Amazon Scam | A New Twist

Watch Out for Latest Amazon Scam

This new twist for the Amazon scam. It does not contain any links. It does have an attached file which I am sure includes malicious code.

Do you, your family and your employees know how to spot an email scam or phishing attempt? Someone who is an Amazon affiliate may just fall for this one. There are giveaways that are generally consistent with phishing or scams. This one is no exception.

The most glaring one is the from email address. While the shown name is Amazon Marketplaces which may fool some even though is says Marketplaces – should have been Marketplace. The actual email address is not from the Amazon domain., as shown below.

Amazon Marketplaces <reservations@thebistr********dale.com>

Your Amazon Seller Fees VAT Invoice for 6/2019-ID (New-ID: 112-5591137-4708119)-[05/2019]

Dear email.address.was.here,

Please find enclosed an electronic tax invoice for the month of 6/2019 in HTML format. Please note that this invoice is not a request for payment.

To review your account summary or request other copies of your tax invoices, please log into your Seller Central account.

If you have any questions, please contact Seller Support.

Best regards,

Amazon Payments Services

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Do you WannaCry

Do you WannaCry?

WannaCry Ransomware

Just the other day I wrote an article about the Top 5 Excuses why businesses do not have a cybersecurity program in place. In that article I mentioned the WannaCry ransomware worm that grew to a worldwide threat in record time.

Guess what?

It’s back. WannaCry aka WannaCrypt 2.0, is back and it is reported to have infected over 75.000 users in Europe on Saturday. That number grew to more than 200,000 by Sunday.

“Wannacry is by no means the biggest threat ever, but my nature (using recent windows vulnerabilities) it targets organizations who set low priorities for IT security, such as hospitals. Historically, only a small percentage of victims pay up. The majority of the damages are in lost productivity or even lost revenue due to customers facing processes breaking.”
WannaCry: What You Need to Know www.securelink.net

Are You a Target

The primary targets are the low hanging fruit businesses. Those who put low priority on securing their systems. At first the criminals were asking a mere $300 to unlock your files. They seem to be upping the ante’ as time passes.  There have been 3 bitcoin accounts identified to be connected with this attack. The criminals had collected in excess of $35,000 by Sunday. I am sure that number has increased dramatically since.

How Big is Your Bankroll?

How much lost revenue can you afford to lose because your customer facing systems are locked down. Your employees, their families and your own family can also be easily affected. What will it cost then? If you do pay their ransom do you really believe you are free from the grips of the perpetrators? It seems to me they will own you forever. Well, at least until a fix is released, maybe.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Amazon Prime points scam

Scammers try everything like posing as Amazon Prime. With a subject line of ‘Your Amzon-Prime bucks  are expiring’ scammers attempt to elicit a response from unwary people. Once inside you find  they employ urgency to get and use your bucks before its too late.  All designed to get you to click on their link.

The link contains a script that will infect your system with malware. The malware may lay dormant for a long time and you will not even know its there. One day in the future you will be made aware that there is a problem with your device. By that time it is too late. The damage has been done. The malware may have gathered all of your personal info and sent it along to the scammer.

Then its, Congratulations! Your system has been hacked and your Identity has been stolen!

That is why it is so important to be ever vigilant when you are online. Emails and nefarious sites lurk in every corner of the web.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

You have a payment in process…

Email Phishing Scams

Below is an email that is just phishy..
FYI As usual, I have disabled URL’s

subject: $41,361.35 sitting in our payment queue

Hey there,

You have a payment in process and will be credited to your account soon…

Amount: $15,102.80

VERIFY PAYMENT NOW <http://pt5.abellacarl.trade/btrevc>

If this email was sent to you by mistake, please ignore it.

Good luck,

Alfie Bentley
Snap Cash Support

This is among the type of spam/scam emails which may catch the unsuspecting person by surprise. Regardless of whether or not it brings a person to a site that downloads any malware, it certainly has the potential to get you put onto another mailing list that may not be so benign.

Among the ‘suspicious’ items in this email is that the unsubscribe link is very far down the page that is full of blank space. It also has a supposed “Report Abuse” link that has the same url as the unsubscribe link as shown below.

Unsubscribe
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>  from this newsletter instantly.

Report Abuse
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>

I suggest simply marking this email as junk/spam and if need be block the senders address.

 

You have been hacked phishing scam and extortion email

This email is particularly bad. In its first iterations I believe it was actually a copied and pasted text where the scammer threatened to proliferate a questionable behavior of you. The claim to have your password and email login info by claiming they sent the email from your own account. They basically just spoofed your email address to make it look like it was sent from your account. Email spoofing is a relatively easy thing to do and it happens more than you think.

This scam in its more recent versions actually have a picture of the email text. They show your their bitcoin account number telling you that you need to deposit bitcoin crypto currency into that account.  They say that it is case sensitive and to avoid making a mistake you should just copy and paste the account number. As soon as you attempt to copy the number to either send them their ‘ransom’ or report them to bitcoin, they have you. The picture has embedded code in it that automatically downloads malicious program to your computer.

There is yet another twist in this scenario. The twist is that many of us today constantly use our cell phones to read out emails. Many cell phones automatically begin downloading images, attachments and other media as soon as you download the email. So many times you don’t have to read or even open the email to have your mobile device compromised.

To help protect from this kind of attack make sure your phone and other devices have the most recent updates for all programs and apps. Also make sure that your anti-malware and anti-virus definitions are up to date.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Microsoft Announced Email Breach

Microsoft Announces Email Breach.

On April 13 Microsoft announced there was a security breach that affected email accounts of people using MSN, Outlook and Hotmail. The best course of action is to immediately change your password. This also opens the door for a very targeted phishing campaign. One that preys on unsuspecting victims who may or may not have been involved in the initial breach.

Please remind your employees, friends and family members to be vigilant. Also let them know how to spot legitimate password reset options and phishing attempts.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Microsoft Grant phishing scam

MICROSOFT GRANT NOTICE!!!   REFERENCE#: MAT3388118455

You have won $1 Million from the Microsoft Grant Donation

Even though you and I may think this is really just a silly attempt and would immediately delete it, many others who may not be quite so savvy may just click the link and possibly get malware, spyware or even ransomware covertly installed on their device. It could possibly even happen to you, perhaps your son or daughter visited the link while using your computer to do their homework.

This is why it is so important to implement a Cyber Security Awareness Program in your company. Not only will it help secure your business but it may avert a nightmare being perpetrated on your employees and their families.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Verizon Phishing scam

Expertly-crafted Verizon phishing scam

A phishing scam has been launched against Verizon mobile customers. This attack which is very well crafted, directs people to login in order to claim a discount. This attack uses over 70 fake Verizon domains and fake login pages. Its designed to lure legitimate Verizon customers to visit the fake login pages and attempt to log in. When they do their username, password is obtained as well as their phone numbers. This allows the scammers to take control of the account.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Insta-Gram Phishing Scam

This phishing email scam informs users that their account has been or will be suspended and is currently pending deletion due to a copyright infringement violation. It informs the user they must visit the link provided (spoofed) and log in to appeal the decision in order to avoid permanent account deletion.  When the user visits the link and logs in their username and password are stolen.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

American Express phishing scam attack

Microsoft’s Windows Defender Security Team discovered a phishing scam designed to obtain American Express cardholders sensitive information. It alerts the  card holder that unusual activity has been detected on their account. It gives a link that requires them to provide personal information in order to identify themselves in order to verify their accounts.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE