Published: April 25, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Teddy bears are cute and cuddly little things and to really make someone go all squishy. To find out, just send one in the mail with a Best Buy gift card. That’s what the hacking group FIN7 (aka Carbanak) is doing along with a nifty USB drive that will help you determine what purchases you can make with that gift card. If you do insert the provided USB stick into your computer, you’ll be gifted malware, called Griffon, that can allow an attacker to take over your computer.
The FBI issued an alert describing some of the actions attackers can and will do should they get access to the computers. That included calling back to the attacker-controller server in Russia and then sending information gathered such as username, host name, system privileges, what programs are installed, what processes are running, and more.
If you aren’t expecting to receive a gift in the mail or in email, don’t put any provided devices into your computer. Always check them for malware first. It takes seconds for malware to pass from an infected drive to your computer and far longer for you to get rid of it. Always confirm via phone, text, or new email message with the gifter before inserting a USB drive into your computer or even to your smart TV, if that is something you can do.
While this is not a novel trick for cyber thieves, it is something that hasn’t happened in a while. Most cybercrime these days is done completely electronically via phishing attempts or in texts and SMS messages (smishing). Some are even done through the telephone or other voice means (vishing). Don’t click links or attachments that are not expected or that you aren’t 100% certain are safe. Never give out personal or confidential information, such as payment card details over the phone unless you initiate the phone call and/or other communication.
In this latest attack, FIN7 has been sending these gift cards to persons working in Human Resources, IT, or in executive roles. Presumably because these groups have access to the most confidential information and/or have the highest privileges with their computer access. If you are in one of those roles, or in a financial role, use extra caution when receiving gifts unexpectedly and always verify them before using them.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com