Uncategorized Fraud and Scams

ITS Warning: FBI Warns About Fake Cryptocurrency Apps

July 19, 2022

The FBI advised investors that cyber criminals are creating fraudulent cryptocurrency investment applications (apps) to defraud cryptocurrency investors. They recommend investors always to be wary of prompts to install investment apps from unknown individuals, to verify that the company behind such apps is legitimate, and to treat apps with broken or limited functionality with skepticism.

Cryptocurrency owners are also recommended to enable multi-factor authentication (MFA) on all their accounts, deny requests to use remote access apps, and always reach out to exchanges and payment companies using official phone numbers and email addresses.

When it sounds too good to be true, it probably is.

Please see more information here:
https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-cryptocurrency-apps-used-to-defraud-investors/

 

ITS Warning: Amazon Call Scam - Remote Access Your Computer

July 5, 2022

Scammers continue contacting people to gain access to your information or device(s). They may contact you on your personal email or phone. The setup is similar to this:

It’s a robocall that claims to be from Amazon’s fraud unit. There’s a fraudulent charge for $999 that was placed in Baltimore. Before Harry has a chance to respond to the prompt, he’s connected to a scam call center, most likely, overseas.

The call sounds convincing until the caller asks potential victims to download an app. They claim the download will help them remove the charge, but what the scammer really wants is to gain remote control of your computer and everything on it.

In this call, the scammer asks Harry to type in www.AnyDesk.com, which is a legitimate software company based in Germany.

Please see more information here:
https://www.cbs46.com/2021/12/14/scammers-posing-amazon-try-get-remote-access-better-call-harrys-computer/

 

New Phishing Toolkit, Be Aware, Check the URL

March 22, 2022

New phishing toolkit allows anyone to create fake Chrome browser windows - beware the SSO from unknown sites.

View Tweet.

Read article.

 

Apple Releases Security Updates for Multiple Products

January 27, 2022

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Read more here.

Back to Top

​Email Scam Impersonating IRS Is Targeting College Students and Staff, Agency Warns

By Owen Daugherty, NASFAA Staff Reporter
Publication Date: 3/31/2021

The Internal Revenue Service (IRS) issued a warning this week notifying those affiliated with higher education institutions of an ongoing email scam that appears to be primarily targeting those who have “.edu” email addresses.

The agency, in a release posted Tuesday, said it has received numerous complaints about the scam in recent weeks, noting that the emails to those with addresses ending in “.edu” have been targeting staff and students from both public and private, for-profit and nonprofit institutions.

The phishing emails, as they are commonly referred to, display the IRS logo and use various subject lines attempting to trick unsuspecting recipients, such as “Tax Refund Payment” or “Recalculation of your tax refund payment,” according to the IRS.

The scam emails prompt recipients to click a link and submit a form to claim their tax refund, then taxpayers are asked to provide personal information such as their names, date of birth, social security number, and other personal details.

Those who receive this scam email should not click on the link in the email and instead report it to the IRS. For those who may have fallen victim to the scam, the IRS recommends obtaining an Identity Protection PIN, which helps prevent identity thieves from filing fraudulent tax returns in the victim’s name.

The IRS added that taxpayers who believe they have a pending refund should check the status only on the agency’s website, IRS.gov.

Back to Top

Random Subject M

September 15, 2020

HCCC users may receive a malicious email with a random M# as the subject with a random sentence in the email. Please do not interact with the sender and delete the email immediately. You can send emails such as these to spamFREEHUDSONCOUNTYCOMMUNITYCOLLEGE. If you have interacted with this email, please contact the ITS Help Desk for assistance.

 

Named Malicious Email

August 12, 2020

HCCC emails may receive a message that appears to be from an HCCC contact "Jane Smith" with the subject of your name "John Doe." The email has an external tag, and it is not from an HCCC email address. Delete this message and ignore, as it is not valid. If you have opened an attachment from the email or responded to it, please contact the Help Desk immediately.

 

Greenlight Bookstore Fraud

March 5, 2020

​The Greenlight Bookstore was recently hacked of their main email account as of March 4th, 2020. They explain what happened and include ways on how to protect yourself. See below:

Dear Friends and Fans of Greenlight,

Earlier today, Greenlight's main email account was hacked (via a phishing email from one of our vendors who had also been hacked). The hackers accessed our Constant Contact account.

At 1:42 pm, an email went out with the subject line "Order Compeleted" [typo included] and a link to "Get Attached Files" along with a password.  Clicking on the link would download malicious files onto the user's computer.

Within an hour, our friends at Constant Contact had disabled the link, so the email is no longer a threat.

We do apologize to those of you who were taken in by this scam (we were too!) -- though we also appreciate those of you who were suspicious of an email from the bookstore with a misspelling in the subject line!  Thanks to those who contacted us to alert us or inquire, and we hope we were able to answer your questions as we worked out what had happened.

We believe our experience is related to the new phishing scam described in this article from the IT news site ZDNet.  From the article: "Targets of this hacking campaign receive an email that encourages them to open a phoney password-protected document that claims to have been locked in order to secure personal information supposedly contained within. Many of the emails are themed around refunds, online transactions and other invoices." The article contains more information on how the campaign works, and suggestions for managing your system's safety whether or not you have clicked on the link.  (Thanks to Greenlight Community Lender and tech journalist David Ewalt for the tip!)

Again, we're so sorry that Greenlight became a conduit for this malicious campaign, and we appreciate your understanding.  Please feel free to reach out to us via info@greenlightbookstore.com if you have other specific questions or concerns.

Thanks for supporting your local independent bookstore!

Best,
Greenlight Bookstore

Back to Top

Account Owner Scam

May 21, 2019

​If you receive an email with a subject "Incident" with an ID code, delete it without opening it for this is a phishing attempt. Do not reply to it nor open any attachments or links. If you have interacted with the email, please contact the Help Desk.

 

Lottery Donation Scam

May 16, 2019

If you receive an email about a lottery donation, immediately delete it without opening it. This is a phishing attempt.​ If you clicked on this link, please change your password immediately. When ITS sees that your account has been affected by this compromise, ITS will disable your account to protect you and the community. ITS may need to add more security features to your account once it has been compromised. Contact the Help Desk with any questions.

Back to Top