New take on old email scam references recipients’ actual passwords in attempt to make bogus claims more believable.
To be clear: These emails are scams. Do not fall for them and do not make any payments.
The inclusion of what may very well be a valid password is a trick designed to make these emails more frightening and convincing, but it doesn’t mean the claims are actually valid. This scam isn’t a sign that your computer has been infected, rather, it’s a sign that your email address and a password associated with it have been exposed in a previous data breach.
How criminals are able to reference a valid password
While the exact methods are unconfirmed, it’s very likely that criminals are referencing a database of passwords and email addresses collected from a large data breach that may have taken place years ago. Several users who received variations of this email said the passwords the criminals referenced were ones they’d used close to ten years ago (even more reason to regularly update your password and avoid password reuse).
To check to see what breaches your email address has been exposed in, you can visit researcher Troy Hunt’s site haveibeenpwned.com.
Unfortunately, these scams appear to be working
What makes these new scam attempts interesting is they represent a clever new approach to monetizing the email addresses and passwords obtained via data breaches. What makes them especially disturbing is that they appear to be (at least to some extent) working. These may not be huge sums, but they serve as more than enough encouragement for criminals to continue investing in and widening the scope of these schemes. As a result, we can expect to see more of these emails and variations of them in the near future.
IMAGE OF PHISHING MESSAGE
Additional considerations for business include the following:
Don’t give administrative privileges to your user accounts. Privileged accounts can “reach out” much further and more destructively both on your own hard disk and across the network. Malware that runs as administrator can do much more damage, and be much harder to get rid of, than malware running as a regular user.
Make sure all users are aware of this danger, trained in response and know to not open suspicious attachments. Here at COMP-Connection, Inc. we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.
Questions about this event?
Feel free to contact us at email@example.com. If you have problems and have a service contract with COMP-Connection, Inc. contact us at our normal telephone line (408)848-1137.