MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is It A Good Idea To Bait A Phishing Scam?

Is It A Good Idea To Bait A Phishing Scam?

Phishing scams have had a supporting role in many of the latest cyber threats, often as the means the attacker has used to start off their attack. This attack vector is relatively easy to avoid in most cases, but requires education for the end user.

If you see these malicious emails in your inbox, you might be tempted to give the attacker a piece of your mind (or simply mess with them). We’ve all been there.

So, is it a good idea to antagonize a cybercriminal who was targeting you?

In a word, no.

There are plenty of professionals who have experimented with this very concept, for the academic purpose of finding out how a cybercriminal will react. One such researcher, Jerome Segura of Malwarebytes, played though a scam in its entirety. What he encountered was a mixture of apparent helpfulness in finding a cache of issues in his ‘device’ -- actually a virtual machine rigged to record attacks -- and a decidedly less helpful, unpleasant tone.

A  ‘technician’ had Segura check his Microsoft Error reports, warning him that each and every error and warning he sees is a major problem that had already begun to corrupt his system. To reinforce the need for a ‘solution,’ Segura was told that his software warranty had expired and, once transferred to another ‘representative,’ that he needed to pay for a $299 renewal.

Instead of paying, Segura supplied incorrect payment credentials, knowing they would be rejected. Once they were, his computer was suddenly seized. The ‘technician’ deleted all of his files as well as the Ethernet adapter driver, and calling Segura a rude word before disconnecting.

This is a fairly tame account of what this sort of cybercriminal can do. A wildlife photographer named Jakob Dulisse received a call to his home in Nelson, British Columbia, Canada from “Windows Technical Support” in Los Angeles, California. Quickly deducing that this was an attempt to scam him, Dulisse played along at first, before calling the voice on the other end of the line, “a scammer, a thief, and a bad person.”

The scammer/thief/bad person did not react well, stating that their group had people in Canada that would kill Dulisse, going so far as to describe himself as a killer and referencing that people in his region cut people into pieces and rid themselves of them in the river.

Other professionals have simply found remote access software installed without their consent as they have ‘played along’ with scammers.

However, these are professionals, whose job it is to identify and publicize the attacks that cybercriminals are resorting to. As for the business user, their best bet is to report the attempt to the local authorities, as well as your managed service provider.

A managed service provider can help you ensure that you are both secured against, and well-versed, in the latest cyberattacks. Give MERIT Solutions a call at (757) 420-5150 to get started. your social media marketing partner


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 23 October 2017
If you'd like to register, please fill in the username, password and name fields.

Tag Cloud

Security Tip of the Week Cloud Technology Privacy Best Practices Business Computing Hackers Malware Software Network Security Hosted Solutions Backup Internet google Computer Disaster Recovery Productivity Business Continuity Microsoft Windows 10 Managed IT Services Business IT Services VoIP IT Support Innovation Outsourced IT User Tips Hardware Mobile Devices Business Management communications Efficiency Email Ransomware Mobility Mobile Device Management Productivity Windows Server Smartphone Save Money Cybercrime Saving Money Telephone Systems Managed IT Virtualization Apps Cybersecurity Law Enforcement Operating System Hosted Solution Quick Tips Android Data BDR Money Chrome Information Technology Recovery VPN Data Backup Passwords browser Microsoft Office Password Small Business BYOD Health Miscellaneous Data Recovery Managed Service Provider Social Computers upgrade Communication Office 365 Budget Facebook Data Management Wireless Unsupported Software Hacking Avoiding Downtime Automation Cloud Computing Telephony Alert Shortcut Work/Life Balance Office tips Applications Private Cloud Wi-Fi Firewall Application search Proactive IT App Social Media Current Events Audit Smartphones Government Data Security USB Save Time Gadgets Risk Management Workplace Tips Google Drive iPhone Television Mobile Computing Flexibility Social Engineering Transportation Apple Streaming Media Robot Windows 10 Cost Management WiFi History End of Support Remote Computing Spam Going Green Phishing Bandwidth Samsung Antivirus Best Practice Battery Internet of Things Managed IT Services Data Storage HaaS The Internet of Things Compliance Humor Disaster Personal Information User Error Automobile Employer-Employee Relationship Politics Network Gmail Saving Time Cleaning Office Update Computer Care Phone System Hacker Solid State Drive Internet Exlporer IT solutions Wireless Technology Users Encryption DDoS Identity Theft IT Support Holiday IT Management Windows 10s Exchange Analytics Keyboard PDF Travel Instant Messaging Nanotechnology Distributed Denial of Service altivista Computer Accessories Worker Commute Commerce Artificial Intelligence WIndows Server 2008 Hard Disk Drive SBS Mobile Device Big Data Text Messaging Tablets Managing Stress Root Cause Analysis compaq Patch Management Scalability Wearable Technology Books Hiring/Firing NFL Education Augmented Reality hp Touchscreen Vendor Management Business Intelligence Router Outlook How To Vulnerability domain SaaS Benefits Word Laptop Uninterrupted Power Supply Managed IT Service Excel iOS remote Unified Threat Management Content Filtering Windows Ink Touchpad eWaste Yahoo Training Entertainment Reputation Electronic Medical Records Advertising Regulation Computer Fan Running Cable Server 2008 Upgrades Ali Rowghani Google Maps Point of Sale OneNote Screen Mirroring Trending Data Breach Company Culture HIPAA Sync Black Market Data storage Dark Web Consultant Smart Technology Meetings Cast Avoid Downtime Chromecast Emails Value Administration Adobe Shadow IT server installation dvd "cannot install required files" Two-factor Authentication stock Data Loss Document Management Settings Sports Marketing Experience Colocation Hard Drives Licensing Tech Support tweet Google Docs Files HBO Video Games Administrator Webinar Lithium-ion battery Mobile Virtual Reality calculator Twitter Scam Data Protection Legal Access IT solutions control Music Relocation Professional Services Collaboration WSJ Employer Employee Relationship Storage CrashOverride Safety Software as a Service Emergency Thank You WannaCry Congratulations Cache Worker Monitors Microsoft Excel Remote Monitoring File Sharing

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...