May 29, 2024 at 02:16PM
Large-scale phishing campaign using unusual lure, offering baby grand piano for free, has earned over $900,000. Phishing emails from alleged university professor lead recipients to a second email purporting to be from a moving firm with payment options only through non-traditional methods. Bitcoin wallet linked to campaign holds over $900,000. Nigeria-based operation suspected.
Summary of Meeting Notes:
– The meeting notes detail a large-scale phishing campaign discovered by email security firm Proofpoint in January 2024.
– The campaign has targeted over 125,000 email recipients, primarily North American university students and faculty, as well as healthcare and food and beverage service providers.
– Phishing emails claim to offer a free 2014 Yamaha Baby grand piano due to downsizing, and direct recipients to contact an email for inspection and delivery.
– Fraudsters then pose as a moving firm and urge urgency in payment for delivery, providing limited payment options such as Zelle, Paypal, Apple Pay, Chime, and Cash App, with no traditional options for tracing and reversing payments.
– The cost of delivery ranges from $595 to $915, much less than the value of the piano, estimated at $9,000 to $13,000.
– The campaign has proven to be highly effective, with Proofpoint identifying a single Bitcoin wallet address associated with it that holds over $900,000, indicating substantial earnings.
Furthermore, additional investigation has revealed that one of the fraudsters used a Nigerian IP address, suggesting at least part of the operation may be based in Nigeria.