Tag: social engineering scams

Hacking group Scattered Spider is making waves for disrupting retailers and corporate America despite recent arrests
Scattered Spider, otherwise known as UNC3944 gained notoriety during the infamous attack on MGM (which we reported in in 2023) which was estimated to have cost the company around $100 million dollars. The group has kept up its momentum while targeting financial institutions in particular such as PNC Financial Group, Synchrony Financial, Truist Bank and more.

It’s estimated the cost of cyber crime has risen to $793 billion per month with groups like Scattered Spider contributing to this bottom line. The group has also been in the news for its unusual makeup, with most arrests being teenagers to young adults. This is not the hardened group of long-time professional hackers most people think of when they think of breaches on this scale.

A set of recent arrests were made of two 19-year-old men, a 17-year-old boy and a 20-year-old woman in the UK, with the bad actors being charged with blackmail, money laundering and ties to a criminal organization as of writing. One of the alleged leaders of the group, 23-year-old Tyler Buchanan, was also arrested in May of this year and has been extradited to California to face charges where he faces up to 47 years behind bars.

Ransomware/Malware-as-a-service (RAAS/MAAS) becoming more ubiquitous means that someone doesn’t even have to be extremely tech savvy to pull a cyber attack, expanding the reach of bad actors looking for financial gain from attacks on anyone convenient. It has never been more true than it is now in 2025 that no one is safe from cyber threats. Your business Isn’t too small or too remote to be a target.

The group has also focused on tactics that are more social engineering than directly technical, with phishing being a primary driver as we saw in the MGM attack. Here are 5 ways hacking groups like Scattered Spider are pulling off cyber attacks:
1. Social Engineering and Impersonation
Scattered Spider is notorious for tricking employees into giving up credentials. They often:
- Impersonate IT or help desk personnel
- Call or message employees to reset passwords or approve MFA prompts
- Use public info (like LinkedIn profiles) to craft believable stories
1. SIM Swapping
They hijack a victim’s mobile number by convincing the phone carrier to transfer it to a SIM card they control. Once they do this, they can:
- Bypass MFA (multi-factor authentication)
- Receive SMS-based codes for password resets
1. Exploiting Identity & Access Management (IAM) Systems
They target systems like Okta or Microsoft Azure AD to escalate privileges and gain access across an organization. Once inside:
- They move laterally across systems
- Create persistent backdoors
1. Abusing Remote Access Tools
Scattered Spider leverages legitimate tools like:
- Remote desktop software
- VPNs and virtual desktop infrastructure (VDI)
  They often enter using stolen credentials and hide in plain sight by mimicking normal user activity.
1. Ransomware Deployment & Data Theft
After gaining sufficient access, they:
- Exfiltrate sensitive data
- Deploy ransomware (often in partnership with ransomware-as-a-service groups like ALPHV/BlackCat)
- Threaten double extortion: demanding payment to both unlock systems and not leak data
At Valley Techlogic, we help businesses of all sizes stay protected against advanced threats from hacking groups like Scattered Spider by combining proactive cybersecurity strategies with enterprise-grade tools. Our team monitors for suspicious activity, implements strong identity and access controls, and trains your staff to recognize social engineering attempts, closing the gaps these groups exploit. With layered protection and rapid response capabilities, we keep your systems secure and your data safe. Get started with a Valley Techlogic service plan today to protect your business from future threats.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.
July 11, 2025
5 Ways to Think Like a Hacker to Protect Your Business
As you’re going about your day-to-day activities online, thinking of how a hacker might take advantage of even mundane aspects of your routine probably doesn’t enter into the equation.

We all sign on to work for the day, check our emails, maybe post an update on social media and chat with our colleagues before getting into the grind of our daily activities. Already when you first log in, you’re potentially being exposed to potential threat activity.

Here are five ways you can “think like a hacker” and protect your business and yourself from falling victim to scams, malware attempts and more:
1. As we mentioned, the first thing almost everyone does is check their emails but how closely are you scrutinizing the items in your inbox? Phishing is still the number one-way attackers gain access to personally identifying information and systems in your business. Here’s some advice on spotting phishing emails and how to avoid falling for them.
2. Sharing on social media? You’re volunteering personal information that anyone can read and take advantage of. It might be nice to post that lunch selfie you took with your colleagues but maybe wait until you’re back at your desk, especially if you’re a business owner as you’re more likely to be targeted by something called spear fishing. By posting that selfie during lunch you’re letting anyone who may be watching know your office computer is unattended.
3. In the same vein, the more details you post online the more information can be gleaned to target you. If you post that your Aunt Kathy Isn’t feeling well Aunt Kathy’s “friend” may send you a message offering sympathy and describing their own woes and tribulations while perhaps trying to gain your trust. However, when you go to confirm with Aunt Kathy later on you find out she’s never heard of this so called “friend”. Social engineering is a large part of long-term scams, always confirm with your friends and relatives directly before giving credence to any messages you receive online.
4. Sending something important? Always encrypt! You cannot account for the security awareness of others; by encrypting important files being sent via email you’re at least protecting your side of equation.
5. Speaking of security awareness, being up to date on the latest threats is exactly what a hacker would do. With security awareness training, you can “think like a hacker” and avoid many of the traps they try and set up to gain access to your business.
Security awareness training is just one of the features we include with all of our service plans. On top of that you will also gain access to:
1. 24/7 Endpoint Detection and Threat Monitoring
2. Automatic Daily Backups
3. Disaster Recovery Planning
4. Consistent Patching & Updates
5. Ticket Response Times in Under 15 Minutes
With a Valley Techlogic plan you don’t need to think like a hacker to protect your business, learn more today with a free consultation.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.
October 25, 2024
BEC Scams are becoming increasingly more common, and the payouts more lucrative
BEC or Business Email Compromise is a type of phishing scam where the target of the scam receives an email purporting to be someone they know, like a vendor they work with or a colleague. These scams are so common place that the Federal Bureau of Investigation even has a guide to protecting yourself from them.

We’ve even written before on how to spot a typical BEC email and a few ways to combat it, but we would like to circle back to this topic now as we creep into what is typically a very busy time for most business owners – the fourth quarter.

You may or may not be surprised to learn that BEC attacks rose in the fourth quarter last year and we’re not anticipating 2023 to be any different. 2022 even saw a rise in the ever popular “as-a-service” variant of attacks which means would be bad actors could enact their attacks with little actual effort on their part.

The technical know-how required for these attacks is also low, with some of them being as simple as just a variant on your normal phishing scheme but with the end goal being a direct payout rather than the user’s credentials or private information.

CISA (Cybersecurity and Infrastructure Security Agency) even reported on Russian state sponsored bad actors specifically targeting defense contractors using Microsoft 365 with their BEC schemes. Imitating Microsoft support is not a new scam, and like always you should be wary about any support person reaching out to you directly asking for your credentials, but the single-minded focus of this particular scam put government agencies like CISA and the FBI on red alert.

When we say these scams are becoming more lucrative, we definitely mean it, with it being estimated BEC victims lost 2.74 billion dollars in 2022 which was $300 million more than 2021. Like with most cyber attacks we anticipate they’ll continue to rise.

So how do you protect yourself from a Business Email Compromise scam in 2023?
1. Don’t overshare online. BEC is a social engineering scam, so the less information that’s readily available about you on the internet the less able a scammer is to pretend to be someone you know.
2. Forward emails instead of replying to them. As with normal phishing these scams are perpetrated over email. Forwarding emails forces you to type out the email address (thereby guaranteeing it goes to the right person). BEC attacks usually involve spoofing an email address or simply choosing a domain that’s similar to one you may be use to corresponding but having a slight misspelling or rewording.
3. In the same vein, check the sender’s email address before responding at all. You may be able to simply block the scammer when you discover they’re trying to imitate someone else by verifying the email address is incorrect.
4. Secure your own domain against domain spoofing. Many times, the attack is coming from “inside the house”. A very common BEC scam involves one of your employees receiving an email that looks like it’s from you or someone high up in your organization, except it’s not. Registering the domains you use for email will help protect against this very common variety of this scam.
5. Again, in the same vein as our last tip, use a domain that you’ve registered instead of a free email service. It might be tempting to keep using the Gmail address you’ve always used to avoid paying for a domain and email services, but it greatly increases your risk of a BEC attack being successful. Using a free email service allows attackers to create a new email with your name to then tell those you know you just “got a new email”. It would be very difficult to prove this is false without talking to you directly.
Many of the defense strategies against a BEC attack involve employee training. Attackers may not target you directly as the business owner when it’s easier to get to you (and your business) through a weaker link – often employees who don’t have the strategies available to avoid these kinds of scams.

Luckily, Valley Techlogic provides security training as part of our service packages. Below is a list of some of the training topics we cover for our clients:

Cyber security training is quick and is one of the easiest and most effective ways to have an overall safer environment for your business. Learn more about Cyber Security Training through Valley Techlogic as well as other the other cyber security services we offer today through a quick consultation.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
August 11, 2023
Unsure if the person you’re interacting with may be a fake? This Chrome extension can detect fake profile pictures with 99.29% accuracy
As we discussed last week, financial scams may be on the rise in 2022. Social engineering is a pretty common tactic utilized by scammers when it comes to siphoning funds from unwitting victims, but there are some tools you can use to combat it.

Recently a company called V7 Labs has released an extension for Chrome that’s able to detect artificially generated profile pictures, such as those created by Thispersondoesnotexist.com (see below for an example).

The Fake Profile Detector extension can help you detect if a social media profile picture is a fake just by right clicking on it, it’s able to zero in on things you may miss at first glance – such as a pupil that’s not in the right place or clothing that appears to be bleeding into the skin. The extension does not work with video (yet). Also, just to note you should always verify an extension is from a trusted source before downloading it to your browser.

Social engineering scams aren’t limited to just financial scams, they’re also utilized to gain information or to spread misinformation. As AI tools have grown more sophisticated it’s not easy to rely on someone’s profile picture to give you a good indication of who you’re talking to online.

It’s also very easy to create fake profiles using real pictures, even pictures of people you may actually know. It’s typical for the scammer to start the conversation off with they got “locked out” of their main account and would like you to add their new one. You should also confirm with your friends and family before accepting a request from a new account.

Or maybe it was their actual social media account, but a scammer was able to gain access. Sometimes scammers may even leave the password alone. The victim then may not know they have an intrusion, and the scammer just monitors and deletes messages of the conversations they’re having without the victim’s knowledge.

We have created this chart of the top five things you should watch out for when it comes to social engineering scams.

Click to download the full size version.

Social engineering is not limited to just social media sites such as Facebook and Twitter. The most common type of social engineering are phishing attacks, and scammers setting their sites on businesses to take advantage of may have an easier time of convincing a user they are who they say they are when it comes to the more casual relationships we tend to have with colleagues.

We wrote a blog explaining what to look out for when it comes to phishing emails, but at Valley Techlogic we also think this issue can be tackled from a software and training perspective.

The tools we utilized will make sure that much of that suspicious spam never makes it to your end user, and the training we offer to our clients can help them make sure that if an employee does get a spoofed phishing email – they know exactly what to do about it.

To learn more, schedule a free consultation with our sales team today.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
March 25, 2022