Back to Blog

Criminals Launch Elaborate Atlantic Monthly Impersonation Campaign

October 7, 2017

By: Sikur

480abe14-1a4d-4b8f-9876-cd6544cd2527

by Tara Seals

06/10/2017

A savvy phishing campaign is targeting those looking for opportunities with Atlantic Media, publisher of The Atlantic Monthly. The group has issued warning about a phishing scam imitating editors and senior leadership, sending fraudulent job offers to freelancers and individuals seeking employment.

The scam aimed to collect sensitive data such as social security numbers, addresses and bank account info from the targets, according to the memo.

“Across the last few months…the impostors have created numerous misleading email accounts, including Gmail addresses in the names of editors, Gmail addresses that include the Atlantic’s name (e.g., recruitment.atlanticmagazine@gmail.com), and addresses employing fake domains (e.g., @atlanticmediagroup.net),” the company said. “The aim of the scam is to obtain personal information.”

The perpetrators have gone so far as to conduct job interviews by phone and Gchat; to require signature on employment agreements, direct deposit and tax forms; and to mail fake checks to individuals (in the hope that these “advances” would be cashed, thereby providing the perpetrators with bank account information and/or credit card information).

The Atlantic said that to date, it has been contacted by more than 50 would-be victims, and the names of at least six of its top editorial leaders have been used.

“One thing has always been the same in phishing attacks: social engineering, i.e., luring people into clicking on a link and/or providing information so it can be captured and sent off to a drop zone,” said Mike Wyatt, director of Product Operations at RiskIQ, via email. However, this approach is different.

“Most spear phishing campaigns try to fool employees into giving up sensitive information with fake emails purporting to be from someone specific within the organization by spoofing their email address and mimicking the language, behaviors, and processes used in the day-to-day operations of the company,” he said. “In this case, threat actors pretended to be editors from The Atlantic reaching out to potential freelancers, which is more difficult to combat as the potential employees are outside of The Atlantic’s network. There’s not much The Atlanticcan do regarding blocking—all they can do is report the abuse to the email service and warn potential victims that this is happening.”

MORE: https://www.infosecurity-magazine.com/news/criminals-atlantic-monthly/

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.