MacKenzie Scott foundation rocked by phishing attack

‘Donation’ alerts promising a share in the philanthropist-novelist’s $60 billion fortune are fake

IRONSCALES recently identified a social engineering spear-phishing attack, spoofing The MacKenzie Bezos-Scott Grant foundation.

This is a global non-profit founded by the former wife of Amazon co-founder Jeff Bezos, which upended philanthropy last year when it announced that it would dole out billions to small charities, non-profits and small businesses.

To date, more than 200 IRONSCALES customers and upwards have received the fraudulent phishing email impersonating the foundation, promising that they have been selected to get a piece of MacKenzie (Bezos) Scott’s $60 billion fortune earmarked for donation.

In what is known as an ‘Advance Free Scam’, the attackers ask for recipients to reply with their full names and addresses. Once the recipient follows through with the request to provide personal details, the attacker will ask for initial payment information to process and receive the funds.

In this attack, the senders almost certainly used social engineering to identify an exact set of victims who would believe that such an email is legitimate, due to their title/position and/or because of the industry they work in. However, there are textual and technical anomalies that IRONSCALES was able to leverage in protecting mailboxes. The display name ‘Mackenzie Scott Grant’ is an impersonation of MacKenzie Scott fund, and the grammatical mistakes of improper punctuation and capitalisation indicate another commonality of phishing, IRONSCALES points out.

The company’s founder & CEO, Eyal Benishti, further comments: "It's no surprise that malicious actors are taking advantage of the opportunity to prey on non-profits and businesses seeking financial relief. Phishing attacks have seen a precipitous increase during the past 12 months and this MacKenzie Bezos Scott foundation attack follows a familiar pattern of attackers exploiting financial uncertainty during COVID, as well as exploiting a trending news item to make the email more believable."