Scam of the Week: These Prime Deals Are Too Good to Be Real
Amazon Prime Day is this week, and there are plenty of deals for you to take advantage of. However, cybercriminals are also looking to turn these deals to their advantage. In this particular scam, cybercriminals have created fake websites that look very similar to the real Amazon website.
Scam of the Week: Fake Financial File Phishing
In a recent phishing email scam, cybercriminals use vague financial terms that attempt to make you curious enough to click the attachment in the email. The subject of the email is “Remittance Summary,” and the malicious attachment is named “Payment Advice.” The body of the email only says, “Find attached payment advice for remittance.. Kindly revert.” The sender of the email appears to be legitimate, but it is actually sent from a fake sender address. If you download the PDF file, the malware will begin installing on your computer.
Scam of the Week: Ransoming Businesses Is a Successful Business
On Christmas Eve, cybercriminals targeted three hospitals in Germany using Lockbit 3.0 ransomware. Ransomware is a type of malicious software that infects computers and networks. It holds data and other sensitive information “hostage” in exchange for payment. If you refuse to meet their payment demands, the cybercriminals could destroy the files. Or they could make them available to the public, resulting in data theft and leaks of sensitive information.
SCAM OF THE WEEK: Active Scams on Inactive Accounts
Recently, Google announced a change to its inactive account policies. Starting in December 2023, accounts that have been inactive for two or more years will start to get deleted. While this policy is meant to enhance security, cybercriminals could use this news for their phishing scams.
Interview with a Cybercriminal
Recently, Google’s Threat Analysis Group (TAG) published a report about a new tactic that cybercriminals are using in spear phishing attacks. Spear phishing is when cybercriminals send targeted emails impersonating someone you trust to try to steal your sensitive information. Now, cybercriminals are impersonating media outlets and luring you in with a fake interview.
This attack starts with an email impersonating a trusted media outlet. In the email, the cybercriminals ask to interview you and prompt you to click a link with the interview questions. If you click this link, you’ll be redirected to a malicious website with a login prompt. Unfortunately, any login credentials that you enter will be sent directly to the cybercriminals. Then, they'll be able to access your account for their own malicious goals.