Halloween is a few short days away, and under the cover of the dark web, cyber criminals are refining their sinister methods. And they’re only getting more sneaky and destructive.
Here are three of their most common tricks and how you can avoid getting fooled.
1) You get a dreadful call that your computer is infected
You receive a call from someone disguised as a technician who claims your computer has a virus, and for $300 they can fix your problem by accessing your machine.
You provide your payment information and login credentials, and it appears that the tech is “fixing” your computer. In fact, they are either doing absolutely nothing, or downloading malware to transmit your personal and financial information. Scary, right?
How do you prevent this menacing scam?
- •Document the phone number of the caller and their name
- •Hang up
- •Block their number from calling again
- •Submit your number to the National Do Not Call Registry
- •Report the matter to the (IC3), which collects and follows up on this information
No reputable computer security company or software firm calls to inform anyone that they have a computer virus. Normally, your firewall will prompt a message prior to accessing a bad file or site, and your anti-virus software will scan and fix your files automatically.
2) You receive a shocking email
An email pops into your inbox with a subject line that says, “Your payment of $4,890 to PayPal has been approved,” or, “I am NOT paying this invoice.”
You can’t resist the urge to open it; it might seem like you’re on the hook for a lot of money or being accused of something you didn’t do.
Emails with subject lines like these are remarkably successful in luring their victims into opening them. The real danger lies in the links. Clicking on these could open the door to malicious software, with ransomware being the usual suspect.
How to prevent this sinister scam?
- •Beware of signs that an email is malicious or fraudulent
- •Delete the email
- •If this happens at work, alert the appropriate person or department, so other employees can be warned and protected
3) You are tricked into transferring funds by an imposter
A Business Email Compromise (BEC) scam usually starts off with an email that makes a pressing demand. It appears to come from an executive or trusted vendor who is unavailable to confirm the demand.
The sender demands that you transfer funds immediately to facilitate a deal or to pay an invoice. The receiver may be deceived by the sender’s inside information, such as details of a pending deal or specific relationship.
How to prevent this nefarious scam?
- •Watch for emails that demand you make a funds transfer, change vendor information, or supply personal or financial information
- •Before taking action, confirm the request verbally, either by phone call to a known number or in person
- •Alert the appropriate internal contact so that preventive actions can be taken, such as blocking the scammers and raising co-workers’awareness
- •Report the attempt to the IC3 on their website.
For information only. Not applicable to all situations. Original version of this article written by Monique Ferraro, Counsel Cyber Practice at Hartford Steam Boiler, can be found on their blog.