Scam of the Week: A New Type of Tech Support Fraud

We have found an uncommon phishing email which will hit your user’s inboxes soon. Many of the big service providers such as Google, Microsoft, Amazon, Twitter, PayPal etc. send out a security alert via email warning of a possible security-related activity such as “unusual sign-in activity”.

Similar emails have been used for password phishing for almost a decade, however, now these security alerts are being used as a new attack method for a technical support scam.

This new scam involves pointing the victim to an 800 number where the actual cybercriminal picks up the telephone or is sent to voicemail for a fraud call follow up. Below is a link to download the actual recorded phone call where one of our well trained clients speaks to the actual criminal and did not fall for the scam.

https://www.icssnj.com/phone_phish.mp3

If you call the 800#, several things may happen:

1) You get to talk right away with a real internet criminal, usually with a foreign accent, that tries to scam you. They claim there is a problem with your computer, "fix" it, and ask for your credit card.

2) You get sent to voice mail and kept there until you hang up, but your phone number was put in a queue and the bad guys will call you and try the same scam.

Remember, if you get any emails that either promise something too good to be true, OR looks like you need to prevent a negative consequence, Think Before You Click and in this case before you pick up the phone.

If you decide to call any vendor, go to their website and call the number listed there. Never use a phone number from any email you may have received.

Please feel free to reach out to us if you would like to learn more about our security awareness training program.