The age-old customer service scam has taken a new turn, the FBI warns – although the goal remains the same – of people’s identities being stolen (opens in a new tab)sensitive data, payment details and ultimately money.
In a recent public service announcement, the office urged customers (mostly the elderly) to be vigilant when receiving emails claiming to be from the company’s technical or computer service representatives.
Fraudsters typically send phishing emails informing victims that their bank accounts will be charged (or have already been charged) ranging from $300 to $500 for various services. If victims wanted to cancel the payment or request a refund, they would have to call the phone number provided in the body of the email and do so urgently.
Fake refund payment portals
If victims call this number, the “representative” will trick them into downloading and running remote access software, which is more than enough for the attackers to empty victims’ bank accounts.
The twist in this story, according to the FBI, is that they are now also creating small scripts built to look like the user interface of a refund payment portal. Law enforcement did not say which companies are impersonating in this attack, but Beeping Computer he did some digging and found script samples naming Chase Bank, JPMorgan Chase’s commercial banking subsidiary.
Chase Bank does not appear to be the only financial institution impersonating in this attack, the publication further claims that other batch files have been discovered that can be adjusted on the fly to rename the bank.
In most cases, scripts and scams like this are designed to steal users’ sensitive data such as names, bank names, zip codes, and refund amounts, giving attackers plenty of information to start bank transfers. What’s more, by calling scammers over the phone, we also receive a phone number that can later be used for future scam attempts.
By: Beeping Computer (opens in a new tab)