No one wants to be made into a fool. And yet, some IT scams and cons appear so legitimate that without the right knowledge, it’s surprisingly easy to become fooled.
IT-related scams often start with phishing attacks. As such, you need to educate your friends, coworkers, and peers on the latest methods.
While some IT scams remain fairly easy to spot (Nigerian prince, anyone?), sometimes they’re far more nuanced, and masquerade as too-good-to-be-true prices on Amazon or eBay…
Just like the old saying goes, if it sounds too good to be true, it probably is.
Let’s explore some of the latest examples of IT scams and fraud techniques, so you’ll know how to stay safe.
Counterfeit Cisco Gear
This past May, Cisco struggled with their supply chain, warning of potential counterfeit products in the market.
Just how bad was it? And, how could it all happen?
Well, a US Department of Justice action reveals over $100,000,000 in fraudulent Cisco products illegally sold between 2014 and 2022 through Amazon and eBay stores.
US-based Pro Networks controlled at least 19 shell companies that refurbished older Cisco gear with cosmetic and technical alterations.
These cosmetic changes made the gear appear like new and advanced models through counterfeit stickers, boxes, labels, and packaging.
The technical alterations, often performed in China, included pirated Cisco software and components designed to defeat Cisco’s authentication checks.
When some components proved unreliable and failed quickly, fake return-to addresses and other measures complicated refunds and legal action.
For those who fell victim to this IT scam, little recourse remained.
Office 365 Phish Bypasses MFA
Recently, Microsoft security researchers uncovered a major phishing campaign targeting more than 10,000 organizations, designed to take control of user’s accounts.
The attack started with phishing emails which linked to realistic-looking Office 365 login-pages. These pages were even pre-filled with the user’s email address.
When the user typed in their password, the attacker’s man-in-the-middle (MITM) website relayed the information to Office 365 through a TLS/HTTPS connection with Office 365. The secure connection allowed Office 365 to process the request as if the victim used the resource directly.
For MFA-enabled accounts, the MITM site would instantly display the MFA prompt displayed on Office 365. As most of us would, the victim would enter their MFA code, unaware of the IT scam about to happen.
The MITM would relay the MFA code, authorize Office 365, and then redirect the user to an unrelated webpage.
Meanwhile, the MITM website steals the user’s Office 365 session cookie and takes control of the account. Attackers then alter mailbox rules to retain access and hijack any email threads regarding financial transactions to attempt Business Email Compromise (BEC) fraud from inside the company.
MITM attacks can be prevented by using physical MFA (key fobs, USB keys, etc.), or computer certificates associated with specific MAC or IP addresses. MITM attacks generally can’t pass along these MFA responses, and Office 365 will reject the attempt.
Microsoft also recommends setting up policies to trigger alerts in case of unusual email access, untrusted IP addresses, and untrusted devices. Just keep in mind that someone will need to view and respond to these alerts.
Other Notable Phishing Attacks & IT Scams
Fraudsters know when users receive a bill or a notice from a respected company, they often act immediately and instinctually. Who among us hasn’t clicked “Pay Now” simply out of habit?
Unfortunately, these realistic-looking IT scams can steal your information before you realize what’s happening.
Sometimes, such fraud comes in the form of a fake text pretending to offer a refund. These IT scams are making their rounds because of a recent internet outage by Canadian telecommunications giant Rodgers.
More sophisticated attacks use multi-channel phishing to add credibility to their attempt, with a notice to customers such as:
- A QuickBooks receipt for credit card charges used to pay a fraudulent invoice
- A Crowdstrike workstation audit notice
These IT scams are notable because the notice itself is non-malicious. They simply advise the potential victim to place a phone call to “resolve any potential issues”.
Once the victim calls, the attackers persuade the victim to download remote access trojans (RATs), or to give up their credit card information for a ‘refund.’ While giving up your credit card info is bad enough, RAT attacks pose even more danger.
Why? Because they often lead to follow-on attacks, such as ransomware & further data theft.
Fighting IT Scams and Phishing
It’s not always easy spotting IT scams and fraud techniques. But, one simple, non-technical method to countering any of these attacks is communication.
IT teams that relay the latest information to other employees can encourage your team to ask the help desk questions about questionable emails, and to guard against the next too-good-to-be-true deal on hardware or callback scams.
Network gear can be verified by network security, and malicious activity can be caught by cybersecurity monitoring.
Of course, there’s no reason you need to go it alone. If you could use a little help protecting your business, Blue Bastion Cyber Security, along with support of Ideal Integrations, can help. Simply contact us at 412-349-6680, or fill out the form below to put our team of security experts to work to help your team fight off potential attacks.
And, as always, stay vigilant friends.