employees . Only a couple of divisions have been affected and it 's not a system-wide outage . However , it impacted Grassfield High School in a big way . Classes heavily relying on technology were affected , but the others carried on as usual .
The attack was discovered when the perpetrators attempted a fraudulent wire transfer of money . A link has been posted to your Facebook feed . A phishing email attackAttack.Phishingpotentially compromised the accounts of as many as 18,000 current and former employees of media company Gannett Co. As of Tuesday there was no indication of accessAttack.Databreachto or acquisition of any sensitive personal data from employees ’ accounts , said the company . Gannett Co. ( GCI ) is the owner of USA TODAY , the publisher of this report , and 109 local news properties across the United States . The attack was discovered on March 30 and investigated by Gannett ’ s cybersecurity team . It appeared to originate in emails to human resources staff . The 18,000 current and former employees of the company will be sent notices about the incident and offer of credit monitoring via the US Postal Service . No customer account information was touchedAttack.Databreachby the phishing attackAttack.Phishing. They will be provided with an offer of credit monitoring because employee information was potentially available through some of the affected account login credentials before the accounts were locked down . Phishing attacksAttack.Phishingare a common method used by attackers to infiltrate computer networks . They typically consist of faked emails sent toAttack.Phishingan employee that enticeAttack.Phishingthem to click on a link that unleashes malicious software that can compromiseAttack.Databreachtheir computer accounts . Once in a network , attackers can then leapfrog to other accounts , working their way deeper into the system . In the Gannett attack , the infiltration was discovered when the perpetrator attempted to use a co-opted account for a fraudulent corporate wire transfer request . The attempt was identified by Gannett 's finance team as suspicious and was unsuccessful .
Social media phishing attacksAttack.Phishingjumped by a massive 500 % in Q4 , driven by a huge increase in fraudulent accounts including many posing asAttack.Phishingcustomer support for big name brands , according to Proofpoint . The security vendor revealed the findings in its Q4 2016 Threat Summary and Year in Review report . It claimedAttack.Phishingfraudulent accounts across sites like Twitter and Facebook increased 100 % from the third to fourth quarter . Such accounts are used for phishingAttack.Phishing, malware distribution , spam and other ends . In fact , Proofpoint observed a 20 % increase in Facebook and Twitter spam from Q3 to Q4 , with the quarter recording the second highest spam volume in the year . Yet it was a particular variety of phishing that caught the eye . So-called “ angler phishingAttack.Phishing” is a relatively new tactic in which the black hats register fake Twitter accounts that masquerade asAttack.Phishingcustomer support accounts . They monitor the real support accounts for irate customer messages and then quickly jump in to send messages back to those users loaded with malicious links . The tactic was particularly common among financial services and entertainment accounts , according to the report . Elsewhere , the number of new ransomware variants grew 30-fold over Q4 , and malicious email campaigns grew significantly , with Q4 's largest campaign 6.7 times the size of Q3 's . Some of the biggest campaigns apparently involved hundreds of millions of messages dropping Locky ransomware . However , there was some good news , with scams involving the spoofing of CEO emails sent toAttack.PhishingCFOs falling 28 % in the final quarter . This is partly because CFOs are more cautious about the veracity of such messages , but can also be linked to a 33 % surge in DMARC implementation which helped to block attempts to spoofAttack.Phishingthe CEO ’ s email address . In addition , exploit kits remained at low levels of activity after some high profile Angler EK arrests in Q2 , although large scale malvertising campaigns persisted , Proofpoint claimed .
You may have heard of the CEO scam : that ’ s where spear-phishers impersonateAttack.Phishinga CEO to hit up a company for sensitive information . That ’ s what happened to Snapchat , when an email came inAttack.Phishingto its payroll department , masked asAttack.Phishingan email from CEO Evan Spiegel and asking for employee payroll information . Here ’ s a turn of that same type of screw : the Internal Revenue Service ( IRS ) last week sent out an urgent warning about a new tax season scam that wraps the CEO fraud in with a W-2 scam , then adds a dollop of wire fraud on top . A W-2 is a US federal tax form , issued by employers , that has a wealth of personal financial information , including taxpayer ID and how much an employee was paid in a year . This new and nasty dual-phishing scamAttack.Phishinghas moved beyond the corporate world to target nonprofits such as school districts , healthcare organizations , chain restaurants , temporary staffing agencies and tribal organizations . As with earlier CEO spoofing scamsAttack.Phishing, the crooks are doctoring emails to make the messages look likeAttack.Phishingthey ’ re coming fromAttack.Phishingan organization ’ s executive . SendingAttack.Phishingthe phishing messages to employees in payroll or human resources departments , the criminals request a list of all employees and their W-2 forms . The scam , sometimes referred to as business email compromise (BEC)Attack.Phishingor business email spoofing (BES)Attack.Phishing, first appeared last year . This year , it ’ s not only being sent to a broader set of intended victims ; it ’ s also being sent out earlier in the tax season than last year . In a new twist , this year ’ s spam scamwich also features a followup email from that “ executive ” , sent toAttack.Phishingpayroll or the comptroller , asking for a wire transfer to a certain account . Some companies have been swindled twice : they ’ ve lost both employees ’ W-2s and thousands of dollars sent out via the wire transfers .