I’ve seen an increase in the New Hire SMS Phish attack method recently:
- new hire starts at org, they or the org announce new role on LinkedIn
- attacker looks up new hire’s phone number on data brokerage sites
- sends SMS phish pretending to be Exec to new hire in first month
- new hire starts at org, they or the org announce new role on LinkedIn
- attacker looks up new hire’s phone number on data brokerage sites
- sends SMS phish pretending to be Exec to new hire in first month
This is so common that most orgs I’m working with have stopped announcing new hires on LinkedIn and recommend new hires limit posts about being new to limit the number of employees targeted. The SMS phish often asks for gift cards, but sometimes login details or sensitive decks.
When this method started I saw it most frequently at orgs with over 1000 employees. Now my SMB clients are getting hit with it too. Attackers are scouring LinkedIn for new hire posts, looking up exec’s names for that org, finding the new hires number and phishing via SMS fast.
Mitigation recommendations for New Hire SMS Phishing:
- limit posts about being new on social media
- consider providing employees w/ @deleteme to remove their contact details from data brokerage sites
- educate all new and current staff on SMS exec pretext phish & to report fast
- limit posts about being new on social media
- consider providing employees w/ @deleteme to remove their contact details from data brokerage sites
- educate all new and current staff on SMS exec pretext phish & to report fast
Getting lots of DMs from leaders at orgs getting hit w/ this SMS exec impersonation phish. Many different types of folks fall for it and end up losing lots of money to these scammers — with lots of stories of interns being targeted within first week of changing role on LinkedIn.
For many younger folks, such as an intern new hire, this may be their 1st encounter with corporate culture and they don’t yet know if it’s likely to receive a text from an exec asking for a favor like gift cards or sending a deck. Clear examples of this increases reporting/speed.
Loading suggestions...