The U.S. FBI has issued a warning on scammers impersonating refund payment portals. Looking into the ramifications stemming from the statement for Digital Journal is Tonia Dudley, Chief Information Security Officer at Cofense.
Dudley begins by explaining the background to the statement and the current attack status facing the U.S.: “Just weeks after Cofense’s Phishing Defense Center (PDC) detected a campaign leveraging fraudulent tax income refunds, the FBI has warned of a new scam involving the impersonation of financial institutions’ refund payment portals.”
Dudley adds: “This scam uses the fraudulent Geek Squad email subject line “Service Renewal from Geek Squad,” notifying victims that their account has been “charged” and urging them to contact “Geek Squad” support to request a refund through a toll-free phone number that is directed to an Indian call center. There is evidence that this email subject line has existed since August.”
In terms of how the situation has unfolded, Dudley recounts: “In April of 2021, we began looking at the scam emails that we were able to collect from various sources. At the time, BazarCall was in full swing and using methods very similar to other scam emails. The use of emails without URLs or attachments to further nefarious goals was not new as 419 scammers (Nigerian Price schemes) have done this for years.”
There were further developments too: “The addition of call center operators to add realism and lower the guards of unsuspecting victims was tough. Many Indian call center employees share common attributes, including that their script seems to always lead to the remote desktop software being provided unattended login access and that they push for the end user to log in to their bank during an active remote desktop session to “validate the refund.”
So how do these scams manifest to consumers and businesses? Dudley locates one of the key issues as: “Scammers often use emotional triggers to get their victims to act, including fear and impulse, which causes many people to overlook phishing red flags like grammatical and formatting errors. The promise of refunds creates a false sense of hope and excitement for unexpected funds with reasonable, realistic amounts, that give the impression that it can be true.”
There are other factors at play: “Additionally, this creates a sense of urgency that persuades victims to act quickly to not miss out. As phishing campaigns continue to become increasingly common, it is essential that the necessary steps to protect inboxes, detect threats, and respond to attacks are taken.” To safeguard ourselves, Dudley offers the following advice: “Adopting actionable intelligence that gives visibility into the phishing attacks in your network, immediate and decisive responses to phishing threats, and a rapid and automatic quarantine of malicious emails will help keep malicious actors at bay and ensure the protection of sensitive data.”