Cybersecurity company IRONSCALES recently blew the lid off a social engineering campaign that involved scammers targeting organizations likely to receive financial aid from billionaire philanthropist MacKenzie Scott, who is steadily giving away her $50 billion+ fortune.
Scamsters are now targeting organizations by leveraging the MacKenzie Bezos-Scott Charity in emails to lure them into sharing their details and money by offering them a windfall charity donation in return. MacKenzie Bezos-Scott Charity is a foundation headed by MacKenzie Scott, the billionaire ex-wife of outgoing Amazon CEO Jeff Bezos. Evidently, scammers have been targeting organizations since Scott announced in mid-December that she had donated a little over $4.15 billion to 384Opens a new window organizations, including food banks, emergency relief funds, and support services for those most vulnerable.
The campaign was discovered by cybersecurity company IRONSCALES when over 200 of its customers were targeted via a phishing campaign through seemingly harmless emails. Needless to say, the attackers impersonated Scott’s philanthropic organization in emails, hoping to make a quick buck by deception.
“In this attack, the senders almost certainly used social engineering to identify an exact set of victims who would believe that such an email was legitimate due to their title/position and/or because of the industry they work in,†IRONSCALES said.
“In addition, the attackers no doubt used the fact that many individuals and organizations are struggling financially due to the pandemic and that the foundation (and its high-profile namesake) had been quite vocal in their desire to provide grants totaling over $9 Billion to organizations such as charities, non-profits and small businesses in need.â€
Ironically, the fraudsters behind the campaign may have got the idea when United Way of the Greater Capital Region, an actual recipient of a $5 million philanthropic fund from Scott, believed the real email to be a scamOpens a new window . Thankfully, none of the 200+ IRONSCALES customers have so far fallen victim to the phishing campaign even though fraudsters carefully crafted emails with no links ( the first red flag of a malicious email).
Opens a new window
Source: IRONSCALES
See Also: How to Recognize a Phishing Email
Emails associated with the phishing scam do not have any attachments, and seemed to have come from a legitimate email address. However, upon closer inspection, the emails give away a few clues that an unsuspecting eye wouldn’t catch at first glance. These are telltale signs that connote a possible phishing attempt. For example, the email return domain was @mintme.com while the sender’s name was ‘MacKenzie Scott Grant’, indicating an impersonation attempt.
IRONSCALES also identified some grammatical mistakes like improper punctuation and out of place capitalization of letters in the emails. Besides textual gaffes, the malicious emails also featured a technical error, namely, dissimilar sender name (MacKenzie Scott Grant) and email signature (MacKenzie Bezos Fund).
However, it is possible that unsuspecting organizations may take the bait and reply with their name and address details, following which they’ll receive another email in which they’re asked to transfer a processing fee. This fee, which the FBI refers to as the Advance Fee SchemesOpens a new window , is requested by scammers in exchange for a promise to deliver something of greater value – a donation from the MacKenzie Bezos-Scott charity in this case.
A similar scam that gained notoriety in the past decade – the Nigerian Prince email scam – duped Americans out of $703,000 in 2018Opens a new window . This long-running scam still finds gullible victims, indicating that the scope for duping unsuspecting people is a lucrative one. Considering that Scott has no plans to stop and is expected to give more of her wealthOpens a new window away in charity, fraudsters may increase the frequency of their fraudulent emails to exploit the opportunity to the hilt.
The perpetrators of the Bezos-Scott phishing scam are out there luring unwitting people into falling prey, which is why organizations that have or may receive such emails should avoid responding to them. All phishing emails have subsequently been removed from the systems of IRONSCALES customers.
IRONSCALES CEO Eyal BenishtiOpens a new window told CBS NewsOpens a new window that organizations should verify the sender of the email by calling up the supposed donor on a publicly listed number. “Don’t trust the email as a source of communication — pick up the phone. Normally Santa won’t knock on your door and surprise you with a $10 million grant,†he said.
FBI’s Tips for Avoiding Advance Fee Schemes
- If the offer of an “opportunity†appears too good to be true, it probably is. Follow common business practice. For example, legitimate business is rarely conducted in cash on a street corner.
- Know who’s on the other side of the deal. If the person or company is unheard of, dig into what they do and learn more about them. Visit their business location, verify with the Better Business Bureau, or consult with your bank, an attorney, or the police.
- Ensure full comprehension of any agreement. Bring in an attorney if needed.
- Be wary of businesses that operate out of post office boxes or mail drops and do not have a street address. Persons who do not have a direct telephone line and who are never in for a conversation should arise suspicion.
- Business deals that require signing a nondisclosure or non-circumvention agreement that deter independent verification of the bona fides of the people/organization you’re dealing with is also cause for suspicion.
Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!