As people become more aware of the latest phishing scams and trends, scammers are adapting and creating new methods to trick you into giving away personal credentials. This is why it is important to keep up to date with the latest trends. Luckily, Anti-Fraud news is on the prowl, and we have identified some of the latest email scams to keep you updated and aware.
The Latest CIA Sextortion Method
The most recent scam that is trending in email inboxes is the CIA ‘sextortion’ scam. These scammers send emails to victims, posing as agents from the CIA, and accusing the victims of being involved in the storage and production of child pornography. They threaten their victims with arrest, and then blackmail them by making an offer to remove the threat if the victim pays a sum of money (such as $10 000) to erase the pornography data that the victim supposedly has. The victim is tricked into believing that they possess the data, regardless of whether they actually have it or not. Each sextortion email may vary, but the end result is the same.
Another common method that these sextortion scammers use is taking stolen passwords and email addresses (credentials) from past data hacks breaches, to trick the victims into believing that scammers have hacked into their email accounts. These scammers will spoof their victims’ email addresses to grab their attention and make the emails look more authentic to the victim. For the victims, these emails ‘appear’ to be sent from their own mail account, when it has in fact come from the scammers account. In this way, the scammers trick the victims into actually acquiring the pornography data onto their system.
Luckily, although the emails can look very authentic, a common fault that has been found in these scams is the poor use of English grammar and punctuation. So, pay attention to a person’s use of the English language or writing skills, should you come across a suspicious-looking email.
If you receive an email that resembles a form of sextortion as described above, then report it immediately to the Internet Crime Complaint Centre.
The Internet Crime Complaint Centre accepts online complaints from either the actual victim or from a third-party member to the complaint. They would usually request the following information from you in order to best process your complaint:
- Victim’s name, address, telephone, and email.
- Any financial transaction information (account details, names, references, reasons for transaction, dates etc).
- The suspects name, address, telephone, email, website, and IP address and specific details on how you were victimized.
The Latest Business Fraudster: Hacking for Altered Invoices Hack Method
Business fraudster scams are also currently circulating. These scams form a small part of the many types of fraud, that email users experience. Unfortunately, with this current trend, scammers are able to hack into your email account to get your credentials, without having to trick you into giving them away yourself!
Scammers have been known to hack into peoples’ work or business email accounts and intercept their business invoices to change payment details from other businesses. They then use the victim’s email credentials to intercept and edit an invoice where possible. For example, they could change the information on banking details on the invoice to their own details and then send it on for payment to the recipient. The recipient then pays the edited invoice, assuming it comes from the correct sender or a legitimate source, and the money is paid into the scammer’s account.
In order to prevent this type of business scam/fraudulent activity from occurring, let current clients and new incoming clients know that your email credentials and details will never change. Should they receive an email that appears to have been altered or if they receive an announcement for a change in banking details, then they should contact you immediately.
If you are an individual who is supplying banking details to clients, then rather avoid email invoices with banking details, and provide these directly over the telephone to your clients.
If you suspect that you are being scammed, report it on the SSA Fraud Hotline: 1-800-269-0271.