New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Save the Children Federation Scammed

Attackers were able to compromise an employee’s email account which was later used in phishing attempts. These attempts were pulled off by sending fake invoices along with other faulty financial documents. The documents claimed $1 million was needed to purchase solar panels for multiple health centers in Pakistan only to find out it was a scam after the money had been transferred. The Federation has claimed it has ramped up its security practices since the occurrence of this scam and it has also been able to re-obtain nearly all of the funds that were lost. Unfortunately, this was not the first time they had dealt with something of this nature. Prior to this, $9,210 was able to be scammed away from them when attackers compromised one of the vendors for the charity. Thankfully insurance claims were able to save the funds from completely being lost.

Analyst Notes

Phishing attempts happen regularly so it is very important to keep up with the techniques as new ones are being carried out daily. Employees should try to avoid providing their work email for anything other than what is required by their company. It is always safe to double check or ask questions when transferring information, especially when it regards high level finances.