Ridgewood NJ, This NJCCIC Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. At this time, the NJCCIC is not aware of any specific or imminent cyber threat to NJ.
The New Jersey Cybersecurity and Communications Integration Cell, also known as the New Jersey Office of Homeland Security and Preparedness’ Division of Cybersecurity.
Ridgewood NJ, The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC ) continues to receive reports of Facebook Messenger social engineering scams. Messages are received from a Facebook account the target is “friends” with but whose account has been hacked. These messages vary but often include a link that leads to a website requesting the target’s Facebook account credentials. Some messages reported include language referring to a COVID-19 grant program and claiming the target can receive thousands of dollars. Previously reported scam messages contained phrases like “Hey I saw this video. Isn’t this you?” or claimed the sender is in trouble and needs money. These Facebook Messenger scams are prolific and have resulted in compromised Facebook accounts and monetary loss.
Phishing emails are being sent to New Jersey state employees and the public regarding driver’s license updates, similar to recently circulated SMS text scams. These messages claim that the recipient needs to update their information with the Social Security Administration to avoid suspension of their license. These phishing email includes a link that, if clicked, directs the user to a malicious website that appears to be a French news site. The website is now identified as malicious by a number of anti-virus programs; however, new websites – as well as different sender emails and subject lines – may be used in subsequent phishing campaigns. Email and text-based phishing messages impersonating the MVC may be targeting New Jersey residents in part due to the rollout of REAL ID.
Ridgewood NJ, SMiShingis a social engineering tactic used to send spam or malicious text messages to deceive victims into believing the message came from a trusted person or organization and convince them to perform an action, such as revealing account credentials, downloading malware, or sending money. SMiShing messages may come from random phone numbers or email addresses and often use a sense of urgency to convince the target to take a desired action quickly. In addition, robotexts, which are automated text messages sent to mobile devices, are increasingly taking the spotlight as the federal government and telecom companies are trying to crackdown on this activity.