Phishing Scams combined with Browser Hijacking
Last week one of our law firm clients alerted us to a new and sneaky phishing scam. The scam which we’ve dubbed the “800 Number Scam” actually begins with a browser hijack, which alerts users with a message that their internet browser is compromised and that all of the computer's data will be detained unless they call a provided 800 number to receive “support.”
What is scary about this scam, is that it is not just an Internet Explorer exploit. This scam also affects Safari, Chrome and Firefox browsers as shown by the below screen shots.
What should I do if I encounter this type of scam?
If you ever encounter a similar scam, the first thing you must NOT do is call the 800 number. If you have, and then proceeded to part with any funds, you should immediately call your bank or credit card company to dispute the charge, and/or decommission the credit/debit card completely. We also suggest that you continue to monitor your account for any unusual purchases or activity in the coming weeks and months.
To help prevent these types of attacks Hilltop recommends the following:
Make sure that your staff knows to never call any 800 number, or give out any credit card information or other personal information for any computer pop-ups.
- If you see something, say something!
Any weird popup, or any email with language saying their personal information may be compromised or anything out of the ordinary, they need to reach out to Hilltop immediately!
- Ensure that your computer is protected with the latest suite of security applications and tools.
- Invest in Multi-Factor Authentication (MFA)
Hilltop can help you setup Multi-Factor Authentication for your entire workforce. This will insert another form of identification before allowing users to log into various business applications and online sites/portals.