Buried deep within the most recent round of COVID-19 stimulus legislation was a little provision with potentially explosive consequences: The Pentagon has six months to release a full report on what they know about the existence of what they term Unidentified Aerial Phenomena (UAP) — or UFOs to the rest of us.
In advance of the deadline, a site called Black Vault has published what founder John Greenwald Jr. said is every file the CIA has on UAPs. The site said it has been trying to get UFO documents from the CIA since 1996, and that the .PDF filed they’ve posted represent everything the CIA had on the matter.
As details contained in the CIA archives drip out and the Pentagon deadline draws closer — and anticipation, curiosity and excitement build about the existence of extraterrestrials — experts warn that these are exactly the kind of headlines scammers are likely to turn into successful phishing scams.
Wanna See an Alien? Click Here.
“My general rule is that if it makes people a little crazy (or scared or emotional or greedy or vulnerable or, hell, just curious) then it’s a candidate for a phishing scheme,” Tom Pendergast, chief learning officer at MediaPro told Threatpost.
“And it’s pretty easy to imagine the pitch: ‘Click here to view real CIA photos of aliens,’ or ‘enter your Social Security number here to see whether your data is among that accessed by aliens,'” he explained, adding that curiosity about aliens creates a gut-level response that criminals can use to cash in.
The fact that these documents have become available at the same time as the topic is making legitimate news headlines because of the new legislation makes this an even more attractive fraud avenue for criminals, Hank Schless, senior manager of security solutions and Lookout explained to Threatpost.
Mobile Users Most Vulnerable
“Since these documents being released is a legitimate piece of news, it increases the likelihood of a successful phishing attack,” Schless said. “This is the type of information that will be shared broadly across social-media platforms, which means there’s increased risk for mobile users.”
On a mobile device, Schless explained, people are easier targets for this type of cybercrime.
“Between SMS, third-party messaging apps, mobile email, social-media platforms and other apps with messaging capabilities, malicious actors have a handful of ways to target mobile users,” he said. “The simplified user experience on mobile makes it easier for attackers to hide phishing links or make fake pages look real. Mobile users are conditioned to tap anything that comes up on their screen, which means they won’t exercise the same caution as they would on a computer.”
Phishing scams tend to track with headlines. For instance, COVID-19 has proven an effective phishing lure, dominating scam themes in 2020 and expected to continue into 2021, according to experts. The election headlines from this year also drew their fair share of criminals, and multiple phishing scams targeting campaigns were uncovered.
But headlines, and scammers, are constantly changing and evolving, and UFOs represent a new frontier for fraud.
In fact, the prospect of aliens as a phishing lure is so classic, Pendergast told Threatpost it would make a good test for employee-awareness training.
“People who phish are seeking any kind of gut-level response that might override analytical thinking and prompt clicking a link or disclosing information,” he explained. “This is why it’s so hard to run simulated phishing programs: you want to be as “real” as the cybercriminals, but you can pretty quickly step over the line. But I’d feel comfortable sending my employees a simulated phish on this one.”
Supply-Chain Security: A 10-Point Audit Webinar: Is your company’s software supply-chain prepared for an attack? On Wed., Jan. 20 at 2p.m. ET, start identifying weaknesses in your supply-chain with actionable advice from experts – part of a limited-engagement and LIVE Threatpost webinar. CISOs, AppDev and SysAdmin are invited to ask a panel of A-list cybersecurity experts how they can avoid being caught exposed in a post-SolarWinds-hack world. Attendance is limited: Register Now and reserve a spot for this exclusive Threatpost Supply-Chain Security webinar – Jan. 20, 2 p.m. ET.
