This scam starts with an email, then a telephone call - what to do if you are targeted
Pirates and fraudsters use a new tactic to attract potential victims.
Even if technology made our life much easier for many respects, it also exposed us toNew vulnerabilities. The crooks are now quick to take advantage of any new way of attracting victims and committing fraud or taking your money. Many modern stratagems can use messages or texts to encourage people to abandon their information, while others may involve being contacted by surprising orunexpected number. But now, a new scam is making the rounds that use both an email, then a telephone call to take advantage of people without distrust. Read the rest to see what you need to do if you are targeted.
Read this then:If you find it on your car, report it immediately, the police said in a new warning.
The last type of scam is known as "recall phishing".
Currently, non-stop spam calls that bombard our phones can make occasional scam emails that we receive seem to be a net in comparison. But according to experts, there is a new type of scam that combinesThe two forms of communication Known as "recall phishing".
According to a report published by the Cybersecurity Company Unit 42 on November 21, pirate groups known as Luna Moth and Silent Ransom Group began to target the victims with two -level tactics. The company claims that the victims have so far "cost the victims of thousands of dollars and develop in the scope".AE0FCC31AE342FD3A1346EBB1F342FCB
The instances of the last scam also seem to soar. According to data from the security company by e-mail agari, there was a625% increase In the recall phishing activity from the beginning of 2021 in the second quarter of this year,The Washington Post reports.
The last scam begins with an email followed by a telephone call.
Even if this can be new, the recall phishing begins in fact relatively similar to other scams. Targets first receive an email with an attached invoice claiming that they are about to be invoiced for a new subscription or a new service for an amount generally less than $ 1,000, according to the unit 42. Most have an invoice attached to the .pdf format, which makes most of them more difficult for the most part email safety software to detect and intercept. And as the amount is lower, the victims are less likely to question the accusation or to become suspect.
The email or invoice also contains a formatted telephone number to escape the security of the reception box, which the targets then call to challenge or question the costs. In reality, the number leads to a call center with fraudsters. Live agents will then order the victims without distrust of downloading a remote support tool that will give criminals access to their computers and all their files.
RELATED:For more up-to-date information, register for our daily newsletter.
Pirates use the victim's personal information to build a very expensive threat.
At this point, hackers can go through the computer to locate important files and sensitive information. They will then download them quietly while being on the phone with the victim.
After the crook has recovered the information they need, they will then send the victim a demanding extortion email to pay a heavy ransom to prevent pirates from publishing the files. Usually, ignorance of these emails leads to an escalation where hackers will require more money or threaten to expose information to the partners known to the victim.
Unfortunately, complying with crooks is not always a viable solution either. "Payment of the attacker did not guarantee that they would follow their promises. Sometimes they stopped responding after confirming that they had received a payment and did not follow negotiated commitments to provide proof of deletion" , "Kristopher Russo, a principal researcher of threats to Palo Alto Networks Unit 42, wrote in the report.
Here's how to avoid being a victim of a recall phishing scam.
One of the most important challenges concerning the detection of a recall phishing scam is that it has been designed to bypass most standard security measures. Using both a human actor and by downloading legitimate distance access software instead of malware, it can be more difficult for security systems to recover the ploy, explains unit 42. But there is still Some red flags that could tip you when something fish happens.
"People must always be careful about messages that invoke fear or a feeling of emergency," advises Russo. "Do not respond directly to suspicious invoices."
If you do not know if a charge is legitimate or not, it is better to search the company yourself on the website of the question. Then, contact them directly via a customer service number published on their legitimate website instead of using the contact which is provided to you in the email, writes Russo.
Anyone concerned about having been targeted or compromised can also contact the Unit 42 response team at the number at no cost on the company's report.