Gmail, Outlook and users of other popular messaging platforms are being warned to be on the lookout for a nasty email scam. This latest threat, which has begun dropping into inboxes across the globe, uses a completely new way of targeting consumers with it ditching the usual fake clickable links or malware-filled downloads for something a lot more personal.
Scammers are now sending out emails that appear to have come from big named brands – such as Amazon or Paypal – that claim a large purchase has just been made on the victim’s account.
It all looks very convincing with the messages using official fonts and logos – and this is where the scam gets clever and hugely concerning. The email contains no easy way of stopping the purchase from going through with the only option to cancel things coming via a telephone number and a message that reads, “If you didn’t make this purchase, please call us.”
Anyone tricked into dialling the contact details will then be put through to a real person on the other end of the phone.
Of course, this isn’t a representative from Amazon or Paypal, instead it’s a scammer who will try and steal as much information as possible including account names, passwords and bank details. Alternatively, the crooks might try to trick users into transferring money to a fake account or even attempt to instal a Trojan which can then set about wreaking havoc with personal PCs.
READ MORE: Windows 10 alert: Your PC could be at risk if you switch to Windows 11
This new trick, which has been named vishing, has now got experts worried with the team at Kaspersky saying there’s been an influx of rogue emails being pushed out to consumers.
Getting people to phone a number makes scamming far more effective and efficient for cyber thieves as they can simply sit and wait for the calls to come in and that’s why this method looks set to become more popular in the future.
Explaining more about the threat Kaspersky’s Roman Dedenok said: “We recently detected several waves of spam e-mails, seemingly from reputable companies, notifying recipients of substantial purchases. The item in question is usually a high-end device such as the latest Apple Watch or a gaming laptop purchased from Amazon or paid for through PayPal.
“The scam relies on recipients being so alarmed by the not-insubstantial loss that they will act rashly, hoping to get their money back.”
Kaspersky has now issued advice on how to beat the scammers at their own game.
Here’s some top tips to avoid this new vishing scam.
• Do not call back.
• Log in to your account with the service in question — type the address into your browser; don’t click on any links in the message — and check your orders or recent activity page.
• Check your balance and the list of recent transactions on all of your cards, if you have reason for concern;
• Install a reliable antivirus utility with protection against financial attacks, phishing, and online fraud.
What is vishing?
Vishing is short for voice plus phishing (as smishing is SMS + phishing), and, aided by the mass transition to remote work, it has turned the phone into a major weapon of fraud.