«
»

In the past few days, there have been a surprising number of new electronic scams discovered or announced. These kinds of attacks seem to come in waves but right now it seems like we’re facing a tsunami. Here are just a few examples of recent scams. Be on the alert for messages that seem fishy and never give out confidential or personal information unless you are absolutely sure who you are talking to.

Fake "Red Cross" calls targeting military spouses
In this scam, a caller with a young-sounding, American accent phones a military spouse and identifies herself as a representative from the Red Cross. She says that the spouse’s husband was hurt while on duty in Iraq and was medevaked to a hospital in Germany. She says that they can’t start treatment until some paperwork is finished and they need the spouse to verify her husband’s SSN and date of birth.

This is an out-and-out scam. The military does not need any additional information before they can begin treatment. They already know the member’s SSN, date of birth, medical history, etc. The American Red Cross also won’t initiate this kind of call. Notices of injuries, etc. come through official channels – usually the commander or first sergeant. Read more at redcross.org.

Fake Microsoft patch email
In this scam, users receive an official-looking email claiming that you have received a notice about a new Microsoft patch because you’re signed up to an official Update mailing list. The email includes your name and sometimes your company in the body of the email. After scaring you about the dangers of this new vulnerability, it provides a link to microsoft.com and instructions on how to download the patch. The link instead redirects you to a fake site and downloads malicious software onto the affected computer.

This particular scam seems to have been targeted at users with high-level IT accounts, perhaps in an attempt to trick them into loading this new “security patch” onto all the computers in their network. Whether you’re an IT administrator or not, always be suspicious of unsolicited emails and never follow a “helpful” link in an email. Read more here.

Next week, we’ll highlight two more of these recent examples.

This entry was posted by Mike Rossander on 2007 July 16 at 00:00 under Specific Alerts. You can leave a response, or trackback from your own site. Follow any responses to this entry through the RSS 2.0 feed.

Leave a Reply