Tag: phishing scams

  • Hacking group Scattered Spider is making waves for disrupting retailers and corporate America despite recent arrests

    Hacking group Scattered Spider is making waves for disrupting retailers and corporate America despite recent arrests

    Scattered Spider, otherwise known as UNC3944 gained notoriety during the infamous attack on MGM (which we reported in in 2023) which was estimated to have cost the company around $100 million dollars. The group has kept up its momentum while targeting financial institutions in particular such as PNC Financial Group, Synchrony Financial, Truist Bank and more.

    It’s estimated the cost of cyber crime has risen to $793 billion per month with groups like Scattered Spider contributing to this bottom line. The group has also been in the news for its unusual makeup, with most arrests being teenagers to young adults. This is not the hardened group of long-time professional hackers most people think of when they think of breaches on this scale.

    A set of recent arrests were made of two 19-year-old men, a 17-year-old boy and a 20-year-old woman in the UK, with the bad actors being charged with blackmail, money laundering and ties to a criminal organization as of writing. One of the alleged leaders of the group, 23-year-old Tyler Buchanan, was also arrested in May of this year and has been extradited to California to face charges where he faces up to 47 years behind bars.

    Ransomware/Malware-as-a-service (RAAS/MAAS) becoming more ubiquitous means that someone doesn’t even have to be extremely tech savvy to pull a cyber attack, expanding the reach of bad actors looking for financial gain from attacks on anyone convenient. It has never been more true than it is now in 2025 that no one is safe from cyber threats. Your business Isn’t too small or too remote to be a target.

    The group has also focused on tactics that are more social engineering than directly technical, with phishing being a primary driver as we saw in the MGM attack. Here are 5 ways hacking groups like Scattered Spider are pulling off cyber attacks:

    1. Social Engineering and Impersonation

    Scattered Spider is notorious for tricking employees into giving up credentials. They often:

    • Impersonate IT or help desk personnel
    • Call or message employees to reset passwords or approve MFA prompts
    • Use public info (like LinkedIn profiles) to craft believable stories
    1. SIM Swapping

    They hijack a victim’s mobile number by convincing the phone carrier to transfer it to a SIM card they control. Once they do this, they can:

    • Bypass MFA (multi-factor authentication)
    • Receive SMS-based codes for password resets
    1. Exploiting Identity & Access Management (IAM) Systems

    They target systems like Okta or Microsoft Azure AD to escalate privileges and gain access across an organization. Once inside:

    • They move laterally across systems
    • Create persistent backdoors
    1. Abusing Remote Access Tools

    Scattered Spider leverages legitimate tools like:

    • Remote desktop software
    • VPNs and virtual desktop infrastructure (VDI)
      They often enter using stolen credentials and hide in plain sight by mimicking normal user activity.
    1. Ransomware Deployment & Data Theft

    After gaining sufficient access, they:

    • Exfiltrate sensitive data
    • Deploy ransomware (often in partnership with ransomware-as-a-service groups like ALPHV/BlackCat)
    • Threaten double extortion: demanding payment to both unlock systems and not leak data

    At Valley Techlogic, we help businesses of all sizes stay protected against advanced threats from hacking groups like Scattered Spider by combining proactive cybersecurity strategies with enterprise-grade tools. Our team monitors for suspicious activity, implements strong identity and access controls, and trains your staff to recognize social engineering attempts, closing the gaps these groups exploit. With layered protection and rapid response capabilities, we keep your systems secure and your data safe. Get started with a Valley Techlogic service plan today to protect your business from future threats.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • Received a Facebook copyright infringement email or message? You’re not alone, the evolution of the Facebook copyright scam and how to avoid falling for it

    Received a Facebook copyright infringement email or message? You’re not alone, the evolution of the Facebook copyright scam and how to avoid falling for it

    If you have a public facing Facebook page, such as a fan account page or business page, then you’ve probably been inundated with messages that look something like this:

    Of course, this contains all the hallmarks of a phishing scam. The false sense of urgency, the request for personal information, the legitimate looking branding, and the link that leads anywhere but an actual legitimate Facebook page.

    As Facebook has tried to crack down on the bots, users are now receiving emails with the same messaging. Whether the emails are pretending to be Facebook support or a law firm trying to collect on a copyright claim, the format is the same. You’re in violation and you must act now to avoid any issues.

    These emails and messages may even contain real information from your page, such as a real post they’re claiming is in violation or your Facebooks account ID (which is public information).

    This is also a self-feeding scam; the same users that fall for it are also being used to conduct the scam via the accounts that are compromised (sometimes the scammer does not even bother to change the username or profile picture to something Meta/Facebook related).

    The best course of action if you receive one of these messages is to report it to your email provider or Facebook themselves.

    As to the heart of why these messages have been so ubiquitous, you need only look to Facebooks userbase. At 3.1 billion active users as of writing across the world (outpacing its other platform Instagram with 2 billion users and its competitors such as Tiktok, WhatsApp, and X by a large margin).  They are the largest social media platform, which unfortunately puts a bigger target on their back for scammers.

    Here are four other ways you can avoid phishing scams (including the one we’re talking about here):

    1. Multi-Factor Authentication: It goes without saying, the number one way to protect most of your accounts from intrusion is the multi-pronged approach you receive from multi-factor authentication (MFA). Intruders who have your password will hit a wall when they realize they also need your phone and/or access to your email to login.
    2. Don’t Ignore Red Flags: Sense of urgency? Check. Asking for personal information? Check. Generic greetings (think Dear Sir/Madam)? Check. Always pause and look for red flags when it comes to emails/messages you receive.
    3. Don’t click on links, period. If you aren’t sure if the email is legitimate, NEVER click on the links. Need more evidence? Hover over links you receive, even if a link says Facebook.com it may really be directing you to the scammers own website to try and collect your personal information or install malware on your device.
    4. Verify the Sender: Would a Facebook email originate from @gmail.com account? No. Same with Facebook messages, legitimate messages from Facebook/Message will arrive in a distinct way that makes it easy to tell they’re legitimately from Meta support. If the message you’ve received just looks like any regular Facebook message aside from the content, it’s a scam.

    At Valley Techlogic, we offer coverage that helps prevent these type of phishing scams from causing an intrusion into your business, including advanced protection for email spam and best in class cybersecurity solutions that stop attackers in their tracks. Learn more today with a consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • 5 Holiday Tips for Your E-Commerce Business and 5 for Everyone Else

    5 Holiday Tips for Your E-Commerce Business and 5 for Everyone Else

    It doesn’t matter which e-commerce sector you’re in, the holiday time period is always a big opportunity to increase that year’s sales before the New Year rolls in.

    With online shopping growing in popularity year over year there are specific ways to capture more of that online market – especially around the holidays.

    Here are 10 tips for improving your sales during the holiday season (including 5 that apply to all types of business):

    1. Step up your social media game. Anecdotal evidence from us, when we went from posting inconsistently 3-4 times a week to posting consistently 4-5 times a week our impressions didn’t just go up, they doubled. The holidays are a great time to post more updates about your business on your social media platforms.
    2. Make sure your contact information is rock solid. It would be a tragedy to see sales calls go unanswered, make sure the contact information on your website it up to date and your sales people are ready to answer those calls.
    3. Make sure your website it mobile friendly. This may be a tough one to knock out this year if you haven’t done it yet, but having a mobile friendly website is a must have in 2023. Google even offers a free tool for testing if your website is mobile friendly here.
    4. Release holiday ads. During the holiday season your same old ads may not perform as well as a holiday themed one would as people look for those familiar colors and settings (red and green, blue and white, snow and Christmas trees).
    5. Take advantage of marketing automation. Facebook for example lets you schedule posts and you can update your Google advertising with your holiday messaging and let it run.
    6. If you plan on conducting a big sale, make sure your website is ready for it. If you’re planning on running any holiday “one day sales” make sure your website can handle the potential increased traffic or there’s a game plan in place for if it goes down so you don’t lose your momentum. You can check on your current page speeds with this other Google tool here.
    7. Have a chatbot available. You might get the same questions repeatedly, having an automated chatbot that can answer those questions with the same feel as a sales representative could increase your sales.
    8. Improve your holiday key words ahead of time. If you’re an apparel company for example peppering “holiday themed apparel” or “Chrstimas outfits” into your SEO keyword efforts is a good idea leading up to the holiday season.
    9. Have a holiday themed front page. We’ve talked about having holiday themed ads and social media posts but you should also “dress up” your front page temporarily to clue buyers in that you’re ready for the season. Many website providers have the option of changing out a front page temporarily so you can easily switch it back when the season is over.
    10. Make sure your buyers know any email marketing is from you. Phishing scams also increase in the holidays, having ways for a buyer to tell emails sales are from your company and not from a scammer is key. Mirror any sales you have directly on your website as well.

    Speaking of holiday phishing scams, here is an infographic on avoiding holiday scams:

    Click to grab the full size version.

    Whether your business is e-commerce or something else entirely, Valley Techlogic can assist with your technology needs in 2023. We have our own holiday sale going on now that will even save your company money on IT support in the new year. Reach out today to learn more!

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • How a phishing scam swindled this Shark Tank host out of $400,000

    How a phishing scam swindled this Shark Tank host out of $400,000

    We’ve focused a lot of articles on phishing scams and how no one is immune, even major money moguls like Barbara Corcoran from ABC’s Shark Tank with a net worth estimated at over $100 million fell victim to a phishing scam that wound up costing her $400,000.

    Business owners are a particularly lucrative target for bad actors, and phishing emails continue to grow more sophisticated. In this instance Barbara reports receiving an email that looked like it came from her secretary going to her accountant authorizing the amount to go to a real estate deal.

    Barbara like many business owners has deals going on all the time so the amount and type of authorization wasn’t unusual, allowing it to fly under everyone’s noses and make the scammers involved $400,000 richer. It wasn’t until her accountant sent an email to her real secretary confirming the transaction one last time that the scam was uncovered – and by then it was too late the transfer had already been sent.

    This case proves that even with strong checks and balances in place, phishing scams can happen to almost anyone. While Barbara was able to absorb the hit without it hurting her business – many out there could not.

    While the amount of money lost in this instance is quite substantial, millions of dollars are lost every day to cyber crime. It’s estimated that $1,797,945 is lost per minute according to Risk IQ’s Evil Internet Minute Report.

    Even if you think your business is too small to be a target you would be wrong, scammers cast wide nets looking for victims to fall in. Here are 4 things you can have in place that could prevent this kind of scam from happening to you.

    Email Best Practices

    Even with these checks in place it can still be tricky to avoid, especially if your business has become a particular target for a scammer. Another famous example is how Facebook and Google were tricked out of $100 million due to an extended attack phishing attack organized by a scammer located in Lithuania. A little less than half of the money lost was recovered.

    Another famous attack in 2014 saw the early release of four movies produced by Sony Pictures when North Korean hackers, upset about a movie that was being released at the time, sent targeted phishing emails that appeared as if they were coming from Apple to a top Sony executive. The damage that incurred from this attack was estimated to be over $80 million.

    With both of these attacks it’s not just about the money lost either, these attacks are easily searchable to this day and had an untold effect on their reputation at the time. Massive companies like Google, Facebook and Sony can weather the storm, but could your business do the same?

    Education is just one piece of the puzzle, active protection is another crucial element to avoiding the lengthy damage that can arise from a successful phishing campaign. At Valley Techlogic cyber security is a core focus for all of our plans. Learn more today with a quick and easy consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Common tax return scams to watch out for in 2022

    Common tax return scams to watch out for in 2022

    The due date for filing your taxes is just 10 days away as of writing, and as tax filers scramble to gather needed information to finish (or start) their filing – scammers are looking for ways to take advantage of the mad dash that occurs for many Americans every year.

    The IRS has put together a compilation of scams they’re seeing this year, and they mention that scams may not be limited to the virtual space. Scammers may also call, mail or even show up to your door in person. So, it’s a good idea to be extra vigilant when protecting your PII (personal identifying information).

    The “Tax Transcript” scam is one that commonly targets businesses, many employees will use their business email when they sign up to do their taxes and may expect communication from the IRS to come there, but scammers will send fake communications with malware attached instead. Users may click without even thinking twice (especially as email scams of this nature can be very convincing). See below for an example.

    IRS Scam Email Example
    IRS Tax Email Scam Example. Credit: https://www.irs.gov/

    IRS scam calls are also another common tactic. It’s a good time to reiterate that the IRS will NEVER call you asking for personal information. This news segment found on YouTube shows a scammer in action, these calls may increase as we get closer and closer to the filing deadline. You shouldn’t give out your personal information even if they have things like your address or full name (scammers will often do some research on you before calling).

    Another scam aimed at businesses is one where the scammer will pose as a member of the accounting department where you work, they know many people will not question a call or email coming from a work authority. It may be a good idea if you’re a business owner to send out an email or have your accountant contact your employees to mention that like the IRS you will NEVER call or email unprompted requesting private information.

    Stolen Identity Refund Fraud or SIRF is a very lucrative business, 2.8 million false returns were filed in 2018 with a potential worth of $16 billion dollars. It’s important to guard the PII information criminals need to file a false tax return on your behalf. Here are 5 steps you can take to safeguard your information:

    1. The easiest? Have a good spam filter enabled on your email, that way many of these phishing scams won’t even make it to your inbox.
    2. Check emails for signs it’s a phishing scam, we wrote an article on what to look for. Two standouts are an email domain that doesn’t match the sender (an IRS email won’t come from a Gmail account) or links that when you hover on them don’t match where they say they go.
    3. Check with the purported sender, if the email looks like it’s coming from within your office network, but the email contents just don’t seem right – follow your gut and follow up with your department.
    4. If you receive a call from a number you don’t recognize claiming to be the IRS or the authorities, try Googling the number. Many people will share information about experiences with scam numbers online as a way to warn others.
    5. If you’ve already given your PII to a scammer, contact the major credit bureaus to freeze your credit and contact the IRS to report it ASAP. The IRS has steps in place for helping victims of identity theft, the sooner you act the sooner you can put a stop to the scammer’s activity under your identity.

    Employee training is the best defense for business owners who want to prevent scams such as these ones as well as other cyber threats from effecting their business. Valley Techlogic offers security awareness training as well as top of line cyber security defense systems as part of all of our technology packages. Learn more today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • As we feared, Ukraine-Russia crisis leads to a surge in cyber attacks

    As we feared, Ukraine-Russia crisis leads to a surge in cyber attacks

    As we’re nearing a month into the conflict between Russia and the Ukraine, cyber warfare between the two countries is reaching an all time peak. We covered the topic of Ukraine’s “IT Army” recently in this blog, and we mentioned growing concerns we’ve seen from users that there may be a spill over effect when it comes to cyber threats.

    Cyberwarfare was inevitable as conflicts on the ground continue on, and as Russian hackers feel the “pinch” of the effects of sanctions imposed against Russia, we may see an uptick in financial scams. Especially as both countries have turned to cryptocurrency which can often be used as a safe haven for financial transactions taking place outside the public eye. In the case of Russia it’s being used to try and liquidate funds out of the country and in the case of the Ukraine they’re using crypto to bolster support for their economy.

    We have created this chart for the types of financial scams we think may increase in the coming days (though it should be noted, financial scams were already up 70% in 2021).

    Cyber Financial Scams Chart
    Click to download the full size version.

    However, hackers have also represented a beacon in the war of information currently happening between Russia and the Ukraine. Ukraine’s “IT Army” is now over 400,000 people strong, with hackers from all over the world lending their support digitally in Ukraine’s effort to protect their democracy.

    DDoS attacks on government sites with Russian origins as well as document leaks – which includes a 360k file data dump from a Russian federal agency – are continuing to happen regularly. It’s estimate that over 90% of exposed Russian cloud databases have been compromised at this point.

    Also, with access being restricted to sites like Twitter and other social media platforms being restricted in Russia, Squad303 is a website that was created by a group of Polish programmers that can help foreigners relay information to Russian citizens. The website founders say that over 7 million text messages and 2 million emails have been sent through the site so far.

    We again want to say we don’t know what the outcome of this conflict will be, but it seems clear that consumers and businesses should be wary of the ripple effects that will occur throughout the cyber sector, possibly for years to come.

    Business owners who still believe they’re “too small” to be a target should be wary that proceeding with out cybersecurity protections may make them the low hanging fruit for hackers reacting to a state of desperation. Cybersecurity protections are a worthwhile investment in your future and the peace of mind in questionable times is priceless.

    At Valley Techlogic, we’re experts in the field of cybersecurity. We can perform an evaluation of your business and tell you where you are now and where you need to be to not worry that your business is “ripe for picking”. Schedule a consultation today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Can you spot the phishing clues? And 10 tips to avoid falling for a phishing scam

    Can you spot the phishing clues? And 10 tips to avoid falling for a phishing scam

    If you’re not aware, phishing is another word for scams perpetrated over email. It was coined in 1996 and was first associated with hackers attempts to steal America Online (AOL) accounts, and it has not slowed down since then.

    As of 2021 most hacking attempts are phishing scams, the phrase is meant to evoke the image of a hacker literally fishing for their victims by baiting a hook which in this case is a credible looking email from a place you might actually do business from, a colleague or a family member. 94% of malware attempts originate from an email sent to the victim.

    Well as credible as they can manage, many phishing attempts are poorly worded and grammatically incorrect as the senders are from another country from the victim. In the image below we showcase a phishing email you might receive, click to reveal the answers.

    Spot the phishing clues
    Click to reveal the clues.

    Not all phishing attempts will be so obvious though, here are our 10 tips to avoid falling for a phishing scam.

    1. You are asked to reply with sensitive details. A legitimate business will never ask for your private details via email, if you’re unsure contact the business directly to ask.
    2. The message says you must respond urgently or face dire consequences. Legitimate businesses such as the financial institution you bank with won’t relay an important message over email alone, and they’ll never threaten you.
    3. The email contains a non-standard email attachment. While even standard email attachments can contain malware, a non-standard email attachment is a clear sign something is amiss.
    4. The senders email address doesn’t match the contents. As in our example, a legitimate business (especially a large one) won’t be using a gmail address. You also want to watch out for slight misspellings, such as an email coming from admin@paypa1.com
    5. The email contains an unusual request. You receive an email that looks like it’s from your boss, and he’s saying he wants to reward some key players in your company by gifting them gift cards from a popular big box store. He says not to give them to the players directly, simply reply with the gift card numbers and he’ll handle it. This is just one example of a scam we have unfortunately heard of happening. If the email is requesting large amounts of money be spent in unusual way or private details be sent over email, even if the email looks legitimate you should verify with the supposed sender first.
    6. It has an attachment you weren’t expecting. If receive an email with an attachment and the body suggests you requested information, but you don’t remember doing so, it’s probably a phishing scam.
    7. The email says you won a prize, but you must enter your banking information to claim it. Prizes are a common phishing scam trope; they may also try to get you to download a suspicious attachment.
    8. The URL in the email doesn’t match the business it claims to come from. As in our example, phishing attempts often involve a similar but not quite right URL. Many scammers will try to gain the victims trust by sending them to an “official” looking website where they will login with their legitimate credentials, allowing the scammer to gain access.
    9. The content is canned. Many phishing scammers reuse the materials of others. One example is you receive a suspicious sounding email, such as someone saying you have stolen their copyright images and you must visit a website to confirm. If you Google the email you may find examples of others online who have received that same
    10. The greeting doesn’t match the content. This is a simple one, if you receive an email supposedly from your boss but the greeting starts with “Dear” or another out of character greeting, it’s probably a phishing attempt.

    This is only a start, many phishing attempts are highly sophisticated and difficult to spot but knowing some of the signs will help you be more attentive to things that may be wrong with an email you receive. We also have found for our clients, randomized simulated phishing attempts can help them with training their staff to keep an eye out for phishing attempts.

    Most successful hacking attempts involve a human element, training is your only first line of defense. If you would like to increase your defense against phishing attempts, malware, ransomware and more, Valley Techlogic can help. Schedule an appointment with us today to learn about our comprehensive cyber security packages for businesses.

    Looking for more to read? We suggest these tech articles from the last week.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.