An age-old customer support scam takes a new twist, FBI warns – though target remains the same – to steal people’s identities (opens in new tab)sensitive data, payment data, and ultimately money.
In a recent public service announcement, the bureau urged customers, primarily the elderly population, to be vigilant when they receive emails from fake company technical or computer repair service representatives.
Fraudsters typically send a phishing email informing victims that their bank account will be charged (or has been charged) between $300 and $500 for various services. If the victim wants to cancel the payment or request a refund, they need to call the phone number provided in the body of the email and do it urgently.
Fake Refund Payment Portal
If the victim does call the number, the “representative” tricks them into downloading and running remote access software, enough to allow the attacker to empty the victim’s bank account.
The twist to the story, according to the FBI, is that they are now also creating little scripts that look like the user interface of a refund payment portal.The law enforcement agency did not say which companies were impersonated in the attack, but Bilibili computer Digging around a bit, I found a sample script naming Chase Bank, a subsidiary of JPMorgan’s commercial bank.
Chase Bank does not appear to be the only financial institution impersonated in this attack, with the publication further claiming that it can be dynamically customized to change bank names as other batch files are discovered.
Most of the time, scripts and scams like these are designed to steal people’s sensitive data, such as full names, bank names, zip codes, and refund amounts, giving attackers a wealth of intelligence to initiate wire transfers. Also, calling the fraudster will also give them a phone number that can be used later for other fraud attempts.
pass: Bilibili computer (opens in new tab)