Tag Archives: Phishing

Posted on Author Atlantic Computer Services Categories Blog

Another IRS Phishing Campaign To Watch Out For

The Internal Revenue Service recently issued a warning that all taxpayers should be aware of.

The agency has received a growing number of reports concerning unsolicited email messages bearing the subject lines:

  • Electronic Tax Return Reminder
  • Automatic Income Tax Reminder

These messages are not from the IRS, but rather, from spammers trying to steal your information.

According to a spokesman for the IRS:

“The emails have links that show an IRS.gov-like website with details pretending to be about the taxpayer’s refund, electronic return or tax account.  The emails contain a ‘temporary password’ or ‘one-time password’ to ‘access’ the files to submit the refund.  But when taxpayers try to access these, it turns out to be a malicious file. The IRS does not send emails about your tax refund or sensitive information.  This latest scheme is yet another reminder that tax scams are a year-round business for thieves.  We urge you to be on-guard at all times.”

These are wise words, and a warning that absolutely should be heeded.  Unfortunately, this most recent scam utilizes dozens of different compromised websites to mimic IRS.gov, and this far flung network of sites makes it very difficult to shut down in its entirety.

What’s most unfortunate about scams like these is that they seem to disproportionately impact the elderly. Many of the elderly have slowly begun adopting basic technologies like email, but don’t have the tech skills to spot scams when they appear in their inboxes.

We all know at least a few people who fall into that category, so be sure to spread the word about this issue to anyone you know who may be especially susceptible to falling for scams like these.  The more people we can protect, the less profitable the attack becomes. Perhaps we can even gain enough ground to make it more trouble than it’s worth to the scammers, forcing them to look elsewhere.

 

0
Posted on Author Atlantic Computer Services Categories Blog

New Phishing Scam Targets Your Amazon Account

McAfee researchers have discovered a new version of the 16Shop phishing kit in use by hackers around the world. According to the latest research, there are now more than 200 URLs currently being used by hackers to collect login information from Amazon customers. The methodology the hackers are using is simple. The hackers craft an email that appears to come from Amazon that indicates a problem with the user’s account.

Ironically, most of the emails claim that an unauthorized login was attempted on the user’s account and the email recommends that the user log in immediately to check and make sure nothing has been tampered with.

The email “helpfully” includes a link that appears to point to an Amazon login page, but of course, it’s actually one of the aforementioned hacker-controlled URLs.  If a user enters their login credentials, they’re simply handing those details to the hackers. They can then log into the user’s account at their leisure, make any changes they like, and order products or steal data at will.

16Shop is a sophisticated product that has been used in a variety of ways.  A previous variant was discovered in late 2018, which targeted Apple users via emails that contained a PDF attachment.  The PDF was poisoned, of course. If the links it contained were clicked on, they would direct the recipient of the email to a URL controlled by the hackers. That URL would ask for the recipient’s Apple account information, including payment card details.

These kinds of attacks are notoriously difficult to stop.  Vigilance and mindfulness are the keys to keep from being taken in.  A good policy to adopt is simply this:  Any time you get an email that appears to come from a company, don’t click the link.  Open a browser tab yourself and manually type the address in.

 

0
Posted on Author Atlantic Computer Services Categories Blog

Undelivered Mail Notification Could Be A Phishing Scam

Hackers are always on the lookout for new ways to freshen up time-tested techniques. Where time-tested techniques are concerned, few are older than the humble phishing email.

In one form or another, it seeks to trick an unsuspecting user to innocently hand over sensitive information, like usernames and passwords that the hacker can then use later for any purpose.

The latest variant on this old chestnut is to send what appears to be a legitimate email, politely informing the user that they’ve received a number of confidential emails that are currently being held for them on a server.  They’re given the choice to either refuse these messages, accept them, or delete them.

This is a case, however, of all roads leading to the same destination.  Whichever linked option is chosen, the user will be routed to a mock-up of a Microsoft Outlook login screen where the user will be prompted to enter his or her credentials.  As you might suspect, there are no actual emails, and the only purpose this box serves is to capture the information for later use.

If there’s a silver lining to this attack, it is that all of the samples that have been collected so far have the faux login box hosted on a hacked domain.  Careful users will quickly note that they haven’t been taken to Microsoft’s domain and the game will be up.

Unfortunately, ‘careful’ does not describe the vast majority of internet users, and this ploy has already taken in its fair share of victims.

Make sure your IT staff is aware of this latest iteration in the ongoing evolution of the phishing email. It wouldn’t hurt to send a company-wide communication to all employees so that it’s at the forefront of everyone’s minds.  It only takes one person to slip up and a hacker could gain access to your company’s network. That’s never a good thing.

0
Posted on Author Atlantic Computer Services Categories Blog

Microsoft Says Office 365 Users Should Use Spam Filter

Microsoft recently updated their support page and offered additional guidance to network admins as it relates to Office 365’s built-in spam filters.  The gist of the update is that they strongly advise against turning the auto-filters off.

They provided some additional guidelines if you decide to bypass them for one reason or another.

Here are the most relevant portions of the recent update:

“If you have to set bypassing, you should do this carefully because Microsoft will honor your configuration request and potentially let harmful messages pass through.  Additionally, bypassing should be done only on a temporary basis.  This is because spam filters can evolve and verdicts could improve over time….”

If you decide you want or need to bypass anyway, the company offered the following additional suggestions:

  • Never put domains that you own onto the Allow and Block lists
  • Never put common domains, such as Microsoft.com and office.com onto the Allow and Block lists
  • Do not keep domains on the lists permanently, unless you disagree with the verdict of Microsoft

You and your IT staff are likely already aware of this. If not, Microsoft maintains a living document on their support website where they keep a comprehensive list of security best practices for Office 365.  If you haven’t seen it before, or if it’s been a while since you reviewed it, it pays to take some time to look it over.

On a related note, the company recently sent out a bulletin advising all Office 365 customers and admins to report junk email messages for analysis using the Microsoft Junk Email Reporting add-on. This is in order to help reduce the number and effect of future junk email messages.  If you and your team aren’t already in the habit of doing this, now is an excellent time to start.

 

 

0
Posted on Author Atlantic Computer Services Categories Blog

Latest Scam Involves People’s Social Security Numbers

There’s a new scam making the rounds, and it’s a particularly nasty one involving your social security number.  Here’s how it works:

You may get a robocall seemingly from the government, claiming that there’s a problem with your Social Security number. The call also states that your account has been flagged for suspected fraudulent activity.

You’ll be given a number with instructions to call back and speak to a government agent in order to get help resolving the issue and prevent your arrest.

Needless to say, given the importance of your Social Security number and the looming threat of legal action and possible arrest, a significant percentage of people will call back. They will be desperate to resolve the matter quickly before things escalate.

Of course, the reality is that Social Security numbers cannot be suspended.  This is merely the hook this breed of scammers are using to get people to call them and get help resolving an issue that doesn’t actually exist.

If you make the mistake of calling back, you’ll be pressured for your name, date of birth, and banking information. In addition to those of course, you will be asked to verify your Social Security number for security purposes.  Essentially then, those who get roped into this scam wind up giving the person on the other end of the line everything they need to steal their identity and empty their bank account.

While anyone of any age can be targeted by the scam, it seems to be impacting older Americans in disproportionate numbers, which makes this group of scammers even more despicable than most.

As ever, vigilance is the key to staying safe.  If you get a call like this, don’t call back at all.  If you feel tempted, don’t call the number you get via the robocall. Rather, look up the number of your local Social Security office and begin your inquiry there.  In short order, you’ll confirm for yourself and your own peace of mind that there is indeed nothing to it.

0
1 10 11 12 13