Tagged: email Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 9:02 am on November 19, 2024 Permalink | Reply
    Tags: email, , , ,   

    New Phishing Scam Uses .GOV Emails 

    New Phishing Scam Uses .GOV Emails

    By Greg Collier

    In an unsettling turn of events, cybercriminals are exploiting trust in government systems to target businesses. Using stolen government email credentials, these criminals send fraudulent emails that appear legitimate, aiming to trick companies into sharing sensitive information. According to federal authorities, this tactic has escalated to a new level of sophistication, with attackers leveraging official-looking communications to gain access to confidential company data.

    Once considered a hallmark of trustworthiness, emails from .gov addresses are no longer a guaranteed sign of authenticity. These addresses are now being sold and misused on dark web forums, enabling criminals to pose as federal agencies. In one case, a known cybercriminal openly advertised their collection of high-quality .gov email credentials, boasting that they could assist buyers in impersonating law enforcement officers, even providing fake subpoena documents to make their ruse more convincing.

    The implications are serious. Businesses that fall for these scams may inadvertently expose customer data, internal documentation, or trade secrets. The fraudulent emails often include urgent requests, claiming an investigation or legal matter requires immediate action. Under the guise of government authority, companies are pressured into complying without verifying the legitimacy of the request.

    The FBI has issued warnings, urging businesses to remain vigilant and adopt stringent cybersecurity practices. Key recommendations include monitoring connections with third-party vendors, maintaining secure backups of critical data, and scrutinizing every aspect of any supposed emergency data request. Special attention should be given to details such as logos, legal references, and formatting, which may reveal subtle inconsistencies.

    One critical piece of advice is if you receive an email from a government address requesting sensitive information, do not respond immediately. Instead, contact the office directly through a verified phone number to confirm the request. Cybercriminals are adept at social engineering, using their knowledge of a company’s operations to craft emails that seem authentic. It’s essential to adopt a ‘trust but verify’ approach, even when the sender appears legitimate.

    The growing prevalence of these attacks highlights the evolving threat landscape. Companies must stay informed, invest in robust security measures, and foster a culture of skepticism toward unexpected or urgent requests. By doing so, they can protect themselves and their customers from falling victim to these sophisticated scams.

     
  • Geebo 8:00 am on October 24, 2023 Permalink | Reply
    Tags: email, , , ,   

    USPS warns of $2M email scam 

    USPS warns of $2M email scam

    By Greg Collier

    The United States Postal Service (USPS) has had to issue many scam warnings in its recent past. The one you might most be familiar with is the undelivered package scam. This is when scammers send out text messages purporting to be from the USPS. The text messages say the USPS could not deliver the recipient’s package and needs additional information to make the delivery. These text messages often contain a link where the recipient will either be asked for personal or financial information. Now, the USPS is issuing a warning about an email scam they’ve discovered.

    According to the USPS, scammers are sending out emails asking for the recipient’s personal information such as street address and phone number, among other information. The emails look like they’re coming from the USPS, but they’re not. Much like the text messages, the emails also claim that a delivery is trying to be made to the recipient. However, in order to potentially get as much information as possible from the recipient, the scam emails are dangling a large incentive in front of them.

    The emails claim the recipient is receiving a $2 million cashier’s check along with $50,000 in money orders. The email then instructs the recipient to send their personal information to another address. From there, the recipient’s identity could be easily stolen. The USPS hasn’t said if anyone has fallen victim to this scam yet.

    As always, if something sounds too good to be true, it probably is. No one is sending out $2M checks out of the goodness of their hearts. Even if they were, the check would more than likely not be sent through the regular mail. Subsequently, the USPS does not reach out to customers through text, email, or phone call about undeliverable packages. They never ask for personal or payment information, either.

    If you receive an email like this, you’re asked to forward it to spam@uspis.gov before deleting the email.

     
  • Geebo 8:00 am on May 17, 2023 Permalink | Reply
    Tags: , email, , , , ,   

    Victim sues banks for failing to prevent $500K loss 

    Victim sues banks for failing to prevent $500K loss

    By Greg Collier

    A 74-year-old woman from Hilton Head, South Carolina, is suing three major financial institutions for allegedly failing to prevent large transactions of hers being used in a months long scam. But before we get to that, please read how scammers tormented this poor woman.

    It started out when she received an email that appeared to come from PayPal. In actuality, it was a phishing email which said her account had been hacked. The email also offered customer service software that could prevent her account from being hacked. The software was actually malware that allowed scammers to take control of her computer.

    This allowed the scammers to access her bank accounts and take thousands of dollars from her. They also convinced her to withdrawal large sums of money and convert it to cryptocurrency to send them. This occurred through most of 2022.

    The victim’s son received a surprise anonymous text where he was warned by scammers that the last of his mother’s money was about to be stolen. It seems even scammers can have a change of heart. The son even received texts about how much information they had on his mother, including logins for close to a dozen of the woman’s online accounts.

    Her son then went out and bought her a new phone with a new number, and it wasn’t long before the scammers started contacting her through the new phone.

    The woman is now suing PayPal, Bank of America, and Wells Fargo for not better protecting consumers. The suit alleges all three corporations “failed to take corrective actions” while the fraud took place, which included large in-person transactions. According to the suit, the large transactions were never questioned.

    What do you think? Are the banks partially responsible for not putting a stop to these transactions? Or is the elderly woman just an unfortunate victim?

    Since this all started with the victim downloading malware from an email, it’s a good time to remind our readers not to click on any suspicious links from emails, even if they’re from a company you do business with regularly. That email may not actually be from that business. Instead, login directly into your account and address any issues from there.

     
  • Geebo 8:00 am on May 10, 2022 Permalink | Reply
    Tags: , email, , , ,   

    Homebuyer loses $155K in email scam 

    Homebuyer loses $155K in email scam

    By Greg Collier

    A woman in the state of Georgia was getting ready to close on a new home when she received an email from her lawyer. She was given instructions to wire transfer the $155,000 for the closing costs. However, the money did not go to the attorney. Instead, it went to the bank account of a local scammer who was recently arrested on felony theft charges.

    So, how was the scammer able to fool the victim? This scam is known as the business email compromise scam, or BEC for short. In this scam, the scammers hijack compromised email accounts of real estate attorneys, title companies, or banks. This way, the scammers can monitor the emails for people who are getting ready to close on their homes. Then, the scammers either use the hijacked email address or a spoofed address to give fraudulent instructions to the homebuyer to wire the money to the scammers. Meanwhile, the victims think they just closed on a new home.

    According to the FBI and other law enforcement agencies, this scam is becoming more common. This scam is so profitable, the scammers only need one victim to fall for the scam to make a ton of money.

    While you may not be in the market for a home right now, you may be in the future. So, it’s best to have this knowledge now instead of finding out before it’s too late. When the time comes to buy a home, the best way to protect yourself is to verify everything by phone. If you get an email from someone involved in the process asking you to make a substantial payment, call them to verify the request. It might be even better to visit the sender in person to verify any requests. No one wants to go through the stressful process of buying a new home only to have their dreams of a new home dashed by losing money to a scammer.

     
  • Geebo 9:00 am on January 21, 2020 Permalink | Reply
    Tags: email, ,   

    The email scam that will scare your friends! 

    The email scam that will scare your friends!

    Recently, a man from Amarillo, Texas started getting messages and texts from friends and colleagues asking him if he was ok. They were concerned for his well-being after they received an email that said the man was in a serious car accident that left him with spinal injuries. Thankfully, the man was fine but understandably confused why he was receiving so many messages about his health status. It turns out that his email account had been hacked and emails had been sent to everyone in his contact list. So why would a scammer send an email like this to everyone the victim knows?

    Well, it’s the second part of the email that gives away the scam. After telling people that the victim had been in a serious wreck the email goes on to ask for money. Not just money but gift cards. The victim’s friends first received an email that said: “Hi, I need to ask a favor, can you write me back.” If someone responded to the first email they would get the second email that told them about the fake accident. In that same email, they were asked to buy an Amazon gift card that’s intended for the victim’s niece’s birthday. Here is the email’s contents in full…

    I need to get an Amazon gift card for my niece, it’s her birthday, but I can’t do this now because I was involved in a car crash a few days ago, I have fractured my lumbar L1 and fractured my wrist. I’ll pay you back as soon as I’m back. Kindly let me know if you can handle this.

    It’s unknown if any of his contacts fell for the scam but they did the right thing when they received it. They contacted the man to see if the email was legitimate. That is exactly what you should do if you receive an email like this, preferably through another means of communication like text messaging. If you reply to the email, the victim might not receive it if their account has been hijacked. To better protect yourself from having your email account hijacked we recommend enabling two-factor authentication on all of your email accounts. Not only that, but your accounts should be protected with their own individual passwords that aren’t used on other accounts.

     
  • Geebo 7:26 am on May 3, 2016 Permalink | Reply
    Tags: email,   

    How to spot a scammer by their email address 

    How to spot a scammer by their email

    While no tip is guaranteed to be 100% accurate all the time here is a tip on how to spot a scammer by their email address.

    While scammers can use free email services like GMail or Yahoo a recent trend by overseas scammers is to use ‘off brand’ email addresses. A number of the addresses seem to have some kind of connection with the United Kingdom (UK) including proclaiming to be fans of a number of football teams (soccer) from the English Premier League. Another set of email addresses have various names of occupations or that they belong to some kind of car club.

    This is not to say that scammers won’t use free email services commonly used in the US. A good tip in that instance is to be wary addresses that seem to be a random string of characters rather than something that reflects a name. Also be wary of email addresses that have suffixes that indicate they’re from overseas such as .uk or .in for example.

    Again, no tip is guaranteed to be effective at all times but with a little bit of knowledge your online buying and selling experience can be a better one.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel