cybersecurity, Hacks, Security

Special Olympics New York Hacked to Send Phishing Emails

New York Special Olympics has been compromised, a non-profit organization focusing on competitive athletes with mental handicaps.

New York Special Olympics presents equal opportunity to participate in Competitive, organized sports for people with intellectual disabilities.

Sadly, during the Christmas holiday, the non-profit agency was compromised and the perpetrators then used their email server to initiate a phishing operation against their donors.

“Friends, Boo! As you may have noticed, our email server was temporarily hacked. We have fixed the problem and send our sincerest apologies. While donating to Special Olympics NY is always a good idea, we would never ask in such a grinchy way.” wrote Stacey Hengsterman, President & CEO of Special Olympics NY, in a post published on Instagram.

“We immediately heard from so many of you and for that we are grateful.
We are sorry for the inconvenience and hope you are all enjoying your holiday season!”

The company reported the intrusion and confirmed that the perpetrators had been shut out, it also sent a notice of data breach to the affected people, requesting that they ignore the organization’s last post.

NY Casey Vattimo, SVP of Public Affairs for Special Olympics, revealed the breach on Twitter and reported the stabilization of the case.

Hack

New York Special Olympics claimed that interference only compromised the “communications system” including the contact information of supporters, as well as pointing out that no financial data is revealed.

The phishing messages sent to donors informed them of an upcoming contribution fee that would immediately deduct $1,942.49 from the goal account in two hours.

Using this technique attackers fooled the victims into clicking on one of the two embedded hyperlinks that led them to the transaction statement’s PDF version.

“Please review and confirm that all is correct, if you have any questions, please find my office ext number in the statement and call me back,” read the content of the phishing emails. “It is not a mistake, i verified all twice. Thank you, have a great weekend.”

A Constant Contact monitoring Link was used by the phishing email to guide users to a website designed to steal credit card details from donors.

Casey Vattimo noted that consumers can now make donations without any complications, noting that all sums raised by December 31 to Special Olympics NY will be multiplied by Finish Line’s courtesy.

Source : HackerCombat

Previous ArticleNext Article

Send this to a friend