MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is It A Good Idea To Bait A Phishing Scam?

Is It A Good Idea To Bait A Phishing Scam?

Phishing scams have had a supporting role in many of the latest cyber threats, often as the means the attacker has used to start off their attack. This attack vector is relatively easy to avoid in most cases, but requires education for the end user.

If you see these malicious emails in your inbox, you might be tempted to give the attacker a piece of your mind (or simply mess with them). We’ve all been there.

So, is it a good idea to antagonize a cybercriminal who was targeting you?

In a word, no.

There are plenty of professionals who have experimented with this very concept, for the academic purpose of finding out how a cybercriminal will react. One such researcher, Jerome Segura of Malwarebytes, played though a scam in its entirety. What he encountered was a mixture of apparent helpfulness in finding a cache of issues in his ‘device’ -- actually a virtual machine rigged to record attacks -- and a decidedly less helpful, unpleasant tone.

A  ‘technician’ had Segura check his Microsoft Error reports, warning him that each and every error and warning he sees is a major problem that had already begun to corrupt his system. To reinforce the need for a ‘solution,’ Segura was told that his software warranty had expired and, once transferred to another ‘representative,’ that he needed to pay for a $299 renewal.

Instead of paying, Segura supplied incorrect payment credentials, knowing they would be rejected. Once they were, his computer was suddenly seized. The ‘technician’ deleted all of his files as well as the Ethernet adapter driver, and calling Segura a rude word before disconnecting.

This is a fairly tame account of what this sort of cybercriminal can do. A wildlife photographer named Jakob Dulisse received a call to his home in Nelson, British Columbia, Canada from “Windows Technical Support” in Los Angeles, California. Quickly deducing that this was an attempt to scam him, Dulisse played along at first, before calling the voice on the other end of the line, “a scammer, a thief, and a bad person.”

The scammer/thief/bad person did not react well, stating that their group had people in Canada that would kill Dulisse, going so far as to describe himself as a killer and referencing that people in his region cut people into pieces and rid themselves of them in the river.

Other professionals have simply found remote access software installed without their consent as they have ‘played along’ with scammers.

However, these are professionals, whose job it is to identify and publicize the attacks that cybercriminals are resorting to. As for the business user, their best bet is to report the attempt to the local authorities, as well as your managed service provider.

A managed service provider can help you ensure that you are both secured against, and well-versed, in the latest cyberattacks. Give MERIT Solutions a call at (757) 420-5150 to get started.

e-max.it: your social media marketing partner
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 24 August 2017
If you'd like to register, please fill in the username, password and name fields.

Tag Cloud

Security Tip of the Week Cloud Technology Privacy Business Computing Best Practices Hackers Malware Hosted Solutions Backup Internet Software Network Security Productivity Computer google Microsoft Business Windows 10 Disaster Recovery Business Continuity Managed IT Services VoIP Innovation IT Services IT Support Hardware Business Management User Tips communications Outsourced IT Efficiency Mobility Email Windows Mobile Devices Save Money Productivity Saving Money Managed IT Server Ransomware Telephone Systems Apps Smartphone Operating System Quick Tips Hosted Solution Mobile Device Management Virtualization Law Enforcement Information Technology Recovery Cybercrime Android Passwords Data browser BDR Password Small Business Social upgrade Budget Chrome Unsupported Software Communication Wireless VPN Facebook Hacking Cybersecurity Avoiding Downtime BYOD Health Miscellaneous Computers Money Firewall Application Social Media Current Events Office 365 Smartphones Data Management search App Cloud Computing USB Save Time Microsoft Office Risk Management Government Google Drive Automation Telephony Alert Managed Service Provider Gadgets Work/Life Balance Private Cloud Workplace Tips Office tips Wi-Fi Proactive IT Best Practice Data Backup Television Social Engineering Antivirus Internet of Things Streaming Media Battery The Internet of Things Saving Time Humor Disaster HaaS WiFi Office Computer Care Employer-Employee Relationship Personal Information Data Storage Phishing Cleaning Going Green Automobile Bandwidth Network Users Spam Hacker Internet Exlporer Solid State Drive Phone System Wireless Technology Shortcut Cost Management Gmail Identity Theft Mobile Computing Transportation Update Samsung Flexibility Audit Robot IT solutions Applications History DDoS End of Support Compliance Remote Computing Holiday Company Culture Laptop Uninterrupted Power Supply Router Data Recovery Exchange Artificial Intelligence Consultant Distributed Denial of Service How To Patch Management altivista Smart Technology Value Touchpad Business Intelligence SBS Marketing Two-factor Authentication Reputation Content Filtering Outlook compaq Apple Nanotechnology Advertising Entertainment Wearable Technology Managed IT Service hp Webinar Touchscreen Electronic Medical Records Excel Point of Sale Root Cause Analysis Data storage HIPAA domain IT solutions Administration Chromecast Black Market Regulation Augmented Reality Scam Politics Sports Avoid Downtime Screen Mirroring remote Yahoo Windows 10s Managed IT Services Colocation eWaste Shadow IT Sync Document Management Tech Support Hard Drives Employer Employee Relationship Experience Files Running Cable Cast Server 2008 Ali Rowghani Hard Disk Drive Data Breach Keyboard Administrator Lithium-ion battery Adobe Trending OneNote Computer Accessories Mobile Device User Error Video Games Data Security Windows 10 Emails Relocation Access Virtual Reality Meetings Music Legal HBO server installation dvd "cannot install required files" stock Vulnerability iPhone Hiring/Firing Encryption Settings PDF Vendor Management SaaS Analytics Data Protection tweet iOS Benefits Instant Messaging Worker Commute IT Support Text Messaging Unified Threat Management Big Data IT Management calculator Twitter Computer Fan Managing Stress Commerce control Training Upgrades Books Scalability WIndows Server 2008 WSJ Dark Web Education

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

No comments yet.