John Healy's Tech Blog

Tag: Spoofing

  • Caller ID spoofing — electric company warning

    I’ve written about this before: whether it’s at your front door or on your phone or on your computer, scammers use the same tricks. In this case, spoofing their identity. Southern California Edison send out this email notice last week.

    ***

    Subject: Important message from SCE: Beware of caller ID spoofing

    That ‘Southern California Edison’ phone call may not be legitimate.

    For your security, never give out your personal information, such as your SCE account number, Social Security number, credit card information or PIN number.

    We have recently experienced an increase in reports of caller ID spoofing, a practice in which special phone equipment falsifies information on your caller ID display. Calls may appear to be from SCE, when in reality the caller has no association with SCE and may try to sell you products, collect personal information or say your electric bill is past due when it’s not.

    Common red flag warnings related to spoofed phone calls:

    • Calls were made multiple times per day
    • Callers asked about customer’s usage, meter or other personal information
    • Customers were provided recommendations for purchasing alternative energy products

    Tips to help protect yourself from caller ID spoofing scammers:

    • SCE will not send solar representatives to your home, nor do we have solar companies contact anyone by phone.
    • SCE will never ask for credit card information, a prepaid card such as Green Dot or electric usage information over the phone.
    • Do not use a call back number provided until you confirm it is an SCE number listed on your bill or the Contact Us page on sce.com.

    Please know that we take your privacy seriously and make every effort to protect your information. For additional red flag warnings and tips to protect yourself, please visit sce.com/scamalert.

    If you believe you are the recipient of a spoofing call, contact SCE Information Governance at csinfogov@sce.com.

    Sincerely,

    Marc Ulrich
    Vice President of Customer Programs & Services
    Southern California Edison

    ***

    We all need to be careful. The fact that these scams continue to occur is a sign that they work. Caller ID is not perfect but still can be useful.

  • PC Support Phone Scams — three month study

    PC World recently posted an article “What I learned playing prey to Windows scammers” by a senior writer at InfoWorld. That article summarizes what was learned over a 3-month period from phone contact with companies claiming to be “Windows Technical Services” or “Windows Security Services” or “Windows Service Center” or another similar name.

    “I am calling you from Windows.”

    So goes the opening line of the well-known phone scam, where a person calls purporting to be a help desk technician reaching out to resolve your computer problems. These Windows scammers feed off people’s concerns about data breaches and identity theft to trick them into installing malware onto their machines. The scam has been netting victims for years, despite the fact that none of what the callers say makes sense.

    Read the full article for discussion of these points:

    • The scam’s success hinges on being helpful
    • It doesn’t matter who the victim is
    • They will stick to the script, no matter what
    • Each team operates differently
    • Ask a lot of questions
    • Do not engage the scammer
    • What if you fell for the scam?
    • They know which buttons to push

    I’ve written about these scams in other posts. Don’t be surprised that a stranger on the phone may know some personal information about you. (But there also can be some funny disconnects when they talk about a problem with your Windows PC and you’re on an Apple Mac computer.) They’ll claim that something is wrong with your PC. They want you to panic and let them take remote control of your computer.

    Do you get spam / scam email messages that ask you to re-enter information for your bank account or lose access to that account? Well, phony “Windows Services” may say that they’ll cancel your Windows license if you don’t comply.

    Don’t try to be clever with these well-trained and experienced scammers. I’ve had people tell me that while on the phone for over an hour, they felt something wasn’t right; but nevertheless they stayed on the phone. Scammers want to gain your trust — a hard lesson in social engineering.

    It’s not about your intelligence. These scams rely on you being distracted, in-a-rush, or distressed; or you making assumptions about coincidences.

    A recent variation of the scam depends on victims making the initial phone call. While browsing online, the victim comes across a browser pop-up stating the computer is infected and to call technical support at the listed number for instructions on how to fix it. The message is frequently served up via a malicious advertisement. Don’t call the number. Instead, close the browser and move on.

  • Email spoofing — a reminder to be alert

    Malwarebytes Labs’ blog recently posted an article about email spoofing. It’s a good reminder about following best practices — ways to avoid scams.

    Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by threat actors. Obviously pretending to be someone else can have its advantages especially if that someone else holds a position of power or trust with regards to the receiver.

    Phishing campaigns use email spoofing. The article lists other reasons for spoofing as well. Scammers and criminal organizations have different business models (typically to generate revenue) and use cons that have been around for centuries.

    There are technical procedures to confirm a spoofed message, but these are not practical for most people. Sometimes I get messages claiming to be from a client. I am immediately suspicious because of the subject of the message (or the lack of a subject). Examination of the raw message usually reveals that it was indeed a spoof and sent to a bunch of addresses stolen from the alleged sender’s address book.

    The industry has been working on technical countermeasures to detect and stop spoofed messages. Your Internet Service Provider (ISP) may use some. But they are not foolproof.

    Remember that email was designed much like the delivery of paper letters by the United States Postal Service (USPS). Anyone can write any “to” and “from” addresses they like on the envelope. There’s no authentication by the USPS.

    Spoofers also rely on “look alike” or “sound alike” names and other words, which can trick anyone not paying close attention.

    And remember that Caller ID on your phone may be spoofed as well.

  • Fake Gift Card Surveys — another email scam

    Fake gift card surveys. I’ve seen more of these scams the last month or two. The email messages claimed to be from Amazon with “Amazon Coupons” as the subject. Examination of the messages revealed sender addresses having nothing to do with Amazon. Like from amazon@someothersite.com. Encoded (indecipherable) links in the bodies of the messages went to strange sites. Message bodies contained gibberish.

    These survey scams appear on social media sites as well, e.g., on Facebook. There’s also a CVS survey / coupons scam.

    How can you tell if the message is a scam? Well, there’s the tease itself — something for nothing, eh. If the promotion really was from Amazon, you’d see the offer when logged into your Amazon account. If you impulsively open such a message, at least check any embedded links (you know how to do this, correct?).

    Getting your personal information isn’t the only downside to these scams, as they can involve other bogus offers, malicious Web sites, and malware.

    And regarding malware. It’s not always easy to tell if your PC’s been infected, but this PC World article provides some tips: “Does your computer have malware? Here are the telltale signs.”

  • Fake order confirmations — another email scam

    Fake order confirmations. I’ve seen a lot of these the last couple of weeks. Particularly repeated email messages claiming to be from Costco (Walgreens, etc.) with “Order Confirmation” as the subject. Of course, I never placed any such order(s). Examination of the messages (without actually opening them in an email app) revealed various sender addresses having nothing to do with Costco. Links in the bodies of the messages went to various Web addresses, sometimes indecipherable. Some used attachments, bogus receipts or order confirmations, as well.

    Some of these scams are crude self-declarations. Just one or two sentences. But others are artfully crafted to look legitimate — well written copies of legitimate order or shipping notices from well-known companies.

    I hope that most people will be suspicious of such email messages, resist the impulse to open them, and just delete them immediately. Many of these scams use Web beacons which notify the scammers that your email address viewed their message (which means that you’ll keep getting more spam scams). But clicking on an embedded link or opening an attachment is worse, possibly infecting your PC with malware.

    This holiday season these scams are in full swing once again. As PC World summarized in their article “Beware this online shopping scam: Fake order confirmations” (12/8/2014):

    Brian Krebs, a respected authority on security and all-things-cybercrime, wrote a cautionary post earlier this week. “If you receive an email this holiday season asking you to ‘confirm’ an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.”

    Remmember, if you have an online account with the vendor, you always can login and check your order status. Some vendors also have customer service phone numbers.