The group's operations have stolen sensitive personal and corporate data, generating millions of dollars in illicit revenue. The widespread dissemination of Marko Polo's scams and malware poses a significant risk to regular internet users and businesses. Impacted individuals may be vulnerable to identity theft and financial losses, while impacted businesses could be exposed to potential data breaches, reputational damage, and financial ramifications. The group's adaptability and tendency to evolve its methods pose a persistent threat to cybersecurity defenses.
Recommendations
- The NJCCIC recommends users educate themselves and others on this and similar scams to prevent future victimization.
- There is no indication that these threats are credible; therefore, users are advised to refrain from sending funds and disregard these emails.
- Avoid clicking links, responding to, or otherwise acting on unsolicited text messages or emails.
- Use strong, unique passwords and enable MFA for all accounts where available, choosing authentication apps or hardware tokens over SMS text-based codes.
- Only download applications from reputable sources.
- Protect your digital assets by refraining from sending funds or installing wallets through unverified websites.
- Job seekers are advised to examine potential offers by contacting the human resources department directly via official contact information. Research potential employers and businesses online to determine if others have reported a scam before responding and providing sensitive information.
- Technical details and additional mitigations can be found in the Recorded Future report.
- These scams can be reported to the Federal Trade Commission (FTC), the FBI's IC3 and the NJCCIC.
