Hackers target and steal personal and financial data for fraud and other illicit purposes.
They also sell the data on the black market for profit.
They exploit this information to gain unauthorized access to bank accounts, credit cards, and other valuable assets.
Cybersecurity researchers at Proofpoint recently warned of complimentary Piano messages that steal personal and financial data.
Technical analysis
Proofpoint uncovered an ongoing advance fee fraud campaign that has been ongoing since January 2024.
The campaign has sent over 125,000 emails, luring targets, primarily students and faculty at North American universities and other industries, with promises of free pianos.
All-in-One Cybersecurity Platform for MSPs to provide full breach protection with a single tool, Watch a Full Demo
When recipients engage, the threat actors impersonate shipping companies, demanding upfront “delivery fees.”
This piano-themed social engineering scheme aims to extract money from victims under pretenses illegally.
The ongoing piano advance fee fraud scam has netted over $900,000 to a single Bitcoin wallet by tricking recipients, often students and faculty, into paying upfront “delivery fees” for non-existent free pianos.
Leveraging freemail accounts, the actors impersonate shipping companies and collect personal information from victims across payment methods like Zelle, CashApp, and cryptocurrency.
With varying email content and contact details, multiple threat actors likely utilize the same wallet for various concurrent scams, given the high transaction volume and diversity.
This campaign is likely operated in part from Nigeria based on identified perpetrator information and baits victims with elaborate stories to extract upfront fees under false promises of larger future payouts.
After obtaining personal details and initial payments via social engineering, the threat actors establish contact, making off with the illicit funds.
This centuries-old scam, known as Nigerian 419 fraud, exploits greed across countless variations but reliably robs victims of their money.
IoCs
Get special offers from ANY.RUN Sandbox. Until May 31, get 6 months of free service or extra licenses. Sign up for free.