Tagged: phishing Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on March 18, 2021 Permalink | Reply
    Tags: , , phishing, ,   

    New phishing scam sells your identity on the dark web 

    New phishing scam sells your identity on the dark web

    By Greg Collier

    An insidious phishing scam has turned up in the nation’s largest metropolitan area.

    For those who may not be familiar with what phishing is, it’s when you get sent a phony email or text that has you click on a link. These links either take you to a phony website where identity thieves will try to steal your personal information or the links will inject malware into your device. If malware were to get into your device, it could transmit your data to scammers and identity thieves and scammers, or it could lock your device in a ransomware attack. However, this new phishing attack has victims voluntarily giving up their information in a more comprehensive way than before.

    Reports out of New York are saying that victims of the attack are receiving authentic looking emails and text messages that appear to be from the State Government. The messages largely target those who are currently unemployed in the Empire State. Once the victim clicks the link in the message, they’re taking to a website that is a mirror image of the official New York unemployment website.

    After the victims use their login information on the phony website they’re then asked to take high-quality pictures of their driver’s license and other sensitive documents. Once the identity thieves have your information, they turn around and sell your identity on the dark web. According to security experts, Social Security cards are going for around $1.50 while driver’s licenses are going for around $100. Just imagine, a $1.50 transaction on the dark web that happens instantly can have expensive repercussions on your life for years to come.

    Always be suspicious of any text message, email, or social media message that wants you to click on any kind of link, especially if it’s for such a crucial matter like your unemployment benefits. Most government agencies like unemployment offices will not email or text you but instead will almost always contact you through the postal mail. And keep in mind that all official government websites end in .gov.

     

  • Geebo 9:00 am on February 25, 2021 Permalink | Reply
    Tags: , , , phishing,   

    Scam tries to extort medical professionals 

    Scam tries to extort medical professionals

    By Greg Collier

    Scammers still haven’t gotten tired of COVID-19 related scams yet. However, instead of targeting the general public, some scammers have decided to go after medical professionals in the scammer’s quest for ill-gotten gain.

    This scam is similar to the Social Security scam where the scammers claim that your Social Security number has been suspended due to some fictitious crime that your number was supposedly attached to.

    In this scam, scammers are contacting nurses, physicians and pharmacists posing as the state of New York to tell the victims that their licenses have been suspended. However, a substantial payment just happens to be able to revers the suspension and can avoid the licensee any future fines.

    It’s not lost on us that these scammers are going after frontline workers in a state that has one of the highest concentration of COVID-19 patients. This is an example of a couple of scammer tactics. One is to try to pressure and already overworked system and the other is to take advantage of any crisis no matter how horrible.

    In this instance, the scammers are flooding their victims with mounds of official-looking paperwork that appear to be from such agencies as the state, the U.S. Department of Justice, the FBI, Trans Union and the New York state Office of Professions. The problem with this paperwork is that it can look legitimate since they contain information like the professional’s National Provider Identifier.

    In the long run, scammers may not be after money but instead after the personal information of medical professionals as most of the forms ask for Social Security numbers and the like.

    It is recommended that anyone receiving one of these calls or messages to ignore it and report it to the FBI if you’ve lost money, or the FTC and local police if you haven’t.

     

  • Geebo 9:00 am on January 21, 2021 Permalink | Reply
    Tags: , , phishing, ,   

    New email scam tries to get your stimulus money 

    New email scam tries to get your stimulus money

    With the second round of economic impacts in the process of being paid and a third round possibly on the horizon, you might think that taxpayers should now be pretty immune to stimulus scams. However, that hasn’t stopped scammers from trying to get their hands on yours. It also appears that the scams are becoming even more elaborate to try to steal from you.

    The Federal Trade Commission is warning taxpayers about emails that claim to be from their agency discussing the stimulus payments. The emails even claim to be sent directly from the outgoing chairman of the FTC. According to reports, the email demands that you pay money to receive your stimulus payment. It even includes an official looking ‘certificate of approval’.

    If you make any motions towards actually making a payment to the scammers, you’ll be told that the payment is for a State Department certificate that proves the funds are not related to any terrorist activity. That may sound made up, but the FTC is assuring us it isn’t.

    If you receive one of these emails it is recommended that you just delete it or mark it as spam.

    The indicators that this email is a scam are numerous. The first is that the FTC has nothing to do with economic impact payments. That is all handled by the IRS, and they’re not emailing anyone asking for money either. One of the other indicators is that you don’t have to pay for your stimulus payment. The majority of taxpayers just have to keep an eye on their bank account if they have direct deposit, or their mailbox if they don’t. Even if you’re a non-filer and received the initial stimulus payment, you should receive this one the same way.

    If you have any further questions about how the economic impact payments are being made, we recommend going to the IRS’s Get My Payment website.

     

  • Geebo 9:00 am on January 5, 2021 Permalink | Reply
    Tags: , , , phishing, ,   

    Two PayPal scams you should be aware of 

    Two PayPal scams you should be aware of

    PayPal is probably one of the most trusted online payment systems today. There aren’t many online retailers that don’t accept PayPal as a payment option. PayPal also allows those who are underrepresented by banks to not only shop online but to also have a debit card that the consumer can use like any bank debit card. However, this post isn’t meant to be free publicity for PayPal. While PayPal does offer many protections to their users, it can still be used in various scams as we’re about to take a look at now.

    Security experts are warning about a new series of text messages going around that are designed to steal your PayPal login information. The text messages claim that there has been fraudulent activity on your PayPal account and that your account is now limited. That would mean that you would be restricted in the use of your own PayPal account. The text then directs you to click on a link to verify your account. If you click on the link, you’ll be taken to a phony PayPal page that resembles the genuine article. If you enter your login information on this phony page, your information has just been stolen. Since many PayPal accounts are linked to bank accounts, your bank account could be in jeopardy as well. If you feel like you’ve clicked on one of these links and given them your information you should immediately change your PayPal password.

    The other scam is more hands on so to speak. A woman in Georgia was selling a cell phone on Facebook Marketplace. She met a buyer at a local restaurant. The man agreed to buy the phone using PayPal. The buyer showed the woman a fake email that looked like he had just paid her through PayPal. However, the woman wasn’t seeing the payment in her account. The man then made it appear as if he was calling PayPal himself and told the woman that the payment would be in her account in a couple of hours. As you can expect, the payment never showed up. PayPal doesn’t work like this as payments are almost instantaneous. Once you make or receive a payment you should be notified by PayPal right away. If you’re not notified you shouldn’t take a stranger’s word for it that you’ve been paid.

     

  • Geebo 11:00 am on December 24, 2020 Permalink | Reply
    Tags: , phishing, , typosquatting   

    How a typo could cost you money 

    How a typo could cost you money

    Right now, it’s probably too late to get a Christmas present to someone on time if you’re shopping online. However, there is an online shopping scam that takes place all year long that you should be aware of.

    Have you ever mistyped the address of your favorite website only to end up on some sketchy site full of ads and malware? Now what if you mistyped the address of your favorite shopping site but the site looked exactly the same? That’s what some scammers are hoping happens if you misspell the name of a popular retailer.

    Some scammers have registered slightly misspelled web addresses, known as URLs, to try to trick you into giving them money. For example, scammers will register a URL that puts in a zero when the actual address had an ‘O’ in it. Or they’ll add an extra letter that most people won’t notice. This is known as ‘typosquatting’

    These typosquatters won’t just sit around waiting for someone to make a typing error. They’ll also send out phishing emails that look like they’re from the legitimate retailer but use their phony URL for any links in the email. As always, you should never click on email links from people you don’t know personally.

    If you go to the duplicate site, not only could scammers get your login information for the legitimate site, they could also get your financial information.

    The best way to protect yourself from typosquatting outside of double-checking your spelling is to use a credit card when shopping online. Credit cards come with more consumer protections than that of a debit card, gift card, or online payment service. Some credit cards even provide a free service that generates a temporary credit card number that you could use for a one time purchase. This will prevent your credit card from being used for additional fraudulent charges.

     

  • Geebo 9:00 am on November 24, 2020 Permalink | Reply
    Tags: , , pandemic unemployment assistance, phishing, PUA, , ,   

    New unemployment scam promises $7600 

    New unemployment scam promises $7600

    If it seems like we’re hitting you over the head with unemployment scams, we’re sorry. We try to keep the content as diverse as possible but it seems that new unemployment scams have been popping up all over the country lately. This time, the scam is coming out of Ohio.

    The Ohio Department of Job and Family Services is warning residents of an email phishing scam. The scam is said to be targeting anyone in the state that has received pandemic unemployment assistance. This is an assistance program Ohio uses to help those not normally eligible for unemployment such as the self-employed and gig workers.

    The email, which can be viewed here, states that applicants can receive an additional ‘7,600 USD’ if they click on the link that says ‘Accept My Claims’. If you were to click on the link it would no doubt take you to an official-looking but phony web page where you’ll be asked to input your personal information. If you’re on a laptop or desktop computer you can hover your cursor over any link to see where it’s really going to take you.

    There are a couple of red flags with this scam if you know what to look for. The first is that the email said payment would be 7,600 USD. USD is normally only used outside of the country to indicate how much something may be if you’re purchasing it from overseas. There are also some grammatical errors in the email that you may overlook if you’re not too careful.

    The whole situation in Ohio leaves a question that we think needs to be asked. How were the scammers able to obtain the email addresses of people who are and were on the pandemic unemployment assistance?

    We’d also like to remind you that just because it’s happening in Ohio doesn’t mean a similar scam couldn’t come to your state. If you receive an email like this, do not click on any of the links contained in it. Instead, if you think there’s an issue with your unemployment go directly to your state’s unemployment website.

     

  • Geebo 9:01 am on November 23, 2020 Permalink | Reply
    Tags: , phishing, , , ,   

    New sweepstakes twist on unemployment scam 

    New sweepstakes twist on unemployment scam

    The Keystone State of Pennsylvania was one of the first states hit hardest by the nationwide problem of unemployment scams. For those who may not have heard, scammers are filing for unemployment benefits in all 50 states. The scammers use the identities of people who had their information exposed in corporate data breaches. Due to the sheer number of unemployment claims that have been filed since the start of the pandemic, most states’ unemployment systems have been overworked. This has allowed scammers to take advantage of the crisis and slip through the cracks and steal benefits.

    Now it seems that the scammers aren’t content with using the stolen identities they got through data breaches. According to the Pennsylvania Department of Labor & Industry, residents there have reported receiving emails and social media messages about having won a prize. The messages contain a link that takes them to a page that requests personal information so the ‘prize’ can be claimed. This is what’s known as a phishing attack. Once the scammers have the victim’s information, they allegedly use it to file for unemployment benefits in the victim’s name.

    Since this new variation of the unemployment scam is appearing in Pennsylvania it’s more than likely happening in your state as well. The unemployment scam is one of the rare instances where a scam has happened almost everywhere in the country at once.

    As with all sweepstakes scams, if you’ve never entered anything you can’t win anything. So any online message that claims you’ve won something is more than likely a scam. Once you give your personal information to a scammer it’s out there for good and can never be retrieved. Even if you clear things up with your state’s unemployment office, there’s a good chance that this could be the first in a long line of instances where you have to fight to prove your true identity.

     

    • Lorrie 3:13 am on November 28, 2020 Permalink

      I never got mine and I’m a victim of iidenty theft help!!!

  • Geebo 9:00 am on November 3, 2020 Permalink | Reply
    Tags: , , phishing, , ,   

    Stimulus check scams are back 

    Stimulus check scams are back

    Most Americans received their economic impact payments much earlier this year. This hasn’t stopped scammers from trying to trick people into using the promise of additional stimulus payments into giving up either money or personal information.

    Recently, scammers have been texting their victims with messages that state they have pending stimulus payments. The text then goes on to say that if you want to accept these payments you need to click on the attached link. While we haven’t confirmed this if previous texting scams are any indicator, the link will take you to a website that will require you to enter your personal information. Or it could potentially ask you to pay a ‘processing fee’ to receive your stimulus payment. In either case, the stimulus payment doesn’t exist. Ever since the initial economic impact payment were issued, the government has not approved any additional stimulus payments.

    Please keep in mind that the majority of federal agencies that deal with the general public do not communicate by text. That’s not even taking into account that if a government office needs to discuss stimulus payments they will refer to them by their proper name of economic impact payment. Anyone contacting you calling them a stimulus payment or stimulus check is probably not with the government. That’s not even mentioning that even if additional impact payments were to be issued you wouldn’t have to pay money to receive them.

    In addition to these warnings, it’s just good practice to avoid clicking on links in text messages from people you don’t know. This is a common practice used in several different scams that are designed to either steal your personal information or inject malware into your device. Either of which could lead to a number of expensive and inconvenient problems in the future.

     

  • Geebo 8:00 am on October 12, 2020 Permalink | Reply
    Tags: , , phishing,   

    Phishing scam targets voter registration 

    Phishing scam targets voter registration

    No matter which political party you may belong to, there has been a controversy over mail-in ballots. Some believe that this could lead to either voter fraud or voter suppression depending on which side of the political fence you’re on. However, there’s an apolitical scheme going on that doesn’t care what your ideology is.

    According to authorities in Arizona, emails are being sent out to look like they’re from the U.S. Election Assistance Commission. The emails say that your voter registration information is incomplete. Of course, the email contains a link for you to click on so you can provide your correct information. The link takes you to a legitimate-looking website where you’re asked for your personal information.

    This is what’s known as a phishing scam. The scammers aren’t planning to cast a vote in your name. That doesn’t make them any money. Instead, they’ll use your personal information for financial gains such as opening loans or lines of credit in your name.

    As always, you should never provide personal information to unsolicited emails no matter how official the email may look. Anyone with a modicum of computer knowledge can make an email look like it came from any organization they want.

    If you think that there may be an actual problem with your voter registration information, go to your county’s election office and bring several forms of ID with you.

    No matter which way you lean, make sure that your voice is heard.

     

  • Geebo 8:00 am on September 15, 2020 Permalink | Reply
    Tags: , , gov.us, phishing,   

    New scam tries to fine you for leaving your home during quarantine 

    New scam tries to fine you for leaving your home during quarantine

    With the country now being six months into the quarantine, you would have thought we would have heard of all the coronavirus scams by now. Yet, here we are posting about a new scam with COVID trappings and a little fake governmental fear to boot.

    Tech news website The Verge has posted a blog entry about how one of their editors who is working at home, received a scam email. The mail claimed that the editor left his home three times in one day during the lockdown and needed to go online to pay their $59 fine. The email went on to say the fine needed to paid to the editor’s gov.us account and gave a gov.us web address to click on to pay the supposed fine.

    This is actually a pretty clever scam. The gov.us web address appears like it’s coming from an actual government agency. However, anyone can buy a .us web address. Legitimate federal government web addresses end in .gov so seeing a gov.us address could fool some of the people all of the time. Plus, the scammers aren’t asking for a large amount for their phony fine. Potentially, someone may just click on the email’s link just to pay what they think is a nuisance fine.

    The trick here is that gov.us isn’t even a real website. The web address in the email was actually disguised to take any likely victims to what The Verge called a spammy website. The website The Verge listed has since been taken down but more than likely the website was designed to infect your system with malware that could wreak all sorts of havoc on your device from ransomware to identity theft. In order to avoid pitfalls like this, if you’re on a computer, you can hover your mouse over the address without clicking on it to see where it will actually take you.

     

← Older posts

Newer posts →

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel