by Tara Seals
A savvy phishing campaign is targeting those looking for opportunities with Atlantic Media, publisher of The Atlantic Monthly. The group has issued warning about a phishing scam imitating editors and senior leadership, sending fraudulent job offers to freelancers and individuals seeking employment.
The scam aimed to collect sensitive data such as social security numbers, addresses and bank account info from the targets, according to the memo.
“Across the last few months…the impostors have created numerous misleading email accounts, including Gmail addresses in the names of editors, Gmail addresses that include the Atlantic’s name (e.g., email@example.com), and addresses employing fake domains (e.g., @atlanticmediagroup.net),” the company said. “The aim of the scam is to obtain personal information.”
The perpetrators have gone so far as to conduct job interviews by phone and Gchat; to require signature on employment agreements, direct deposit and tax forms; and to mail fake checks to individuals (in the hope that these “advances” would be cashed, thereby providing the perpetrators with bank account information and/or credit card information).
The Atlantic said that to date, it has been contacted by more than 50 would-be victims, and the names of at least six of its top editorial leaders have been used.
“One thing has always been the same in phishing attacks: social engineering, i.e., luring people into clicking on a link and/or providing information so it can be captured and sent off to a drop zone,” said Mike Wyatt, director of Product Operations at RiskIQ, via email. However, this approach is different.
“Most spear phishing campaigns try to fool employees into giving up sensitive information with fake emails purporting to be from someone specific within the organization by spoofing their email address and mimicking the language, behaviors, and processes used in the day-to-day operations of the company,” he said. “In this case, threat actors pretended to be editors from The Atlantic reaching out to potential freelancers, which is more difficult to combat as the potential employees are outside of The Atlantic’s network. There’s not much The Atlanticcan do regarding blocking—all they can do is report the abuse to the email service and warn potential victims that this is happening.”