A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the United States and Canada.
The fraudsters, whom we named “Water Nue,” primarily target accounts of financial executives to obtain credentials for further financial fraud. The phishing emails redirect users to fake Office 365 login pages. Once the credentials are obtained and accounts are successfully compromised, emails containing invoice documents with tampered banking information are sent to subordinates in an attempt to siphon money through fund transfer requests.
The post Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts appeared first on .
The United States National Security Agency (NSA) issued an advisory this week on the dangers of location data exposure, providing various ways users can mitigate the risk. While the guidance in the document is intended for Department of Defense (DoD) employees, the NSA acknowledged the information will be useful to a wide range of users. “Location data can be extremely valuable and must be protected,” the advisory warns, listing GPS, Wi-Fi, and Bluetooth all as services that can leak location data. Mobile devices can expose location data whether they’re on or off, cautions the NSA. Also, location information can be gleaned from many apps, IoT devices, and social media platforms.