Fake 401K year-end statements used to steal corporate credentials

Jan. 10, 2024, 6:33 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials. [...]

accounts communication corporate credentials employees end fake pension performance personal plans reports salary security steal threat threat actors year-end

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

HPE Aruba Networking fixes four critical RCE flaws in ArubaOS 10 hours ago | www.bleepingcomputer.com

advisory april aruba arubaos +17

DropBox says hackers stole customer data, auth secrets from eSignature service 10 hours ago | www.bleepingcomputer.com

access auth authentication breached +21

US govt warns of pro-Russian hacktivists targeting water facilities 13 hours ago | www.bleepingcomputer.com

critical critical infrastructure disrupt government +16

Panda Restaurants discloses data breach after corporate systems hack 15 hours ago | www.bleepingcomputer.com

attackers breach compromised corporate +14

French hospital CHC-SV refuses to pay LockBit extortion demand 16 hours ago | www.bleepingcomputer.com

demand extortion france french +12

CISA says GitLab account takeover bug is actively exploited in attacks 16 hours ago | www.bleepingcomputer.com

account accounts account takeover actively exploited +14

Microsoft: April Windows Server updates cause NTLM auth failures 17 hours ago | www.bleepingcomputer.com

april auth authentication customer +13

Microsoft says April Windows updates break VPN connections 18 hours ago | www.bleepingcomputer.com

april connections microsoft security +11

Qantas app exposed sensitive traveler details to random users 19 hours ago | www.bleepingcomputer.com

airways app customers exposed +7

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;

View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya

View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia

View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States

View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote

View on infosec-jobs.com

View more jobs

all InfoSec news

Fake 401K year-end statements used to steal corporate credentials

More from www.bleepingcomputer.com / BleepingComputer

Jobs in InfoSec / Cybersecurity

Social Engineer For Reverse Engineering Exploit Study

Application Security Engineer - Remote Friendly

Cloud Security Specialist

Malware Analysis Engineer - Canberra, Australia

Product CISO

Manager, Security Engineering