Scam Alert: Got WhatsApp Message From Your Boss or CEO? Think Twice Before Responding

New Delhi: Cybersecurity researchers have discovered a spear phishing campaign where the con artists target employees of an organisation by impersonating the CEO or Boss of that company.

A spear phishing attempt that targeted many organisations was discovered by CloudSEK experts. The campaign involved a certain type of message that appeared to be sent by CEOs or superiors but may actually be a scam.

The threat actor sends WhatsApp messages to employees (mainly top executives) on their personal phone numbers while posing as the firm CEO in these communications.

 

While investigating phishing cases of various customers, @CloudSEKs' analysts identified a spear phishing campaign targeting multiple corporations. Read about the The CEO Impersonation Fraud Threatening IT Companies : https://t.co/ZqPXumFlj0#Phishing #Impersonation

— CloudSEK (@cloudsek) February 9, 2023

 

Modus Operandi of the WhatsApp spear phishing Scam

Analysts at cybersecurity firm CloudSEK found the following Modus Operandi that the spear phishing Scamsters adopted

The vulnerable employees recieves an SMS-based message from an unknown based number "allegedly impersonating a top-ranking executive from the organization" 

The Fraudsters impersonate the top-ranking executive so as to instill urgency and panic

If the he vulnerable employee or the reciever of the SMS acknowledges the scammer with a response, the threat actor/scammer would request to complete a quick task. 

CloudSEK says that the "quick tasks commonly include: purchasing gift cards for a client or employee and/or wiring funds to another business."

Scammer may also ask employees to send personal information like PINs and passwords to third parties in some cases, thus often providing a probable reason to carry out the request.

 

CloudSEK in its report wrote that the "threat actors often use commanding and persuasive language to convince the email victim to respond...Threat actors then use popular sales intelligence or lead generation tools such as Signalhire, Zoominfo, Rocket Reach to gather personal identifiable information (PII) like emails, phone numbers, and more."