Caller ID spoofing — electric company warning

 Computer, General, News  Comments Off on Caller ID spoofing — electric company warning
May 072017
 

I’ve written about this before: whether it’s at your front door or on your phone or on your computer, scammers use the same tricks. In this case, spoofing their identity. Southern California Edison send out this email notice last week.

***

Subject: Important message from SCE: Beware of caller ID spoofing

That ‘Southern California Edison’ phone call may not be legitimate.

For your security, never give out your personal information, such as your SCE account number, Social Security number, credit card information or PIN number.

We have recently experienced an increase in reports of caller ID spoofing, a practice in which special phone equipment falsifies information on your caller ID display. Calls may appear to be from SCE, when in reality the caller has no association with SCE and may try to sell you products, collect personal information or say your electric bill is past due when it’s not.

Common red flag warnings related to spoofed phone calls:

  • Calls were made multiple times per day
  • Callers asked about customer’s usage, meter or other personal information
  • Customers were provided recommendations for purchasing alternative energy products

Tips to help protect yourself from caller ID spoofing scammers:

  • SCE will not send solar representatives to your home, nor do we have solar companies contact anyone by phone.
  • SCE will never ask for credit card information, a prepaid card such as Green Dot or electric usage information over the phone.
  • Do not use a call back number provided until you confirm it is an SCE number listed on your bill or the Contact Us page on sce.com.

Please know that we take your privacy seriously and make every effort to protect your information. For additional red flag warnings and tips to protect yourself, please visit sce.com/scamalert.

If you believe you are the recipient of a spoofing call, contact SCE Information Governance at csinfogov@sce.com.

Sincerely,

Marc Ulrich
Vice President of Customer Programs & Services
Southern California Edison

***

We all need to be careful. The fact that these scams continue to occur is a sign that they work. Caller ID is not perfect but still can be useful.

PC Support Phone Scams — three month study

 Computer  Comments Off on PC Support Phone Scams — three month study
Jul 202016
 

PC World recently posted an article “What I learned playing prey to Windows scammers” by a senior writer at InfoWorld. That article summarizes what was learned over a 3-month period from phone contact with companies claiming to be “Windows Technical Services” or “Windows Security Services” or “Windows Service Center” or another similar name.

“I am calling you from Windows.”

So goes the opening line of the well-known phone scam, where a person calls purporting to be a help desk technician reaching out to resolve your computer problems. These Windows scammers feed off people’s concerns about data breaches and identity theft to trick them into installing malware onto their machines. The scam has been netting victims for years, despite the fact that none of what the callers say makes sense.

Read the full article for discussion of these points:

  • The scam’s success hinges on being helpful
  • It doesn’t matter who the victim is
  • They will stick to the script, no matter what
  • Each team operates differently
  • Ask a lot of questions
  • Do not engage the scammer
  • What if you fell for the scam?
  • They know which buttons to push

I’ve written about these scams in other posts. Don’t be surprised that a stranger on the phone may know some personal information about you. (But there also can be some funny disconnects when they talk about a problem with your Windows PC and you’re on an Apple Mac computer.) They’ll claim that something is wrong with your PC. They want you to panic and let them take remote control of your computer.

Do you get spam / scam email messages that ask you to re-enter information for your bank account or lose access to that account? Well, phony “Windows Services” may say that they’ll cancel your Windows license if you don’t comply.

Don’t try to be clever with these well-trained and experienced scammers. I’ve had people tell me that while on the phone for over an hour, they felt something wasn’t right; but nevertheless they stayed on the phone. Scammers want to gain your trust — a hard lesson in social engineering.

It’s not about your intelligence. These scams rely on you being distracted, in-a-rush, or distressed; or you making assumptions about coincidences.

A recent variation of the scam depends on victims making the initial phone call. While browsing online, the victim comes across a browser pop-up stating the computer is infected and to call technical support at the listed number for instructions on how to fix it. The message is frequently served up via a malicious advertisement. Don’t call the number. Instead, close the browser and move on.

Email spoofing — a reminder to be alert

 Computer  Comments Off on Email spoofing — a reminder to be alert
Jun 162016
 

Malwarebytes Labs’ blog recently posted an article about email spoofing. It’s a good reminder about following best practices — ways to avoid scams.

Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by threat actors. Obviously pretending to be someone else can have its advantages especially if that someone else holds a position of power or trust with regards to the receiver.

Phishing campaigns use email spoofing. The article lists other reasons for spoofing as well. Scammers and criminal organizations have different business models (typically to generate revenue) and use cons that have been around for centuries.

There are technical procedures to confirm a spoofed message, but these are not practical for most people. Sometimes I get messages claiming to be from a client. I am immediately suspicious because of the subject of the message (or the lack of a subject). Examination of the raw message usually reveals that it was indeed a spoof and sent to a bunch of addresses stolen from the alleged sender’s address book.

The industry has been working on technical countermeasures to detect and stop spoofed messages. Your Internet Service Provider (ISP) may use some. But they are not foolproof.

Remember that email was designed much like the delivery of paper letters by the United States Postal Service (USPS). Anyone can write any “to” and “from” addresses they like on the envelope. There’s no authentication by the USPS.

Spoofers also rely on “look alike” or “sound alike” names and other words, which can trick anyone not paying close attention.

And remember that Caller ID on your phone may be spoofed as well.

Fake Gift Card Surveys — another email scam

 Computer  Comments Off on Fake Gift Card Surveys — another email scam
Dec 112014
 

Fake gift card surveys. I’ve seen more of these scams the last month or two. The email messages claimed to be from Amazon with “Amazon Coupons” as the subject. Examination of the messages revealed sender addresses having nothing to do with Amazon. Like from amazon@someothersite.com. Encoded (indecipherable) links in the bodies of the messages went to strange sites. Message bodies contained gibberish.

These survey scams appear on social media sites as well, e.g., on Facebook. There’s also a CVS survey / coupons scam.

How can you tell if the message is a scam? Well, there’s the tease itself — something for nothing, eh. If the promotion really was from Amazon, you’d see the offer when logged into your Amazon account. If you impulsively open such a message, at least check any embedded links (you know how to do this, correct?).

Getting your personal information isn’t the only downside to these scams, as they can involve other bogus offers, malicious Web sites, and malware.

And regarding malware. It’s not always easy to tell if your PC’s been infected, but this PC World article provides some tips: “Does your computer have malware? Here are the telltale signs.”

Fake order confirmations — another email scam

 Computer  Comments Off on Fake order confirmations — another email scam
Dec 082014
 

Fake order confirmations. I’ve seen a lot of these the last couple of weeks. Particularly repeated email messages claiming to be from Costco (Walgreens, etc.) with “Order Confirmation” as the subject. Of course, I never placed any such order(s). Examination of the messages (without actually opening them in an email app) revealed various sender addresses having nothing to do with Costco. Links in the bodies of the messages went to various Web addresses, sometimes indecipherable. Some used attachments, bogus receipts or order confirmations, as well.

Some of these scams are crude self-declarations. Just one or two sentences. But others are artfully crafted to look legitimate — well written copies of legitimate order or shipping notices from well-known companies.

I hope that most people will be suspicious of such email messages, resist the impulse to open them, and just delete them immediately. Many of these scams use Web beacons which notify the scammers that your email address viewed their message (which means that you’ll keep getting more spam scams). But clicking on an embedded link or opening an attachment is worse, possibly infecting your PC with malware.

This holiday season these scams are in full swing once again. As PC World summarized in their article “Beware this online shopping scam: Fake order confirmations” (12/8/2014):

Brian Krebs, a respected authority on security and all-things-cybercrime, wrote a cautionary post earlier this week. “If you receive an email this holiday season asking you to ‘confirm’ an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.”

Remmember, if you have an online account with the vendor, you always can login and check your order status. Some vendors also have customer service phone numbers.

Sep 052014
 

So, one day you’re really busy. You get an unsolicited call from someone claiming they’re “Microsoft Support” or a company associated with Microsoft or your PC manufacturer (like Dell or HP). They claim that there’s a problem with your PC: “Your PC is infected!” They use technical terms. They’ll help. They ask you to use the mouse or keyboard to do some things on your PC. You’re asked to give them a special ID and /or number code. They’ll then show you the problems. Your PC screen starts changing. You start feeling anxious, even scared. Something’s not right, but … When asked, you give them your credit card number.

Later, you find several hundred dollars were billed to your credit card. You suspect a scam.

Yes, as pointed out in the latest VIPRE Security News (Issue 7, September 2014), such phony computer support calls remain a common scam. Especially among seniors, as I’ve witnessed first hand. As pointed out in their “Don’t Trust Unsolicited Calls From ‘Computer Support Technicians’” article:

Typically, scammers say they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need, … The latest version of the scam begins with a phone call. …

Once they have you on the phone, they often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim that they are viruses. Their tactics are designed to scare you into believing they can help fix your “problem.”

Lessons:

1. Be aware that these scams are common. Whether via an email message or a phone call, anyone can contact you and claim to be anyone, even providing fake credentials and phone numbers. (And, by the way, Caller IDs can be spoofed as well — you may even get a call from yourself — the Caller ID shows your name and phone number!)

2. If you’re scared (or were already really stressed, distracted, or super busy), defer any action by hanging up or declining any offer. Or, just shutdown the computer. Sadly, rational action’s unlikely if you already panicked.

3. Never let anyone remotely control your computer unless you’ve had independent, multiple verification — or at least called a number on a valid service support contract that came with your computer. If that person was at your front door, would you let them in just on the basis of their self-declarations?

4. The same cautions apply to signing up for a computer support or maintenance contract. In a few minutes some of these scams start spending money using your credit card information.

5. The emotional toll can be severe.

Apr 222014
 

A client called me about her computer being hacked. Turns out that only her AOL account probably was hacked. People in her address book were getting odd email messages supposedly from her. Her PC was okay otherwise.

She’s one of many experiencing the problem. PC World noted the situation in their article “You’ve got spam mail: Slew of AOL email accounts fall prey to spoofing attack.” There’s a hash tag #aolhacked tracking reports of the problem.

It’s unclear whether in all cases AOL accounts were hacked or somehow address books were compromised and used to spoof email addresses.

AOL recommends changing your password. That may help if your account was hacked. But if your account is being spoofed, that’s another matter, with no ready solution. AOL has a page describing the difference here.

PC World also recommended reviewing these computer safety tips: How to protect your PC against devious security traps.

The classic case of spoofing is where you receive a message purportedly from yourself to yourself — something that you did not do.

Remember that email is modeled after the United States Postal Service (USPS). So, it’s easy for anyone to put whatever “to” address they want on an envelope as well as any “from” address.

You just have to be careful, especially with email messages with subjects like “Hi” or “How are you” or something else that’s really general or vague (or even blank). And beware of phishing scams that have subjects regarding undeliverable packages.

In general I recommend that everyone have at least two email addresses with different service providers. So, if you have an AOL account, then also have a Google account with a Gmail address as a secondary address.

email hacking and spoofing

 Computer  Comments Off on email hacking and spoofing
Jul 282011
 

The latest issue of Vipre Security News contains some articles on email spoofing and what to do if your email account is hijacked.

… email spoofing is the forgery of an email so it appears to be coming from someone other than the actual source. Spammers often use spoofing to get folks to open and potentially respond to their missives. Then there are those unfortunate folks who have seen their email accounts hijacked by hackers and taken over for nefarious purposes.

Email spoofers want you to look at their emails, download malicious software, or click on things you should not be clicking on and taking you places you don’t want to go.