Scam of the Week: The Fake Funeral Livestream
Unfortunately, cybercriminals will go to great lengths to try to trick you and steal your information. In this week’s scam, cybercriminals are stealing photos and personal details of recently deceased people from social media.
Scam of the Week: Don’t Medal With Olympic Scams
With the Paris Olympics beginning this week, be on the lookout for phishing emails and text messages pointing you to fake Olympics-branded websites or offering discounted merchandise or tickets. Cybercriminals will take advantage of all the excitement around the Olympics to try to steal your personal information or money.
Scam of the Week: Be on Patrol for These Fake Calls
In this week’s scam, cybercriminals are impersonating U.S. Customs and Border Protection (CBP) agents. The scammers call you and claim that CBP has intercepted drugs or money shipments that are addressed to you.
Scam of the Week: Malware Office Suite
“You get what you pay for,” and this week’s scam is no exception. Cybercriminals are distributing a “free” pirated version of Microsoft Office across torrenting websites. The catch is that it’s actually malware. If you download and install it, the malware can begin harvesting your personal data.
Scam of the Week: These Banking Emails Are Counterfeit
In this week’s scam, cybercriminals are sending out phishing emails that claim to be from many different banking organizations. By impersonating different banks, the cybercriminals hope to trick even more people into clicking on malicious links.
Scam of the Week: Government Phishing
Cybercriminals like to manipulate people into acting on impulse because anyone can fall for this trick, even government officials. In this week’s scam, a Russian hacking group is targeting members of the Polish government with an enticing phishing email.
Scam of the Week: Cheaters Never Win
Cybercriminals often find creative ways to spread malware, and this recent scam is no exception. They are posting malicious links in the comment sections of video gaming websites and forums. If you click on one of the links, it will download a .zip file for a program called Cheat Lab.
Scam of the Week: Leave a Message After the Phish
It’s no secret that cybercriminals are using AI technology to craft phishing emails, but did you know AI can also help them with voice phishing (vishing)? It’s surprisingly easy to teach AI software to sound like a specific person. All they need to recreate your voice is a short audio clip, like one from a recorded phone call or a video posted to social media. Once the cybercriminals have your voice, they can easily target friends, family members, and coworkers with AI-powered vishing.
Scam of the Week: Phony Utility Ads
Search engines, like Google, are so popular that many people use the search feature instead of typing a URL. For instance, people may quickly search for their electricity provider's name to find the online payment portal. And for this week's scam, that's exactly what cybercriminals want you to do. This scam tries to trick you into clicking on a fake ad instead of the billing portal that you’re trying to find. The scammers purchase a variety of fake utility payment advertisements, and you see those ads during your searches. They know that they can trick you more easily if you contact them instead of them reaching out to you.
Scam of the Week: Deepfake Deception
AI scams are becoming more frequent, and they’re also becoming more sophisticated. In a recent scam, cybercriminals demonstrated just how convincing AI fraud can be by faking an entire video call. In fact, the scammers were able to steal over 200 million Hong Kong dollars by emailing an employee and pretending to be their organization’s Chief Financial Officer (CFO).
Scam of the Week: These Crypto Ads are a Real Drain
Have you seen online ads stating you can make tons of money with cryptocurrency? Be careful –many of these ads are scams. Social engineers want to make you think you can get rich quickly. But they are trying to trick you into providing personal information.
Scam of the Week: Ransoming Businesses Is a Successful Business
On Christmas Eve, cybercriminals targeted three hospitals in Germany using Lockbit 3.0 ransomware. Ransomware is a type of malicious software that infects computers and networks. It holds data and other sensitive information “hostage” in exchange for payment. If you refuse to meet their payment demands, the cybercriminals could destroy the files. Or they could make them available to the public, resulting in data theft and leaks of sensitive information.
SCAM OF THE WEEK: Disney+ Phishing Deal
Callback phishing is when a phishing email directs you to call a number instead of clicking on a link. These emails are often fake notifications that encourage you to make a call to correct an error. A recent scam impersonating the popular streaming service Disney+ is a great example of this tactic.
SCAM OF THE WEEK: Post-Shopping Scams
Have you finished your holiday shopping yet? Because cybercriminals are just getting started. There are thousands of shopping-themed scams this time of year, but those scams don’t end when your cart is empty. Cybercriminals continue to target shoppers with urgent phishing emails about their recent purchases.
SCAM OF THE WEEK: Amazon’s Not-So-Real Alerts
Have you noticed any suspicious PDF attachments in your Microsoft Outlook recently? There has been a surge in phishing emails with PDF attachments sent to Outlook users over the last several months. Many of these emails are Amazon-themed phishing scams that are focused on targeting Outlook users in North America, Southern Europe, and Asia.
SCAM OF THE WEEK: Job Offer or Digital Danger?
Recently, cybercriminal groups in Vietnam have been targeting individuals by sharing fake job postings. According to WithSecure experts, these groups are primarily targeting the digital marketing sector and Facebook business accounts. These fake job postings are used to spread known malware such as DarkGate and Ducktail.
In this scam, cybercriminals use LinkedIn messenger to send you a link to a fake job description.
SCAM OF THE WEEK: This LastPass Scam Is So Last Year
Last year, the popular password manager LastPass was the victim of a data breach. Because of this, cybercriminals have access to the names, email addresses, and phone numbers of LastPass’s customers. Since the breach, cybercriminals have been using LastPass’s data breach in various cyberattacks
SCAM OF THE WEEK: Smishy Package Failed to Deliver
Recently, cybercriminals have been impersonating postal services around the world through SMS phishing (smishing) scams. These postal services include the US Postal Service, UK Royal Mail, Correos in Spain, and Poste Italiane in Italy.
In this scam, cybercriminals send you a text message impersonating the postal service in your country. The text contains a link and says that your package can’t be delivered until you provide additional information. If you tap the link, you’ll be taken to a spoofed postal service website that prompts you to enter your credit card details so your package can be delivered. If you enter your credit card details, cybercriminals could steal your money or personal information.
SCAM OF THE WEEK: Bet on Cybercriminals
MGM Resorts International is an American hospitality and entertainment organization. This past week, MGM made headlines with the news of a cyberattack costing over 52 million dollars in lost revenue. Nearly all of MGM’s hotels, casinos, and ATMs went offline. This massive attack started with a simple social engineering scam.
SCAM OF THE WEEK: Watch Out for .us Domains
The Interisle Consulting Group has published a report that cybercriminals have been using over 20,000 .us top-level domains in phishing attacks. A top-level domain is the final section of a domain name, such as “.com” in “knowbe4[.]com”.