Crypto Recovery Scam Explained

The hype around cryptocurrencies has slowed down recently, but the number of scams related to this topic has never come down. Moreover, another vector has emerged – crypto recovery scam, which targets people who have already become victims of crypto fraud.

Getting into a financial fraud related to an investment can hit the wallet pretty hard, so the urge to get the money back has obvious motivation. In certain cases, it is technically possible to recover lost assets, and some legitimate organizations can assist victims in doing so. Still, it is very individual and depends on many factors, and there is never a guarantee of success.

The loss of cryptocurrency can occur for a variety of reasons, including technical failures (dead hardware wallet key) or human factors. But what the fraudsters concentrate their attention on are fraudulent investment schemes rather than technical issues. Incidentally, we have a separate post about cryptocurrency fraud, but this time we will focus on fraudulent “cryptocurrency recovery agencies”. Long story short – attackers could not ignore people who fell victim to one scam and developed a whole scheme to scam them again.

Examples of Recovery Services

How Do Crypto Recovery Scams Work?

Usually, these scammers are looking for victims on social media, particularly in crypto investment-related groups or trading forums. It all starts with comments from people who allegedly have managed to get their money back. They provide the contact information of a ‘specialist’ and claim to have helped but are actually part of the fraudulent scheme. In another scenario, fraudsters directly contact victims (mostly in crypto communities) and offer their help in restoring their crypto assets. One more scheme involves fraudsters selling lists of victims they have deceived or hacked on the Darknet.

After the victim contacts the scammer, they will immediately ask for as much information as possible. This may seem quite logical, since such an operation requires a full pack of victim’s info. However, the scammer will always ask for things that will barely be needed – SSN, detailed personal information, and so on. In addition to this data, attackers almost always require an upfront fee for their work. Quite often, the frauds simply cut any connections upon the upfront payment, but not always. It is often to see them imitating the progress, and asking for more money after some time. Scammers explain this as “additional funds are needed to solve the problem”. Attackers employ a lot of social engineering tactics, which can result in multiple requests for money before they eventually stop responding to the victim.

Red Flags and Potential Risks

Let’s take a look at the main red flags that you’re dealing with a scam. The first thing that should raise concern is a request to make a prepayment without any guarantees. Sure, scammers will promise guaranteed recovery of your funds, but such a guarantee is impossible. Definite false claim = quite an obvious red flag.

The next red flag is the claim that they have “special access”, a private connection with the FBI or another law enforcement agency. Without a confirmation, this claim costs nothing, and any “informal connections” still give you no guarantee that this FBI friend will be helpful. And, after all, if they’re talking about law enforcement – why won’t you go directly to them? The majority of investigation agencies around the world nowadays have an online fraud department, which will be in handy for this case.

Another sign that you are dealing with fraudsters is a sense of urgency and persistence on their part. In this case, the urgency comes not only from the scammers but also from the victim. Frauds often insist that you should not notify law enforcement about the incident, which is a strange demand from “legit money recovery agents” as they present themselves.

The risks of all this, as you can imagine, are quite high. First of all, there are significant financial losses. Usually, fraudsters demand large sums upfront because they realize that the victim is ready to do anything to get the lost crypto back. Secondly, there is the risk of confidential information leakage. Attackers can request credit card information or login details to an online bank. They may then either use this information to finally empty the victim’s accounts or resell this data on the Darknet.

6 Warning Signs

Most crypto recovery services are scams — especially if they promise to return crypto you no longer own. Look out for these warning signs:

1. They ask for an upfront fee. If someone asks for money before helping you, it’s likely a scam. They might ask for a small amount first, then keep asking for more.
2. They claim to have “special access” to crypto exchanges. Scammers will say they have secret ways to get your crypto back. This is always a lie.
3. They ask for your passphrase or sensitive info. If they want this information, they are trying to steal from you.
4. They ask for your bank or crypto wallet details. Scammers may ask for your wallet or bank info to “deposit” the recovered crypto. They just want to steal more money.
5. No physical address or located outside the U.S. If there’s no address, or it’s outside the U.S., it could be fake. Many scam companies use fake addresses.
6. No phone number or only messaging apps. Legit companies talk by phone. Scammers use apps like Telegram or WhatsApp to hide.

How To Avoid Scams?

If you’ve been a victim of a crypto recovery scam, I have a few recommendations that may help. First, report the platform support through which you were defrauded. Contact the platform’s technical support and report the incident. The next step will be filing a report with law enforcement and gathering as much case evidence as you can. While this still cannot guarantee a refund, it can significantly increase the chances of one. Detailed information will also help men in uniform with finding and detaining the fraudsters.

Also you can report scams to:

• The Federal Trade Commission (FTC)
• The Commodity Futures Trading Commission (CFTC)
• The U.S. Securities and Exchange Commission (SEC)
• The FBI’s Internet Crime Complaint Center (IC3)

If you have found an organization that helps you recover your lost funds, research its procedures, refund methods, and real user reviews on the Internet. The major challenge is that recovering stolen cryptocurrency is extremely difficult to recover. And almost the only way to do this is to collect as much evidence and information as possible, gather the necessary package of documents and submit it to law enforcement agencies. Law enforcement may contact the platform’s representatives. If proven that the stolen crypto belongs to the victim, there is a chance that it will be returned. This is the only legal way to get the lost crypto back.

The post Crypto Recovery Services appeared first on Gridinsoft Blog.

McAfee Email Scam Targets Your Credentials

This phishing scheme involves emails that guide users to a malicious webpage, mimicking the design of a simple login site. While scams involving email messages from strangers may employ various tactics, this particular scam impersonates routine notifications from McAfee concerning account details or user licenses. Offers might include a free license for one year, a prompt to approve changes to McAfee policies, or a reminder to renew a soon-to-expire license. However, the phrasing of these messages often renders them suspicious, as genuine communications from McAfee would not include such claims. Is there a specific McAfee scam email circulating in 2023 within the cybersecurity community?

At the bottom of the email, or within the text itself, there is a link or button you can click to get more details. Regardless of the lure, it leads to a phishing page—one that mimics the McAfee login page or a fraudulent survey site. The former is typical of more alarming messages, while the latter usually accompanies offers of gifts. Does McAfee send these types of emails?

The phishing login page features only two states: the default one and a “wrong login/password” notification beneath the credential fields. No matter what you enter, the information is sent directly to fraudsters who can then take control of your account. Additionally, from the phishing page designed to steal your credentials, the site may also include a download button. This button could install software that you would never willingly download, such as adware or rogue applications, which are commonly linked to such scams.

Pseudo-giveaway that promises you a gift will likely ask you for your personal information. Shady persons on the Darknet are willing to pay a lot for a database of users’ information. The pack of name/surname/physical address/email address/system information et cetera gives a lot of advantages for other scams.

Rarely, the message may contain the attached file, and the text allows you to open it instead of following the link. In this file, you’re supposed to see details about the changes in the terms or other stuff they used as a disguise for a letter. This attachment (often a .docx or .xlsx document) contains a virus.

How Dangerous is the McAfee Email Scam?

The main risk associated with following the instructions in a scam email is the theft of your account credentials and personal information. While sharing information with various online services might seem commonplace, these services are typically bound by GDPR rules to keep your data confidential. However, cybercriminals obtaining your information through phishing do not adhere to any rules or laws. Often, this stolen information is compiled into databases and sold on the Darknet, where the new owners are unlikely to have benevolent intentions.

Your McAfee account credentials are particularly valuable as they serve dual purposes. Possession of your account allows a criminal to steal your license key, which might be used to activate a pirated copy of the software or sold online at a fraction of the price you originally paid. If your license covers multiple devices, prepare for potential unauthorized users, or “squatters“, on your account. Additionally, stolen credentials can be added to databases of leaked passwords and logins, which are often utilized in brute force attacks to crack other accounts.

The injection of malware via an email attachment represents another significant threat. Unlike identity theft or account hacking, which may not have immediate effects, malware begins to operate as soon as it is launched. Phishing scams, such as those mimicking McAfee, have become a primary method for distributing malware, posing a serious risk to both individual users and corporations due to human vulnerabilities. The most common types of malware distributed this way include stealers, spyware, and ransomware, which can lead to compromised accounts and encrypted data—a highly undesirable outcome.

How to Protect Yourself from McAfee Email Scams?

The good news about most email scams is that they can easily be mitigated by simple attentiveness. Upon receiving a suspicious email, it is crucial to scrutinize both the body and header of the message. Even the most sophisticated forgeries will contain discrepancies that don’t match the original communications. Simpler scams often exhibit other telltale signs that can help you identify the deceit. So, how can you stop McAfee scam emails?

Typos and Grammatical Errors

Despite the prevalence of online spell checkers, scammers often neglect to use them, resulting in numerous errors in their messages. Poor English, missing punctuation, and subpar design are not features of official communications. The presence of these errors is a clear indicator of a fraudulent email.

Link address

Genuine messages may contain links to their website – for instructions, for example. However, they always belong to the original sender’s domain (mcafee.com for the genuine McAfee email message case). If you see the link to a dubious page, like WebProtectionProgram, or a short link, that is the reason to avoid clicking it. Official mailing never contains links to external sites and never applies using short links.

Sender’s email address

There are official email addresses companies use for mailing or conversations. They are often listed on their website. Receiving a letter that pretends to be sent by McAfee support, but the sender is mikey19137@aol.com does not look trustworthy. In complicated situations, crooks may try to use email addresses that look related to the sender. That’s why it is better to review the contacts on the website. For McAfee, those are the following:

info@authenticate.mcafee.com
Info@notification.mcafee.com
info@protect.mcafee.com
info@smmktg.mcafee.com
info@smtx.mcafee.com
info@mailing.mcafee.com
info@communication.mcafee.com
info@protect.mcafee.com.cname.campaign.adobe.com
donotreply@authentication.mcafee.com
donotreply@mcafee.com
consumersupport@mcafee.com
donotreply@authentication.mcafee.com
mcafeeinc-mkt-prod2@adobe-campaign.com
noreply@mail.idtheftprotection.mcafee.com
research@mcafee.com
mcafee@mail.email-ssl.com
no_reply@mcafee.com
no-reply@mcafeemobilesecurity.com

Strange Offers and Unusual Notifications

Giveaways, quizzes, or notifications about account blocking are not typical for reputable companies. They may contact you if there are issues with your account that need resolving, but you would likely be aware of these issues beforehand. Conversely, offers that require you to share personal information in exchange for a prolonged license are never legitimate. Coupled with the other signs we’ve discussed, these offers clearly indicate a fraudulent message.

Is it Possible to Avoid Email Spam in the Future?

Receiving email spam does not necessarily mean something bad has already happened. Scammers often buy databases filled with random email addresses and send out mass emails hoping to lure someone into a scam. If you do not respond or click on any links, scammers will likely remove you from their list eventually. However, any engagement, such as replying or clicking a link, signals to them that your account is active and susceptible to scams. Experts note that any interaction with a fraudulent email can lead to a significant increase in spam.

Several strategies can help reduce the amount of spam you receive and make it easier to differentiate between genuine and fraudulent emails. First, use a separate email address for registrations on websites or at events where you have concerns about their credibility. Some sites may not prioritize protecting their clients’ data and might sell their databases to third parties. While not always malicious, this practice can lead to unwanted exposure for your primary email address. Using a secondary email address as a buffer can help protect your main accounts from suspicious activities, ensuring greater security for your personal or work emails.

Another tip involves reporting suspicious emails. While most email services employ advanced anti-spam engines to filter out the bulk of spam, no system is perfect. You might still find McAfee phishing emails in your inbox. Reporting these deceptive messages is straightforward: simply click the button with three dots on the message and select “Report Spam.”

Conclusion

In the fight against email scams, especially sophisticated ones like the McAfee email scam, proactive protection is key. While following the tips outlined above can significantly reduce your risk of falling victim to these scams, having robust antivirus software can provide an additional layer of security. We recommend using Anti-Malware for its effective detection and removal of malware threats.

Download and install Anti-Malware by clicking the button below. After the installation, run a Full scan: this will check all the volumes present in the system, including hidden folders and system files. Scanning will take around 15 minutes.

After the scan, you will see the list of detected malicious and unwanted elements. It is possible to adjust the actions that the antimalware program does to each element: click "Advanced mode" and see the options in the drop-down menus. You can also see extended information about each detection - malware type, effects and potential source of infection.

Click "Clean Now" to start the removal process. Important: removal process may take several minutes when there are a lot of detections. Do not interrupt this process, and you will get your system as clean as new.

The post McAfee Scam Email appeared first on Gridinsoft Blog.

Hamster Kombat Tap-Game Players Targeted in Malware Spreading

ESET researchers have discovered a series of successful scams based on the popularity of the game Hamster Kombat. As with any potential opportunity to make easy money, this game has attracted two audiences – those looking to get rich quickly and those looking to profit from them, i.e., scammers. The latter use phishing websites to spread spyware, primarily Ratel to Android users and Lumma Stealer to ones who use Windows.

For those who may not know, that is a game where the main activity is tapping the smartphone screen and completing simple tasks. For these actions, the developers promise to eventually reward players with a new virtual cryptocurrency token based on TON, which they plan to release sometime soon. Since the game’s release, more than 250 million players have joined the project. For the comparison, Hamster’s Telegram channel alone had 53 million users at the time of writing.

The game caused heavy discussions on data safety earlier this year, mainly due to its Russian origins. We have a separate article with analysis of Hamster Combat’s Russian ancestry and possible outcomes.

How the scam works?

Main thing that makes users follow the shady guides and do what the malicious instructions say is the wish to automate the Hamster Kombat game process. For this, frauds offer downloading a third-party app, that is, as you could have guessed, is malicious. It’s worth remembering that the Hamster Kombat game operates exclusively through a Telegram bot and only within Telegram on mobile devices. This means there are no stand-alone apps for iOS, Android, or especially for Windows. Additionally, the only official accounts are on YouTube, X (Twitter), and Telegram – another popular claim that the frauds do to lull the vigilance.

Hamster Kombat Malware Scam – Main Course

This desperation drives players to visit phishing sites and install malicious applications. For example, enterprising scammers have created a Telegram channel called HAMSTER EASY, where they distribute an app named Hamster.apk. The channel is entirely Russian, and almost every post contains grammatical errors. However, this app is in fact Ratel spyware, which automatically sets itself as the default SMS app.

By getting these capabilities and privileges, this app abuses notification access permissions. This Ratel can intercept all messages and notifications and hide them from the user. Further, the spyware uses SMS to communicate with “control server” – in fact, just the phone of cybercriminals.

Another method of spreading this spyware is through phishing websites styled to look like official app stores. Researchers have identified two such sites, “hamsterkombat-ua.pro” and “hamsterkombat-win.pro”. Unlike the page that spreads Ratel spyware, these two are in Ukrainian language and obviously target the Ukrainian player base.

As I have repeatedly emphasized, Hamster Kombat operates exclusively on mobile devices. However, crafty scammers have developed a Windows application. Researchers discovered GitHub repositories offering auto-clickers and automation tools for leveling up in the game. However, the developers neglected to mention that this software comes with a bonus: Lumma Stealer. This malware is spread in several versions, including C++, Go, and Python, with the latter even featuring a graphical installer interface. Consider reading our detailed research on this malware.

Moreover, numerous clones have appeared online, such as muskempire_bot and Simple_Tap_Bot. These bots are heavily promoted in the comments under videos related to Hamster Kombat on social media, promising easy earnings. Instead, they steal users’ time, personal data, and in some cases, even their money.

How To Avoid This Scam

To avoid falling victim to scams related to Hamster Kombat, it is essential to remember two rules:

• The game operates only within the Telegram app on mobile devices.
• There are no legitimate ways to automate the game’s process through software. At least, the developers claimed to patch any of the possible auto-click bots, and threatened to wipe the accounts of ones who use them.

Based on this, players should avoid any software related to this game, regardless of the platform. Additionally, avoid websites that disguise themselves as Hamster Kombat but are not announced on the official game pages.

The post Hamster Kombat Players Targeted in a New Malware Spreading Scheme appeared first on Gridinsoft Blog.

Phishing is a cyber-attack method that introduces malware to a computer via email. Intruders send users emails containing links under various pretexts. After clicking these links, the malware enters your computer. Thus, cybercriminals deceive the target to get as much data about the user as possible: his card numbers, bank accounts, etc

Types of Phishing Attacks

We have already explored what phishing is and how it manifests itself. Now, let’s delve into the types of phishing so you can better recognize them, understand where they might appear, and grasp their potential dangers to your PC. See the detailed descriptions below:

• Email Phishing: This is the most common form of phishing. Fraudsters send fraudulent emails that seem to come from reputable sources, such as financial institutions or well-known companies, to steal sensitive information like login credentials or credit card numbers. The emails often contain a link that leads to a fake website designed to capture your personal information.
• Phone Phishing: Also known as voice phishing or vishing, this technique involves phone calls to users with the aim of tricking them into divulging personal, financial, or security information. Attackers might impersonate bank officials, tech support, or representatives from other organizations to obtain sensitive information directly over the phone.
• Clone Phishing: In clone phishing, attackers make a copy or “clone” of a previously delivered email from a trusted sender that contained a link or an attachment. The malicious actor changes the link or attached file to a malicious version and resends it under the guise of an update or correction of the original email, often claiming it was re-sent due to a mistake or problem with the previous link.
• Spear Phishing: Unlike the broad nature of standard phishing, spear phishing targets specific individuals or organizations. This type of attack involves personalized messages that are more convincing because they are often based on the victim’s job position, work relationships, or personal interests, gathered from various data sources like social media or compromised accounts.
• Angler Phishing: This type of phishing exploits social media platforms to masquerade as customer support accounts. Fraudsters create fake accounts or hack into existing ones to respond to genuine customer queries. Through this method, they aim to extract personal data or spread malware by encouraging the victim to click on malicious links or give up sensitive information under the pretense of resolving a support issue.
• Smishing and Vishing: Smishing is phishing via SMS messages, where attackers send text messages that lure recipients into revealing personal information or downloading malware. Vishing, as mentioned, is similar but conducted over the phone. Both methods use social engineering to convince the victim to act against their best interests, often creating a sense of urgency or fear.

Examples of Phishing Attacks

Above, we have reviewed the types of phishing. Consider now the examples of how these types of phishing appear in action:

• You receive a letter that will convince you only to click the link in this letter.
• The most common phrase in these emails is “Click here”.
• Emails that come alert that your payment is allegedly not passed, try again, and so on.
• The letter in which you are deceived as if you have not paid taxes and something should.
• The user can go to the fraudsters’ website, although initially entering the address of the bank.
• Replace DNS routers without user permission.

What is Spoofing Attacks?

Spoofing is the substitution of foreign data by a cybercriminal by falsification to use it for their evil intentions unlawfully. It is often done to bypass the control and security system and distribute malware. The most common types of spoofing are IP spoofing, DNS spoofing, and email spoofing.

Types of Spoofing Attack

1. Email Spoofing. This method involves deception and the forgery of the sender’s address in the letters. This is what the attacker does as a way to spoof the domain, change the sender address, and change the value of the fields “From” and “Reply to”
2. Website Spoofing. The attacker creates a fake site that masquerades as legitimate. For the visibility of a realistic site, intruders use legal logos, colors, and fonts. The purpose of this method is to install malware on your computer through such a site.
3. Caller ID Spoofing. In this case, the attacker is hiding under a fake phone number. Any outgoing call number is used, but the incoming one will be the one that the intruder wants. That is, it will be difficult to identify the attacker, as he hides his outgoing number.
4. IP Spoofing. It is the renumbering IP addresses in packets sent to the attacking server. The sending packet specifies the address that the recipient trusts. As a result, the victim receives the data that the hacker needs. You can completely exclude IP spoofing by comparing the sender’s MAC and IP addresses. However, this type of spoofing can be helpful. For example, hundreds of virtual users with false IP addresses were created to test resource performance.
5. DNS Server Spoofing. One way to crack something is to attack by replacing DNS domain names to replace the IP address. DNS (Domain Name Server) spoofing or DNS cache poisoning is a type of cyberattack used by an attacker to direct the victim’s traffic to a malicious website (instead of a legitimate IP address).

Examples of Spoofing Attacks

Each type of spoofing can manifest itself differently. However, for you to understand the general picture of how spoofing works, below we will look at some examples:

• In one case, spoofing is manifested by changing the IP address when the entire site is hacked.
• It may be a website disguised as a bank you know that asks you to log in and sends you a link, but it’s just a scam to get your confidential information.

Difference Between Phishing and Spoofing

Now that we know what phishing and spoofing are, we know of the species and how they manifest themselves in practice, then we can consider what the difference between them is:

• Objective: The purpose of spoofing and phishing is different. The purpose of phishing is to get information about the user. The goal of spoofing is identity theft.
• Nature of Scam: In the case of spoofing – it seems completely harmless and not even fraudsters. It does not extort email addresses or mobile numbers. But phishing is a scam because it steals users’ data.
• Subset: Phishing and spoofing have nothing to do with each other. But there is a similarity. The similarity is that spoofing steals an identity from the Internet before committing fraud.
• Method: The primary spoofing method is the use of malware when phishing uses social engineering.

How to Prevent Phishing and Spoofing Attacks

Of course, there are methods to avoid an attack from the side of spoofing and phishing attacks . Of course, you cannot do anything because you will hurt yourself, but we recommend you take some measures. See below:

Phishing:

Before clicking on the proposed link in the email, move your mouse over it and look at the address you will go to. It should be the same as you were given. If it is different – it is likely to be a hoax. If you receive messages with such a logo – “Do not hesitate”, “Last Chance”, “Hurry”, and the like, then delete them or send them to spam. They pressure you to make a quick decision and immediately click on the link. Open any attachment only through proven and reliable sources. If you have received an email from a particular user, but you are not sure it will be sent to you, you better call him.

Spoofing:

• Check the letter for grammatical and spelling errors.
• Look carefully at the sender’s address
• Encryption and authentication
• Robust verification methods
• Firewall (protects your network, filters traffic with fake IP addresses, blocks access of unauthorized strangers).

You can also apply the same tips that we have considered to prevent phishing. It would help if you were careful in all these aspects. You do not know what you will be exposed to. Put protection on your PC, which will work for your benefit, warn you about perceived threats, and will closely monitor all your online activities.

We invite you to try Gridinsoft Anti-Malware, it is an excellent protection against spoofing, phishing attacks, and other online threats. Moreover, it is also able to get rid of the virus that helps scammers to deceive you.

The post Phishing vs Spoofing: Definition & Differences appeared first on Gridinsoft Blog.

Fake Shop Online Scam

Among all the online scams one that I stumble by particularly often is fake online stores, which today are perhaps the most common type of scam. This is not surprising, as the events of the last 4 years have given a significant boost to e-commerce and online shopping. Unlike legitimate stores, these shops will never send you any goods whatsoever, or, in the best case scenario, just a cheap counterfeit from China. The reason is that the store essentially does not exist. If you have a more detailed look, you will see just a landing page made with a template that contains pictures stolen from other sites and a payment form.

The main signs that a store is fake include overly huge discounts (usually between 50% and 95%) and urgent calls to act quickly (such as “3 hours 59 minutes left in the sale” or “only 4 items left at this price”).This is obviously false, and you may see the countdown resetting upon refreshing the page. Another sign is exclusively positive reviews combined with the inability to leave your own feedback. Also the “About Us” and “Contact Us” pages have some distinctively senseless text. It often contains vague, abstract text, and sometimes this section is unfilled at all. The contact form may also list (if at all) the address of a random pavilion in China and a nonexistent email address.

To make the scam page more visible, con actors launch aggressive advertising campaigns, typically on social media. They often prefer Facebook to other platforms for its massive audience and well-known advertising engine. Interestingly enough, the latter, albeit having sturdy protection against traffic arbitrage, shows a rather poor counteraction to this type of scam.

How Does it Work?

Allow me to briefly explain how this works: using online website builders, crooks create themed online store templates, typically for clothing, shoes, home decor or other popular items. All product photos are usually taken from legitimate online stores; you can verify this by performing a reverse image search. Scammers register it on the cheapest domains like .site, .top, .fun, or .store, and then just wait for the victims to come by. Typically, these are one-day sites that do not stay online for long.

The only functional button on such a site is the “buy” button, which, once clicked, prompts you to enter the recipient’s address and pay for the item. Obviously, no one will send the item. Even when the buyer actually receives something, as I said, it is usually the cheapest replica from Temu or Aliexpress. Some scammers even surprise by sending a box of trash instead of the expected package or an old T-shirt instead of a branded one.

Potential Risks

There are several risks involved here. Firstly, you risk losing your money. Although these sites often guarantee a money-back, be sure, no one will refund your money. The second risk is the exposure of confidential information. Scammers obtain all the details — full name, home address, email, and card information. This is a great jackpot for crooks, who may later attempt to use this information for further scams. In some cases, these details may be sold on the Darknet.

If you have fallen victim to a fraudulent online store, it is important to take the following steps to minimize damage and attempt to recover your money. First, contact your bank and report the fraud. This might help to get your money back. Then, disable the option for online payments on the card you entered on the fake site. If possible, take screenshots of all transactions and any correspondence with the seller (if any).

Crypto Scams

Another prevalent type of online scam is cryptocurrency fraud. This works almost the same way as in the previous example. Scammers use templates to create many identical websites that differ only by name. These sites often associate themselves with celebrities, such as Elon Musk, Bill Gates, Vitalik Buterin and other renowned persons of the crypto world.

Fake website

Social Media buttons on the fake website

An average guy, that has no idea that the link to their profile is on a fraudulent site

These sites operate in several different modes: as exchangers, trading platforms, or airdrop scams. Modus operandi of all of them is rather simple: pretending to be something, while not being it, and instead either stealing users’ money, cryptocurrency and personal data.

The main risk of this scam is the scammers withdrawing funds from your wallet. By gaining access to your private keys, scammers can easily transfer all your funds to their addresses. In the case of fake airdrop distributions, the website may use a smart contract with malicious code. After connecting, the “drain” script activates, automatically transferring all funds from the connected wallet to the scammer’s wallet. They also happily help themselves to the data that users leave during authentication. Such manipulation may end up with identity theft in future.

Targeting Ways

Main promotion ways for crypto scams differ from ones used by other scams. Frauds typically launch massive ads through TikTok, Instagram and other similar platforms with short content. By abusing indexing mechanisms these platforms use, they can reach an enormously wide audience in just a few days.

If you become a victim of a crypto scam, you must gather evidence. Take screenshots of all transactions, any correspondence (if available), and related websites. Then, contact the bank authority and the service that provided you with the hot wallet. You can also contact their support team to get more detailed instructions on how to report the fraud. After all, change your account login details, especially if you use that password on more than one site.

Online Scam: Phishing

One of the oldest types of online scam is phishing. This attack relies not on technical, but human factors, which in fact makes up for its longevity and effectiveness. Scammers create exact replicas of the login pages for popular legitimate services. Most commonly, these are Microsoft Azure, Apple ID, Amazon, PayPal, and less frequently, social media.

These pages look identical to the real ones, but almost always have a different URL. The most recent phishing scams, as of mid-2024, are hosted on Microsoft Azure service, which adds a well-noticeable particle in URL. This is also the reason why phishing scams bypass most of the filters. Such are extremely short-living, staying online for just a few days.

Falling for this scam risks giving your login credentials to scammers, which can lead to further problems. This could result in losing access to your account, as scammers may log in and try to change the password. If you use the same password for multiple accounts, the security of those accounts is also at risk.

One particular promotion ways phishing scams exploit for all the time is email spam. Crooks that stand behind all this launch a mass-mailing campaign that comes to the users as a routinely-looking message which asks to update some stuff related to the account. The link to the phishing site is additionally masked by anchoring it to a piece of text that contains the legitimate URL.

If you become a victim of phishing, regardless of the account type, the first thing to do is change your password. This action will block the scammers’ access to your account. Next, enable two-factor authentication (2FA) on any accounts that might have been compromised if not already enabled. I recommend using 2FA wherever possible.

Fake Job Online Scam

Fake job scams is a particularly novice type of online scam that targets people searching for employment. They particularly aim at ones seeking for a remote job – a rather widespread demand since 2020. Scammers that operate this kind of fraud stand off by being pretty inventive and avoiding using templated websites.

There are several types of this fraud that are met the most often. The first one involves performing simple online tasks for a reward. Tasks might include clicking on links, watching advertisements, or viewing videos. However, the pay for these tasks is so low that earning $10 could take a week of watching videos. In exchange, that site takes quite a lot of users’ personal information, and will likely sell it for much more than the pathetic sum they promise as the reward.

Social Media As a Communication

Another type of job online scam mostly takes place on social media. The victim stumbles upon a site that offers a “well-paid remote job” by seeing an ad on social networks like Facebook or LinkedIn. In most cases, the website the user sees appears legitimate, making it difficult to suspect anything wrong. Further, the site asks the victim to fill out a form on the website and provide information about themselves. In some cases, people may see the payment request, allegedly for handling document processing or training. After this payment, the site completely stops responding; all the ways to reach the site back appear non-functional. Scammers simply disappear with all the users’ personal data and, optionally, the payment.

The third variant of this scam resembles the first but differs in operation. Scammers find potential victims on social networks and offer them a good passive income opportunity. This involves performing simple interactions with a website daily, promising a good reward for these actions. Initially, victims are allowed to “withdraw” a small amount. Later, victims are encouraged to “upgrade their task level” by paying a certain fee. But once they do this payment, the cost of tasks increases. Scammers continually persuade the victim to upgrade again and again. When the victim attempts to withdraw funds at a certain point, the website simply starts spitting out errors. Scammers may reassure the victim that the issue will be resolved soon. Finally, they disappear, stop responding, and the website likely ceases to exist.

Potential Risks

In most cases of this type of online scam, all money transfers occur through cryptocurrency. This practically eliminates the possibility of retrieving funds or identifying the scammers. The main risk, however, is the leakage of personal information. Considering that people happily share SSN, ITIN and other sensitive documents, with fair expectation that it is needed for the job, the possible damage goes far beyond what other scams can do. Another edge of the risk is financial loss, a small one in the case of “document processing”, and a much larger one (up to several thousand dollars) with the “task updating” scheme.

You should practice basic internet hygiene to avoid falling victim to such scams. Approach any offers of easy money with suspicion. If you’re promised large sums for simple tasks, it’s likely a scam. The same, if you’re asked to visit a previously unknown website for job searching and fill out a form, don’t rush. Please perform your own research, Check the site on our URL checker, Google it, and read reviews. In most cases, this will shed light on the situation.

If you’ve become a victim of such a scam, first stop communication and block the scammer. Then, report the user on the platform where they contacted you. Find the website on review platforms and leave a detailed review describing your situation to warn other users. If you’ve provided confidential information (like credit card details), block the online payment option and inform your bank that your card details have been compromised. This will prevent unauthorized transactions using your card. If you’ve entered your passwords anywhere, change them immediately.

The post Signs You’re Dealing With an Online Scam appeared first on Gridinsoft Blog.

What is Whaling Phishing

Phishing is a malicious practice where attackers trick individuals into revealing sensitive information through fake emails that look legitimate. The victim willingly provides their credentials, which cannot be considered extortion or malware.

Phishing attacks, accounting for 39.6%, are the most common type of cyber attack and are frequently combined with other forms of malware such as HTML, URL, PDF, and executables.

Phishing techniques are diverse, and it is nearly impossible to list them all without missing some. Nevertheless, several methods are currently the most prevalent. These methods have always been widely used due to their simplicity and the high likelihood of successfully trapping the victim.

Various types of phishing attacks include spear phishing, whaling phishing, angler phishing, pharming, pop-up phishing, and others. Spear phishing targets regular employees while whaling phishing targets high-profile employees, such as C-level executives.

Whaling Phishing Attacks

The whale is often considered the ruler of the ocean, symbolizing high authority. In the realm of phishing, ‘whale’ refers to C-level executives. These executives hold significant power within an organization, and the metaphor draws parallels between these influential individuals and the ocean’s king.

Due to their power and authority, C-level executives are targets for whaling attacks, which aim to deceive and exploit them, leveraging their access to sensitive information and decision-making abilities. When a CEO requests an urgent task from an employee, it is usually prioritized and completed quickly.

Whaling phishing is not characterized by special types of spreading. It is distributed via email, SMS, and voice like any other phishing attack. Let’s explore them through real-world examples.

Examples of Whaling Attacks

At their core, the common thread in examples of past successful whaling campaigns isn’t too dissimilar from successful phishing campaigns: The messages are seemingly so urgent, so potentially disastrous that the recipient feels compelled to act quickly, putting normal security hygiene practices by the wayside. Scammers writing successful whaling emails know their audience won’t be compelled by just a deadline reminder or a stern email from a superior. Instead, they’ll prey upon other fears, such as legal action or being the subject of reputational harm.

In one example of a whaling attempt, several executives across industries fell for an attack. They laced with accurate details about them and their businesses that purported to be from a United States District Court with a subpoena to appear before a grand jury in a civil case. The email included a link to the subpoena. When recipients clicked the link to view it, they were infected with malware instead.

Phases of Whaling Phishing Attacks

Here three phases in the phishing attack also apply to the whaling attack:

1. When an attacker wants to access a system, the first step is to research the potential target. Learning about their position within the company and their relationship with other employees.
2. Once the attacker has gathered enough information, they will create a customized phishing email that looks legitimate. (This is how the HR and Finance departments from Seagate and FACC Cyber Heist were deceived)
3. The attacker will trick the target into clicking on a link or attachment. If the victim falls for the trick, the attacker must bypass security measures and inject a malicious payload. Then, they can steal data and sensitive information.

Defending Against Whaling Attacks

If you are an executive or someone who might be a target of whaling, you should remember the standard prevention advice for phishing attacks. It’s essential to be cautious of clicking on links or attachments in emails, as these attacks require the victim to take some action to be successful.

Implementing whaling-specific best practices can help organizations harden their defenses and educate potential targets.

It’s essential to be aware of the information public-facing employees share about executives. Whaling emails can seem more genuine if they include readily available online details. It can be birthdays, hometowns, favorite hobbies, or sports. Whaling emails can appear even more legitimate during major public events, like industry conferences or company events. Therefore, it’s essential to remind executives and spokespersons to exercise caution while checking their inboxes, particularly during high-publicity events when they are likely to be in the spotlight.

The post Whaling Phishing appeared first on Gridinsoft Blog.

Emails are used daily by millions worldwide professionally. Over time, however, this beneficial tool has also become a potential threat. Like anything connected to the internet and technology, email is vulnerable, particularly email attachments seen in most messages. This susceptibility has heightened concerns about email security.

Common Threat Types for Email Security

Before exploring how to protect yourself from the dangers associated with email attachments, it is important to understand the basic types of malicious email threats to which we are all susceptible.

1. Ransomware: Ransomware is a prevalent threat typically delivered through email. In such attacks, the perpetrator hacks the victim’s data and demands a ransom for its return.
2. Phishing: Phishing involves criminals sending emails that appear trustworthy, containing links or attachments that prompt for login details. These credentials are then used for malicious purposes. Many people inadvertently trust and interact with these deceptive emails.
3. Spam: Despite various methods developed to filter out unwanted spam, the issue persists. While some spam is merely bothersome, much of it can carry malware.

Email Safety Tips

The dangers associated with email attachments, as mentioned above, are common challenges faced routinely by users. However, there are numerous ways that your emails could be carrying malware and other threats like ransomware.

To help you stay safe and secure your email communications, we’ve compiled a list of effective email security tactics. These strategies will help you recognize potential dangers and avoid them before they escalate into serious issues. Let’s explore these tips!

1. Check the Sender

Business professionals often receive emails daily from various contacts, necessitating them to open and review each one. However, during a phishing scam, the sender’s name may appear familiar or even if not, the nature of business may compel you to open it regardless. Despite this, there is a precaution you can take: always verify the sender’s email address. Unusual email addresses are a common indicator of scams. Remember, it’s not necessary to open every email. If an email is critical, the sender will likely follow up with a phone call if they don’t receive a response. Trust your instincts; if an email feels suspicious, it’s safer to avoid engaging with it.

2. The Message Inside the Email

Even when you recognize the sender or are anticipating an email, exercise caution before opening it and engaging with its contents. Before clicking on any attachments, consider the following to ensure the email’s legitimacy:

• The subject line of the email is critical. If it lacks a subject line or the subject line is vague, proceed with caution. For example, if the subject mentions an “invoice”, verify your recent purchases. If you haven’t ordered anything that matches the described item, do not open the email and consider marking it as spam.
• Emails that lack detail and use generic greetings like “Hi” are often indicative of phishing attempts. A legitimate email will include specific details about the company and a clear explanation of the email’s purpose. If these elements are missing, it’s best to disregard the email.

3. Digital Signature in Emails

For those engaged in corporate communications, verifying the presence of a digital signature is crucial. Before opening any attachments, check if the email purportedly from a company includes a digital signature at its end. For emails sent through Microsoft Outlook, a digital signature may be indicated by a red ribbon icon within the message, signaling corporate authenticity.

4. Check the Email Links

After confirming the internal contents of the email, including the presence of a digital signature, a relevant subject line, and the company’s logo, you might feel confident about the email’s legitimacy. However, it’s essential to remain vigilant by checking the links as well. Hover your mouse over any link or attachment to preview the destination address. If the address appears suspicious or unrelated to the expected content, it likely indicates a malicious intent such as ransomware or another type of scam. In such cases, it is advisable to delete the email immediately and avoid clicking on any links.

5. Use GridinSoft Anti-Malware for Enhanced Protection

To further secure your email communications from malware and other cyber threats, consider using GridinSoft Anti-Malware. This powerful tool offers robust protection against a wide array of threats, including those commonly disseminated through email, such as ransomware and phishing scams. GridinSoft Anti-Malware provides real-time protection by scanning incoming emails and their attachments for any malicious content before it can harm your system.

Download and install Anti-Malware by clicking the button below. After the installation, run a Full scan: this will check all the volumes present in the system, including hidden folders and system files. Scanning will take around 15 minutes.

After the scan, you will see the list of detected malicious and unwanted elements. It is possible to adjust the actions that the antimalware program does to each element: click "Advanced mode" and see the options in the drop-down menus. You can also see extended information about each detection - malware type, effects and potential source of infection.

Click "Clean Now" to start the removal process. Important: removal process may take several minutes when there are a lot of detections. Do not interrupt this process, and you will get your system as clean as new.

Conclusion

Email has undoubtedly simplified and accelerated communication, revolutionizing business operations and opening countless opportunities. However, as technology has advanced, so too has the susceptibility of email to scams and other security threats. Prioritizing email security is essential for both individuals and businesses. By implementing the straightforward security measures discussed above, you can protect yourself and your business data effectively. Paying attention to the finer details and practicing vigilance can take just a minute or two, but these efforts are crucial in safeguarding against potential dangers.

The post How to Stay Safe When Using Email? appeared first on Gridinsoft Blog.

What Are Geek Squad Email Scams? How Do They Work?

The Geek Squad scam is an imposter scam in which criminals pose as Best Buy Technical Support and offer “help” with devices, accounts, or apps. In reality, these scoundrels are trying to steal your personal information, get you to give them remote access to your devices, or pay for their fraudulent services. Here is the typical procedure of this scam:

• Scammers reach out in any way they can (via email, text messages, phone calls, or fake websites) and pretend to be Best Buy Geek Squad employees.
• They will then claim that your device has been compromised, you owe money for your subscription, or that you need to “prove” your identity by providing confidential information (e.g., credit card numbers, social security number SSN, etc.).
• Sometimes they may even make you download malware or apps to access your device remotely.
• If successful, they trick you into cheating you out of even more money by emptying your accounts, stealing sensitive information on your device, or demanding payment for their services.

Anyone who has dealt with Geek Squad or Best Buy may face a Geek Squad scam. Unfortunately, more than 60% of their victims are over 60.

Geek Squad subscription auto-renewal texts or emails

Perhaps one of the nastiest scams from Geek Squad is that scammers send emails or text messages claiming that you have signed up for the Geek Squad subscription service. You will be billed hundreds of dollars unless you cancel your subscription. The message has a phone number to call if the payment is a “mistake”. However, they will ask for your credit card or other banking information to “get your money back” if you call that phone. Fraudsters use this information to commit financial fraud.

This fraud can often turn into a “refund scam.” This happens when scammers use stolen accounts or credit cards to send you extra money and ask you to “reimburse” the difference. Unfortunately, when the original account holder reports the fraud, you will lose the entire amount and everything you sent to the fraudster.

Identifying a scam:

• You receive an invoice or automatic renewal notice for Geek Squad services you did not request.
• The message is not from a BestBuy.com email address, contains spelling or grammatical errors, and does not use the correct Geek Squad logo.
• The number listed in the message is not the official Best Buy number.

Emails pressuring to download fake antivirus software

In this scam, fraudsters pass themselves off as Geek Squad technicians and tell you that your device is infected with malware. So they force you to download the “antivirus software” or give them remote access to your device. In both cases, you give the hackers full access to your device and your sensitive information, photos, or videos. The “antivirus software” hides malware that allows hackers to spy on you and your computer. Giving hackers remote access means they can do whatever they want with your device.

How to identify a scam:

• You receive an unwanted phone call or e-mail claiming that your device is infected with a virus. No one can tell you if your computer has been hacked without access.
• Fraudsters request remote access to your device to “fix” the problem. Always be careful if someone asks you to download software or wants access to your computer.

Tech support phone call scams

Unfortunately, these nasty guys often annoy their victims over the phone. If you are on the phone, the scammers force you to send them money for their services or make you download malware onto your devices.

Here are the two main ways phone scammers call you:

1. Scammers call you, claiming that your device is infected with malware or that you owe money for services.
2. Scammers create fake Web sites that provide fraudulent phone numbers for Geek Squad. Then, when you call, they route the calls to their phones and start the scam.

Detecting the fraud:

• You receive an unsolicited phone call from Geek Squad or another tech support group. These companies will rarely contact you directly. So be careful of anyone who calls you unsolicited.
• Once you get on the phone, the scammer won’t let you get off. Instead, they will do and say anything to keep you talking.

Browser pop-ups with alerts that your device is infected

Sometimes scammers use pop-ups on websites (often adult websites and illegal streaming platforms) and claim that your device is infected and requires immediate action. If you click on the pop-up, you will automatically download what looks like antivirus but is malware, adware, keylogger, or ransomware.

Spotting the fraud:

• No browser plug-in can check your device for viruses. So if you get a message that your device is infected, it’s a scam.
• Beware of device cleaner apps, as they often contain malware. If you are unsure about an app or software, google its name + “scam” or “safe”. If you have an installation file, you can check it here.

BestBuy.com password reset scam

Scammers send emails purporting to be from Best Buy, claiming that your “password reset didn’t work. The email will appear genuine and contain a link to update your account, even if you don’t have one. If you click on the link, it will take you to a site identical to the “BestBuy.com” login page. It’s a phishing site whose purpose is to steal your personal information. So, if you enter your real username and password for your “BestBuy.com” account, fraudsters will get that information and use it to make fraudulent purchases, buy untraceable gift cards, or steal your financial information.

How to detect this scam:

• You get an email to reset the password for an account you don’t have.
• When you click on the link, you are taken to a site that is not secure or not in the official “BestBuy.com” domain.

Accidental refund or overpayment scams

Scammers send you more stolen money than you expected, then ask you to “refund” the extra amount. If you call support, they will ask you to complete a form to proceed with a refund. But the form doesn’t work, so the support agent will ask for remote access to your desktop to help you complete the refund. As a result, you will lose the entire amount of money – the supposed refund and the “accidental” extra money.

Detecting this trick:

• Fraudsters ask to access your computer remotely to facilitate a refund.
• You have been told about a “refund” for more than the amount on your bill. If this happens, do not send the money. Instead, wait a few days for the funds to be transferred, or contact your bank and let them know what happened.

Fake Offers: Protection Service Plan

Although not as dangerous as other Geek Squad scams, this useless protection plan can still cause damage. In this scheme, scammers posing as specialists contact you by phone or e-mail to sell you protection services, such as antivirus. But these “tools” either do nothing or contain malware.

How to understand this is a scam:

• The tool has no online reviews or is not listed on popular review sites.
• Scammers contact you to try to sell you digital security services. An unsolicited email or phone call indicates that you are dealing with a scammer.

What to do when you become the victim of the Geek Squad email scam

If you have been the victim of a Geek Squad email scam, here’s what you should do:

• Never do anything you are told if you have been in contact with scammers.
• Block the number you just dialed so that scammers won’t contact you again.
• If you have provided personal information, such as credit card information, contact your bank immediately and have your funds blocked.
• Immediately change your login information if you signed up through a link that scammers sent you from your email address. You should not use the same login information for multiple accounts, but unfortunately, many people do it anyway.
• If you’ve downloaded software or any files from email, delete them. Check your computer for viruses!

Download and install Anti-Malware by clicking the button below. After the installation, run a Full scan: this will check all the volumes present in the system, including hidden folders and system files. Scanning will take around 15 minutes.

After the scan, you will see the list of detected malicious and unwanted elements. It is possible to adjust the actions that the antimalware program does to each element: click "Advanced mode" and see the options in the drop-down menus. You can also see extended information about each detection - malware type, effects and potential source of infection.

Click "Clean Now" to start the removal process. Important: removal process may take several minutes when there are a lot of detections. Do not interrupt this process, and you will get your system as clean as new.

How to Avoid This Scam?

When you receive an email from Geek Squad and fear it may be a scam, you’ve done half the work of preventing it. Never send personal information by email or any other method. Likewise, don’t reply to the email or call the number listed. It would help if you remember some rules to avoid falling for scammers’ tricks: avoid clicking on links and do not download attachments. It’s better to delete the letter altogether, as well as to block the sender. To summarize, it can be said that ignoring a fraudulent Geek Squad email and blocking the sender is the best way to avoid many problems.

The post Geek Squad Email Scam appeared first on Gridinsoft Blog.

Since many of us are still isolated at home, losing access to Netflix is almost as unpleasant as shutting down the Internet. Thus, any email from Netflix claiming that your payment details didn’t go through can get your attention and encourage you to act hastily. Below, we explain how the Netflix trap works and how to recognize a Netflix scam email.

How to Spot Netflix Scam Email?

At first glance, the fraudulent letter looks pretty convincing. It begins with the Netflix logo and the phrase “Something went wrong,” which may seem familiar to those whose streaming show is interrupted at the most critical moment of the show. However, a closer look reveals clear signs that email has nothing to do with Netflix.

Signs of The Netflix Email Scam:

• The sender’s email address has a different domain and is different from the original Netflix.
• A generic address is used instead of your name, which signifies that fraudsters sent this email bulk to thousands of accounts.
• The email contains elements of urgency designed to create panic so that users act quickly. For example, losing access to Netflix could be a threat if you don’t update your payment details immediately.

Sometimes scammers make a decent attempt to mimic genuine Netflix messages, and they almost succeed. But, as with most fraudulent emails, one or two details are usually missing that show it’s not a genuine email. So let’s go over everything you need to know about Netflix scam text 2022, shall we?

How the Netflix Scam Email Works

There are several common scenarios, but it’s worth mentioning a few red flags, to begin with, that suggest how it works.

1. Netflix Payment / Subscription Issues

The email says you need to update your account status by clicking on the attached Netflix phishing email link. The link will take you to a fake Netflix login page, asking you to log in and provide your credit card information. This way, scammers get the credentials and can use them to hijack your account. You can also hover over the link (without clicking) to see the actual destination URL. Still, it may be hidden behind a short link, that says nothing about its content. That is not a common practice in machine-generated notifications, so you should not follow that link either. In some cases, an attachment is pinned to an email. Opening or downloading it can install malware on your computer. This could potentially be ransomware that can lock your device and encrypt files.

2. Netflix Reward / Gift Online Survey

Sometimes the message promises you an exclusive reward, but you must take an online survey to get it. This is how scammers lure you into clicking on a built-in button that takes you to a fake Netflix survey page. It goes on to say that you can win a free one-year Netflix subscription or other “exclusive reward” by taking a simple online survey. Sounds tempting. However, there is, of course, no gift. The ultimate goal of scammers is to elicit your personal information! They will record everything you enter on these fake pages and use it to do their dirty deeds. Don’t fall for this – NEVER share your credit card or other personal information online unless you are 100% sure the website is legitimate!

What Happens if You Click on the Email Scam Link?

First, an important note – do not try to do this from a work computer that has access to your company network and data. Such security mistakes, which are easy to avoid, usually cost companies dearly. The link from the fraudulent Netflix email leads to a landing page that looks very similar to the real one. Next, you are asked to log in with your login and password.

If you’ve entered your genuine credentials, the scammer will have everything they need to log into your account and take advantage of your personal information. This may not be critical for Netflix, but given how many of us are used to reusing the same old passwords repeatedly, it won’t take long for a scammer to try to log into more sensitive accounts. To prevent this from happening, we highly recommend using a password manager.

To ensure you are on a phishing page, you can do a simple trick – enter a non-existent username and password. The original site will give you an error that the account does not exist. In this case, even after entering random credentials, the website prompts you to update your payment details. However, nothing will change – all you typed or will type in the fields on that fraudulent page will be simply transferred to hackers.

What to Do If I Receive a Fraudulent Netflix Email Scam?

Fraudulent emails are an integral part of online life. Although the quality of spam email filters continues to improve, even with services like Gmail, Outlook, and sometimes it’s hard to stay ahead of every threat. However, a few simple actions can keep you safe.

Delete or report

The easiest thing to do is delete obvious fraudulent emails. However, if you feel like a good digital citizen, you can report them first. For example, you can use an exclamation mark icon or flag spam emails. You can also forward the email to the appropriate services, such as phishing@netflix.com. Finally, notify your IT administrator if you encounter fraudulent emails on your work email account.

Do not click the suspicious links

Never click on any of the links in a potentially fraudulent email. Instead, if you want to verify your account information, open a new window or tab and go to the actual website regardless of the links in the email. Clicking the scam message will notify the crooks that your account is active – and you will be spammed even more. Moreover, some tricky techniques include token stealing. If you go by a specifically designed link while being logged into your account on the device, crooks will intercept the token and will be free to manage your account.

Avoid attachments

It’s important to say that users are getting hooked on Netflix by phishing email, as sad as it sounds. Attachments are a clever way to disguise malware and spread threats. If you see an unusual attachment in an email that you don’t expect, never open it. Those are usually MS Office files that contain macros. They only contain a Netflix text scam that asks you to activate macros execution, which is disabled by default. Macros, in its turn, connect to the command and control server, and download malicious payload to your PC. Due to the vulnerability of macros execution mechanism, it easily circumvents the security solution.

Don’t update your payment information

Never update your financial or payment information when asked to do it in an email. Most companies warn you against this. For example, Netflix says: “We will never ask for your personal information in Netflix scam text 2022 messages or emails. This includes bank account details, credit or debit card numbers or Netflix passwords“. Services rarely break their own rules, so only these rows are enough to spot a scam.

Don’t reuse the same passwords

If you use the same password to log in to multiple accounts, attackers only need to crack one of your accounts to access all the others. The effective way is to use a password manager. All you need to remember is one master password. Then the password manager will store and enter complex passwords for you. It’s a simple, inexpensive, and secure way to manage multiple logins.

The post Trending Netflix Scam Email You Should Know appeared first on Gridinsoft Blog.

What are Telegram Scams?

Telegram scams are schemes that either operate within the Telegram app itself or lure users from the app to a dangerous third-party site. Scammers flock to Telegram because of its popularity and ease of use. All you need to sign up is a phone number. Scams range from traditional phishing schemes to sophisticated bot attacks masquerading as legitimate customer service agents. Here are examples of the most common methods of fraud in Telegram:

• Phishing attacks. A Telegram user is posing as someone the victim would trust (such as a friend, colleague, or support agent) to trick the victim into revealing their personal information.
• Off-Platform Fraud. Someone sends the victim a link or asks them to go from the Telegram platform to a “safer site”. Cybercriminals could use this site to steal your personal information or even infect your device with malware.
• An attack through a Telegram bot. Because Telegram allows users to create bot accounts, many fraudsters use them to target vulnerable legitimate accounts. In 2020, the resource administration blocked about 350,000 accounts of bots due to their use by fraudsters and criminals.
• Crypto fraud. Telegram has become a popular platform for people interested in cryptocurrencies and blockchain. Many cybercriminals target Telegram users. They aim to access their cryptocurrency wallets and transfer their bitcoins (BTC), Ethereum, and other coins to themselves.

These are just a few examples of high-level scams that users can find on Telegram. Unfortunately, scammers are finding new ways to commit fraud and steal personal information from unsuspecting Telegram users. Next, we’ll look at the Telegram scam methods you should be wary of.

Fake Telegram channels and groups

Telegram channels and groups are places where many like-minded people can get together and discuss topics that interest them. However, scammers often create “copycat” versions of popular channels to lure victims with false ones. These channels will look just like the ones they know. They may have similar names and profile images, the same anchored posts, and administrators with usernames identical to legitimate ones. You can also see much activity from “users” – actively chattering about promotions, quick-enrichment schemes, or supposed free prizes promoted by the channel. (Most of these channels target cryptocurrency investors with instant token sales before launching.) However, other users or administrators will soon start contacting the potential victim to get them to click the link or provide personal information, which they can use to steal identities or hack the account.

How to spot the scam

If you have been added (or joined) a new Telegram group, check if you can send messages. If there is no such option, this is a “broadcast-only” channel. This means that only administrators can post messages.

What to do:

• Report impostors or dangerous channels.
• Change your privacy settings to prevent everyone from adding you to new groups and channels.

Telegram Crypto Expert Scams

Telegram is probably the most popular messaging platform for people who are into cryptocurrencies and blockchain. But clever scammers have taken advantage of this fact and started posing as crypto experts on Telegram to lure coins, money, or logins from victims. Most of these scams promise a “guaranteed” return on your cryptocurrency investment. Scammers will post replies to comments on Twitter or contact the victim directly on Telegram, claiming they can provide a 50% return on investment. If the victim wants to connect, the scammers will ask to open an account at their “special” crypto exchange. They will also show charts and graphs demonstrating that the investment is increasing. However, when the victim tries to get their “earnings”, the scammer will disappear.

A man once sent $50 in bitcoins to exchange and soon made a $30 profit. He then told his friends, whom all invested their savings in the scam. But when his friends sent all the money in, the fake broker disappeared along with all the money.

How to spot the Crypto Expert Scam

The FBI estimates that about 25,000 people were victims of cryptocurrency fraud last year and lost nearly $1 billion. Suppose someone promises a “guaranteed” income or claims access to a “special” cryptocurrency exchange. In that case, these are all clear signs of Telegram cryptocurrency investment fraud.

What to do:

• Ignore anyone who claims a “guaranteed” return on any investment, especially cryptocurrency.
• Do not invest in “special” cryptocurrency exchanges, as they are often counterfeited.
• Never send money, cryptocurrency, or account information to someone you have only communicated with on Telegram or other messaging platforms such as Whatsapp.

Phishing with Telegram Bots

Since Telegram allows ordinary users to create and use bots on the platform, scammers couldn’t help but take advantage of it. Telegram bots operate natural language processing and AI to engage in realistic conversations, making it difficult to tell if you are being scammed. In one such scam, hackers used the SMSRanger bot to impersonate representatives of banks and companies like Apple Pay, Google Pay, and PayPal. Forums claim that such bots are about 80% effective if the user answers the call. Worse, anyone can access these bots for only $300 a month.

How to spot the Telegram Bots Phishing

Telegram bot scams show typical signs of phishing:

• Sense of urgency.
• Fake or strange phone numbers
• Grammatical and spelling errors
• Requests for confidential information

What to do:

Suppose you receive a phone call from somebody claiming to be from your bank, hang up and call the bank back using their official number. Likewise, scammers can spoof or disguise their number to make it look like it’s coming from someone else.

Remember: The company will never contact you via Telegram or any third-party messaging platform.

Telegram Tech Support Scams

Sometimes scammers create accounts that mimic legitimate support agents. They use bots to scan groups and channels for keywords and phrases and then contact victims claiming to be from the company. Along the way, they will start asking the victim for confidential information or demanding that they pay for “premium” support. Such accounts may contain realistic names (e.g., “Coinbase Support Chat”). They may even ask to manage your laptop to “fix” the problem remotely.

How to spot Tech Support Scams

If you are dealing with problems with a company or account, always contact them directly through official channels. Be wary of any account that contacts you first and offers support. Likewise, avoid those who charge for “premium” support or make you pay to “upgrade” your account. These are scammers.

What to do:

• Pay attention to the account’s username to see if it matches its displayed name.
• Block and report all suspicious accounts to both Telegram and the impersonator company.

Telegram Cryptocurrency Giveaways

Free prizes, sweepstakes, and raffles are some of the oldest types of scams. In these scams, a bot or user pretends to offer gifts from well-known companies (such as Amazon, Apple, or Venmo ) or cryptocurrency exchanges. However, to receive a prize, you must provide your banking information and personal details and pay a “commission”. Once you give the scammers what they want, they disappear.

How to spot the Cryptocurrency Scam

Although some companies run raffles and almost all require you to take some initial action, it’s likely that the raffle is a scam if you haven’t participated in any raffles. In such cases, it is best to contact the company directly to see if the drawing is genuine or not.

What to do:

• Never pay a “commission” to claim a prize, especially if you are asked to pay in cryptocurrency or through payment applications such as Zelle, Venmo, or Cash App.
• Block any accounts that contact you and claim to be offering a prize.

Fake Admin Accounts

Each Telegram username is unique. This prevents the scammer from exactly copying a pre-existing username. However, to pull off their dirty business, scammers create usernames that look similarly to the original. Such accounts can also contact the victim to “help” them after they ask a general question. In reality, scammers try to gain access to the account or lure the victim off the platform, where they can scam them with a phishing site.

How to spot the Fake Admin Scam

Pay attention to the account name and misspellings or permutations of letters in the name, especially if the username and display name don’t match. For example, “TichSupport” instead of “TechSupport”, or fake “BitgetToken” instead of “bitgetEN”. In some cases, the username may be hidden. Also, be careful of users who send you private messages rather than posting them publicly in a group. Private messages are a favorite tool of Telegram scammers, as these messages make it difficult to verify whom you’re communicating with.

What to do if you encounter Telegram scammers:

• Never share personal information or passwords in a direct message.
• Search the group to find messages from the user who contacted you. If nothing comes up, you’re probably dealing with a scammer.
• Report fraudulent accounts to both Telegram and the company you asked the question to.

Classiscam: Fake Classified AD scams

The “Classiscam” scheme is a Telegram bot scam that lured $6.5 million from victims. Criminals create fake listings for products such as laptops, cameras, and iOS devices on topical sites. The ad will ask the victim to contact Telegram to discuss the deal. However, when the victim sends them a message, there will be a connection to a bot designed to steal personal information.
Alternatively, the Telegram scammers contact directly on Telegram and then send the victim a link to their list. When the victim clicks on it, they will be taken to a page that looks almost identical to a page on Facebook Marketplace, Craigslist, or other sites. To complete the sale, the victim will be asked for personal information, including home address and credit card information.

How to spot Classiscam

Look for red flags of scams in online sales, suspiciously low prices, and sellers who refuse to meet in person or ask you to talk to them via Telegram. Look out for odd design details, spelling or grammatical errors, or an “unsecured” URL if you get to a site to make a sale. (A secure URL uses HTTPS and an unprotected one uses ” HTTP “)

What to do:

• Always try to review items in person or verify sellers before sending them payments or any information.
• Use only payment platforms that protect your money, such as PayPal or credit cards. Then, if you’ve been scammed, you’ll have a better chance of getting your lost money back through these payment methods.

“Pump And Dump” in Telegram Crypto Channels

In this scam, the Telegram channel owners try to manipulate the price of cryptocurrency with a large group of participants. The administrators claim to have “special” knowledge; they are trying to increase the value of an asset they own and then sell it before it collapses. Sometimes administrators charge a fee for VIP membership, which doubly hits their victims.

How to spot Pump And Dump

Many of these fraudulent Telegram channels call themselves “signaling groups”, one common sign of a scam is a sense of urgency. These groups often try to get you to act quickly without thinking and cause you to fear that you might miss out on a great opportunity. Remember the golden rule: If something seems too good to be true, it probably is.

What to do:

• Don’t be fooled by a sense of urgency. Always do your due diligence before investing.
• Look up the history of this group. How successful have they been in predicting price increases in the past?

Fake Job and offers over Telegram

Job scams are widespread on professional platforms such as LinkedIn; many use Telegram as one of their elements. Fake employers post lists of tempting jobs with high salaries and flexible work schedules. Their only requirement is that the victim adds “Hiring Manager” to Telegram. Once she contacts the manager, they will try to get the victim to provide confidential information or ask for payment for training materials.

How to spot the Fake Job Scam

Almost all fake job scams follow the same formula. The “Employer” will offer too perfect terms and demand that you contact him via Telegram for an interview. These fake scammers will ask for more information (like your SSN), which is also required for a legitimate job application. They may also ask you to pay for the training materials with your own money or a check they send you. Either way, you will never get a refund, or the review will be wrong.

What to do:

Look for signs that the job is a scam. This may include a short interview or no paperwork when the recruiter says you are “hired”.
Do not give recruiters personal or confidential information until you have seen the official contract and met with them in person.

“Friend in Need” scams

In this scam, scammers gather enough information about the victim’s friends or family, then approach and ask for financial help. For example, they may tell you that they have been in a car accident and need your use paying medical bills.

How to spot the “Friend in Need” scam:

Listen to the language they use. Does it sound like your friend? Are they misusing words or constructing sentences awkwardly? Also, could you pay attention to their sense of urgency? For example, would your friend ask you for this favor without context or explanation?

What to do:

• If you can, call this person by phone or another communication channel, and find out if this is true.
• If there is no way to call, ask questions that only a natural person would answer, such as details about recent collaborations (and that you didn’t write about online).
• If you confirm it’s a scammer, immediately block and notify the account owner of account hacking.
• Let your friends know so they won’t be targeted next time.

Telegram Romance Scams

Sometimes scammers engage in an online romance with a victim to gain trust. On Telegram, this often focuses on liaisons or sexual content. Many scammers will ask for gifts or money to cover expenses to come to the victim. A Reddit user once described chatting with a woman on Telegram who said she couldn’t meet because she needed to babysit. She requested a Steam gift card to be sent so her kids could be distracted (gift cards are often requested during scams because they are another form of currency that cannot be traced). Otherwise, scammers may ask the victim to send them photos or videos of a sexual nature, which they can then use to blackmail her.

How to spot a Romance Scam:

The caller can never meet in person, and he will always have excuses that prevent him from even making a video call. Instead, he will try to make the relationship more intimate as quickly as possible by sending sensitive photos (which are usually stolen from other accounts). However, the most important way to spot a scammer is when he asks for money.

What to do:

• Never, under any circumstances, send money to people you’ve only met on Telegram, regardless of what they tell you to do.
• Don’t give out too much personal information at once. Even simple questions about your family or work can be used to hack your accounts or brute force your passwords.

How To Prevent Telegram Scams

• Be as vigilant as possible of all links, even if your friend sent them.
• Configure your privacy settings. Once you create your Telegram account, ensure end-to-end encryption is enabled. Include a password or fingerprint ID and add two-step authentication (2FA) for extra security.

• Never share your login credentials. Don’t trust threatening messages purporting to come from Telegram, cryptocurrencies, banks, or any other websites that store your personal information.
• Update the phone number associated with your account. This will help confirm that your account belongs to you if you lose access.

The post Top 11 Telegram Scams in 2024 appeared first on Gridinsoft Blog.