How Scattered Spider Uses Social Engineering In Cyber Attacks

With a knack for deception, these young cybercriminals are turning the airline industry upside down. What 'Scattered Spider' is doing is both clever and alarming.

If you're planning on flying out of Michigan this summer, pay careful attention to the emails you receive from your airline leading up to your departure.

What is Scattered Spider?

Scattered Spider is a cybercriminal group that targets large companies' information technology for ransomware scams. This criminal organization is primarily made up of teens and young adults.

The FBI released a statement regarding the clever yet simple way these hackers work.

ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts. They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk.

Canva

READ MORE: Second Measles Outbreak Confirmed In Michigan

Here's how Scattered Spider works. They will gather information about an airline employee, then call the company's IT department and say, "Hey, I bought a new phone, can you add this device to my account?" Once that happens, they can get through the two-factor authentication and control that employee's account. That enables them to gather more information on other employees to continue the cycle.

Get our free mobile app

Now that they are targeting airlines, the FBI is concerned about urgent systems getting shut down for ransom.

Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims.

The earlier the FBI receives reports on these breaches, the better chance they will have to pause or eliminate the issue. Authorities ask that you contact your local FBI office immediately if you suspect your company has been targeted.

20 Most Commonly Hacked Passwords in Michigan and Indiana

Tap here to get the full story.

Gallery Credit: Dana Marshall

This Is What's Illegal To Burn In Michigan

The state of Michigan has made it very clear on their website of what is acceptable and not acceptable to burn

Source: FBI Warns Michigan Travelers Of Teen Cybercriminals Hitting Major Airlines

Filed Under: Michigan, Travel, Scam

Categories: Articles