fbpx
Submit Agent Support Ticket
Refer an Agent
Scam Radar — December 2024

Scam Radar — December 2024

Below are three new scams to keep on your radar, as well as some tips for how to avoid them. Be on the look out for yourself, your family, and your clients! THINK BEFORE YOU CLICK!

Paper Jams and Malvertising Scams

If something goes wrong with your printer, you probably search Google to troubleshoot the issue. In this week’s scam, cybercriminals create malicious advertisements, also known as malvertising, on Google and claim to be on a tech support team that can help you with your printer problems. If you click the malicious ad, you are taken to a fake website to install “software” that will assist with troubleshooting. However, the software installation is fake and always displays an error message saying that the installation has failed. 

After the failed installation, the website urges you to contact tech support through a phone call or live chat. However, the “tech support” is actually a scammer. If you contact them, they will request remote access to your computer to help you continue troubleshooting your printer. If you allow them to access your computer, they will not fix your printer, but they will be able to steal your personal data.

Tips to Avoid Similar Scams:

  • Anyone, even cybercriminals, can buy ads on Google. Always think before you click. 
  • If you experience technical problems with your personal devices, contact the manufacturer’s official website to troubleshoot. 
  • Never give someone you don’t know remote access to your computer. If the issue is work-related, contact your organization’s IT team for help. 

Fake Firing, Real Malware

Suddenly losing your job can be very stressful, and cybercriminals are trying to use this to their advantage. In this week’s scam, cybercriminals send you what appears to be an email from the UK Employment Tribunal. The email states that the tribunal is taking action against you, lists a case number, and contains a job termination notice. The email then states that you must download and reply to a document or face serious legal consequences. 

The email seems alarming. However, clicking the download button doesn’t lead to any documents. Instead, it leads you to a fake Microsoft page that will infect your computer with malware. This malware is designed to steal the user credentials that you use to log in to financial websites. Your job was never at risk, but now your computer and financial information have been compromised by the malware. The cybercriminals now have access to your personal data! 

Tips to Avoid Similar Scams:

  • While this scam targets users in the UK, remember that scammers can use similar techniques in any country. Contact your manager or human resources department for verification if you receive any unexpected emails about your employment. 

  • Always check the sender’s email address. Be wary of any inconsistencies in the email address, such as misspellings or odd characters.

  • Watch out for a sense of urgency in emails. Phishing attacks play on your emotions to try and make you act impulsively. Always stop and think before you click!

Don't Fall for This Dropbox Phish

Dropbox is a popular file-sharing service many use to share photos, files, and documents. In this week’s scam, cybercriminals are using this service to try and steal your Microsoft user credentials. They use Dropbox to send you an email that appears to come from “Human Resources.” The email states that a document containing salary and health insurance information has been shared with you.

The email is a real email from Dropbox, and it contains a link that will allow you to access the document. The document also contains realistic Microsoft branding, which makes this scam particularly convincing. However, if you click the link in the document, you’ll be taken to a fake Microsoft OneDrive page. If you enter your login information here, you won’t actually be able to update your health insurance information. Instead, the cybercriminals have stolen your credentials!

Tips to Avoid Similar Scams:

  • An email could be fake even if the sender’s email address is from a trusted domain. Cybercriminals can gain access to trusted domains to make their scams more believable. When in doubt about the legitimacy of an email, follow your organization’s email reporting policy. 

  • Before you click any link, always hover your mouse over it. Watch out for suspicious URLs that can hide a website’s true domain.

  • Never click a link in an email that you aren’t expecting. If you have doubts about an email your organization supposedly sent, always confirm it is legitimate before clicking any links.

Stay Safe While Working in Public Locations

It’s important to protect your information from cyberattacks no matter where you are, especially when working at the airport or a local cafe. If you don’t follow your organization’s cybersecurity practices while working in a public location, cybercriminals can steal your information when you least expect it.

Only join safe networks

  • When you log on to your work device from a public location, make sure to use a Virtual Private Network, or VPN. VPNs create a private network and encrypt your internet activity to protect your information from cybercriminals.

  • Only join safe Wi-Fi networks. Don’t allow your devices to automatically connect to public Wi-Fi networks, and don’t connect to random hotspots.

  • Disable Bluetooth on your devices when you aren’t using it. Don’t allow unauthorized devices to connect to your device via Bluetooth.

Be cautious when in public

  • Avoid using public charging stations or chargers that you find lying around. cybercriminals can use fake charging cords or USB plugs to upload malware onto your device. It’s best to use your own chargers when possible.

  • Don’t use public computers to work on important projects. Many public locations such as hotels have “business centers” with computers that you can use for free. These computers may contain keyloggers or other malware, so use them with caution.

  • Look out for fake QR codes, or “quick response” codes. Public locations such as restaurants or airports may prompt you to scan QR codes for deals and offers. cybercriminals can embed malicious URLs into fake QR codes, which could result in malware being downloaded onto your device.

Protect sensitive information from bystanders

  • If you need to make a business call in public, be sure to use headphones. Don’t allow bystanders to overhear sensitive work information.

  • Turn screens away from public view when possible. Don’t leave sensitive information on your screen for long periods of time.

  • Don’t leave your devices unattended. If you need to use the restroom or step away for a moment, take your belongings with you so that cybercriminals can’t steal them.

For more information regarding scams, please visit the Federal Trade Commission (FTC) Consumer Advice website.

You can also find details about the signs of a scam, how to avoid a scam, and how to report a scam in this article by the FTC — How to Avoid a Scam.

Where Agents Drink Java and Talk Shop

Join the conversation every Tuesday at 10 am CST.

Register Now for Medicare Cafe
medicare cafe
Facebook Linkedin Youtube Twitter Instagram

Sources:

Cited in article.

Recent Posts

Sidebar Setup


Please add widgets to the sidebar to have them display here.

View details »

Quote Engine

Election Period Assistance

Medicare Cafe

CARE Initiative
2024 AEP Bootcamp, AEP Disruptions Bootcamp: Survival of the Prepared, AEP Disruptions Bootcamp

70% shopping rates will make this AEP a war zone. Do you have your Battle Plan ready?

Attend one of our in-person AEP Disruptions Bootcamps, or be left behind.

July 23, 2024 
Blue Springs, MO

July 25, 2024
St. Charles, MO

July 31, 2024
Columbia, MO

RSVP NOW

Sign In

Your username is the email you registered with.