Scam Radar — January 2024
Scam Radar — January 2024
Below are three new scams to keep on your radar, as well as some tips for how to avoid them. Be on the look out for yourself, your family, and your clients! THINK BEFORE YOU CLICK!
These Crypto Ads are a Real Drain
Have you seen online ads stating you can make tons of money with cryptocurrency? Be careful — many of these ads are scams! Social engineers want to make you think you can get rich quickly, but they are trying to trick you into providing your personal information.
Recently, cybercriminals have exploited advertisements on X, better known as Twitter. They use the ads to promote websites that lead to crypto scams. If you click on the ad, you will arrive on a page that asks you to set up an account on a fake site. To exchange cryptocurrencies like Bitcoin, you need a crypto wallet. So, you will be asked to connect this fake account to a crypto wallet. Since you are on a malicious phishing page, it drains the cryptocurrency from your connected wallet. Then, it will send your cryptocurrency to the cybercriminal’s account.
Tips to Avoid Similar Scams:
- Think before you click! If an ad makes huge promises or pressures you to act fast, don’t trust it.
- Set up an ad blocker on your internet browser. The blocker stops many ads from showing up, so you won’t see or click on harmful ones.
- Stick to sites you trust. Stay away from ads on websites or social media that you’re not familiar with.
Fake PDF Files are Real Threats
Even though the holiday season has come to an end, cybercriminals continue to target holiday travelers in a recent scam. This scam starts with a simple phishing email and an attachment that appears to be a hotel invoice. Unfortunately, the attachment isn’t an actual PDF file. It’s a complex attack designed to steal your sensitive information.
If you happen to download and open the attachment, an error message appears. The message claims that you need an update in order to view the PDF file. But the file isn’t actually a PDF document, and the error isn’t actually for an update. In reality, the file is a form of malware, and if you agree to the update, you’ll launch that malware. Once launched, it quickly scans your device, collects your sensitive information, and sends it to the cybercriminals. This malware helps the scammers start off the new year with their ideal gift—your personal data!
Tips to Avoid Similar Scams:
- Cybercriminals are counting on you to click without thinking. Never open attachments received from an unexpected email.
- If you booked a hotel for the holidays and received an email about it, check for details that confirm the email’s legitimacy, such as the reservation number, check-in time, and room details.
- Remember that this type of attack isn’t exclusive to travel invoices. Cybercriminals could use this fake PDF file technique in a number of scenarios.
Supply Chain Attacks
A supply chain is a network of organizations and vendors who are involved in the creation and delivery of a product or service. Supply chain attacks are when cybercriminals target a weakness in an organization’s supply chain. Usually, the weakness is not the organization, but it’s a vendor that the organization trusts.
Here’s an example scenario of a common supply chain attack. Let’s say you enter your information on a hotel’s website. This hotel uses a vendor to schedule their bookings. A few days later, you start getting phishing emails with the same information you put on the website. You know the website was official and legitimate, so what happened? The scheduling vendor was a weak point in the hotel’s supply chain. As soon as the vendor was compromised by cybercriminals, so was your information.
Tips to Avoid Similar Scams:
- Try to limit where you put your sensitive information. Limiting the number of websites that have your sensitive information helps to minimize your attack surface and to keep you secure.
- If you suspect suspicious activity with an organization’s supply chain, report it to the organization.
- Think before you click! Never click on a link or download an attachment in an email that you weren’t expecting.
For more information regarding scams, please visit the Federal Trade Commission (FTC) Consumer Advice website.
You can also find details about the signs of a scam, how to avoid a scam, and how to report a scam in this article by the FTC — How to Avoid a Scam.
A PODCAST WITH A PURPOSE. Hear behind the scenes conversations with Medicare Industry leaders.
Listen to A Human Connection, a podcast with JoAnn Wray!
Sources:
Cited in article.
Recent Posts
