Tips to Avoid Being Scammed Out of $50,000

Andrew Couts

Americans were warned this week about a potential “urgent threat” to the United States, which was later linked to a Russian effort to develop the capability to launch nuclear weapons in space. While no one has disputed the authenticity of the threat, WIRED has learned that the leak was part of a behind-the-scenes campaign to block privacy-focused reforms of a major US surveillance program known as Section 702.

The leak, instigated by an email from top lawmakers on the House Intelligence Committee, followed a week of backroom negotiations that pitted White House national security advisers against reproductive rights advocates, who backed reforms to Section 702 that would have banned the sale of Americans’ private data to the FBI and US intelligence agencies. Efforts to reform Section 702 are now stalled.

On X, Elon Musk’s beleaguered social media platform, the US-designated terrorist group Hezbollah and more than two dozen other US-sanctioned individuals and entities had “verified” X accounts thanks to its premium subscription offerings. Meanwhile, in the world of artificial intelligence, researchers at Mozilla found that “AI girlfriends” and other so-called romantic companion chatbots are a privacy nightmare. And finally, we detailed the ways in which cyberattacks disproportionately impact communities of color and other vulnerable people in ways that often fly under the radar.

But that’s not all. Each week, we round up the security news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Anyone can get scammed—anyone. Having the bravery to tell the world exactly how hard you got duped is far more rare. In a harrowing essay for The Cut, freelance finance writer Charlotte Cowles details how she was manipulated into putting $50,000 in a shoebox and handing it to a stranger in a white Mercedes on the instructions of someone who claimed to be a CIA agent.

The elaborate scam began with a call from a number that Cowles’ caller ID identified as “Amazon.” A “polite woman” proceeded to tell Cowles that she was a victim of identity theft. The (fake) Amazon employee forwarded her call to a (fake) Federal Trade Commission official, who in turn put her in touch with a (fake) CIA agent. The scammer, posing as a CIA agent named Michael, kept Cowles on the phone for hours, all the while scaring her into thinking she had arrest warrants for various serious crimes linked to the (fake) identity theft, and that the only way she could stop from having all her assets frozen was to withdraw the majority of her life savings and give it to the CIA, which would then (inexplicably) issue her a check for her own money.

Throughout the ordeal, nearly everyone involved in the scam convinced Cowles to isolate herself—tell no one, they said. Not your husband, not the police. Doing so could put your family in danger. Even in the moment, Cowles suspected she was being scammed. But little details, like the fact that they knew the last four digits of her Social Security number, made Cowles doubt her better judgement. Besides, she had a 2-year-old son to protect.

Steven Levy

Carlton Reid

Reece Rogers

Lauren Goode

While the response to Cowles’ tale has been a mix of praise and mockery, experts in online threats say it’s foolish to think you’re too savvy to never fall for a professional scammer. “The reality is, criminals perpetuating fraud—whether via phone, email, or social media—are very good at social engineering,” says Selena Larson, a senior threat intelligence analyst at security firm Proofpoint, who describes Cowles as “extremely courageous.”

Manipulative tactics the scammers used against Cowles are common. They include, Larson says, “making someone afraid for themselves or their families, making them excited or enticed by the possibility of money or romance, or any number of heightened emotions to push them into making decisions they otherwise wouldn’t.” To protect yourself from scams like the one that hooked Cowles, Larson suggests being on high alert for anyone trying to isolate you from people in your life, and don’t trust someone posing as a government employee or celebrity. “Forcing a sense of urgency,” like asking for money immediately, is also a huge red flag. “If people are worried they are being targeted by fraudsters,” Larson says, “they should immediately break off contact and report the activity.”

Or you can adopt Cowles’ new tactic: Never answer the phone.

Generative AI tools like ChatGPT are all the rage—including among hackers working on behalf of Russia, China, and North Korea, according to research published this week by Microsoft and OpenAI. While researchers note that they have “not identified significant attacks” that use large language models like those powering OpenAI’s ChatGPT, they did find widespread use of generative AI tools for research, reconnaissance, “basic scripting tasks,” and ways to improve code used to carry out cyberattacks. “Microsoft and OpenAI have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors’ usage of AI,” Microsoft wrote in a blog post outlining the research. “However, Microsoft and our partners continue to study this landscape closely.”

The US Department of Justice made an announcement this week that a botnet under the control of APT28, also known as Fancy Bear, a hacking group that operates under Russia’s GRU military intelligence service, was disrupted. It was found by the DOJ, that the hackers had infected routers, used by homes and businesses, with malware known as “Moobot”. This malware has been linked to a cybercriminal group by the DOJ. These Fancy Bear hackers then utilised the Moobot to create custom scripts and files, thus repurposing the botnet into a global cyber espionage platform. To gain control over the botnet, US government also brought into use the Moobot malware to eliminate “stolen and malicious data” present in the routers and altered the router’s firewalls to prevent the hackers from gaining remote access. Merrick Garland, the US attorney general, lauded the operation, describing it as a successful attempt at dismantling Russia government’s malicious cyber tools, that are a threat to the security of US and its allies.

In this week, ransomware attacks have targeted hospitals, with the attack on Romania’s health care system having a widespread impact as compared to other attacks. Around 100 hospitals had to take their systems offline after a prominent hospital management system faced an attack. As per Romanian officials, 25 hospitals experienced encryption of their data by the ransomware. This happened after the Hipocrate Information System (HIS) was targeted on the night of February 11. To evade possible infection, another 75 hospitals willingly put their systems offline. Due to this disruption, hospitals have had to switch back to paper records. The attackers, who are yet to be identified, have demanded a ransom of 3.5 bitcoin, equivalent to approximately $180,000, to decrypt the files.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Sierra's Prediction: Conversational AI Spells the End for Apps and Websites

Next Article

Presidents' Day Offers Rare Discounts on MacBooks, iPads and Other Apple Products

Related Posts