Security Update 18 September 2023

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research institutions and private companies.

“In executing the scheme, Song allegedly sent spear phishing emails to individuals employed in positions with the U.S. government, including NASA, the Air Force, Navy, and Army, and the Federal Aviation Administration,” the Justice Department says.

“Song also sent spear phishing emails to individuals employed in positions with major research universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio, and with private sector companies that work in the aerospace field.”

The Justice Department says Song was an employee of the Aviation Industry Corporation of China (AVIC), a Chinese state-owned aerospace and defense conglomerate. The goal of the alleged operation was presumably cyberespionage.

“Song allegedly engaged in a multi-year ‘spear phishing’ email campaign in which he created email accounts to impersonate U.S.-based researchers and engineers and then used those imposter accounts to obtain specialized restricted or proprietary software used for aerospace engineering and computational fluid dynamics,” the DOJ says.

“This specialized software could be used for industrial and military applications, such as development of advanced tactical missiles and aerodynamic design and assessment of weapons.”

The phishing emails impersonated real colleagues of the targeted individuals, requesting access to source code.

“Song’s spear phishing emails appeared to the targeted victims as having been sent by a colleague, associate, friend, or other person in the research or engineering community,” the indictment says. “His emails requested that the targeted victim send or make available source code or software to which Song believed the targeted victim had access.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

The U.S. Justice Department has the story.

How to Spot a Scam
emai, text or Phone Call

Here’s what to do if you’ve shared personal information with someone you think might be a scammer.

Recognise the signs someone is trying to scam you you, and learn how to check if a message you have received is genuine.

Cyber criminals may contact you via email, text, phone call or via social media. They will often pretend to be someone (or an organisation) you trust.

 

They may contain bad spelling or grammar, come from an unusual email address, or feature imagery or design that feels ‘off’.  But scams are getting smarter and some even fool the experts so be vigilant, its better to be Safe then Sorry.

 

Criminals are increasingly using QR codes within phishing emails to trick users into visiting scam websites.  QR codes are usually safe to use in pubs and restaurants (read more on the Government Website), but you should be wary of scanning QR codes within emails.

The way the Scammers work is by trying to quickly gain your trust and reassure you. They aim to pressure you into acting without thinking.

If a message or call makes you suspicious, stop, break the contact, and consider the content of the conversation. If the scan is on the phone put the phone down and call the business or individual from another phone or wait 20 minute before you call them back (but make sure you have a dial tone before you start dialing the number) Scams often feature one or more of these tell-tale signs.

  • Authority – Is the message claiming to be from someone official? For example, your bank, doctor, a solicitor, or a government department. Criminals often pretend to be important people or organisations to trick you into doing what they want. 

 

  • Urgency – Are you told you have a limited time to respond (such as ‘within 24 hours’ or ‘immediately’)? Criminals often threaten you with fines or other negative consequences.

 

  • Emotion – Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.

 

  • Scarcity – Is the message offering something in short supply, like concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.

 

  • Current events – Are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.

How to check if a message is genuine

If you have any doubts about a message, contact the organisation directly. Don’t use the numbers or address in the message – use the details from their official website.

Remember, your bank (or any other official source) will never ask you to supply personal information via email, or call and ask you to confirm your bank account details. If you suspect someone is not who they claim to be, hang up and contact the organisation directly. If you have paper statements or a credit card from the organisation, official contact details are often written on them.

© Copyright 2024 Black Cat Computers - Somerset