Greg's Corner

Tagged: phishing Toggle Comment Threads | Keyboard Shortcuts

• 

  Geebo 8:00 am on July 10, 2019 Permalink | Reply
  Tags: deep fakes ( 6 ), defense contractor, google voice ( 13 ), phishing, Scams ( 1,515 )   

  These tech scams are frightening! 

  

  This week’s set of scams are incredibly troubling. Technology has advanced to a point where scams have become harder to spot. Not to mention that some of the tactics used by these scammers are like something out of a movie.

  The first scam is kind of confusing and seems a little convoluted for something that doesn’t bring that much to the scammers. If you’re not familiar with Google Voice, it’s a service that provides you with a free supplementary phone number. Scammers are using Google Voice to hijack phone numbers from personal numbers that have been shared online. For example, if you’ve posted your phone number in a classified ad the scammers will attempt to hijack that number. The scammers won’t be able to take any money from you but could potentially use your number for criminal activity. If your number has been hijacked in one of these scams this article has instructions on how to get your number back. Unfortunately, the steps won’t be that easy.

  The next scam, while rare, is very disconcerting. Security firm Symantec has said that they have found a handful of scams where the scammers have used deep fake audio of business executives in order to trick employees into transferring money to the scammers. Deep fakes are AI generated video or audio that can be hard to tell from the real thing. We’ve previously discussed the potential harm that deep fakes could cause here. The process to generate these deep fakes can cost thousands of dollars ut could end up costing businesses untold losses in the future.

  [youtube https://www.youtube.com/watch?v=VnFC-s2nOtI%5D

  Our last scam for today is the most alarming. According to news site Quartz, a US military defense contractor was taken for $3 million in top-secret equipment by international con artists. All the scammers had to do was use an email address that looks similar to official military domains. This is basically the same phishing scam that’s used to try to steal your banking information except a company with a high government security clearance fell for it to the tune of $3 million. Thankfully, the scammers were apprehended after federal investigators tracked them down through the mailing address they used that they claimed was a military installation. Disturbingly, neither the Quartz article nor the legal documents Quartz obtained state whether or not the sensitive equipment was ever recovered.

   

  Leave a ReplyCancel reply
• 

  Geebo 8:02 am on May 22, 2019 Permalink | Reply
  Tags: Airbnb ( 13 ), phishing, Scams ( 1,515 )   

  Has your Airbnb account been hacked? 

  

  A new scam has been targeting users of the online rental service Airbnb. Some users of the platform have reported having their accounts hijacked and then had phony reservations made in their name. Their money is then taken from their bank or PayPal account before the non-refundable reservation is canceled. The scammers will then change your phone number and login credentials on your Airbnb accounts so you can’t contact Airbnb to get a refund.

  Airbnb says that these have been isolated incidents and are working with affected users. However, many users have complained that once their accounts are hacked it’s been difficult to get in touch with Airbnb’s customer service. Users are also expressing concerns that Airbnb is not informing their users about the recent hacks.

  [youtube https://www.youtube.com/watch?v=d3JygPGWWOs%5D

  Reports state that the accounts are being hijacked through phishing attacks. That means the scammers are sending out emails that look like they’re from Airbnb and are trying to get consumers to give up their log in information. To better protect yourself, never click on links from suspicious emails. These emails may come from such email addresses as “airbnb-bookings.com” or “Airbnb1.com.” Official emails from Airbnb will only be addressed from Airbnb.com.

   
• 

  Geebo 8:00 am on May 15, 2019 Permalink | Reply
  Tags: BBB ( 21 ), phishing, Scams ( 1,515 ), voicemail ( 4 )   

  This voicemail should go unanswered! 

  

  The Better Business Bureau is warning about a new scam that has taken the internet by storm. It’s a version of the phishing attack with a new twist. Normally in phishing attacks, you’ll be sent an email that looks like it came from a legitimate business or contact where they’ll ask you to either click on a link or enter some information. These attacks are designed to either get your personal information or install malware on your computer. Now, according to the BBB, scammers have added a new wrinkle to this attack.

  In the new attack, the scammers will send an email that claims to be from Office 365 or some other business software telling you that you have a new voicemail message. The email will even tell you that the message is from a trusted source. Then the email will provide you a link to click on to listen to the voicemail but instead will try the aforementioned tactics of either trying to steal your information or inject malware on to your device.

  In order to avoid phishing attacks like this, you should never click on unsolicited links especially if you’ve never opted in for receiving these kinds of alerts. Never log into any of your accounts through an email link, instead log in directly from the main page or app for your account. And if you’ve been a victim of one of these scams you can report it to the BBB.

   
• 

  Geebo 10:00 am on January 8, 2019 Permalink | Reply
  Tags: Apple ( 34 ), iPhone ( 16 ), phishing, Scams ( 1,515 )   

  iPhone users receiving spoofed calls from Apple in latest phishing attack 

  

  Another sophisticated scam seems to be targeting Apple users once again. In the past few weeks, we’ve posted about how one phishing attack targeted Mac users by directing users to log into a site that looks like Apple’s website but then steals your Apple user ID and Password. Then we posted about another scam where a phony app from the iOS App Store posed as an app to help you get an Amazon Echo activated but instead asked you for more information than such an app needed. Now, an even more insidious scam is targeting iPhone users once again.

  In this latest attack, iPhone users are reporting receiving calls that appear to come from Apple’s official support number. An automated message then informs the iPhone user that Apple user IDs have been compromised and directs the user to call a different toll-free number. The additional phone number appears to go overseas and may be connected to a team of scammers who may be trying to obtain personal information, money for ‘fixing’ the problem, or both.

  As can be expected with these types of scams, Apple has said that they never call their customers out of the blue like this. With the ever-increasing advent of spoofed phone numbers and robocalling, these scams are becoming more prevalent by the day> many of these scams seem to be disproportionately targeting Apple users since Apple devices can be rather expensive which in turn can make Apple users lucrative targets. If you’re an iPhone user and you receive a call like this, call Apple back directly and do not call the number from the automated message. You worked hard to be able to afford that iPhone so why let someone take advantage of you?

   
• 

  Geebo 9:58 am on December 21, 2018 Permalink | Reply
  Tags: Apple ( 34 ), phishing, Scams ( 1,515 )   

  New phishing scam hitting Apple users 

  

  It’s no secret that Apple has one of the most dedicated consumer bases among the global tech companies. Then it should come as no surprise that scammers and con artists will try to use Apple’s massive brand loyalty to their advantage. Since Apple devices and their accessories usually demand a high price, the scammers believe that their victims will have a reasonable amount of money, making Apple users lucrative targets. If you are currently invested in Apple’s ecosystem you could be a target of this latest scam.

  Many tech news outlets are reporting that this latest phishing scam goes further than the usual phishing scam. In most online phishing scams you’ll get an email posing as a service you may use asking you to update or change your user information. You’ll be directed to a link which takes you to a phony website that asks for your login or financial information. In this Apple scam, the scammers send you an official looking receipt from the Apple App store with phony charges. The receipt also contains shortened links to a fake website that looks a lot like Apple’s and it will ask you for your Apple ID information. It will then tell you that you’ve been locked out of your Apple account and will ask you for identifying information including your Social Security number to unlock your account. After you give them all of the requested information you’ll be directed to the legitimate Apple website.

  Again, the best ways to avoid phishing scams are not to open any attachments that are in emails from people you don’t know, and not to click on any links contained in these emails. If you think there is a legitimate issue with your account for any of these services, type the website’s address directly into your browser and enter your account through there. That way you can keep your information out of the hands of cybercriminals.

  iPhone users receiving spoofed calls from Apple in latest phishing attack | Greg's Corner is discussing. Toggle Comments

   
• 

  Geebo 9:58 am on December 18, 2018 Permalink | Reply
  Tags: Chrome ( 2 ), craigslist ( 129 ), Edge, Google ( 33 ), Netflix ( 15 ), phishing, Scams ( 1,515 ), shipping ( 5 ), used car ( 39 )   

  Netflix phishing scam returns, Google becomes Microsoft, and watch out for phony shipping companies 

  

  Today we bring you a few consumer protection stories that we think you should be aware of.

  First up is the return of the Netflix phishing scam. This is not a new scam but it seems to be making the rounds again. Reports from all over the country are stating that people are receiving emails that appear to be from Netflix asking customers to update their payment information. If you receive one of these emails do not click any of the links contained in the email. Doing this will take you to either a malware infested site or will try to obtain your credit or debit card information. Anytime some service requests any kind of information change, go directly to the site in your web browser instead of clicking any links.

  A former Microsoft intern is claiming that today’s Google is acting more like yesterday’s Microsoft. The intern used to work on Microsoft’s Edge Browser and claims that Google purposely tries to slow down other browsers than Chrome on some of their services such as YouTube. This is reminiscent of the browser wars of the early internet when Microsoft’s Internet Explorer gained the majority of the browser market by being included by default in Windows. The only difference this time is that Microsoft blinked and they are changing Edge to be a Chromium-based browser. Chromium is the engine that powers the Chrome browser and many of its offshoots like Opera and Vivaldi.

  Lastly, the state of South Dakota is warning consumers to be wary of phony shipping companies that are claiming they reside in the state. The state’s Attorney General is saying that people are being tricked into sending money to phony shipping companies when buying cars off of craigslist. If you’re going to buy a car online we hope that you would purchase the vehicle through Geebo.com, however, we always recommend shopping local when looking for a vehicle and using a safe place to conduct the transaction. However, if you do need to deal with a shipping company for whatever reason, a quick Google Maps search using the company’s supposed address should be able to tell you if the company actually exists or not.

   
• 

  Geebo 9:00 am on September 22, 2017 Permalink | Reply
  Tags: Netflix ( 15 ), phishing, Scams ( 1,515 )   

  New season for the Netflix phishing scam 

  

  Much like the flu, phishing scams have their own seasons as well. They’ll go away for a while, lay low, then start sending out their legitimate looking emails again. These emails look like they come from legitimate websites and always ask you to update your information. This time around, the phishing emails appear to come from popular video streaming service Netflix.

  According to The Guardian, the emails appear to be coming from the email address of supportnetflix@checkinformation(dot)com. That should be your first tip that this is a scam. If Netflix were to send you an email it would be from a Netlfix.com email address. The email tells you that you need to update your financial information which should be another red flag. If you click on the link it takes you to a legitimate looking website with a form to update your payment information, but if you look at the address in your browser bar, it will not be at Netflix.com. If you ever do need to update any kind of user information on any website, always go to the website directly and never click an email link.

  In researching this story, it seems that this exact phishing scam happened around the country about 8 months ago as well.

  Like previously stated, these scams are cyclical and need to be watched out for at all times.

   
• 

  Geebo 9:02 am on September 7, 2017 Permalink | Reply
  Tags: Amazon ( 110 ), Amazon Prime ( 6 ), phishing, Prime Day ( 8 )   

  Don’t fall for the Prime Day phishing scam 

  

  A phishing attack is when a scammer sends out a mass of emails that look like legitimate emails from such places as a bank telling you to log into your account and offering you a link to do so. Usually they do this under the guise that something is wrong with your account. Instead of sending you to your bank site, the website it sends you to is almost a mirror image of your bank’s site, but it’s a fake. It’s designed to copy your log in credentials in order to steal your financial information.

  More recently, a phishing attack has appeared that purports to be from Amazon. The email looks like it came from Amazon itself and it thanks you for buying an item during Amazon’s Prime Day, its once a year site-wide sale Amazon holds in July for its Prime Members. The email then asks you to write a review for the product your purchased and promises the chance for you to win a $50 Amazon gift card if you do. Then a link is offered to take you directly to Amazon. Much like the bank phishing scam, instead of taking you to Amazon, it takes you to a site which looks almost identical to the Amazon sign on page, but as usual it isn’t. If you enter your log in credentials here, they could be stolen and the perpetrators could use the financial information stored in your Amazon account to buy items for themselves. By the time you notice, the merchandise could have already been delivered to a temporary address and you’re stuck with the bill.

  When dealing with phishing emails like this, never click on any of the links. If you feel it may be a legitimate email, go to directly to the website by typing out the address in your browser. Always make sure the URL is spelled correctly as scammers will often use addresses that are slight misspellings of the actual URL. Also make sure when dealing with any website that needs your financial information, the URL should start with https, not just http. In most modern browsers it should also display a lock icon to let you know the site is secure.

   
• 

  Geebo 10:59 am on February 13, 2017 Permalink | Reply
  Tags: court fines, Detroit ( 4 ), IRS ( 28 ), phishing, Scams ( 1,515 )   

  Don’t pay your fines through Facebook 

  

  Recently in Detroit, a new twist on an old scam has reared its ugly head. People posing as city employees are sending messages to people on Facebook telling victims that they owe court costs to the city. Instead of mailing a check to city hall the victims are informed to wire the money in order to receive a discount on their alleged fine. As is usual with the wire scam, when you wire money to someone you don’t know they make off with your money and you have little to no recourse to get your money back, and you’ll still owe your fine if you own one. Unless it’s too a friend or relative that has approached you personally, never wire money for any kind of transaction. It’s too easy to be ripped off.

  This is reminiscent of the IRS scam where people posing as the IRS will call you demanding payment over the phone claiming that you owe back taxes. The IRS has repeatedly told the public that they do not contact taxpayers by phone.

  So please keep in mind that municipal or government agencies will not contact you through social media since social media accounts could actually belong to anybody and not necessarily the person they would try to reach. If you receive any kind of correspondence from a government agency that you believe may be a scam, look up the number for that agency and give them a call.

   
• 

  Geebo 10:24 am on January 18, 2017 Permalink | Reply
  Tags: Gmail ( 3 ), phishing, security ( 46 )   

  New phishing attack targets GMail 

  

  For those of you who may not know, phishing is a type of scheme where an entity casts a wide net to a number of users in order to obtain the personal information of a few random victims. It’s like fishing but with a ‘ph’ because the internet likes to misspell things.

  A new phishing attack has appeared throughout a number of GMail accounts. If you use Google’s free webmail service the phishing email appears to be from someone on your contact list. That probably means that their account has probably been compromised. The fake email will have an attachment included in the email and when you click the attachment a new tab or window will pop up asking you to reenter your GMail login info. However, the new tab or window does not take you to GMail but rather takes you to a webpage designed to look like GMail, but in actuality is a fake page waiting to steal your login info as soon as you enter it.

  Some of the tips to avoid phishing attacks include not clicking on random attachments from strangers and in some cases from your friends. If it’s an unsolicited attachment there’s a pretty good chance it could be part of a phishing attack. Also, when logging in to your account check the URL, or web address, in your browser’s address bar. If it doesn’t belong to the service you’re logging into you could be compromising your info.