After a lovely Labor Day weekend spent grilling, eating and celebrating with friends, I received an email early Tuesday morning from a worried client who was sent a very upsetting email over the weekend. It greeted them by name and opened with a single sentence, “I know that visiting [client’s address] would be a more convenient way to reach if you don’t cooperate,” and followed with another partial sentence, “Beautiful neighborhood btw,” and included a picture of my client’s home and then a PDF attachment that supposedly included further instructions. Despite missing a word, this email was threatening and clearly menacing. It was also fake.
What this means for you
At first glance, my gut reaction was to tell my client to report this email to the local authorities and maybe look into getting out of town for a few days. As written this was a very thinly veiled threat – if someone were to receive this email in a movie or TV show, it would most certainly be a prelude to some good ole-fashioned Hollywood violence and terror. On a hunch, I opened up Google Maps Street View and punched in my client’s address. A quick flick of my wrist on the camera angle revealed the exact picture used in the email, cropped to remove the various overlays that would have otherwise significantly detracted from the implied threat. Clearly the sender (most likely just another bot powered script) was trying to pull a fast one by getting the recipient to open the PDF, which would most likely lead to a phishing prompt. “It’s fake,” I typed in a quick email to the client, and then went about my day, where, within the hour, I encountered the same type of email received by another colleague over the same weekend. The scammers have a new toy, and I’m betting it’s a money-maker for them.
Here’s my thinking on this: regardless of the contents of the email, or who it’s from, you should NEVER open an unexpected attachment (or link) unless you can confirm the contents in some other way than opening the actual attachment. It is beyond common for email accounts to get compromised and the first thing hackers do when they bag an email account is to immediately spread to that account’s contacts within minutes of gaining access. Their success counts on rapid, undetected spread and rely on the built-in trust that emails sent by a known contact inherit. Even the best email filters available are always playing catchup to the latest scam techniques like the fake extortion email from above, so there will always be ill-intentioned emails that will get through despite your mailbox being protected by “enterprise-grade” security. As always, anything built and maintained by humans will be fallible, and as the threats on the internet get increasingly dangerous, even fake extortion phishing emails can end up doing real damage. Stay vigilant and always ask for a second opinion on things like this. While it can be exhausting sometimes to be on the receiving end of the countless questions people have, every time I keep someone safe for even one more day makes it all worth it.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
You may have already come across this strain of malware before: a big, official looking notice pops up on your screen accusing you of software piracy. You are offered the opportunity to pay your “fine” online, which appears to be the only way to remove the notice and get back the use of your computer. This form of extortion scam is known as “scareware” and has been around for years. Most technology users are savvy enough these days to no longer fall for this particular tactic, but a new form of scareware accusing users of viewing child pornography is now circulating that is giving even the most hardened malware veterans cause to pause. As you can imagine, being accused of this particularly heinous activity puts potential victims into the uncomfortable position of sharing this with someone else, something that they may be willing to avoid by paying what now may seem like a reasonable “fine”. Cybercriminals are counting on the squeamish and privacy-conscious nature of most people in this regard, and it’s likely we’ll see a huge uptick in this type of scareware tactic.
What this means for you:
No law enforcement agency in the United States issues fines via the internet, and they certainly don’t hold your computer hostage until the fine is paid. If your computer is infected with a scareware virus, immediately disconnect it from the network and contact your IT department or technology consultant, regardless of what you are allegedly accused of doing by the scareware notice. Any IT professional worth a darn will be intimately familiar with this particular type of malware and should be able to remove it from your computer, BUT, depending on the level of infection, your data and identity may be at risk, as well as your personal information, especially if you’ve accessed online bank accounts or other sensitive online information. You’ve backed up your important data on that computer right? Because many times, it’s easier to wipe a computer completely clean and start with a fresh operating system rather than cleaning up a malware infection. This is yet another reason in a long list on why you should be backing up your data regularly.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net