Sophisticated threat actors are leveraging·phishing kits,·back-end·source code·packages·used·by scammers to·launch phishing attacks,·to·defraud·both citizens and government agencies out of unemployment payments.·Exploiting·pandemic-
Dubbed a 'scam pandemic' by the·Federal Trade Commission, these unemployment Insurance-related phishing campaigns have targeted people in all 50 states, representing far-reaching data privacy and cybersecurity threat. For instance, the State of Illinois experienced one of the most expansive phishing attacks seen by telco veteran turned cybersecurity expert WMC Global. Despite warnings and messaging from the Illinois Department of Employment Security (IDES), including a press release and subsequent news coverage, threat actors were inundating Illinois residents with SMS phishing campaigns.
Additionally, in Wisconsin and Maryland, the unemployment insurance phishing attacks involved text messages sent to unaware consumers asking them to verify their information to receive benefits at a provided link. The target was then directed to a phishing page impersonating the state benefits service, which required the user to provide personally identifiable information (PII) to receive the supposed benefits.
Threat analysts deal with customer credential phishing as a daily occurrence; however, in the past, they have lacked actionable intelligence solutions that allow for attribution of these attacks. Phishing kits are an untapped resource. Using phishing kits allows threat actors to continually update their approach, refreshing their methodologies to maintain effectiveness, and the·hidden code elements and vital clues·they contain offer the opportunity to·attribute mass campaigns back to·the·responsible·threat actor(s).
WMC Global has identified intra-state patterns of unemployment insurance fraud and is relaying all findings to government agencies.
