Security and breach concerns a major pretext for phishing scams

News

New online fraud scheme uses the pretext of offering compensation for personal data leaks

BEC scams are well-known for their timeliness. Scammers across the globe cook up impressive stories based on current events to lure in unsuspecting victims. The latest to join the list is a new online fraud scheme that uses the pretext of offering compensation for personal data leaks.

The regulatory fines imposed on British Airways, Marriott International and recently Dixons Carphone has been in the news. Scamsters were using that to steal money from users, reported Kaspersky. 

A website called ‘Personal Data Protection Fund’ created by the ‘US Trading Commission’ - both bogus names - says the fund awards compensation for leaks of personal data, for which citizens of any country in the world can apply.

The site offers to check whether your data has ever leaked and asks for your details such as surname, first name, phone number, and social media accounts, with a warning that entering other people’s data will result in a severe penalty.

"However, it turns out that the website accepts any information, even complete gobbledegook" wrote Tatyana Sidorina, security expert at Kaspersky. 

"Our fictional character with an unpronounceable name had indeed had their data leaked. Moreover, it turned out that someone had already used their photos, videos, and contact information, and so fghfgh was entitled to compensation in excess of US$2,500 (£1,900)."

The catch is that you need a US Social Security Number (SSN) and the website offers to sell a temporary one for US$9 (£7).

"The scammers themselves are most likely Russian speakers, as suggested by the ruble payment form, plus the suspicious similarity of the scheme to other easy money offers that regularly tempt residents of Russia and the CIS," wrote Sidorina.

Unlike the previous easy-money scams, this compensation scam has a wider attack geography, with victims located not only in Russia and neighbouring countries, but also in Algeria, Egypt, the UAE, and elsewhere.

While this method takes the pains to appear as timely, others still con users with tried-and-tested phishing methods, says a KnowBe4 study. 

Its Q4 2019 top-clicked phishing report found that simulated phishing tests with an urgent message to change a password immediately were most effective, with 26 percent of users falling for it. 

"Given that password reuse is one of the biggest security problems companies face today, organisations must build a culture of zero trust when it comes to opening emails with attachments or links, especially those from outside the organisation. This requires regular training and awareness that ensures individuals think twice before opening attachments," commented Kayla Gesek, product manager at OneLogin.

KnowBe4 also analysed subject lines of fraudulent emails that users received and reported to their IT departments as suspicious. The top 10 phishing email subject lines were:

  • Change of Password Required Immediately: 26 percent

  • Microsoft/Office 365: De-activation of Email in Process: 14 percent

  • Password Check Required Immediately: 13 percent

  • HR: Employees Raises: 8 percent

  • Dropbox: Document Shared With You: 8 percent

  • IT: Scheduled Server Maintenance – No Internet Access: 7 percent

  • Office 365: Change Your Password Immediately: 6 percent

  • Avertissement des RH au sujet de l’usage des ordinateurs personnels: 6 percent

  • Airbnb: New device login: 6 percent

  • Slack: Password Reset for Account: 6 percent

"Organisations and individuals should remember the vital role that MFA can play in protecting against phishing attacks — you’re always better off having MFA in place than relying on passwords alone," said Gesek..

"However, it’s great news that more users are becoming more security minded than in previous years. With the threat landscape evolving so fast, companies should invest in partnerships with folks that keep on top of these new scams to stay vigilant." 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews