Beware of Scammers Exploiting Recent Events

Fake phishing email. Click on to enlarge.

It seems that every new event brings out a crop of scammers ready to exploit the gullible.  Several recent scams are using the Equifax breach settlement, and the recent mass shootings in El Paso and Dayton to extract money from or deliver malware to their victims.

First, from KnowBe4, we have the details of several scams taking advantage of people attempting to get the $125 settlement payment they may be owed as a result of the Equifax credit report database breach.  These are showing up as phishing campaigns using Equifax logos and trade dress.  Clicking on the embedded links will take the unwary to a fake settlement website.

Fake web page. Click to enlarge.

If you want to file a claim, go to the FTC website and click on the blue “File a Claim” button.  Here is the legitimate link: https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement.  I have read that requests for a cash settlement have already exceeded the funds available for payment, so you might as well sign up for the free credit monitoring option instead.

The next alert came from CISA (formerly US-CERT).  This announcement advises us to look out for phishing emails, Facebook and other social media posts, and even SMS text messages soliciting contributions for the survivors.  These messages will redirect you to fraudulent web sites where you will be separated from your cash.  There could be malware downloads that will infect your computer, tablet, or smartphone, allowing the attackers to remotely access your computer and hijack it for other exploits, such as account takeover, ransomware, or bit-coin mining.  CISA even is warning about door-to-door in-person solicitations.

Keeping yourself safe from these predators requires the usual vigilance and suspicion.  CISA recommends:

Hopefully you can keep yourself from falling victim to these perennial scam artists.

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.