b'SMART OPERATIONSPhishing Scams: Dont Let Your Guard DownTurning money over to an anonymous criminal is bad enough,but the worst phishing scams involve ransomware payloadsPeterthat can take down an entire computer network thanks to onePelland employee clicking on a link.sponding in one manner or another. Looking in my spam folder a mo- to unlock a compromised network.A combination of recent events sug- That response might involve clicking on ment ago, I see a message that was sent People like to believe that they cangested that it is time to revisit the issues a link, replying to the email or calling a to me twice within the last two hours. trust their fellow human beings, makingof Internet security and phishing scams. phonenumber.Mostemailservice The subject line of the message reads us highly vulnerable to this type of ac-If you are somehow unfamiliar with the providers will adequately filter out the Hurry Up!! Sams Club Surprises Inside tivity. At a time when these scams areterm, a phishing scam usually involves lions share of these messages and rele- andthemessagereadsCongratula- getting more and more sophisticateda spam email message that is cleverly gate them to spam folders, but a few will tions! You now have the option of our and legitimate in appearance, many ofdesignedtotrickrecipientsintore- inevitably reach their intended targets. new Sams Club! Participate now and these scams specifically prey upon ourmaybe you and many others will get a basic desire to try to do good and helpselection of our latest patterns.This was those in need. One of my clients is thefollowed by a highly encrypted 95-char- state branch of a national fraternal or-acter URL. Clicking on that link will un- ganization with a strong emphasis ondoubtedly get you and many others community service and charitable out-something, and it is probably not our reach. The president of the organizationlatest patterns, whatever those might recently forwarded me an email mes-be. The links will almost certainly either sage that had been widely circulatinginstall malware on your computer, pro- among its membership, with the ap-vide a bogus payment link for the al- pearanceofhavingbeengeneratedlegedmembershipupgradeorboth. from within the organization itself.Not being a member of Sams Club or This message picked up the organiza-any other wholesale buying club, I im- tionslogo(readilyavailableonline),mediately recognize these messages as spoofed a non-existent email addressphishing scams. What the senders are based upon the actual domain name,hoping is that their messages will ran- then spoofed a bogus GoFundMe cam-domly reach some of the more gullible paign, and emailed leading members ofpeople from among the hundreds of the organization (easily harvested on-thousandsofSamsClubmembers line.) The campaign showed a photo ofthroughouttheUnitedStates. When a young boy on hospital life support andyou send out hundreds of thousands of made up a bogus story about how the 4spam emails, a response rate of as little year-old boy had been diagnosed with aas 1/10 of 1% can generate a fortune in rare and serious disease, how he haduntraceable income. been transferred to a childrens hospitalIn the case of these two emails, tell- in Oregon, where he urgently needed totale signs are everywhere. First of all, the undergo a bone marrow transplant thatlinks do not point to Sams Club, the would save his life. It went on to say howsendingaddresses(whichareeasily the alleged parents had little to no healthspoofed) are totally random (one being insurance, that the procedure was going1972987juan@gmail.com),andthe to cost $52,000 and that they have so farmessages just do not look quite right. raised $21,000. It concluded with the ap-Most such phishing attempts are some- peal, We are knocking on your generouswhat obvious, with spelling, grammati- heart to support us financially in thiscalandpunctuationerrorsthatare journey, no amount is too small, and anycomparable to what would result if you amount given will truly make a huge im-or I attempted to compose a convincing pact. This was followed by a Make aemail message in Ukrainian. Checking Donation link that did not go to Go-the actual sending addresses and hov- FundMe but to a PayPal account.eringover(neverclicking!)anylink I performed a Google Image SearchURLs will immediately uncover most of for the photo of the boy on life supportthe disguises. One thing that every such and learned that he was an actual boyscam has in common is that the senders whohadbeeninjuredinafallonawant your money or your credit card school playground in Butte, Mont., backnumber.Usuallytheseareone-step in January. The photo had been pickedprocesses where the goal is to trick you up from a news story published by theintomakinganimmediatepayment Sinclair Broadcastingoutlet in Missoula.(usually employing a sense of urgency) The stolen photo, the fictitious story, andbefore you realize you have been taken. the sense of urgency were all carefullyIn other instances, a two-step process is designed to tug at the heartstrings. Whenemployed, where the sender attempts I clicked on the PayPallink, I noticed thatto gain your confidence before provid- it was not converting U.S. dollars into aing you the same sort of payment link. foreign currency, suggesting that the per-Turning money over to an anony- petrators of this criminal activity mightmous criminal is bad enough, but the very well be based in the United States. Iworstphishingscamsinvolveran- recommended that my client contact thesomware payloads that can take down nearest FBI field office, hoping that thean entire computer network thanks to criminals could be brought to justiceone employee clicking on a link. In re- thanks to their careless use of a traceablecent weeks, at the height of the COVID- PayPal account rather than the more19 pandemic, ransomware attacks have usual use of cryptocurrency. By implyingtaken down hospital systems and entire that $21,000 had already been donated,school systems that are relying upon re- they tried to appear legitimate, and theymote learning (one of the most recent knewthatwell-intentionedpeopletargets being Baltimore County in Mary- would be less likely to be made suspi-land.) These criminals will typically de- cious by a PayPal link as opposed to amand hundreds of thousands of dollars Smart Operationscontinued on page 8810 -February 2021 Woodalls Campground Management'