Greg's Corner

Tagged: phishing Toggle Comment Threads | Keyboard Shortcuts

• 

  Geebo 9:00 am on February 4, 2020 Permalink | Reply
  Tags: coronavirus ( 40 ), cybersecurity ( 37 ), phishing, Scams ( 1,429 )   

  Coronavirus fears have led to cyber attacks 

  

  The coronavirus has taken up much of the headlines lately and with good reason. Recent reports have come out claiming that it could become a global pandemic although the potential fatality rate remains in doubt. Add to that the amount of rumors and misinformation that is being spread about the disease isn’t helping allay public fears. So as is can be expected, cybercriminals have taken it upon themselves to take advantage of that fear for their own crooked purposes. As we always say, scammers and con artists never fail to take advantage of a disaster or crisis to try and put one over on their victims at great personal cost.

  Security experts at Kaspersky Labs have discovered several phishing emails being spread about the coronavirus. The emails, a sample of which can be seen here, pretend to be from a medical professional who is a coronavirus expert. The emails then request that you click on a link so you can get more information about protecting yourself from the coronavirus. The links are disguised as being any number of video or document files such as pdfs and mp4s. However, these attachments are filled with malware that can do any number of malicious things to your device including destroying your files or holding your device for ransom, among others.

  [youtube https://www.youtube.com/watch?v=tEFFZ7uZoFM%5D

  As always, you should never click on any links or attachments in emails from someone you don’t know personally. If you are concerned about the coronavirus you can get the most factual information from either the World Health Organization, the Centers for Disease Control, or both. Education about the disease is one of the best tools we have as a society in defeating it.

  Coronavirus scams continue to spread | Greg's Corner is discussing. Toggle Comments

   

  Leave a ReplyCancel reply
• 

  Geebo 9:00 am on January 24, 2020 Permalink | Reply
  Tags: cybersecurity ( 37 ), FedEx, phishing, scam ( 22 ), smishing ( 11 ), text messaging ( 37 )   

  FedEx text scam is more dangerous than you think! 

  

  A number of reports went out nationwide yesterday about a scam that’s appearing in the text messages of many Americans. As you can see by the graphic above, the text claims to be from FedEx telling you that you have an incoming package that requires you to submit your delivery preferences. The text then provides you a link to click on. While this appears to be just a ‘normal. phishing scam on the surface, this particualr scam goes much deeper than that and can end up costing you a lot of money.

  If you were to click on the link in the phony text you would be taken to a site that looks like Amazon but isn’t. The fake Amazon site then asks you to fill out a customer service survey in order to claim a prize. However, to collect the prize you need to cover the cost of shipping and for that, you need to provide your financial information. Yet, it doesn’t stop there. On top of everything else, by providing your payment information you’re also signing up for a subscription service that will charge you close to $100 a month for products related to the ‘prize’ you chose. We’ve previously discussed subscription scams here.

  [youtube https://www.youtube.com/watch?v=Ez1ZmkI4EfA%5D

  If you receive this text, delete it immediately. It goes without saying that you shouldn’t click the link nor should you respond to it. While FedEx does offer a service to text message you about the arrival of your packages you have to sign up for that service. FedEx will never send unsolicited text messages. If you are expecting a package to be delivered from FedEx or any other courier and you are concerned about the delivery, always use the courier’s website or official app to see if there have been any actual problems with delivery.

  Package delivery update text is a scam | Greg's Corner is discussing. Toggle Comments

   
• 

  Geebo 9:04 am on January 15, 2020 Permalink | Reply
  Tags: 401k, cybersecurity ( 37 ), phishing, retirement fund, security ( 46 )   

  Are thieves targeting your 401k? 

  

  We’ve discussed several different forms of bank fraud before. Whether it’s text message scams or phishing attacks to gain your account information, we’ve talked about the myriad of ways that scammers try to empty your bank account. Now, because of all the news that has gotten out about these scams thieves and cyber-crooks have started targeting a new source of income, retirement funds and 401ks. Is your retirement nest egg vulnerable to being cleaned out? Let’s take a look at how the thieves are targeting 401ks and what can be done about them.

  According to USA Today, since so many consumers and banks have become wary of the typical scams that are used to attack bank accounts the thieves have turned to attack 401ks. The reasoning behind this is because a lot of people don’t pay close attention to their 401k. In too many cases, consumers will either ignore or discard the statements they receive from their retirement fund broker. Then when they need to check their 401k balance they discover that their fund has been slowly drained. Unlike banks, retirement funds aren’t always willing to help you get your money back.

  While the target may be new, the attacks are roughly the same. The thieves use old standards like phishing attacks and weak passwords to gain access to your 401k. In order to prevent these attacks from happening it’s recommended that you review the mailed statements you receive from your fund manager for any suspicious behavior. It’s also recommended that you use a strong password to secure your account with a password that’s not used on any of your other online accounts. Lastly, never click on any links in emails that you receive purporting to be from your 401k manager as they can be used to steal your login information. Instead, always go directly to the 401k website and log in from there to check your account.

   
• 

  Geebo 9:00 am on January 13, 2020 Permalink | Reply
  Tags: Amazon ( 109 ), Amazon Prime ( 6 ), customer service ( 51 ), identity theft ( 109 ), phishing, Scams ( 1,429 ), tech support scam ( 51 )   

  Scams that use the Amazon name 

  

  Over the weekend, a number of reports came out independent from each other that detailed separate scams that are using Amazon’s name and logo to fool victims into handing over personal or financial information.

  In the first scam, scammers are sending out emails with the official Amazon logo attached to them. The email thanks you for purchasing an Amazon e-gift card. The email then says that if you didn’t purchase the e-gift card to click a link to cancel the purchase or receive a refund. This is a phishing attack that will lead you to a website that is not Amazon where the scammers will try to get you to input personal or financial information in order to get your ‘refund’. In one instance, a victim was asked to buy Amazon gift cards from a local retailer to fix the problem. If you ever receive an email like this you should never click on any links. Instead, go straight to the retailer’s website to check your account.

  [youtube https://www.youtube.com/watch?v=5Rg9tCBj0CU%5D

  The second scam was reported as happening in the Pacific Northwest. In it, the scammers are sending consumers letters stating that their Amazon purchase didn’t go through. What’s troubling about this scam is that the scammers have gained access to information that allows them to know what you purchased from Amazon and how much you paid for it. The letter instructs you to go to a website in order to but again, asks you to input personal and financial information. It’s unknown how scammers have gotten the purchase information so if you receive one of these letters, it’s recommended that you change the password to your Amazon account.

  In the last scam, if you’re thinking about signing up for Amazon Prime or you have a technical issue with Prime, be careful of what links you click on after a web search. In some cases, if you do a web search for ‘Amazon Prime’ or ‘Amazon Prime customer support’ you may be presented with ads that take you to third-party sites that are definitely nor Amazon. In other cases, these ads will list a phony customer service number for Amazon Prime. Security researchers have stated that these ads will take you to sites that will try to get you to pay for services that would be free if performed by amazon. This is also known as the tech support scam. Again, if you have customer service needs that Amazon needs to address, go to Amazon.com in order to find the correct information.

  Are counterfeits on Amazon a problem? | Greg's Corner is discussing. Toggle Comments

   
• 

  Geebo 8:00 am on October 2, 2019 Permalink | Reply
  Tags: malware ( 27 ), military ( 12 ), phishing, veterans ( 8 )   

  Malware attack targets veterans 

  

  Most online scams and attacks tend to target vulnerable groups of people such as the elderly, low-income families, and those in desperate need of a home. This new attack is no different, however, it’s targeting a group of people who have not only served their country but often find themselves needing resources more so than many other members of society. We’re of course talking about military veterans. Some of them are dealing with enough problems without having to deal with scammers and other bad actors but unfortunately, there are always people looking to take advantage of a bad situation.

  A number of internet security firms have reported that there is a malware attack floating around that targets veterans who are looking for employment. The veterans are lured to a site that resembles one run by the US Chamber of Commerce that is supposed to help veterans find work. Instead, this phony website infects the user’s computer with malware that is designed to steal personal that’s kept on the device. While it has not been determined what specific information is being stolen one can imagine the myriad of scams that information could be used for especially when it concerns someone who may be receiving government benefits or assistance. Sadly, this isn’t the only scam that targets veterans.

  [youtube https://www.youtube.com/watch?v=ryjbgmD4Z2o%5D

  Another scam that veterans should be on the lookout for is the benefit buyout scam as shown in the video above. There are also scams promising refinancing on VA loans with bogus promises of low rates along with phishing attacks from phony emails that appear to be from the VA. That’s in addition to employment scams that are identical to the ones civilians fall prey to but in this case, they are specifically targeted at vets. If an offer sounds too good to be true it is recommended that you check with your local VA office for additional information.

   
• 

  Geebo 8:00 am on September 19, 2019 Permalink | Reply
  Tags: phishing, Scams ( 1,429 ), venmo ( 28 )   

  Payment app scam plagues the country 

  

  If you’re unfamiliar with Venmo, it is a mobile payment app that allows users to send payments to each other without needing to have cash on hand. The most common example of Venmo’s purpose is splitting a restaurant bill or bar tab between friends. With Venmo you can just electronically send the amount you owe to whoever is covering the actual cost of the bill at hand. Venmo has become increasingly popular among younger consumers as we inch closer to a cashless system of commerce. However, whenever a new tech tool becomes convenient and popular, someone will look to take advantage of it especially if it involves money.

  Police departments across the country are warning consumers about a phishing scam that targets Venmo users. The scam doesn’t originate from the app itself but rather from a text message. The text states that your Venmo account is about to be charged for something that you obviously didn’t purchase. However, the text provides a link to click on in that will supposedly deny the charges. The link takes you to a phony website that looks like the Venmo site. You’re then instructed to enter your user information along with the financial information that’s tied your Venmo account. The scammers then use this information to drain your account.

  [youtube https://www.youtube.com/watch?v=ewln93OGbkg%5D

  As with any online banking or payment service, you should be wary of any text message or email that says there is a problem with one of your account. While there are actual text messages and emails that these services will send, too often they can be spoofed to try and steal your information or money. Whenever you receive one of these messages you should only log in to your account through the official app or website and not click on any links that may have been provided to you. It may not be as convenient but will protect you and your finances in the long run.

  Payment app used by major banks targeted in scam | Greg's Corner is discussing. Toggle Comments

   
• 

  Geebo 8:00 am on July 10, 2019 Permalink | Reply
  Tags: deep fakes ( 6 ), defense contractor, google voice ( 13 ), phishing, Scams ( 1,429 )   

  These tech scams are frightening! 

  

  This week’s set of scams are incredibly troubling. Technology has advanced to a point where scams have become harder to spot. Not to mention that some of the tactics used by these scammers are like something out of a movie.

  The first scam is kind of confusing and seems a little convoluted for something that doesn’t bring that much to the scammers. If you’re not familiar with Google Voice, it’s a service that provides you with a free supplementary phone number. Scammers are using Google Voice to hijack phone numbers from personal numbers that have been shared online. For example, if you’ve posted your phone number in a classified ad the scammers will attempt to hijack that number. The scammers won’t be able to take any money from you but could potentially use your number for criminal activity. If your number has been hijacked in one of these scams this article has instructions on how to get your number back. Unfortunately, the steps won’t be that easy.

  The next scam, while rare, is very disconcerting. Security firm Symantec has said that they have found a handful of scams where the scammers have used deep fake audio of business executives in order to trick employees into transferring money to the scammers. Deep fakes are AI generated video or audio that can be hard to tell from the real thing. We’ve previously discussed the potential harm that deep fakes could cause here. The process to generate these deep fakes can cost thousands of dollars ut could end up costing businesses untold losses in the future.

  [youtube https://www.youtube.com/watch?v=VnFC-s2nOtI%5D

  Our last scam for today is the most alarming. According to news site Quartz, a US military defense contractor was taken for $3 million in top-secret equipment by international con artists. All the scammers had to do was use an email address that looks similar to official military domains. This is basically the same phishing scam that’s used to try to steal your banking information except a company with a high government security clearance fell for it to the tune of $3 million. Thankfully, the scammers were apprehended after federal investigators tracked them down through the mailing address they used that they claimed was a military installation. Disturbingly, neither the Quartz article nor the legal documents Quartz obtained state whether or not the sensitive equipment was ever recovered.

   
• 

  Geebo 8:02 am on May 22, 2019 Permalink | Reply
  Tags: Airbnb ( 13 ), phishing, Scams ( 1,429 )   

  Has your Airbnb account been hacked? 

  

  A new scam has been targeting users of the online rental service Airbnb. Some users of the platform have reported having their accounts hijacked and then had phony reservations made in their name. Their money is then taken from their bank or PayPal account before the non-refundable reservation is canceled. The scammers will then change your phone number and login credentials on your Airbnb accounts so you can’t contact Airbnb to get a refund.

  Airbnb says that these have been isolated incidents and are working with affected users. However, many users have complained that once their accounts are hacked it’s been difficult to get in touch with Airbnb’s customer service. Users are also expressing concerns that Airbnb is not informing their users about the recent hacks.

  [youtube https://www.youtube.com/watch?v=d3JygPGWWOs%5D

  Reports state that the accounts are being hijacked through phishing attacks. That means the scammers are sending out emails that look like they’re from Airbnb and are trying to get consumers to give up their log in information. To better protect yourself, never click on links from suspicious emails. These emails may come from such email addresses as “airbnb-bookings.com” or “Airbnb1.com.” Official emails from Airbnb will only be addressed from Airbnb.com.

   
• 

  Geebo 8:00 am on May 15, 2019 Permalink | Reply
  Tags: BBB ( 20 ), phishing, Scams ( 1,429 ), voicemail ( 4 )   

  This voicemail should go unanswered! 

  

  The Better Business Bureau is warning about a new scam that has taken the internet by storm. It’s a version of the phishing attack with a new twist. Normally in phishing attacks, you’ll be sent an email that looks like it came from a legitimate business or contact where they’ll ask you to either click on a link or enter some information. These attacks are designed to either get your personal information or install malware on your computer. Now, according to the BBB, scammers have added a new wrinkle to this attack.

  In the new attack, the scammers will send an email that claims to be from Office 365 or some other business software telling you that you have a new voicemail message. The email will even tell you that the message is from a trusted source. Then the email will provide you a link to click on to listen to the voicemail but instead will try the aforementioned tactics of either trying to steal your information or inject malware on to your device.

  In order to avoid phishing attacks like this, you should never click on unsolicited links especially if you’ve never opted in for receiving these kinds of alerts. Never log into any of your accounts through an email link, instead log in directly from the main page or app for your account. And if you’ve been a victim of one of these scams you can report it to the BBB.

   
• 

  Geebo 10:00 am on January 8, 2019 Permalink | Reply
  Tags: Apple ( 32 ), iPhone ( 16 ), phishing, Scams ( 1,429 )   

  iPhone users receiving spoofed calls from Apple in latest phishing attack 

  

  Another sophisticated scam seems to be targeting Apple users once again. In the past few weeks, we’ve posted about how one phishing attack targeted Mac users by directing users to log into a site that looks like Apple’s website but then steals your Apple user ID and Password. Then we posted about another scam where a phony app from the iOS App Store posed as an app to help you get an Amazon Echo activated but instead asked you for more information than such an app needed. Now, an even more insidious scam is targeting iPhone users once again.

  In this latest attack, iPhone users are reporting receiving calls that appear to come from Apple’s official support number. An automated message then informs the iPhone user that Apple user IDs have been compromised and directs the user to call a different toll-free number. The additional phone number appears to go overseas and may be connected to a team of scammers who may be trying to obtain personal information, money for ‘fixing’ the problem, or both.

  As can be expected with these types of scams, Apple has said that they never call their customers out of the blue like this. With the ever-increasing advent of spoofed phone numbers and robocalling, these scams are becoming more prevalent by the day> many of these scams seem to be disproportionately targeting Apple users since Apple devices can be rather expensive which in turn can make Apple users lucrative targets. If you’re an iPhone user and you receive a call like this, call Apple back directly and do not call the number from the automated message. You worked hard to be able to afford that iPhone so why let someone take advantage of you?