Be Aware of Social Security Scam Granting Hackers Complete Control Over Your Computer Systems
Heads up! Be vigilant against Social Security phishing scams
Stay alert when receiving emails about your Social Security statement. recent reports by Malwarebytes Labs reveal that hackers are impersonating the Social Security Administration (SSA) to dupe individuals into installing remote access tools and taking control of their devices.
The SSA has a history of phishing scams, as the Office of the Inspector General issued a warning last month about fraudulent emails masquerading as Social Security statements, leading to fake websites.
The Phishing Game
The current ploy is the work of a phishing group known as Molatori. It starts with an email, seemingly from the SSA, titled "Your Social Security Statement is now available." An attached document is enclosed, which allegedly contains your statement but is actually a ScreenConnect client. ScreenConnect is a legitimate remote support platform used by IT experts; however, in this context, it grants hackers remote access to your computer.
With full control of your computer, malicious actors can perform various tasks without your knowledge, including installing malware, transferring files, or accessing sensitive information like bank and financial account details. Financial fraud is suspected to be the primary motive for this campaign, but the stolen data can also be used for identity theft or sold to other malicious groups.
Malwarebytes Labs points out that this scheme is challenging to identify because the phishing emails originate from compromised WordPress sites with legitimate domains. Furthermore, the email body might be sent as an image rather than text, making it harder for filters to detect it as malicious.
Safety First
To avoid phishing scams, always exercise caution. Never click on links, download, or open files or attachments sent via email, especially if the message is unsolicited. Go directly to the company's or organization's official website to retrieve important documents and verify communications. Be extra vigilant when dealing with emails that come from compromised (but legitimate) domains.
If you're uncertain about the authenticity of an email or message, copy some of the text and search it to determine if it's part of a known phishing campaign.
Remember, the Social Security Administration will never demand personal information via email or phone, and any message threatening benefit suspension should be treated with suspicion. Stay informed about the latest SSA communications and security measures to protect your benefits.
Be aware that the current phishing scam, known as Molatori, is impersonating the Social Security Administration (SSA) and using remote access tools like ScreenConnect to gain control of devices. This scheme can potentially lead to financial fraud, identity theft, or the selling of stolen data to other malicious groups. Therefore, always practice cybersecurity awareness when dealing with emails, especially those that come from compromised but legitimate domains.
