{"id":19180,"date":"2022-05-30T09:10:13","date_gmt":"2022-05-30T17:10:13","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/05\/30\/news-12913\/"},"modified":"2022-05-30T09:10:13","modified_gmt":"2022-05-30T17:10:13","slug":"news-12913","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/05\/30\/news-12913\/","title":{"rendered":"Double-whammy attack follows fake Covid alert with a bogus bank call"},"content":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Mon, 30 May 2022 16:44:54 +0000<\/strong><\/p>\n<p>The BBC has revealed details of how a <a href=\"https:\/\/www.bbc.co.uk\/news\/uk-england-hereford-worcester-61624579\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">food bank in the UK was conned<\/a> out of about $63,000 (\u00a350,000) by scammers who used two separate attacks to fleece their victims.<\/p>\n<p>A food bank is a way for people to <a href=\"https:\/\/www.trusselltrust.org\/what-we-do\/how-foodbanks-work\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ensure they don&#8217;t starve<\/a>. They are a backstop during times of economic uncertainty, and have been hugely important during the pandemic. An attack on a food bank is an attack on the most vulnerable that&#8217;s likely to have a significant impact on a community, and which could have a terrible knock-on effect.<\/p>\n<p>There&#8217;s no indication that the fraudsters deliberately targeted the food bank, but whether they did or not, it loses little in awfulness to hospitals impacted by ransomware outbreaks.<\/p>\n<p>This is how the two attacks occurred:<\/p>\n<h2>Part 1, a bogus NHS Test and Trace message<\/h2>\n<p>The initial attack was a fake NHS Test and Trace message.<\/p>\n<p>From PPE offers to test and trace messages, COVID has been a mainstay of phishing since early 2020. No matter the region, the pandemic ushered in an age of fake delivery notifications and bogus &#8220;You may be infected&#8221; websites.<\/p>\n<p>In this case, an SMS message was sent to the target claiming they had been in close contact with somebody who was Covid-19 positive.<\/p>\n<p>We have seen these kinds of messages is sent out by <a href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/04\/steer-clear-of-this-testntrace-sms-spam\/\">SMS and email<\/a>. Scammers may claim that tests are mandatory (they are not). Sites may collect the victim&#8217;s name, address, phone number, email, or more besides, and at the end of the flow, they may ask for a &#8220;postage fee&#8221; and your payment details.<\/p>\n<p>In this case the scammers asked for payment for a PCR test. The demand for payment might once have been a red flag, but since the <a href=\"https:\/\/www.nhs.uk\/conditions\/coronavirus-covid-19\/testing\/get-tested-for-coronavirus\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">end of free testing in the UK<\/a>, it isn&#8217;t.<\/p>\n<p>For most people, this is where the scam ends. Sadly this isn&#8217;t the case here. The small payment was used as a stepping stone to significantly greater losses.<\/p>\n<h2>Part 2, a call from a fake bank<\/h2>\n<p>The victims called their bank, suspicious of fraud. By an unfortunate coincidence, the criminals called the food bank trustees back pretending to be their bank.<\/p>\n<p>It&#8217;s possible the fraudsters took the card details given to them in the first scam and figured out which bank it belonged to. For example, the first 4 to 6 digits of a <a href=\"https:\/\/www.tokenex.com\/blog\/ab-what-is-a-bin-bank-identification-number\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Bank Identification Number<\/a> (BIN) can reveal the card issuer. Armed with this information, the scammers would know which bank they need to pose as. (It&#8217;s also possible they never mentioned the bank at all\u2014someone already in touch with a bank may not suspect anything amiss from a supposed follow-up call.)<\/p>\n<p>Either way, the scammers asked if any &#8220;linked accounts&#8221; could have been affected. Concerned for the food back, the victims handed over its bank account details. The scammers proceeded to empty the account of &#8220;well over $63,000&#8221; across a two-day period.<\/p>\n<h2>Tips to avoid this scam<\/h2>\n<p>Routine contact tracing <a href=\"https:\/\/www.gov.uk\/government\/news\/prime-minister-sets-out-plan-for-living-with-covid\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ended in the UK in February 2022<\/a>, so any messages that don&#8217;t arrive via the official NHS app should be treated as bogus.<\/p>\n<p>If you receive a call from your bank, call them back using a number from their website. Don&#8217;t use a phone number (or any other information) provided by the caller, and don&#8217;t provide any identifying information until you are sure you are talking to your bank.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/05\/double-whammy-attack-follows-fake-covid-alert-with-a-bogus-bank-call\/\">Double-whammy attack follows fake Covid alert with a bogus bank call<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/05\/double-whammy-attack-follows-fake-covid-alert-with-a-bogus-bank-call\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Christopher Boyd| Date: Mon, 30 May 2022 16:44:54 +0000<\/strong><\/p>\n<p>An organisation dedicated to providing food for those in need suffered a double-whammy of fraud costing them upwards of $63,000.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2022\/05\/double-whammy-attack-follows-fake-covid-alert-with-a-bogus-bank-call\/\">Double-whammy attack follows fake Covid alert with a bogus bank call<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11507,24444,11539,26336,9751,3985,10574,11706,25687],"class_list":["post-19180","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-bank","tag-covid-19","tag-fake","tag-foodbank","tag-fraud","tag-scam","tag-scams","tag-sms","tag-test-and-trace"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19180"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19180\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}