The NJCCIC observed a campaign posing as delivery failure notifications from the United States Postal Service (USPS). The message is addressed to a generic “customer” and directs the user to click the provided link to update their address details. It also claims that if the user ignores the request, the undelivered package will be returned [...]
Action Not Required: The IT Help Desk Scam Threat actors often impersonate IT support to deceive their targets into disclosing account credentials and installing malware. They usually lure with urgent emails related to account issues, such as expired passwords, full mailboxes, and security alerts. Threat actors send emails containing fraudulent links, malicious attachments, or fake [...]
The NJCCIC has recently identified a campaign using Adversary-in-the-Middle (AiTM) techniques to harvest user credentials for account compromise. Threat actors behind this campaign employ various lures to persuade targets to open the supplied file or click the provided link. Some messages claim to be a final document to review or a proposal based on a [...]
The NJCCIC observed a phishing campaign targeting several public sector organizations in New Jersey. These emails are sent from accounts ending in the domain "benefitsfactor[.]com" and contain subject lines similar to "Confidential: Compensation Update for (recipient)." The body of the email references a benefits compensation package with an access code to open the attached document [...]
AGENT TESLA The NJCCIC observed a campaign attempting to distribute Agent Tesla malware. Agent Tesla functions as a remote access trojan (RAT) with information-stealing capabilities, including keystroke logging, password harvesting, clipboard theft, and screen capture. While first discovered in 2014, Agent Tesla remains a popular Malware-as-a-Service (MaaS). In this campaign, threat actors send phishing emails claiming to [...]
According to guidance by CISA and supported by research from Microsoft, enabling MFA - Multifactor Authentication - can prevent 99% of automated hacking attacks. Take a minute to read this article from the National Cyber Alliance, What is Multifactor Authentication (MFA) and Why Should You Use It? and learn more about how this simple step [...]
Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2025 Each year, the National Cybersecurity Alliance releases research to better understand the public’s security behavior and to act as a call to action for better secure habits online. What is Oh Behave!? Oh Behave! is our annual report examining global cybersecurity attitudes, behaviors, and trends. [...]
October is Cyber Security Awareness Month! This year’s theme, Stay Safe Online, is all about the simple ways to protect yourself, your family and your business from online threats. Small actions can make a big difference, and this year the National Cybersecurity Alliance is focusing on the Core-4 steps anyone can take to boost their online [...]
The NJCCIC observed a malware campaign sent to New Jersey State employees, purporting to be proof of payment. The malicious emails contain a ZIP file labeled “Proof Of payment.001” with a SHA-256 hash. The ZIP file appears legitimate but includes a Microsoft EXE file labeled “u1ugeglmfc8xvoc” that drops several files, including a PowerShell script. According [...]
Too Good to Be True: Fraudulent SMS Text Message Regarding Tax Refund Circulates A new wave of SMS text phishing messages (SMiShing) is being sent to NJ residents and those in other states nationwide. Like previous SMiShing campaigns referencing motor vehicle violations and toll fees, these text messages impersonate the New Jersey Department of the [...]
© Copyright 2026 | NJ MEL-JIF | All rights reserved
