Breaches and incidents

CYBER ATTACKS ON EMPLOYEE BENEFIT SYSTEM

COVID-19 pandemic has resulted in many countries and organizations creating restricted laws concerning employee benefit plans which relieve workers who have lost their job, of their financial burden. This has created a situation for cybercriminals to take control. Hackers have taken some actions to defraud organizations in the following ways:

HMRC SMS Attack

Griffin Law, a litigation firm noticed that a new phishing threat has been created. This phishing attack targets self-employed workers who are in need of the Self-Employment Income Support Scheme (SEISS).

The attack impersonates tax refund benefits, which diverts users to a misleading website which then takes them to a fraudulent HMRC site. This site requires users to input personal details and their HMRC log-in details. Their eligible refund is then calculated. The main attack occurs when users are required to input their payment card details. This threat has affected about 100 self-employed workers.

SFERS Attack

A data breach has recently been mentioned by the San Francisco Retirement System (SFERS). The breach originated from one of their vendors, 10up Inc. Their test data server was breached by a third party aiming at deriving information/data of members. About 74,000 users suffered from this attack.

Florida Unemployment System Attack

A few weeks ago, there was an attack in Florida. The hackers stole personal data from Florida Residents. The residents who claimed unemployment benefits from the Florida Department of Economic Opportunity (DEO) lost valuable information to these attackers.

Washington’s Unemployment Insurance Programs Attack

A huge fraud attack was discovered by security experts in Washington. The attack was carried out by a hacker group referred to as the “Scattered Canary”, who stole millions of dollars from the state of Washington’s unemployment system. Fraudulent claims were used to siphon this amount of money. Familiar scams were also attempted in other states by this same group.

Asides from identity theft, data/information collected by these hackers could be used for phishing scams. Users need to ensure that their systems and devices are well protected and also avoid letting too much personal information out.

CCG’s CheckMate is an all-in-one solution, providing your computer and systems with 24/7 cybersecurity monitoring by adopting a Zero Trust Network as part of our complete cybersecurity strategy. CheckMate will maintain the health of your system and monitor its performance to detect any abnormalities the moment they occur and stop problems immediately.

To learn more about CheckMate, CCG’s latest artificial intelligent software product that will protect your network from cyber-crime, visit our website @ https://www.phen-ai.com.

Olumide Akinwekomi

About Olumide Akinwekomi

Leave a Reply