Connect with us

Hi, what are you looking for?

HEADLINES

Scammers exploit new ‘data-leak-compensation’ scheme – Kaspersky

Privacy and data protection are among the most discussed topics in recent years. This is no surprise, as so have the penalties being handed out to companies that have experienced data breaches.

Kaspersky experts have detected a new online fraud scheme designed to trick people into thinking they are owed compensation. Under the pretext of offering compensation for personal data leaks, scammers instead urge users to buy “temporary US social security numbers” worth around $9 (PHP 450) each. Victims were found in Russia, Algeria, Egypt and the UAE, as well as other countries.

Privacy and data protection are among the most discussed topics in recent years. This is no surprise, as so have the penalties being handed out to companies that have experienced data breaches. This, as any other attention-grabbing subjects, could only attract from fraudsters who are eager to earn money at the expense of others.

Kaspersky experts have identified a brand new scheme that exploit these issues around privacy. The scheme involves a website allegedly owned by the Personal Data Protection Fund, founded by the US Trading Commission. As stated, the fund issues compensation to those who may have been subject to a personal data leak and is available to citizens from any country in the world.

For those interested, the site offers to check whether user data has ever been leaked. For this, one needs to provide their specific surname, first name, phone number, and social media accounts. 

Advertisement. Scroll to continue reading.

Once this has been done, an alert is shown indicating that the user has experienced a leak, which can include data such as photos, videos, and contact information, entitling the user to compensation of thousands of dollars. 

However, fraudsters do not just ask for a user to enter a bank card number and wait for the payment to be credited; users inevitably need to offer their own social security numbers (SSN – a nine-digit number issued to US citizens as well as permanent and temporary working residents).

In any possible scenario – be it the absence of the SSN or entering the correct existing SSN – the website alerts mistakes and offers to sell a temporary one for the $9 (PHP 450) price. Upon agreement, the victim is redirected to this payment form in Russian or English with the purchase price specified in rubles or dollars respectively. The specific form depends on the victim’s IP address.

“The scammers themselves are most likely Russian speakers, as suggested by the request for payments in rubles, plus the suspicious similarity of the scheme to other easy money offers that regularly tempt residents of Russia and the CIS. The e-bait in those schemes varies — giveaways, surveys, secret retirement savings, even a part-time job as a taxi dispatcher — but they tend to be in Russian (as are some of the preceding links),” comments Tatyana Sidorina, security expert at Kaspersky.

“The bottom line is always the same: the juicy promise of quite a bit of easy money, followed by a demand to pay for an inexpensive service, be it a commission, a ‘securing’ payment, or a temporary SSN. The new scheme is quite a topical one and is related to offering compensation for data leaks. Once some organizations have started to pay users, fraudsters decided there is a monetary opportunity for them as well,” says Sidorina.

Advertisement. Scroll to continue reading.

In order to stay protected from the potential risks of online fraud, Kaspersky experts advise:

  • Do not trust payment offers. If someone promises a large cash payout for something as trivial as taking part in a survey, it is almost certainly a trick. And if you are asked to pay something to then receive the funds, you can be doubly sure it’s a swindle.
  • Use trusted resources. Search the organization to see if it actually exists and if it does, take a close look at its website. Pay attention to the language: a reputable organization will not publish text full of errors and typos.
  • Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

Advertisement