Threat actors continue to evolve their spam tactics by utilizing legitimate Google Groups to send Fake order messages to target multiple users.
Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed by the recipient.
They are motivated to steal the victim’s personal credentials – name, address, credit, or banking information, or trick the victim into installing malware on their computer.
Trustwave SpiderLabs has identified a notable surge in these Geek Squad scam email activities delivered via Google Groups.
The new variant of the fake order scam sent to the users to notify them about the victim has been added to the Google group.
Above is a sample of a scam message sent to the user to join the client support geek squad, and by clicking view, this group will redirect to a fake discussion group.
Later, threat actors can automatically add email addresses, even non-Gmail accounts, into a group and start spamming users.
The spam email notified the users about the renewal of their membership in Geek Squad and the amount for the renewal. The customer ID was mentioned to make it legitimate.
It also leaves the customer care number to contact the support team to avoid charging the amount if they do not wish to continue.
If the victims contact the customer care number mentioned in the email, it will connect with spammers, and they are asked to update the online form.
They then instruct the victims to access a website where an application can be downloaded to access the victim’s machine remotely.
Once the scammer has remote access, they pretend to process the refund while secretly browsing their files and accessing sensitive information such as personal documents, banking details, and passwords.
These deceptive schemes cause financial harm to victims and lead to breaches of their personal data.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost…
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…