An old customer support scam gets a new twist, the FBI warns – though the goal remains the same – to steal people Matches (Opens in a new tab)And sensitive data, payment data and ultimately money.
In a recent public service announcement, the bureau urged customers (mostly elderly people) to remain vigilant upon receipt Email messages Pretending to be a service representative at a company technical or computer repair service.
Scammers usually send out a phishing email, telling victims that their bank account will be charged (or already charged) anywhere between $300 and $500 for various services. If victims want to cancel the payment, or request a refund, they will have to call the phone number provided in the body of the email, and do so urgently.
Fake refund payment gateways
If victims call the number, the “actor” will trick them into downloading and running remote access software, which is more than enough for the attackers to empty the victims’ bank accounts.
The twist on this story, according to the FBI, is that they now also create small scripts built to look like the user interface of a refund payment gateway. The law enforcement agency did not say which companies were impersonated in this attack, but Computer He did some digging and we found text samples with the name Chase Bank, the commercial banking subsidiary of JPMorgan Chase.
Chase Bank does not appear to be the only financial institution impersonated in this attack, the post claims, and other batch files have also been discovered, which can be quickly customized to change the name of the bank.
Most of the time, scripts and scams like this aim to steal people’s sensitive data, such as full names, bank names, zip codes, and refund amounts, giving attackers a lot of information to initiate bank transfers. Moreover, contacting the scammers by phone also gives them the phone number, which can later be used for additional fraud attempts.
Across: Computer (Opens in a new tab)