Skip to content

Amazon's Not-So-Real Alerts

Have you noticed any suspicious PDF attachments in your Microsoft Outlook recently? There has been a surge in phishing emails with PDF attachments sent to Outlook users over the last several months. Many of these emails are Amazon-themed phishing scams that are focused on targeting Outlook users in North America, Southern Europe, and Asia.

In this scam, cybercriminals are posing as Amazon support and sending notifications claiming that your Amazon account is on hold due to billing errors. The email urges you to resolve this issue by clicking a link to update your billing information. The cybercriminals cleverly hide their malicious intent behind URL shorteners and other tricks, making these unsafe links hard to spot. If you click one of these links, you’ll be sent to a fake website designed to steal your login credentials or credit card information. The PDF files attached to these phishing emails also contain malware, which can cause security risks if you download them to your device. 

Follow the tips below to stay safe from similar scams:

  • Always be suspicious of unexpected emails, particularly if they ask for personal or financial information.
  • If you receive an email claiming that you need to verify information on your account, navigate directly to the official website instead of clicking on a link. 

This attack isn't exclusive to Outlook users. Anyone who uses email can be exploited, so be careful with the emails you receive.

Job Offer or Digital Danger?

DON'T BE A VICTIM: Recently, cybercriminal groups in Vietnam have been targeting individuals by sharing fake job postings. According to WithSecure experts, these groups are primarily targeting the digital marketing sector and Facebook business accounts. These fake job postings are used to spread known malware such as DarkGate and Ducktail.
In this scam, cybercriminals use LinkedIn messenger to send you a link to a fake job description. If you click on the link, you’ll be sent to an unsafe website that will lead you to malware-infected Google Drive files. If you download these files, the cybercriminals can gain access to your internet browser's cookies and session data. This information helps them steal your login credentials and other sensitive information.
Follow the tips below to stay safe from similar scams:
• Be suspicious of unexpected LinkedIn messages, especially those with job offers from unfamiliar sources.
• Confirm that the person you’re speaking to is actually who they say they are. Look up the organization on official websites to verify job offers.
• Be cautious of offers that seem too good to be true. Cybercriminals will use unrealistic job offers to lure you into fake websites to access your sensitive information.
The KnowBe4 Security Team

Scammers are impersonating FTC Inspector General Andrew Katsaros

Scammers are using the names of FTC employees, including the FTC’s Inspector General, to trick people into sending money or giving up their personal information. Here’s what you need to know.


(View or share the YouTube version of the video.)

The FTC won’t threaten you or demand a payment. If you get a letter with the name of an FTC Commissioner or staff member that threatens some dire consequence if you don’t pay immediately, it’s a scam. Don’t pay. The same goes for threatening callers that claim to be from the FTC.

The FTC doesn’t give out prizes. If someone contacts you claiming to be from the FTC and says you need to pay to get your prize, it’s a scam.

FTC employees won’t identify themselves with a badge number. If someone claiming to work for the FTC gives you a badge number, it’s a scam. Especially if they then ask you for money.

Don’t respond to someone who says they’re from the FTC and demands money, threatens you, or asks for personal or financial information. Report them to the FTC at ReportFraud.ftc.gov.


Federal Student Loan Scams

You've probably heard the news - federal student loan repayments started again in October. But scammers might try and tell you they can help you avoid repayment, lower your payments, or get your loans forgiven - for a price. Here's how to spot and avoid these scams.

The most important thing to know is this: the best source of information on your federal student loans is Federal Student Aid. Also, you don't need to pay to sign up for any programs to lower your payments or get forgiveness - it's all free at StudentAid.gov/repay. And, you can do it yourself.


Scams that start on social media

Scammers are hiding out on social media, using ads and offers to market their scams, according to people’s reports to the FTC and a new Data Spotlight. In the first six months of 2020, people reported losing a record high of almost $117 million to scams that started on social media.


Teaching Children About Money Now, Pays Dividends Later

Set them on a path toward a solid financial future


Heard about the “waiting package” phishing scam?

Phishing scams can be hard to spot. For example, we’ve been hearing about one where people get a text message saying that there’s a package waiting for them, and asking them to click a link to learn more. Sounds innocent enough, right? Unfortunately not.


“You’ve won! Now pay us” is always a scam.

During these difficult economic times, it is easy to imagine our financial problems disappearing by winning a big prize. Who wouldn’t like to win a million dollars, a new car, or a vacation home? But if you get a call from someone saying, “You’ve won,” don’t believe the hype.


Video shows how scammers tell you to pay

Scammers make up all kinds of stories to get your money, from telling you that you’ve won a prize, you owe a debt, or your family member is in an emergency. But some things stay the same: scammers want your money, they want it fast, and don’t want you to be able to get it back. They’ll ask you to pay in ways that make it hard to track them down — and once you know what these are, you’ll have one more clue to tell if you’re dealing with a scammer.


Military Data Spotlight: Identity theft and servicemembers

Every year, thousands of servicemembers report to us about their consumer experiences. Those reports are the focus of the FTC’s Data Spotlight, Identity theft causing outsized harm to our troops. From an analysis of the data, we can see that servicemembers often face consumer challenges that differ from those faced by their civilian counterparts – especially when it comes to identity theft. For instance, active duty servicemembers are 76% more likely than other adults to report that an identity thief misused one of their existing accounts, such as a bank account or credit card. Most notably, they are nearly three times as likely to report that someone used a debit card or some other electronic means to take money directly from their bank account. The Spotlight goes on to discuss other associated issues that servicemembers face, including identity theft-related debt collection and problems with credit bureaus.


Bureau blogs on Social Security scams

The CFPB has posted a blog article, "Five ways to recognize a Social Security scam." These scams are the most commonly reported type of fraud, according to the Federal Trade Commission. The Office of the Inspector General at the Social Security Administration is warning the public about scammers making phone calls and following up with emails with falsified documents in attempts to get people to pay for fictitious government claims or fees to reinstate or increase benefits. The Bureau lists five symptoms of scams that can help protect people from becoming victims:

  1. Threats of arrest or legal action
  2. Emails or texts with personally identifiable information
  3. Misspellings and grammar mistakes
  4. Requests for payment by gift or pre-paid card, cash, or wire transfer
  5. Offers to increase benefits in exchange for payment

Anyone who believes they have been victimized by a Social Security scam should report it to the Federal Trade Commission at ftc.gov/complaint and to the SSA Office of Inspector General Fraud at oig.ssa.gov.


Making mobile payments? Protect yourself from scams

Using mobile payment apps like CashApp, Venmo, or Zelle can be a convenient way to get quick cash to your family and friends. But remember the first rule of sending money, whether you’re using an app or money wiring service: Be sure you know who’s on the receiving end. Otherwise, you might lose the money you sent — and then some.


IC3 Issues Alert on Employment Scams

The Internet Crime Complaint Center (IC3) has issued an alert warning consumers of fake jobs and hiring scams targeting applicants’ personally identifiable information (PII). Cyber criminals posing as legitimate employers spoof company websites and post fake job openings to lure victims. Cyber criminals will conduct fake interviews and even offer positions to victims before requesting PII such as Social Security numbers and bank account information


Cybersecurity for Small Business

If you own a small business, you know it's critical to protect your business from cyber threats.  The FTC has launched a cybersecurity resources for small businesses.  


Youth Money Management Goes Hand-in-Hand With Youth Employment

A teen's first job provides a great opportunity to shape positive financial habits. Many teens think about how they can earn money so they can spend it, but it’s important to learn how to manage it as well. The best place to start is with a bank account. Once you land that new job, you should establish a bank account to keep track of your new earnings and keep it safe....


What to do about Robocalls

Not another robocall! We’ve all felt that way. Wondering what to do about robocalls? The FTC worked with AARP to create a series of videos about imposter scams – including robocalls, IRS imposters and Medicare scams. While the videos are aimed at older Asian Americans and Pacific Islanders, the tips apply to everyone. For three Fridays, we’ve highlighted these videos: first Medicare scams, then IRS imposters, and now robocalls...


This is what a Social Security scam sounds like

Earlier this month, we told you about a growing scam: people pretend to be from the Social Security Administration (SSA) and try to get your Social Security number or your money. That scam is now growing exponentially. To compare: in 2017, we heard from 3,200 people about SSA imposter scams, and those people reported losing nearly $210,000. So far THIS year: more than 35,000 people have reported the scam, and they tell us they’ve lost $10 million...