It may seem difficult to track all of the different cyber scams deployed by bad actors in the digital space. These threats can be entirely new scams developed by cybercriminals, or are evolved forms of preexisting attacks.

You may end up asking yourself, how can I keep myself up-to-date on all of these attacks?

Well, one way to do so is to pay attention to law enforcement agencies. Throughout the year, agencies such as the FBI issue warnings on cyberattacks it has seen grow in prevalence. These warnings often break down the tenants of a particular scam, as well as what you should know to protect yourself from falling victim.

These agencies are often at the front lines of combating said attacks. While they are updated every single day, it’s not a bad idea to check in every now and then to see what attacks to keep an eye on. This way, you’ll know exactly what to look for, and what to do, should you face a noteworthy scam.

In this installment of the BlackCloak Thursday Threat Update, we’ll look at a data breach affecting Neiman Marcus, and a warning issued by the FBI over an emerging crypto scam.

 

Neiman Marcus breach leaks sensitive data

What we know: Neiman Marcus experienced a data breach where sensitive information was exposed. While Neiman Marcus has said 64,472 people have been impacted by the breach, the cybercriminals behind the attack claim the total number of victims is 180 million. The breach took place between April and May of 2024. Neiman Marcus said customers’ names, contact information, dates of birth and gift card numbers were compromised in the breach, however; the bad actors claim the last four digits of customers’ Social Security numbers are among the leaked data points.

Recommendations: As details on the breach continue to emerge, Neiman Marcus customers should strongly consider placing credit freezes and fraud alerts on their accounts and to monitor said accounts for any suspicious activity. Keep an eye out for phishing messages, especially given that contact information was exposed in the breach. Phishing messages normally arrive via email, but they can also appear through SMS text messages, a tactic known as “smishing.”

 

FBI issues warning over law firm crypto scam

What we know: The FBI has issued a warning over a cryptocurrency scam that has been making the rounds. Cybercriminals have been using social media and other messaging platforms to reach out to individuals who have fallen victim to previous crypto scams. The bad actors pose as representatives from fictitious law firms claiming they are working with law enforcement agencies to help them recover their lost funds. The cybercriminals will trick victims into turning over personally identifiable information and to pay fees to help assist with the phony recovery. The FBI’s Internet Crime Complaint Center said victims lost an additional $9.9 million from this scam over a 12 month period stretching from February 2023 to February 2024.

Recommendations: The FBI advises anyone to be wary of ads for cryptocurrency recovery services, especially if the company uses “vague language, has a minimal online presence, and makes promises regarding an ability to recover funds.” Do not turn over personal information or any money to anyone making these types of claims, and if anyone states they are from a law enforcement agency, the FBI recommends reporting it to their local FBI field office for confirmation.

Cyber scams evolve, so stay sharp

Cybercriminals continue to refine their attacks, and are always looking for new ways to steal valuable information and money. First, all you had to do was shore up your computer, but the advent of smartphones gave bad actors a new space to conduct their crimes.

That doesn’t mean you have to be scared. By knowing how cyberattacks work, you can be prepared for them regardless of what device bad actors target.

 

Learn how to spot and respond a pair of phone-related scams, ranging from “smishing” campaigns to SIM swapping attacks

 

Get a demo