PHISHING ATTACKS ON TELECOMMUNICATION CUSTOMERS RESULTING IN ACCOUNT TAKEOVERS
The Internet Crime Complaint Center has received numerous reports of phishing attacks targeting various telecommunication companies’ customers.
Individuals receive automated telephone calls that claim to be from the victim’s telecommunication carrier.
Victims are directed to a phishing site to receive a credit, discount, or prize ranging from $300 to $500.
The phishing site is a replica of one of the telecommunication carrier’s sites and requests the victims’ log-in credentials and the last four digits of their Social Security numbers.
Once victims enter their information, they are redirected to the telecommunication carrier’s actual website.
The PHISHING subject then makes changes to the customer’s account.
The IC3 urges the public to be cautious of unsolicited telephone calls, e-mails and text messages, especially those promising some type of compensation for supplying account information. If you receive such an offer, verify it with the business associated with your account before supplying any information. Use the information supplied on your account statement to contact the business.
If you have fallen victim to this scam, immediately notify your telecommunication carrier and file a complaint with the IC3, http://www.ic3.gov/
Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money
11/30/12—A new extortion technique is being deployed by cyber criminals using the Citadel malware platform to deliver Reveton ransomware. The latest version of the ransomware uses the name of the Internet Crime Complaint Center to frighten victims into sending money to the perpetrators. In addition to instilling a fear of prosecution, this version of the malware also claims that the user’s computer activity is being recorded using audio, video, and other devices.
As described in prior alerts on this malware, it lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law. The message further declares that a law enforcement agency has determined that a computer using the victim’s IP address has accessed child pornography and other illegal content.
To unlock the computer, the user is instructed to pay a fine using prepaid money card services. The geographic location of the user’s PC determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction.
Identity Theft, Scams, and Fraud are likely to swell during this season. BUT, they don’t have to!
The FBI, in partnership with the Merchant Risk Council (MRC), would like shoppers to be informed of the common scams that affect consumers and E-commerce.
This is just a Reminder to be Careful Shopping Online.
Deal with the legit companies that you’re completely sure about,
Stay away from Too Good To Be True Offers,
Don’t open unsolicited eMail (spam),
Never provide credit card numbers,
Bank account information,
Personally identifiable information or
Never Wire money to a person who advertises items on these sites at a too good to be true price.
Phishing and scam e-mails, text messages or phone calls
e-Mails, texts or phone calls will look or sound like they are coming from a well-known retailer, stating a need to “verify” the full credit card number you used for a purchase or ask you to click a link to update personal account information.
If you receive an e-mail that asks you to click a link to verify information, delete it.
“One Day Only” websites featuring the sale of a “hot item”
Postings of popular items for free or drastically reduced prices
Purchasing any new product or gift card on an auction or classified advertisement site where the price is significantly lower than any sale prices in retail outlets
“Work from home” offers, to act as a private reshipper, often fronting the shipping costs on behalf of the fraudster
Many times, fraudsters will post a popular item to obtain this information, and the goods will never be mailed, but your card or identity will be used fraudulently later – otherwise known as Identity Theft!
If you make a purchase from these sites, we encourage you to check a seller’s ratings and feedback to ensure he or she is reputable.
Hi Everyone,Please read the following from the FBI.
I’m sure pretty much everyone received it, but if not … at least you can reference it here.
DNS – Domain Name System – is an Internet service that converts user-friendly domain names, such as http://www.fbi.gov, into numerical addresses that allow computers to talk to each other. Without DNS and the DNS servers operated by Internet service providers, computers would not be able to browse web sites, send e-mail, or connect to any Internet services.
Criminals have infected millions of computers around the world with malware called CNSChanger which allows them to control DNS servers. As a result, the cyber thieves have forced unsuspecting users to visit fraudulent websites and made their computers vulnerable to other kinds of malicious software.
Check your computer’s DNS settings. If you’re a victim of the DNSChanger malware, you can register with the FBI at this link here: https://forms.fbi.gov/dnsmalware