1. Unusual Sign-in Activity Scam
This one is tricky. It’s a phishing campaign that pretends to be an “Unusual sign-in activity” alert from Microsoft.
With companies such as Google and Microsoft commonly sending users alerts when unusual activity has been discovered on their account, you may feel it’s normal to receive them and click on the enclosed link without thinking about it. Attackers are capitalizing on this by sending emails that pretend to be “Microsoft account unusual sign-in activity” alerts.
When compared to the legitimate email notifications sent by Microsoft, the scam looks almost identical, with the same information fields and even the same sender address of “account-security-noreply@accountprotection.microsoft.com.” What’s different, though, is that when you click on the “Review recent activity” email link, instead of going to Microsoft to review your account’s sign-in activity, you are brought to a fake landing page on a non-Microsoft site that asks you to login.
When a victim enters their credentials, the information will be saved for the phishers to retrieve later so they can access that account whenever they want.
No matter what credentials are entered in the fake login form, the user will always be redirected to an error page on Microsoft’s live.com site. This is to make it look like there is a problem with your account and that nothing strange is going on.
How can you avoid this?
- Always check the From/sender address, but don’t always trust it. Email addresses can be easily spoofed.
- Pay close attention to the link when hovering over it before clicking as well as looking at the URL if you do click. Is it spelled correctly? Is it secure? Microsoft will always be an https: link.
- Try to stop yourself before clicking on the email link automatically. Think back to when and where the “unusual activity” may have been and whether you should have received the warning in the first place.
2. Fortnite Hacks…or Hackers?
This scam may be more geared toward your children, but with 250+ million Fortnite users worldwide, it’s worth sharing with everyone.
It’s a ransomware scam disguised as a game hack tool. The offer is a ‘cheat’ for better aim or to know the location of other players in the game. It is believed to appear as a link in the forums and that the ransomware gets installed when the tool is downloaded.
Upon activation, a timer appears on the screen, telling the player his or her files will be deleted if the ransom is not paid before time runs out. After the first two hours, everything in the photos folder will go. After another two hours, the desktop folder. After a third timer, the documents folder.
According to Cyren, the ransomware was still active on Fortnite as of August 21st.
Stay safe with these tips:
- Remind your children that cheaters never win. Just kidding. Who didn’t use codes and tricks to beat Atari or Nintendo games?
- Always be suspicious of downloads. Whenever possible, search for info about them online before choosing to install. Scams are often reported quickly to help others avoid falling victim.
3. Take it to the Bank
Financial phishing is getting even more popular.
Researchers at NormShield have released their State of Financial Phishing report that shows an increase in website domains that impersonate financial institutions registered so far this year, with thousands more expected.
That’s important because criminals are getting more savvy, setting up these sites and then waiting to use them. Their phishing attacks are more complex and targeted as well. They are copying actual bank promotions that link to their fake sites in order to steal your credentials and other sensitive information.
So how can you protect yourself?
- Always think before you click. Especially when receiving unexpected alerts or offers from what seems to be your financial institution. Cybercriminals play on your emotions of excitement and fear to push you to act without thinking.
- Contact your bank independently of the email. Open your own browser window to log in, or give them a call. Legitimate offers will be confirmed, and phishing attacks can be reported.
