Amazon Scam | A New Twist

Watch Out for Latest Amazon Scam

This new twist for the Amazon scam. It does not contain any links. It does have an attached file which I am sure includes malicious code.

Do you, your family and your employees know how to spot an email scam or phishing attempt? Someone who is an Amazon affiliate may just fall for this one. There are giveaways that are generally consistent with phishing or scams. This one is no exception.

The most glaring one is the from email address. While the shown name is Amazon Marketplaces which may fool some even though is says Marketplaces – should have been Marketplace. The actual email address is not from the Amazon domain., as shown below.

Amazon Marketplaces <reservations@thebistr********dale.com>

Your Amazon Seller Fees VAT Invoice for 6/2019-ID (New-ID: 112-5591137-4708119)-[05/2019]

Dear email.address.was.here,

Please find enclosed an electronic tax invoice for the month of 6/2019 in HTML format. Please note that this invoice is not a request for payment.

To review your account summary or request other copies of your tax invoices, please log into your Seller Central account.

If you have any questions, please contact Seller Support.

Best regards,

Amazon Payments Services

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Amazon Prime points scam

Scammers try everything like posing as Amazon Prime. With a subject line of ‘Your Amzon-Prime bucks  are expiring’ scammers attempt to elicit a response from unwary people. Once inside you find  they employ urgency to get and use your bucks before its too late.  All designed to get you to click on their link.

The link contains a script that will infect your system with malware. The malware may lay dormant for a long time and you will not even know its there. One day in the future you will be made aware that there is a problem with your device. By that time it is too late. The damage has been done. The malware may have gathered all of your personal info and sent it along to the scammer.

Then its, Congratulations! Your system has been hacked and your Identity has been stolen!

That is why it is so important to be ever vigilant when you are online. Emails and nefarious sites lurk in every corner of the web.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

You have a payment in process…

Email Phishing Scams

Below is an email that is just phishy..
FYI As usual, I have disabled URL’s

subject: $41,361.35 sitting in our payment queue

Hey there,

You have a payment in process and will be credited to your account soon…

Amount: $15,102.80

VERIFY PAYMENT NOW <http://pt5.abellacarl.trade/btrevc>

If this email was sent to you by mistake, please ignore it.

Good luck,

Alfie Bentley
Snap Cash Support

This is among the type of spam/scam emails which may catch the unsuspecting person by surprise. Regardless of whether or not it brings a person to a site that downloads any malware, it certainly has the potential to get you put onto another mailing list that may not be so benign.

Among the ‘suspicious’ items in this email is that the unsubscribe link is very far down the page that is full of blank space. It also has a supposed “Report Abuse” link that has the same url as the unsubscribe link as shown below.

Unsubscribe
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>  from this newsletter instantly.

Report Abuse
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>

I suggest simply marking this email as junk/spam and if need be block the senders address.

 

Cell Phone Security

Cell Phone SecurityThere are numerous way that bad actors can track your online usage. If you have ever clicked on an ad and then keep seeing the same ads following you around that is a very popular technique. Many people will put it off to just simple coincidence, but in reality it is far from that. All you have to do sometimes is visit a site and they have you.

This is bad enough on your computer at home but it gets even more creepy when they target your phone.

For the most part legit businesses target you and your surfing habits to make sales to you. This is  marketing. Unfortunately people with bad intentions also use these same methods as do website owners who feel they can scare you into buying something from them. This may be in the form of a pop up window telling you that your device is infected.

Often they will sound a warning siren and even give you a countdown telling you to not close the window and that you need to click on the button to remove the virus or malware. Don’t fall for it. If you do you will likely only be installing exactly what you are trying to get rid of. Close the browsers you have open and install a security app.

There is a simple and effective way to protect your phone however. Install security software or apps. I personally would suggest first checking out what your wireless carrier has to offer. Quite often you can get a security package for free or a few dollars a month added to your monthly bill.

If your carrier does not offer a security service then you can check Google Play Store for a suitable app. You can also try the standard AV/AM providers such as Norton, McAfee, BitDefender or others. Just make sure you do your homework and you will be safer and happier.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

You have been hacked phishing scam and extortion email

This email is particularly bad. In its first iterations I believe it was actually a copied and pasted text where the scammer threatened to proliferate a questionable behavior of you. The claim to have your password and email login info by claiming they sent the email from your own account. They basically just spoofed your email address to make it look like it was sent from your account. Email spoofing is a relatively easy thing to do and it happens more than you think.

This scam in its more recent versions actually have a picture of the email text. They show your their bitcoin account number telling you that you need to deposit bitcoin crypto currency into that account.  They say that it is case sensitive and to avoid making a mistake you should just copy and paste the account number. As soon as you attempt to copy the number to either send them their ‘ransom’ or report them to bitcoin, they have you. The picture has embedded code in it that automatically downloads malicious program to your computer.

There is yet another twist in this scenario. The twist is that many of us today constantly use our cell phones to read out emails. Many cell phones automatically begin downloading images, attachments and other media as soon as you download the email. So many times you don’t have to read or even open the email to have your mobile device compromised.

To help protect from this kind of attack make sure your phone and other devices have the most recent updates for all programs and apps. Also make sure that your anti-malware and anti-virus definitions are up to date.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Phone Phishing Scammers are Getting Better at Their Craft

If you own a mobile phone, which almost EVERYONE does, you have likely noticed a huge increase in the number of spam calls that you get. The failed Do Not Call system if considered pretty much a joke by everyone. The thing you may not know is the scammers and phone phishers are baiting the hook and you are the target. You can no longer rely on Caller ID to correctly identify any number that calls your number. So what do you do? Use your common sense and these tips to prevent falling victim to these attempts to take advantage of you.

.Mobile phone

1. Legitimate companies will rarely call you and leave their number for you to cal back on. This is one of the biggies. Legit companies that you do business with will likely just leave a message for you to get in touch with them as soon as possible regarding your account. They may tell you to call the number on the back of the card or on your invoice or bill.

2. Phone numbers are easily spoofed. If you do answer the call because caller ID displays a number and the name of the company i.e. (555)555-5555 Wells Fargo, you cannot rely on that information your phone provided you. If it is legit the person on the other end should have no problem if you tell them that you will call them back with the number on the back of the card or on the bill.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

3. Never confirm information to an incoming caller. They are likely to have some of your information that they found online by scraping social media or other sources. They may even have the last four digits of your Social Security Number or even the Credit Card. Just because they know some of the right information doesn’t mean they are a legitimate company representative. Once again they should not have any problems with you calling back. Just ask them for a ticket number so that when you call back you can reference it to the rep who you talk to. Also ask them to make a note in your account that you will call back. If it is a legit call, they should appreciate your caution.

4. If you are expecting a call back from a company let them know that you will get back to them immediately and again request a reference number or ticket number and maybe their representative number.

5. Don’t fall victim to implied urgency. Often a scammer will threaten to cancel your account or proceed with legal action if you do not comply by answering their inquiries. Again revert to telling them you will call them back. Ask for their name or rep number. Then call back the company on a number that you have in your possession.

There are many sad stories of people who have been victimized by phone scams. The scammers are honing their craft every day and targeting unwary people with faked numbers and ID, false urgency and threats.

Don’t become a statistic. Follow the simple steps above and you will be a bit more secure in your dealings with legitimate companies you deal with and can avoid costly mistakes.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Microsoft Announced Email Breach

Microsoft Announces Email Breach.

On April 13 Microsoft announced there was a security breach that affected email accounts of people using MSN, Outlook and Hotmail. The best course of action is to immediately change your password. This also opens the door for a very targeted phishing campaign. One that preys on unsuspecting victims who may or may not have been involved in the initial breach.

Please remind your employees, friends and family members to be vigilant. Also let them know how to spot legitimate password reset options and phishing attempts.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Microsoft Grant phishing scam

MICROSOFT GRANT NOTICE!!!   REFERENCE#: MAT3388118455

You have won $1 Million from the Microsoft Grant Donation

Even though you and I may think this is really just a silly attempt and would immediately delete it, many others who may not be quite so savvy may just click the link and possibly get malware, spyware or even ransomware covertly installed on their device. It could possibly even happen to you, perhaps your son or daughter visited the link while using your computer to do their homework.

This is why it is so important to implement a Cyber Security Awareness Program in your company. Not only will it help secure your business but it may avert a nightmare being perpetrated on your employees and their families.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Verizon Phishing scam

Expertly-crafted Verizon phishing scam

A phishing scam has been launched against Verizon mobile customers. This attack which is very well crafted, directs people to login in order to claim a discount. This attack uses over 70 fake Verizon domains and fake login pages. Its designed to lure legitimate Verizon customers to visit the fake login pages and attempt to log in. When they do their username, password is obtained as well as their phone numbers. This allows the scammers to take control of the account.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Insta-Gram Phishing Scam

This phishing email scam informs users that their account has been or will be suspended and is currently pending deletion due to a copyright infringement violation. It informs the user they must visit the link provided (spoofed) and log in to appeal the decision in order to avoid permanent account deletion.  When the user visits the link and logs in their username and password are stolen.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE