Anatomy of a Phishing Scam | Avast
2022-2-24 16:32:0 Author: blog.avast.com(查看原文) 阅读量:21 收藏

Here's a “scam the scammer” SMS conversation to highlight some of the red flags to look out for the next time your “boss” messages you.

Sometimes it feels like scammers are coming at you from every direction these days. They’re on the phone. They’re on SMS. They’re on social media. Sorting the real from the nonsense can feel like a full time job but, for some people, that “job” turns into fun.

That’s what happened recently when a professional woman in New York City decided to play around a little bit with her “boss,” (spoiler: not her boss) who was making odd requests via text. And while “scam the scammer” situations like this one are often hilarious, they’re also a great way to learn about the methodology that scammers use to trick people into giving them money. 

So let’s take a look at the following “scam the scammer” SMS conversation to highlight some of the red flags to look out for the next time your “boss” messages you. 

1. They set up a situation where you can’t talk to them on the phone.

“Josh” makes it clear up front that he can’t talk on the phone. Obviously there are some situations where this is legitimate — like if he was actually Josh and was actually at a conference — but “Cris,” as an employee, would likely know if her boss was out of office. The scammer is hoping that Cris doesn’t know her boss’ schedule.

2. They create a false sense of urgency. 

In this very first message, “Josh” creates a sense of urgency, first by pretending like he’d already sent a text and second by saying he needs Cris for an “urgent task.” Creating a sense of urgency makes it less likely that the person will double check that someone is actually talking to their boss, making it more likely that the scam will be successful.

3. They ask for gift cards.

Let’s be real: No one actually ever urgently needs gift cards. Scammers ask for this type of “payment” because there aren’t a lot of protections for consumers when it comes to gift cards. They basically act like cash once the scammer has the information needed to use them.

4. They re-emphasize the urgency.

This is where Cris starts to have a little bit of fun. She asks if the cards are for the Lion Sanctuary or the Haunted House and the scammer responds in full seriousness, “The lion.” The scammer then re-emphasizes the urgency of the situation and Cris, like the good employee she is, tells him she can get to it ASAP. Because, you know, she knows how important the Lions are. 

The scammer then checks in after a few minutes to see how things are going — and to really underscore the urgency. This makes it less likely that Cris is going to check on the situation or maybe start thinking, “Hmm… Why does Josh need gift cards all of a sudden?” You can also see her messing with him again here, when she talks about how dangerous “Dave the hotel manager” is. 

5. They ask for a picture of the gift cards.

After a couple more exchanges messing with “Josh” and saying she’s at the store, he asks Cris to take a photo of the gift card rack. This is to ensure that the person is actually at the store, as well as to choose which cards the scammer wants. But, because this is a “scam the scammers” story, Cris just sent him a photo of a gift card rack that she found on Google. And then she makes things even weirder.

6. They ask for the card numbers.

Cris offers to mail the cards to “Josh,” but he insists that she instead scratch off the silver part and send the numbers to him. Remember: Once those numbers are in the scammer’s hands, there’s pretty much nothing the person being scammed can do. Cris decides to up the weirdness factor even more.

7. They give up.

If you’re messing with a scammer, eventually they’ll catch on and give up. That’s what finally happens when Cris threatens to call Josh’s wife. Done with these shenanigans, Josh gives up the game in an explosion of profanity. 

While we don’t recommend doing what Cris did and trying to scam the scammer yourself, this situation very clearly illustrates the anatomy of this type of phishing scam. Remember: Your boss will likely never need gift cards. And if your gut is saying something is fishy? It probably is.


文章来源: https://blog.avast.com/anatomy-of-a-phishing-scam-avast
如有侵权请联系:admin#unsafe.sh