Scams and phishing attacks spreading amid Iran cyberwar fears – don’t get fooled

January 12, 2020

By Kim Komando

A little over a week into the new year and almost like clockwork, cybercriminals are already busy making the rounds with their latest scams. If it isn’t an attempt at stealing your identity, it’s a scam to pilfer your passwords.

Even with sophisticated security measures in place, governments, businesses and individuals alike can fall victim to any number of schemes — including one of the most common cyberthreats: phishing. Tap or click to learn what you need to know to stay safe online.

The newest phishing scam to hit inboxes capitalizes on the recent story of possible Iranian cyberattacks. Tap or click here to learn more about the attacks. Here’s what you need to know to avoid falling for this trick.

Microsoft phishing scam

The phishing email disguises itself as a message from Microsoft MSA with the subject line “Email users hit by Iran cyberattack.” The message claims Microsoft was hit by an Iranian cyberattack, so Microsoft locked users out of their accounts to protect their data.

Of course, the email requests users re-login to gain full access to their accounts. The phishing scheme includes a button at the end of the email labeled “Restore Data.” It redirects victims to a landing page that looks like a legitimate Microsoft login form.

Once people input their information, scammers use it to access the account. If the victim uses the same credentials for other websites, the cybercriminal can access even more information or sell the login information online.

Tap or click here to learn how 21 million stolen logins were found for sale on the Dark Web.

If you think your email filters will be enough protection, think again. One victim noted the scam was able to bypass Outlook’s spam filters to show up in his inbox.

How you can protect yourself

As with any cyberthreat, you must take steps to protect your system, device and sensitive data. Tap or click to learn about the hidden costs of unsecured data.

Here are several phishing email red flags and what actions you should take:

Beware of other exploits

Scammers are taking advantage of Americans’ fear of a new war spurred by Iranian cyberattacks, but cybercriminals aren’t the only ones trying to fool you. People are taking to social media to promote misinformation about the Iranian missile attack on U.S. bases in Iraq.

Some Twitter and Instagram users have posted “authentic” images and videos of the attack, but a quick Google reverse image search reveals they are outdated photos or videos taken in other countries.

Others even report numbers of “known causalities and injuries” without verification. Scammers are making things worse by sending text messages claiming Americans have been drafted into the military. Tap or click here to see what the U.S. Army has to say about these messages.

Should you believe everything you read or hear? Of course not. Our advice is to be wary and always fact-check claims you read about online.

https://www.komando.com/news/iran-cyberattacks-phishing-scam/