Computer and Technology Crime High-Tech Response Team
A new wave of phishing scams has circulated throughout the internet. It involves phishing employees with a website that is similar or almost
identical to payroll portals or payroll service providers. It's a sophisticated scam that starts with an official-looking email that asks you to click a link and access a website. Next, they ask you to confirm with data of your real username and password. They use your info to access payroll portals, and reroute your direct deposits to other bank accounts. Never give your credentials in an email... Think before you click!
Here is a scenario provided by Lexology from Ogletree Deakins by Rebecca J. Bennett and Danielle Vanderzanden:
Bennet and Vanderzanden have the following advise:
"The threat actors are doing substantial due dillgence on the social engineering side of things, and these e-mails look real. In many circumstances, they are effectively spoofing the sender's account and employers are learning of the scam when employees begin reporting that they did not receive their direct deposites. By then, the damage has been done."
Cyber criminals have stolen 143 million credit records in the recent hacking scandal at the big-three credit bureau, Equifax
At this point you have to assume that the bad guys have highly personal information that they can use to trick you
You need to watch out for the following things:
Here are 5 things you can do to prevent identify theft:
Think Before You Click!
To keep updated with current scams, The Federal Trade Commission (FTC) provides scam alerts you can sign up for via email.
These scam alerts include information on what to know and what to do about the latest scams.
For more information visit:
According to the Internal Revenue Service (IRS), phishing is a scam carried out through phone calls, unsolicited email and/or websites that pose as legitimate sites to lure unsuspecting victims to provide personal and financial information.
Here are some current examples of phishing:
If you receive a phone call, email message, or any type of contact from the Internal Revenue Service (IRS) regarding your personal or financial information it is a scam
The IRS will never initiate contact with the taxpayer by email, text message or social media to request personal and financial information
To report phishing please call: (800) 366-4484 or visit: https://www.irs.gov/uac/Report-Phishing
Here are current tax scams in relation to phishing: https://www.irs.gov/uac/Tax-Scams-Consumer-Alerts
TECH SUPPORT SCAMS
Tech support phone scams are when cybercriminals call claiming to be from either Microsoft or any company that provides some type of computer support services. They offer to help resolve any complications with computers or even sell a software license. If given access to a computer, the cybercriminals are able to install malicious software that could steal sensitive information or download software that will allow them to take over your computer. A request for credit card information will be asked to bill you for their "services."
Microsoft does not make unsolicited phone calls. For more information regarding tech support scams please visit:
Ransomware is malware that locks a computer and shows a warning demanding a payment to unlock the computer. When a computer is locked, it is typical for the ransomware warning to state that there has been a violation of federal law, while also displaying a logo from a government agency. Do not pay the ransom! Report ransomware to the Internet Crime Complaint (IC3):
For Further Information on Internet Crime Complaint: https://www.ic3.gov/default.aspx
You may need to seek the services of a computer specialist to look at your computer and remove the ransomware.
For more information on ransomware please visit:
The arrest warrant scam is when a cybercriminal sends a victim a fake arrest warrant, via email or fax, stating a federal law enforcement officer or an attorney of a government agency wants to arrest them with charges such as money laundering, bank fraud, or missing jury duty.On the arrest warrant, it states to send money to avoid arrest. A valid warrant would be served in person by a U.S. Marshal or other law enforcement officer. Do not send money!
Report arrest warrant scams to the Federal Bureau of Investigation (FBI) or the U.S. Marshals Office.
U.S. Marshals Office