India Busts Up Some Fake AV Alert Crooks
While the FBI
Announces a New Scam Sucking In Seniors
The battle against cybercrime is a constant push/pull global law enforcement effort. Law enforcement in the UK and Brazil, working with other law enforcement agencies from many countries for over a year, together brought down the Lapsus$ hacking group that was responsible for major cyber attacks the world over.
Cooperation between governments, law enforcement, and major Internet businesses continues to make progress in the interruption and cessation of attacks, and the incarceration of those responsible for those cyberattacks. A recent effort by authorities in India broke up several "illegal call centres." The Times of India reported October 20, 2023, these boiler rooms "were set up to impersonate Microsoft and Amazon customer support." The crackdown has been ongoing all year, and across several Indian states. These efforts are more than just international in scope, although these actions are a joint effort between the Indian Central Bureau of Investigation, the US Federal Bureau of Investigation, and law enforcement agencies from the world over, including "Cyber Crime Directorate and IFCACC of INTERPOL, the National Crime Agency (NCA) in the UK, Singapore Police Force, and BKA of Germany."
In fact, as The Times of India reported, December 27, 2022, Uncle Sam became so alarmed at the billions lost to fake call center theft that the FBI involvement and international law enforcement joined forces in India.
Alarmed by the phishing gangs operating out of India defrauding elderly US citizens of their life savings, the Federal Bureau of Investigation (FBI) now has deputed a permanent representative at the US embassy in New Delhi to work closely with the CBI, Interpol and the Delhi Police to bust these gangs and freeze money transferred through wire and crypto currencies to syndicates operating from Indian soil.
Also, at least for the first on record, the most recent busts involved the participation of both Microsoft and Amazon. Microsoft announced its involvement in the BCI action in an October 19, 2023, blog post. MS is, however, mum about exactly how Microsoft helped Indian law enforcement. The Amazon posting of October 19, 2023, was equally vague about what specific actions Amazon took to facilitate the Indian law enforcement action. With Microsoft, Amazon, and national and international law enforcement all not citing any specifics about these actions, we must assume more law enforcement actions are still in the offing. Indeed, Amazon offered a glimmer that these joint actions will be ongoing as law enforcement continues its crackdown against any remaining illegal call centers and the fraudsters that populate those boiler rooms.
Together, the companies are setting a precedent for the power of industry collaboration and the collective impact it can have in holding bad actors accountable. Our joint efforts signify a commitment to long-term engagement in combating these scams. We will continue to work with Indian law enforcement agencies as well as authorities from countries of victims so that they can continue to act.
Nonetheless, as one cyber scam targeting seniors recedes, another such scam rolls in with tide. The US FBI very recently posted Public Service Announcements warning seniors about an Imposter Scam called, "Phantom Hacker." October 20, 2023, the FBI Field Office in Phoenix, AZ, published details on how the scam works.
The scam is a new iteration of the Fake IT Support Scam. The attack begins when a "scammer posing as a tech or customer support representative from a legitimate company contacts the victim through a phone call, text, email, or a pop-up window on the victim's computer and instructs the victim to call a number for 'assistance'." The next step in the attack begins with the victim calling the crooks' telephone number, where the victim is instructed to download software that gives the attacker remote access to the victim's computer to scan for malware, which, of course, is always found by the scammers. This will lead to a novel technique in this otherwise common type of attack.
Next, the scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges – a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions.
Phase 2 of the attack springs from the first. An imposter posing as a representative of the victim's financial institution will call the victim. That crook "falsely informs the victim their computer and financial accounts have been accessed by a foreign hacker." The victim is then instructed to move their money to a "safe third-party account, such as an account with the Federal Reserve or another U.S. Government agency." Leading the victim to be tricked into sending their cash overseas.
In the final phase of this scam, the victim is contacted by another imposter posing to be from the Federal Reserve or other US financial government agency. Here, if any of the human target's money is left, the "scammer will continue to emphasize the victim’s funds are “unsafe” and they must be moved to a new “alias” account for protection until the victim concedes." The FBI concludes its narrative of the attack with the following: "The scammer will continue to emphasize the victim’s funds are “unsafe” and they must be moved to a new “alias” account for protection until the victim concedes."
The FBI has illustrated this scam process in one informative Infographic.
As many people read this, they may ask themselves, "Who would fall for this?" My own experience is that Consumers of all stripes fall for these scams more often they don't. Although, I am always still surprised when I am contacted by victims of these types of scams after they have interacted with the crooks, and not before.
The
2022 FBI report on Elder Fraud [pdf will
open] notes that "Call centers overwhelmingly target the
elderly, with devastating
effects." Statics on the two most common impersonation scams
are offered in one easy to digest table, (Ibid,
pg 13).
In 2022, more than 21,000 American seniors became victims to imposter scams. These attacks resulted in an amount greater than $724 Million USD lost by those Elder Americans that were so fleeced.
The most recent attack discussed herein, and detailed by the FBI, integrates the two most common types of Imposter Scams into one apparently successful fraud. First, a call by a tech imposter is then followed up by a government imposter. One and done, indeed!
Saturday night I was downtown
Working for the FBI
Sittin' in a
nest of bad men
Whiskey bottles piling high
— Long Cool Woman (In
A Black Dress), The Hollies
Gerald Reiff