MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is It A Good Idea To Bait A Phishing Scam?

Is It A Good Idea To Bait A Phishing Scam?

Phishing scams have had a supporting role in many of the latest cyber threats, often as the means the attacker has used to start off their attack. This attack vector is relatively easy to avoid in most cases, but requires education for the end user.

If you see these malicious emails in your inbox, you might be tempted to give the attacker a piece of your mind (or simply mess with them). We’ve all been there.

So, is it a good idea to antagonize a cybercriminal who was targeting you?

In a word, no.

There are plenty of professionals who have experimented with this very concept, for the academic purpose of finding out how a cybercriminal will react. One such researcher, Jerome Segura of Malwarebytes, played though a scam in its entirety. What he encountered was a mixture of apparent helpfulness in finding a cache of issues in his ‘device’ -- actually a virtual machine rigged to record attacks -- and a decidedly less helpful, unpleasant tone.

A  ‘technician’ had Segura check his Microsoft Error reports, warning him that each and every error and warning he sees is a major problem that had already begun to corrupt his system. To reinforce the need for a ‘solution,’ Segura was told that his software warranty had expired and, once transferred to another ‘representative,’ that he needed to pay for a $299 renewal.

Instead of paying, Segura supplied incorrect payment credentials, knowing they would be rejected. Once they were, his computer was suddenly seized. The ‘technician’ deleted all of his files as well as the Ethernet adapter driver, and calling Segura a rude word before disconnecting.

This is a fairly tame account of what this sort of cybercriminal can do. A wildlife photographer named Jakob Dulisse received a call to his home in Nelson, British Columbia, Canada from “Windows Technical Support” in Los Angeles, California. Quickly deducing that this was an attempt to scam him, Dulisse played along at first, before calling the voice on the other end of the line, “a scammer, a thief, and a bad person.”

The scammer/thief/bad person did not react well, stating that their group had people in Canada that would kill Dulisse, going so far as to describe himself as a killer and referencing that people in his region cut people into pieces and rid themselves of them in the river.

Other professionals have simply found remote access software installed without their consent as they have ‘played along’ with scammers.

However, these are professionals, whose job it is to identify and publicize the attacks that cybercriminals are resorting to. As for the business user, their best bet is to report the attempt to the local authorities, as well as your managed service provider.

A managed service provider can help you ensure that you are both secured against, and well-versed, in the latest cyberattacks. Give MERIT Solutions a call at (757) 420-5150 to get started.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, July 20 2018

Captcha Image

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Cloud Business Computing Network Security Hackers Malware Software Productivity Internet Managed IT Services Hosted Solutions Business Management Backup Mobile Devices google Computer Microsoft Business Outsourced IT Disaster Recovery Hardware communications IT Support VoIP Business Continuity Windows 10 Innovation Cybersecurity Email IT Services User Tips Efficiency Data Backup Cybercrime Windows Tech Term Saving Money Mobile Device Management Data Recovery Managed IT Small Business Mobility Server Apps Ransomware Internet of Things Operating System browser Data Smartphone Law Enforcement Productivity Telephone Systems Android Virtualization BDR Office 365 Money Save Money Smartphones Cloud Computing Hosted Solution Quick Tips Passwords Phishing Data Security Recovery IT Support VPN Network Microsoft Office Password BYOD Automation Holiday Managed Service Provider Chrome Information Technology Communication Budget Risk Management Collaboration Data Management Unsupported Software Facebook Government Work/Life Balance Update Cost Management Vulnerability Hacking Gadgets Wi-Fi Google Drive Avoiding Downtime Workplace Tips Application Alert Health Miscellaneous Data Breach Computers Social upgrade Two-factor Authentication Best Practice Social Media App Wireless Data Protection Employer-Employee Relationship Users User Error Blockchain Identity Theft Tech Support Artificial Intelligence Gmail Flexibility Shortcut Wireless Technology Spam Router Firewall Telephony Antivirus Current Events Managed IT Services Audit Social Engineering Compliance Private Cloud Office tips Streaming Media Personal Information Applications History Remote Computing Politics Proactive IT search Cleaning USB Save Time The Internet of Things Humor Disaster Computer Care Phone System Legal Encryption Redundancy Management Travel Sports Commerce Cortana Mobile Security Big Data Patch Management Devices Hacker Windows 10 Internet Exlporer Solid State Drive Google Assistant Education Vendor Management IT solutions SaaS Wireless Charging Excel Fraud iPhone DDoS Samsung Data Storage Mobile Computing Content Filtering Battery Transportation OneNote Television HaaS Networking Robot Apple Project Management Automobile End of Support WiFi Value Data Loss Marketing MSP Going Green Bandwidth Saving Time Google Docs Office eWaste Video Games Microsoft Excel Computing Remote Monitoring Virtual Reality IT solutions Running Cable Server 2008 Gifts Monitoring Unified Communications Scam Professional Services IT budget Data storage Ali Rowghani Trending File Sharing Analysis Music IT Management Maintenance Administration Windows 10s Chromecast Financial Employer Employee Relationship Nanotechnology Storage App store Analytics Keyboard WIndows Server 2008 Device Security Instant Messaging Colocation Hard Disk Drive server installation dvd "cannot install required files" Credit Cards Financial Technology stock Bring Your Own Device Computer Accessories Tablets Identities Worker Commute Hard Drives Root Cause Analysis Files Mobile Device Managing Stress Administrator Lithium-ion battery FAQ Printing tweet Hybrid Cloud NFL IoT Augmented Reality Scalability Touchscreen Lifestyle Identity Books Business Intelligence Hiring/Firing Outlook Spyware Relocation Access calculator Charger Twitter Business Technology Word Language How To control Legislation Data Privacy Managed IT Service Computer Forensics Benefits iOS WSJ Wasting Money Windows Ink PDF Exchange Unified Threat Management Comparison Hard Drive Evernote PowerPoint Regulation Edge Computer Fan Distributed Denial of Service altivista Amazon Training Google Maps Virus Entertainment Text Messaging Screen Mirroring SBS Upgrades Specifications Chromebook Electronic Medical Records Wireless Internet Sync Ciminal Point of Sale Dark Web compaq Virtual Assistant Company Culture Software as a Service Proactive HIPAA Meetings Cast Black Market Emails Wearable Technology Consultant Sales Smart Tech Safety Workers Gamification Smart Technology Adobe hp Laptop Uninterrupted Power Supply Alexa for Business Websites Settings Avoid Downtime Shadow IT domain Retail Connectivity Updates Memory Licensing Document Management WannaCry Touchpad Data Theft Experience HBO Reputation Webinar remote Conferencing Content Filter Microsoft Word Students Mobile intranet Advertising Yahoo Worker Thank You Congratulations CrashOverride Emergency Cache Monitors

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...