4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is It A Good Idea To Bait A Phishing Scam?

Is It A Good Idea To Bait A Phishing Scam?

Phishing scams have had a supporting role in many of the latest cyber threats, often as the means the attacker has used to start off their attack. This attack vector is relatively easy to avoid in most cases, but requires education for the end user.

If you see these malicious emails in your inbox, you might be tempted to give the attacker a piece of your mind (or simply mess with them). We’ve all been there.

So, is it a good idea to antagonize a cybercriminal who was targeting you?

In a word, no.

There are plenty of professionals who have experimented with this very concept, for the academic purpose of finding out how a cybercriminal will react. One such researcher, Jerome Segura of Malwarebytes, played though a scam in its entirety. What he encountered was a mixture of apparent helpfulness in finding a cache of issues in his ‘device’ -- actually a virtual machine rigged to record attacks -- and a decidedly less helpful, unpleasant tone,

A  ‘technician’ had Segura check his Microsoft Error reports, warning him that each and every error and warning he sees is a major problem that had already begun to corrupt his system. To reinforce the need for a ‘solution,’ Segura was told that his software warranty had expired and, once transferred to another ‘representative,’ that he needed to pay for a $299 renewal.

Instead of paying, Segura supplied incorrect payment credentials, knowing they would be rejected. Once they were, his computer was suddenly seized. The ‘technician’ deleted all of his files as well as the Ethernet adapter driver, and calling Segura a rude word before disconnecting.

This is a fairly tame account of what this sort of cybercriminal can do. A wildlife photographer named Jakob Dulisse received a call to his home in Nelson, British Columbia, Canada from “Windows Technical Support” in Los Angeles, California. Quickly deducing that this was an attempt to scam him, Dulisse played along at first, before calling the voice on the other end of the line, “a scammer, a thief, and a bad person.”

The scammer/thief/bad person did not react well, stating that their group had people in Canada that would kill Dulisse, going so far as to describe himself as a killer and referencing that people in his region cut people into pieces and rid themselves of them in the river.

Other professionals have simply found remote access software installed without their consent as they have ‘played along’ with scammers.

However, these are professionals, whose job it is to identify and publicize the attacks that cybercriminals are resorting to. As for the business user, their best bet is to report the attempt to the local authorities, as well as your managed service provider.

A managed service provider can help you ensure that you are both secured against, and well-versed, in the latest cyberattacks. Give 4IT a call at 305-278-7100 to get started.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 20 October 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft Internet Business Computing software Backup Hackers Hosted Solutions Productivity Business Management Managed Service Provider Malware Google IT Services Business Efficiency Windows Innovation Disaster Recovery IT Support Hardware Workplace Tips Business Continuity Computer VoIP Saving Money Windows 10 Miscellaneous Virtualization User Tips Upgrade Mobile Device Management Mobile Devices Data Network Security Server Mobile Computing Email Network Alert Save Money Microsoft Office Communication Quick Tips communications Social Media Smartphone Smartphones Information Technology BYOD Going Green Mobile Office Apps Small Business Office Health Android Application Browser Ransomware Gadgets Outsourced IT Operating System Chrome Productivity Managed IT Services Firewall Disaster Avoiding Downtime Tablet IT Solutions Telephone Systems Spam WiFi BDR Managed IT Search Cybersecurity Passwords Holiday Mobility Data Management The Internet of Things Risk Management Remote Computing Cybercrime Unified Threat Management History Remote Monitoring Hard Drives Employer-Employee Relationship Budget Saving Time Automation Apple Hacking Vendor Management VPN Best Practice Facebook iPhone Computers Customer Relationship Management Proactive IT Recovery Phone System User Error Collaboration Law Enforcement Office Tips Marketing Wireless Technology Phishing Password Big Data Hosted Solution Wearable Technology USB Telephony Content Filtering Maintenance Analytics PowerPoint Encryption Virus Gmail Router Data Recovery Lithium-ion battery Bring Your Own Device Data Backup Antivirus Office 365 Current Events Shortcut Social Humor Administration Printer Money Wireless Unsupported Software Outlook Google Drive Cloud Computing Private Cloud Save Time Users Government App Cost Management Windows 8 Intranet Bandwidth Printer Server Work/Life Balance Audit Laptop HaaS OneNote Business Intelligence Data Security Trending Education Point of Sale Net Neutrality IT COnsultant Computer Repair Social Engineering Tech Support Paperless Office Automobile End of Support Instant Messaging IT Support Emails Fax Server Windows 10 Social Networking HIPAA Workplace Entertainment Internet Exlporer Benefits DDoS Computer Accessories Vulnerability Streaming Media Internet of Things Uninterrupted Power Supply online currency Mouse Compliance Identity Theft Data Protection Solid State Drive Flexibility Two-factor Authentication Data Storage Managing Stress SaaS Excel Samsung Efficency Wi-Fi Emergency Network Congestion Travel Applications Help Desk hacker Update Customer Service Politics Biometrics Personal Information Retail Display Transportation Virtual Reality Meetings Augmented Reality Computer Care Battery Robot IT consulting Hiring/Firing Human Resources WIndows Server 2008 Data storage Running Cable Windows Ink risk management Ebay Books Computing Reliable Computing Smart Technology Video Games Patch Management Google Maps Document Management Hard Drive Data Breach Advertising Bloatware Commerce Legal Regulation Touchpad Mobile Device Images Managed Security Uograde Sync Scam Branding Distributed Denial of Service Twitter Data Loss iOS Managed IT Service Surge Protector Adobe WIndows 7 Managed IT Services Employer Employee Relationship Sports Operating Sysytem eWaste Television Computer Fan Inbound Marketing Worker Commute 3D Printing PDF Regulations Licensing Scalability Files Dark Web Value Wiring Safety Text Messaging Screen Mirroring Information Cameras User ISP How To Chromecast Science Debate Upgrades Presentation Artificial Intelligence Virtual Desktop Cast Bluetooth Best Available Windows 10s Training Programming Blogging Administrator Colocation IT Technicians Nanotechnology Consultant The Blindside Of SharePoint Tablets Hard Disk Drive Company Culture Black Market Website Access Root Cause Analysis Touchscreen IT Security HBO Nokia Teamwork NFL best practices Cleaning OneDrive Amazon CrashOverride Busines Continuity Experience Near Field Communication Keyboard Avoid Downtime Co-managed IT Networking IT Management Word data breach Settings Music Lifestyle Tutorial Software as a Service Microblogging Youtube Sales Taxes Managed Service Provder Google Docs Storage Webinar Supercomputer Electronic Medical Records Webinar IT service Microsoft Excel IT Budget Domains Gift Giving Mobile IT solutions Reputation File Sharing Professional Services Buisness Shadow IT Relocation