How low do you have to be to direct a phishing scam at people who are starving? Pretty low, but apparently that’s what’s been happening.
According to an online source, “Food insecurity has long been an issue. Vulnerable populations have been hit especially hard during COVID-19. While countless individuals and organizations have stepped up to help fill the need, others have ventured to exploitation. For example, this phishing scam: a friend of a friend sends you a link through Facebook or What’s App. It offers free help. Sometimes it mentions something about food grants from places like Whole Foods, Walmart, Target. Other times there are promises of coupons or giveaways. But the common thing is that there is always a link.” And of course, the link is a scam. Some people have no heart. (more…)
Waiting on a package from somewhere? Be careful, it could be a scam called the “waiting package” scam. How original.
According to the US Federal Trade Commission, “The messages are coming from scammers. In some cases, they’re targeted at college students. In that version, scammers text returning students to say there’s a package waiting for them — sometimes claiming it’s been waiting since last spring, when many students had to go home from campus quickly.” Don’t click that link.
If you don’t know what a “car wrap” is, it’s a company that pays people to drive their car around “wrapped” in a company advertisement for a fee. Seems like pretty easy money. Which is probably why scammers decided to turn it into a scam.
Beware of photo sharing messages from Google. It’s a scam according to the Better Business Bureau.
From the BBB, “You get an email or text message that appears to come from Google Photo. Someone is sharing an album of photos with you. To view the photos, you just need to click the link. The message looks so real! It may use a convincing URL, which has been created by Google’s goo.gl URL shortened to appear to be an official Google domain name. The catch? There is no photo album. It’s a phishing con.”
Who are the most targeted brands for scams? Microsoft, Apple and Amazon. Today we have a scam to tell you about for all three. First, Outlook.
The interesting thing about this scam, is the tact the scammers took. “Out are the implied threats, the exclamation points (!!!) and the money ($$$) you might lose if you don’t act right now; in are the happy and unexceptionable ‘here’s a problem that you can fix all by yourself without waiting for IT to help you’ messages of a sort that many companies are using these days to reduce support queuing times.” You can catch more flies with honey than vinegar.
Look here, another Amazon phishing scam, this one courtesy of Scamicide. From the article, “The latest Amazon phishing scam starts with an email that appears to come from Amazon when you do not have any email security service, informing you that your accounts have been locked due to suspicious activity. You are prompted to click on a link to verify your account within 24 hours or risk having your account permanently shut down.”
What’s old is new again. And what is it that’s new again? The venerable old jury duty scam. Apparently, it’s making the rounds again, so be on the lookout.
According to Scamicide, this is how it works. “Generally, the scam starts with a telephone call that you receive purportedly from a law enforcement officer informing you that you have failed to appear for jury duty and that a warrant has been issued for your arrest. You are told, however, that you can avoid arrest and greater fines by purchasing gift cards and then sending photographs of the gift cards to the phony law enforcement officer to prove that they have been purchased. You are then told that you should then mail the gift cards to the local Clerk of Court’s office.” Gift cards? Really?
After 89 years, the Washington Redskins are losing their team name. But, that’s not the only thing that got lost this week. So, too, did people’s money who tried to purchase the suddenly-hard-to-find merchandise.
According to Scamicide, “the termination of the old name and the refusal of major retailers such as Amazon, Walmart and Target to sell Redskins jerseys, caps and other merchandise carrying the old name and logo has created a demand by many people seeking to purchase the soon to be rare merchandise with the old name and logo. While there are legitimate sellers of these items, scammers have also sprung into action and have set up websites offering the merchandise at bargain prices. Of course, these bargain prices are no bargain because after you order the merchandise online, the merchandise never comes.” Maybe you should wait to buy a new jersey.
Amazon Prime users beware. There’s a scam out there and it’s direct right at you. According to Tech Radar, “The scammers target victims via an automated telephone call claiming that they have opened an Amazon Prime account and that they should ‘press one’ to cancel the transaction. However, doing so will connect the call to a fraudster posing as an Amazon customer service representative.
It’s always good when you can get a heads up on scams coming at you. This one courtesy of TechRepublic. According to an article there, here are the phishing email subject lines you need to be on the lookout for:
Password Check Required Immediately
Vacation Policy Update
Branch/Corporate Reopening Schedule
COVID-19 Awareness
Coronavirus Stimulus Checks
List of Rescheduled Meetings Due to COVID-19
Confidential Information on COVID-19
COVID-19 – Now airborne, Increased community transmission
Your computer and smartphone aren’t the only ways you can get scammed. You can also get scammed at the gas pump. This week the FTC issued a warning about credit card skimmers at gas pumps.
“Recently, the Federal Trade Commission (FTC) issued a warning about the dangers presented by skimmers on gas pumps. Skimmers are small electronic devices that are easily installed by an identity thief on gas pumps, ATMs and other card reading devices. The skimmer steals all of the information from old style magnetic strip credit card or debit cards which then enables the identity thief to use that information to access the victim’s bank account when the skimmer is used on a debit card. If a credit card is used, the identity thief can use the stolen information to access the victim’s credit card account. Each skimmer can hold information on as many as 2,400 cards.” Pay attention at the pump.
If someone offers you free DNSSEC, just know, it’s a scam. This according to Bleeping Computer. “A very clever phishing campaign targets bloggers and website owners with emails pretending to be from their hosting provider who wants to upgrade their domain to use secure DNS (DNSSEC).”
“As it’s possible to determine who is hosting a domain for a website via the WHOIS records, IP addresses, and HTTP headers, the email scam is highly targeted and impersonates the specific hosting company used by a website.” If it seems too good to be true… (more…)
This week’s scam target? Sneakers. The trap? Free sneakers.
From Hype Beast, “According to welivesecurity, messages are being sent that claim adidas is giving away 2,500 pairs of sneakers to honor its 69th anniversary. The process begins from a suspicious link on WhatsApp to a site that gathers your geolocation and IP address, that eventually leads to an archaic four-question survey that qualifies the individual for the free shoes. Of course, no shoes will ever be delivered to round out the scheme.” If it sounds too good to be true…
Not as many people use Discover credit card as those who use Visa and MasterCard. Maybe that’s why it makes our scam of the week.
From Scamicide, “a new phishing email presently being sent to unsuspecting people that appears to come from Discover. A telltale sign that this is a phishing email is that the email address of the sender was one that has nothing to do with Discover and was most likely part of a botnet of computers infected by scammers and then used to send out the phishing email in a way that is not readily traceable back to the scammer.” Those clever little scammers.
You know it’s a bad week when the two people running for President of the United States are as likely to get phished as anyone else. From SC Magazine, “according to the Google Threat Analysis Group (TAG), both are the targets of phishing campaigns by nation-states like China and Iran. Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing.” Stay safe out there. (more…)
Did you know AOL was still around? Us either. Not only is it still around, but apparently, it’s being used in a phishing attack. According to Scamicide, “Today’s Scam of the day is about a phishing email presently circulating that attempts to lure you into clicking on a link in order to continue using your AOL account. If you click on the link two things can occur and both are bad. Either you will end up providing personal information to an identity thief or you will, merely by clicking on the link, download dangerous malware such as ransomware on to your phone, computer or other device.” Now you know.
Ever since the pandemic, phishing attacks on Amazon have skyrocketed. Afterall, more people are shopping online. Such is the case in Taylorville, Ill where “A new email phishing scam is making its way to people’s emails, according to the Taylorville Police Department.”
According to the report, “An email that looks like it’s from Amazon said there was a problem renewing their Amazon Prime Account. The email then gives the user a prompt to find the documents attached to follow on-screen instructions. The instructions then ensure there isn’t a problem with the renewal by gaining personal information.” Yeah, it’s a scam.
That email alert from DHL telling you your package is on the way. Yeah, it’s a phishing scam, but it’s a little more relaxed than you might expect.
From Naked Security, “The crooks are following a much more relaxed formula that doesn’t say much more than, ‘Hey, here’s how to track your delivery,’ which is the sort of message you might reasonably expect when you order something, or when someone orders something for you. They aren’t in it for the money up front – indeed, they never intend to bill you at all, because it’s your personal data that they’re after instead.” That can be just as bad.
Do you use Adobe Cloud? Have you received an email saying you’ve been sent files via Adobe Cloud recently? If the answer to both is “yes.” you’ve probably been scammed.
According to Hoax-Slayer, “the email is a phishing scam designed to steal your email account password and has no connection to Adobe. If you click the link, you will be taken to a website that appears to host a business-related spreadsheet. However, the spreadsheet is greyed out and a pop-up box claims that you must enter your email password to gain full access. If you do enter your password, it will be collected by the scammers and used to hijack your email account and any online services that are linked to it.” Keep safe out there.
First in a series of three ways hackers are using the COVID-19 pandemic to launch phishing scams. First, small business loans. FromABC7 in Chicago, “More help is on the way for small businesses struggling because of the pandemic. Nearly 500,000 loans, totalling $52 billion, have already been approved. It’s the second round of help for businesses, but along with waiting for money, owners are also facing scammers.”(more…)
