Wednesday, March 10, 2021

More and Better Scams Featuring Social Engineering - Coming Soon to a Computer Near You


The scams just keep coming, and the social engineering part of some of them are pretty amazing.

At the heart of getting you to do something you normally would NOT do, scammers frequently want to catch you off guard.  They can do this in a number of ways, but one of the most reliable is what I've heard called "The Impending Doom Scam".  This is where they threaten you with something bad if you don't react immediately.  This catches you at a moment where everything seems find and then... bam!  They hit you with a horrible potential outcome... such as impersonating the power company and telling you they are shutting you off in 6 hours *unless* you pay immediately.  Things like that can create such a panic in the victim that they turn over credit card info or direct withdrawal bank info without even considering how dangerous that could be.

I had an interesting one lately and I wanted to share it.  We received an email through the office website that claimed to be from a professional photographer.  This person claimed we were using their copyrighted photos on our website.  The panic button was the fact that this person was threatening copyright infringement lawsuit.  They did NOT ask for money, which was the IMO clever part of the scam  Instead they included a link to website that showed the photos in question as the property of the photographer.

If an unsuspecting victim was surprised by this, chances are most likely they would click on the link to see what photos this person was talking about.  However, clicking on the link takes the victim to a website where, in the background, a file is downloaded and executed on the victim's computer which then allows the scammers to control the victim's computer, steal passwords, banking info, etc without the victim even being aware of it.

It's a clever scam and one that many people will probably fall for.  Whether this is something being perpetrated against dental offices or everyone, I don't know.  However I felt the need to make others aware of it.

No comments:

Post a Comment