Sign up for our Newsletter!

Victims pay $80 million every month to a scam phishing network

Researchers discovered a sophisticated phishing attack that costs millions of people across the world over $80 million per month.

The campaign, according to security firm Group-IB, targets consumers in over 90 countries, including the United States, Canada, South Korea, and Italy. It sends out bogus surveys and incentives from well-known companies in order to acquire their personal and financial information.

According to the business, a single network targets over 10 million victims and 120 companies.

Fraudsters lure their victims in by sending out invitations to participate in a survey in exchange for a prize. Each of these offers includes a link to the survey's website. Threat actors exploit all acceptable digital marketing methods for 'lead generation,' including contextual advertising, advertising on legal and fully illegal sites, SMS, and mail-outs.

In order to gain trust from their victims, scammers register domain names that are similar to the legitimate ones. They were also seen updating links to the calendar and making social media postings on a less frequent basis. After visiting the targeted link, the user enters a process known as traffic cloaking, which allows cybercriminals to show different material to various users based on user attributes.

While the victim is being sent to this 'branded survey,' information about their experience is being gathered and used to personalize a final harmful link that can only be opened once, making it more difficult to detect and shut down the scam.

At the end of the process, the user is asked to answer questions in order to get a reward from a well-known brand and to fill out a form that requests their personal information, which is reportedly required to receive the prize.

Full name, email, postal address, phone number, and bank card details, including expiration date and CVV, are normally required.

Dmitriy Tiunkin, the vendor's head of digital risk protection in Europe, called the current situation a "scamdemic."

The business discovered 60 separate networks, each with over 70 domain names, executing similar targeted linkages.

Four Steps To Protect Yourself From Phishing

1. Use security software to keep your computer safe. Set the software to automatically update so that it can handle any new security threats.

2. Set your phone's software to update automatically to keep it safe. These upgrades may provide you with vital security protection.

3. Multi-factor authentication is a good way to keep your accounts safe. Some accounts provide additional security by needing two or more credentials to log in. Multi-factor authentication is the term for this. There are two types of additional credentials you'll need to log in to your account:

  • Something you have — like a passcode you get via an authentication app or a security key.

  • Something you are — like a scan of your fingerprint, your retina, or your face.

If scammers do gain your login and password, multi-factor authentication makes it more difficult for them to log in to your accounts.

4. Back up your data to keep it safe. Make a backup of your data and make sure it isn't connected to your home network. Your PC files can be copied to an external hard drive or cloud storage. Back up your phone's data as well.

How To Report Phishing

If you got a phishing email or text message, report it. The information you give can help fight the scammers.

Step 1. If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).

Step 2. Report the phishing attack to the FTC at ReportFraud.ftc.gov.

 

 

 

For more information on optimizing your IT and securing your network, contact RCS Professional Services to speak with an IT professional or visit our website www.rcsprofessional.com.

*source: https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams 

Popular posts from this blog

How to Generate and Edit DALL-E 3 Images in Microsoft Copilot

2023 was a pivotal year for advancements in AI, setting the stage for continued innovation in 2024. Following the success of OpenAI's ChatGPT, major tech companies have integrated AI into their products, enhancing functionality and user experience. Microsoft has been at the forefront, introducing AI capabilities into its various platforms, including the Microsoft Copilot, an AI assistant that has become a game-changer for professionals.

Use the ‘Transparent Note’ App to Get Through Your Next Virtual Meeting or Interview

We're not superhuman, and no matter how hard we try to memorize every talking point or question, we can't work at our best without a little help. Even yet, it appears more impressive, especially on video conversations, if we never have to look away from the camera when interviewing or presenting. Finding a means to glance at both your notes and the video conference at the same time is the solution. We've discovered an app that can assist you with this: It's called Transparent Note, and it's not a play on words.