Please Sign In to Review The NJCCIC observed a phishing campaign impersonating Adobe document-completion notices. These phishing emails appear to originate from adobesign[@]adobesign[.]com, the official Adobe Acrobat email address, which the threat actors have likely spoofed . The messages include a link to a counterfeit Microsoft Authentication page. The page presents the user's organization branding [...]
“Action Required” Notifications Deliver Malware Official “Action Required” notifications alert users of pending tasks, account verifications, system issues, device security updates, expired payment methods, or other concerns that require immediate attention. However, cyber threat actors use these notifications as a common social engineering tactic to lure potential victims into clicking links, capture login credentials, steal [...]
The NJCCIC observed several business email compromise (BEC) campaigns featuring a message chain targeting Accounts Payable departments. The messages appear to be a previous conversation thread from an impersonated executive at the targeted organization regarding an overdue invoice. One of the messages from the impersonated executive directs the sender to the organization's Accounts Payable contact. [...]
A botnet is a network or collection of internet-connected devices that have been infected with malware and are controlled remotely by threat actors. These devices include servers, routers, webcams, DVRs, smart TVs, set-top boxes, smart light bulbs, and other internet-connected equipment. Botnets are set up to exploit and compromise consumer and corporate devices through phishing [...]
The Transportation Security Administration (TSA) is issuing this Cybersecurity Awareness Message (CAM) to provide our industry partners with best practices, current cybersecurity risks, recent incidents, and planning considerations ahead of the 2026 FIFA World Cup (FWC 26) events. This CAM is not in response to any specific threat or incident. The FWC 26 will be [...]
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), Department of Energy (DOE), and United States Cyber Command – Cyber National Mission Force (CNMF), hereafter referred to as the authoring agencies, have released a Joint Cybersecurity Advisory urgently warning US organizations of ongoing cyber [...]
Uptick in Fraudulent Wire Transfers Resulting From Account Compromises The NJCCIC continues to receive reports of compromised accounts of public and private sector New Jersey organizations resulting from compromised credentials and phishing emails. Consequently, the NJCCIC also observed an uptick in fraudulent wire transfers from these compromised accounts. Account compromises enable threat actors to access [...]
Anthem Blue Cross Phishing Campaign Deploys Ransomware The NJCCIC observed an Anthem Blue Cross phishing campaign targeting New Jersey State employees. The sender’s display name includes Anthem Blue Cross, the target organization’s domain name, and “Eft Settlement.” However, the sender’s email address does not reference Anthem Blue Cross. The email signature purports to be from [...]
The NJCCIC has issued a threat advisory related to the Active US-Iran Conflict which Likely Signals Opportunistic Threats to US SLTTs in Near-Term. Please click here to view.
The NJCCIC received multiple reports of a payroll phishing campaign targeting New Jersey school districts. The subject line references a payroll increment project or direct deposit notice. Threat actors impersonate the superintendent or an administrator by compromising their account or spoofing the target organization’s domain to appear legitimate. The urgent emails claim to require district [...]
© Copyright 2026 | NJ MEL-JIF | All rights reserved
