4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is It A Good Idea To Bait A Phishing Scam?

Is It A Good Idea To Bait A Phishing Scam?

Phishing scams have had a supporting role in many of the latest cyber threats, often as the means the attacker has used to start off their attack. This attack vector is relatively easy to avoid in most cases, but requires education for the end user.

If you see these malicious emails in your inbox, you might be tempted to give the attacker a piece of your mind (or simply mess with them). We’ve all been there.

So, is it a good idea to antagonize a cybercriminal who was targeting you?

In a word, no.

There are plenty of professionals who have experimented with this very concept, for the academic purpose of finding out how a cybercriminal will react. One such researcher, Jerome Segura of Malwarebytes, played though a scam in its entirety. What he encountered was a mixture of apparent helpfulness in finding a cache of issues in his ‘device’ -- actually a virtual machine rigged to record attacks -- and a decidedly less helpful, unpleasant tone,

A  ‘technician’ had Segura check his Microsoft Error reports, warning him that each and every error and warning he sees is a major problem that had already begun to corrupt his system. To reinforce the need for a ‘solution,’ Segura was told that his software warranty had expired and, once transferred to another ‘representative,’ that he needed to pay for a $299 renewal.

Instead of paying, Segura supplied incorrect payment credentials, knowing they would be rejected. Once they were, his computer was suddenly seized. The ‘technician’ deleted all of his files as well as the Ethernet adapter driver, and calling Segura a rude word before disconnecting.

This is a fairly tame account of what this sort of cybercriminal can do. A wildlife photographer named Jakob Dulisse received a call to his home in Nelson, British Columbia, Canada from “Windows Technical Support” in Los Angeles, California. Quickly deducing that this was an attempt to scam him, Dulisse played along at first, before calling the voice on the other end of the line, “a scammer, a thief, and a bad person.”

The scammer/thief/bad person did not react well, stating that their group had people in Canada that would kill Dulisse, going so far as to describe himself as a killer and referencing that people in his region cut people into pieces and rid themselves of them in the river.

Other professionals have simply found remote access software installed without their consent as they have ‘played along’ with scammers.

However, these are professionals, whose job it is to identify and publicize the attacks that cybercriminals are resorting to. As for the business user, their best bet is to report the attempt to the local authorities, as well as your managed service provider.

A managed service provider can help you ensure that you are both secured against, and well-versed, in the latest cyberattacks. Give 4IT a call at 305-278-7100 to get started.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 15 December 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Backup Hackers Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Disaster Recovery Innovation Hardware Business Continuity Workplace Tips VoIP Saving Money Computer User Tips Upgrade Miscellaneous Virtualization Windows 10 Mobile Device Management Mobile Devices Data Server Network Security Mobile Computing Alert Email Communication Network Save Money Microsoft Office Smartphone Small Business communications Quick Tips Going Green Mobile Office Information Technology Social Media Smartphones BYOD Apps Health Android Office Managed IT Services Outsourced IT Browser Gadgets Operating System Chrome Application Ransomware Disaster Productivity Managed IT Tablet WiFi Mobility Holiday Firewall Avoiding Downtime Spam BDR Risk Management Cybersecurity Search Best Practice Data Management Cybercrime The Internet of Things Remote Computing Passwords Telephone Systems Unified Threat Management IT Solutions Automation Saving Time Hacking History Remote Monitoring VPN Apple Facebook Employer-Employee Relationship Budget Vendor Management Hard Drives Proactive IT Office Tips User Error iPhone Customer Relationship Management Law Enforcement Collaboration Phishing Password Wireless Technology Data Recovery Hosted Solution Computers Money Big Data Marketing Content Filtering Recovery Phone System Data Backup Analytics Encryption Gmail Router Humor Government Administration Wearable Technology Work/Life Balance Lithium-ion battery Antivirus Maintenance PowerPoint Shortcut Virus Office 365 Social Vulnerability Current Events Telephony Printer Bring Your Own Device USB Point of Sale IT COnsultant Save Time Data Security Computer Repair App Data Protection SaaS Cost Management Audit HaaS Intranet Bandwidth Printer Server Business Intelligence Laptop OneNote Users Windows 8 Politics Personal Information Education Social Engineering Trending Net Neutrality Wireless Unsupported Software Private Cloud Tech Support Cloud Computing Google Drive Outlook Mouse Internet Exlporer Compliance Workplace Streaming Media Internet of Things Identity Theft Two-factor Authentication Managing Stress Uninterrupted Power Supply Solid State Drive Flexibility Excel Sports online currency Travel Social Networking Samsung Wi-Fi Emergency IT Support Artificial Intelligence Update Customer Service Efficency Applications Windows 10 Biometrics Retail Virtual Reality hacker Meetings Transportation Display Computer Care Battery Instant Messaging Robot Emails HIPAA Augmented Reality Data Storage Automobile Entertainment Network Congestion Paperless Office Benefits End of Support DDoS Computer Accessories Fax Server Help Desk Distributed Denial of Service Legal Cast Mobile Device Windows 10s Touchpad WIndows 7 Nokia systems Managed Security Nanotechnology eWaste Storage Inbound Marketing Scam Tablets Hard Disk Drive Regulations hack Root Cause Analysis Value Twitter Employer Employee Relationship HBO NFL Worker Commute best practices Operating Sysytem Cameras User Cortana Surge Protector CrashOverride PDF Scalability Science Files Television IT Management Word data breach Virtual Desktop 3D Printing Presentation Best Available Legislation Safety Settings Bluetooth Text Messaging IT Technicians How To Chromecast WIndows Server 2008 Upgrades Windows Ink Hard Drive risk management ISP SharePoint Training Patch Management Administrator Uograde Consultant Google Maps Images Colocation Programming Blogging The Blindside Of Commerce Teamwork Company Culture Regulation Black Market Access Busines Continuity Touchscreen Software as a Service Networking Near Field Communication Website IT Security Cleaning Sync IT consulting Data Loss Experience iOS Human Resources Running Cable Avoid Downtime OneDrive Keyboard Managed IT Service Adobe Wiring Managed IT Services Amazon Reliable Computing Information Co-managed IT Google Docs Music Computer Fan Hiring/Firing Debate Licensing Bloatware Data storage Microsoft Excel Lifestyle Books Dark Web Video Games Ebay Smart Technology Screen Mirroring Document Management Computing File Sharing Data Breach Branding Advertising FAQ Professional Services Tutorial Taxes IT service Supercomputer Electronic Medical Records Domains IT Budget Reputation Comparison Gift Giving Youtube Microblogging Buisness Specifications Sales Conferencing Managed Service Provder Shadow IT Webinar Relocation Gifts Redundancy Webinar Credit Cards Mobile IT solutions