Scam Radar — October 2023
Scam Radar — October 2023
Below are three new scams to keep on your radar, as well as some tips for how to avoid them. Be on the look out for yourself, your family, and your clients! THINK BEFORE YOU CLICK!
This LastPass Scam is SO Last Year
Last year, the popular password manager LastPass was the victim of a data breach. Because of this, cybercriminals have access to the names, email addresses, and phone numbers of LastPass’s customers. Since the breach, cybercriminals have been using LastPass’s data breach in various cyberattacks.
Recently, cybercriminals launched a phishing attack targeting LastPass users. In this scam, cybercriminals send you a spoofed LastPass email with a link asking you to verify your information. If you click the link, you’ll be taken to a spoofed LastPass login page. If you enter your login information, cybercriminals will have access to your sensitive information.
Tips to Avoid Similar Scams:
- Never click a link in an email that you weren’t expecting.
- Be cautious when entering login information on a website accessed through an email. To stay safe, navigate directly to the organization’s official website.
- Stay educated and watch the news for data breaches. If a service you use is breached, be extra cautious of any emails you get from that organization.
Smishy Package Failed to Deliver
Recently, cybercriminals have been impersonating postal services around the world through SMS phishing (smishing) scams. These postal services include the US Postal Service, UK Royal Mail, Correos in Spain, and Poste Italiane in Italy.
In this scam, cybercriminals send you a text message impersonating the postal service in your country. The text contains a link and says that your package can’t be delivered until you provide additional information. If you tap the link, you’ll be taken to a spoofed postal service website that prompts you to enter your credit card details so your package can be delivered. If you enter your credit card information, cybercriminals could steal your money or personal information.
Tips to Avoid Similar Scams:
- Never tap a link in a text message that you weren’t expecting.
- Be cautious when entering payment information on a website accessed via text message. To stay safe, navigate directly to the organization’s official website.
- Remember that this type of attack isn’t exclusive to postal services. Cybercriminals could use this technique to impersonate any business in any country.
Gambling with Cybercriminals
MGM Resorts International is an American hospitality and entertainment organization. In September, MGM made headlines with the news of a cyberattack costing over 52 million dollars in lost revenue. Nearly all of MGM’s hotels, casinos, and ATMs went offline. This massive attack started with a simple social engineering scam.
Using information found on a LinkedIn post, a cybercriminal impersonated an MGM employee and called their IT department. They asked to have their password reset, and the IT department reset the employee’s password. This gave the cybercriminal access to the employee’s account and eventually led to the cybercriminal taking over MGM’s entire system. This is a great example of why it’s important to learn how to protect yourself and others from similar attacks!
Tips to Avoid Similar Scams:
- Be careful with the information you share about yourself online. Cybercriminals can use this information to target you in phishing attacks.
- Confirm that the person you’re speaking to is actually who they say they are. Try reaching out to them using another form of contact or by meeting with them face-to-face.
- Be suspicious of emails, texts, and social media posts that contain shocking information about this event. These may lead to disinformation, which is false information designed to mislead you.
For more information regarding scams, please visit the Federal Trade Commission (FTC) Consumer Advice website.
You can also find details about the signs of a scam, how to avoid a scam, and how to report a scam in this article by the FTC — How to Avoid a Scam.
Marketing through Facebook is ABSOLUTELY FREE and helps drive traffic to your brand! With ONE active contract under Senior Marketing Specialists, you get unlimited access to SMS Agent Connect, a private Facebook group that posts relevant content for Agent’s to share on their own business Facebook page!
Sources:
Cited in article.
Recent Posts
