Hackers can be very clever, there’s no doubt. They prey on uninformed email and internet users in the hopes of getting their malware into your network. Savvy users can spot the majority of spam emails and pop-ups pretty easily. But, sometimes we all get tricked. Here is a sample of the most recent email scams we’ve seen.
USPS Missing/Lost Package Notification
MalwareBytes Labs has detected “an uptick in USPS-themed malspam walloping users with a 1-2-3 knock-out of nasty malware designed to infiltrate your system and steal all your most valuable information. This malware-laced email is actively being distributed with various Subject and Body messages containing references to missing and/or late USPS parcels. Historically this downloader will install 1 or 2 different malware families to infected machines, but the most recent campaign has upped that to 3 different malware families being installed post-detonation. Taken together, these 3 malware families will take hold of your machine, drain your bank accounts, and leave you high and dry. So just be wary of suspicious looking shipping notices arriving via email and never install files received in email without certainty of their origin.
Cable Bill Overdue
From Komando.com, fraudulent emails are showing up in people’s inboxes pretending to be from cable TV providers. The email claims that your bill is past due and provides a link to view your invoice.
Warning! The provided link will take you to a fake site and your gadget could be infected with malware.
Once you’re at the fake site you’ll find a “view invoice” button. Clicking this button will download an infected file that looks like a Word.doc. The text will be jumbled and unreadable and you’re asked to enable macros to view it properly.
The criminal can change the payload at any time to create different scams. Here are some examples of what the scammer can do:
- Steal personal data – The cybercriminal can capture keystrokes, do form grabbing, and take screenshots from your gadget.
- Perform DDoS attacks – DDoS stands for “distributed denial of service,” which is a techy way of saying “crashing a system or the whole internet.” It works when a targeted website or server is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down.
- Download more malware
- Ransomware – The criminal could turn this into a ransomware attack, locking your gadget and demanding ransom to return control back to the victim.
- Make spoof DNS requests – Domain Name Server (DNS) spoofing is when cybercriminals exploit vulnerabilities found in the domain name server. They do this to redirect traffic from legit servers to fake ones.
If you receive an email like this, delete it immediately. If you have a cable or satellite provider, go directly to its site by typing it into your browser.
CEO Requesting Tax Documents from HR
The IRS renewed their warning about an email scam that uses a corporate officer’s name to request employee Forms W-2 from company payroll or human resources departments. The IRS urges company payroll officials to double check any executive-level or unusual requests for lists of Forms W-2 or Social Security number.
The W-2 scam first appeared last year. Cybercriminals tricked payroll and human resource officials into disclosing employee names, SSNs and income information. The thieves then attempted to file fraudulent tax returns for tax refunds.
This phishing variation is known as a “spoofing” e-mail. It will contain, for example, the actual name of the company chief executive officer. In this variation, the “CEO” sends an email to a company payroll office or human resource employee and requests a list of employees and information including SSNs.
Keep alert of attempts to breach your IT security
It is critical that you train your employees to recognize cybersecurity threats. If you believe your network security has been compromised, call Great Lakes Computer immediately. We can help mitigate the risk of data loss and install antivirus software to protect you in the future.