Threat actors continue to evolve their spam tactics by utilizing legitimate Google Groups to send Fake order messages to target multiple users.
Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed by the recipient.
They are motivated to steal the victim’s personal credentials – name, address, credit, or banking information, or trick the victim into installing malware on their computer.
Trustwave SpiderLabs has identified a notable surge in these Geek Squad scam email activities delivered via Google Groups.
The new variant of the fake order scam sent to the users to notify them about the victim has been added to the Google group.
Above is a sample of a scam message sent to the user to join the client support geek squad, and by clicking view, this group will redirect to a fake discussion group.
Later, threat actors can automatically add email addresses, even non-Gmail accounts, into a group and start spamming users.
The spam email notified the users about the renewal of their membership in Geek Squad and the amount for the renewal. The customer ID was mentioned to make it legitimate.
It also leaves the customer care number to contact the support team to avoid charging the amount if they do not wish to continue.
If the victims contact the customer care number mentioned in the email, it will connect with spammers, and they are asked to update the online form.
They then instruct the victims to access a website where an application can be downloaded to access the victim’s machine remotely.
Once the scammer has remote access, they pretend to process the refund while secretly browsing their files and accessing sensitive information such as personal documents, banking details, and passwords.
These deceptive schemes cause financial harm to victims and lead to breaches of their personal data.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi,…
Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…
EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…
A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and…
A surge in phishing text messages claiming unpaid tolls has been linked to a massive…