Growing Danger From Scammers – Don’t Fall For Them!

I get so many notices from cyber-security services that alert me to on-going trends, breaches and issues. When something catches my attention that will impact everyday users, I say something. Here are a couple of the latest scams that hackers are using with growing success.

 

Technical Support Scams

This happens when you receive a call, email or screen pop-up when visiting a compromised website that claims your computer is infected with something and requests whats you to allow remote access to your system to fix it. They can be convincing, but under no circumstance should you allow anyone remote access to your computer that you do not know. As silly as this sounds to some, many fall for this. This will lead to exactly what you are trying to prevent and more. DO NOT RESPOND!

If you have any doubts about whether your computer is compromised, unplug it and bring it to a professional off-line. If it is compromised, you do not want it connected to the Internet or powered on. Get it to a professional who can access it safely without putting your information and identity at risk.

 

Sextortion

Sextortion is a form of blackmail where the extortionist claims to have photos or video of the victim watching adult entertainment on their computer. The criminal threatens to send the compromising images out to the victim’s email address book. I’ve described this method before, and typically, that’s as far as classic sextortion went. The extortionist almost never had pictures, video, screen captures, browser history, or anything else on the potential victim. It’s typically been an empty threat.

The scammers are vague on the details of the sites the victims are said to have visited, and that’s no accident. The extortionists usually have no access at all to their marks’ devices and the attacks are “phishing”looking for you to respond so they can valid a “real person” from millions of emails they sent. They then focus on you now that they have your attention and knew you are “concerned”.

This new sextortion version has a twist. The hacker claims to have placed a RAT (Remote Access Trojan) on your computer, making it possible to take control of the device. And that’s the twist; the criminal threatens to send the embarrassing material from the victim’s own device. The most convincing element of the scam is that the extortion email has been crafted to look as if it were sent from the victim’s own email account, spoofing their email address. This can help convince someone that yes, they really have been infected by a RAT.

Victims are told they have one day to come up with the ransom, to be sent in Bitcoin of course. If they fail to pay, they’ll be humiliated from their own email account. Analysis of the Bitcoin transactions associated with the sextortion emails found that victims had handed over seven Bitcoin in a short period of time, making it one of the more successful extortion emails seen.

RATs are real, and they’ve been spotted in all sorts of devices. But there’s no RAT here: it’s a pure hoax. The scammers are simply spoofing the victims’ email address, which is easy enough to do, but which can be surprising and unsettling enough to spook a victim into paying. The extortionist’s email seems real, and urgent, and all the more convincing.

Send the following to your employees in accounting specifically. You’re welcome to copy, paste, and/or edit:

“The bad guys are getting very deceptive with sextortion scams. They now send you an email that looks like it is coming from yourself—spoofing your email address— and claim that they have infected your workstation with a backdoor which allows them to take control of your computer.

Next, they accuse you of watching adult entertainment and that they have recorded that. And here comes the kicker, unless you pay them bitcoin, they threaten to use your own computer to send embarrassing content to all your contacts.

If you get emails like that, please follow our organization’s email security policy, and Think Before You Click! [OPTIONAL] Click on the Phish Alert Button to delete it from your inbox and at the same time alert IT about this scam.”

 

Tax Scams

Ever receive a call or email claiming that you owe taxes claiming to be from the IRS or law enforcement with a warrant for your your arrest? This kind of activity has been increasing over the year. It doesn’t work this way. If you have a tax problem, they will kill you with notices via mail, not call you and ask for a credit card. Hang up and ignore these people.

I had this happen to me last year, and I couldn’t resist the temptation to play along. I got a call stating there were officers in route to “arrest me” if I didn’t make a payment over the phone of $6200 USD. I couldn’t help myself, I went along with it and said “Yes sir. I can do that. I don’t want to be arrested.” He then asked for payment via Western Union or Bitcoin in US dollars. I responded, “US dollars? I only have Mexican money and what is Bitcoin?”. He replied, “I don’t think you are taking this very seriously, I know you are American!” Wow, I dealing with a skilled professional. Let’s surrender, that will be fun. I said, “You’re right, but I’m broke and I don’t have that kind of money.” He then proclaimed that federal officers are on there way to my home to arrest me. I asked, “What address do you have?” he then read off an address I haven’t resided in for 12 years. I replied, “OK, I’m ready. I will be here waiting.” Surprised he said, “Ok, they are on their way! Please just make some kind of payment and we will revoke the warrant.” I replied, “Sorry, no can do!” He continued to try to get me to make some kind of payment arrangement when I finally gave in, “(Laughing)I’m sorry but we are just having too much fun with this!” “What do you mean?”. I then stated that I had him on speaker phone while my friends listened in. I clarified my amusement, “You guys are too much! First, why would you even have to clarify you wanted payment in US dollars? Your the IRS right? Secondly, when does the US treasury start taking Bitcoin for tax payments? Thanks for a good laugh. I do love having dinner and a show!” We hung up.

 

Wire Transfer Notices

Hackers are increasingly targeting accounting, operations and money managers of businesses with fake “Wire Transfer” notices via email. They contain either infected PDF files attached as a copy of the transaction, or a link to a PDF that goes to an infected website that can compromise your computer. Report these to your IT department then delete them afterwards. Many employees caught up in their busy days fall victim to these scams. Be aware!

For more information on how to protect yourself, train your employees, and safeguard your network from these threats; make an appointment for an on-line meeting and I’ll show you how we can protect your business from these threats.