineering attacks on the increase

Cyber Security: Social engineering attacks on the increase

There has been a significant increase in social engineering attacks against the University. This style of attack tries to extract information or funds from victims without needing to take over an IT account - the most common aim of most phishing email.

Spoofed Emails

We’ve seen attackers impersonating staff members via email by creating a free account (such as Gmail) and setting the display name to match that of a University staff member. The initial tendency was to impersonate Senior Management; more recently however we have seen examples of spoofed emails impersonating staff of varying levels of seniority.

The attackers research the contacts of the person being impersonated, then send emails requesting help with an urgent task. Once they have established contact with you, they will typically attempt to conduct a scam involving the purchase of online shopping vouchers.

If you receive an email that appears to come from a colleague asking for urgent help, always ensure the sender address is correct. Emails originating outside the University will show this banner:

Image of email banner alerting recipient to potential spam

Tip: If a sender is trying to induce a sense of urgency, you should consider this a red flag for a potential scam.

For more information on spoofing:

Extortion Scams

Cryptocurrency extortion email scams are also on the increase.

A malicious actor will send out extremely threatening emails stating they have compromised your devices and then attempt to extort a cryptocurrency payment. They will often include a genuine password that is known to you as well as other personal details. In some cases, the emails are spoofed to appear as if they have come from your own mailbox.

Such threats are almost always baseless. The information used for blackmailing is taken from publicly available data sets stolen during major data breaches affecting high profile websites over the years. Examples of compromised websites include LinkedIn and Dropbox.

You can check whether your email address has ever been compromised in such a breach using the free Have I Been Pwned service: https://haveibeenpwned.com/

If you are listed in any breaches, you should ensure that none of your online accounts or services use the same or similar password to the one listed in the message. In general, you should also never reuse passwords between different services. A password manager can assist with this.

For more information:

Note: While rare in comparison to empty threats, genuine extortion is a possibility. If you have any reason to believe the sender of a similar message has genuinely compromised your accounts or devices, then you should liaise with the police as a matter of urgency.

Telephone Scams

Lastly, telephone scams are still a common issue. We are aware of a small number of cases in recent weeks where attackers successfully gained remote access to University devices under the guise of providing tech support.

If you think you have been the victim of a similar scam, please contact the IT Service Desk immediately at https://myit.abdn.ac.uk.

Find out more

 

Author: Information Security Team, DDIS

Search News

Browse by Month

2021

  1. Jan
  2. Feb
  3. Mar There are no items to show for March 2021
  4. Apr There are no items to show for April 2021
  5. May There are no items to show for May 2021
  6. Jun There are no items to show for June 2021
  7. Jul There are no items to show for July 2021
  8. Aug There are no items to show for August 2021
  9. Sep There are no items to show for September 2021
  10. Oct There are no items to show for October 2021
  11. Nov There are no items to show for November 2021
  12. Dec There are no items to show for December 2021

2013

  1. Jan There are no items to show for January 2013
  2. Feb There are no items to show for February 2013
  3. Mar
  4. Apr
  5. May
  6. Jun
  7. Jul
  8. Aug
  9. Sep
  10. Oct
  11. Nov
  12. Dec