Towerwall Information Security Alert Vol 14.07 – Watch out for April Fools scamming on Friday
Watch out for April Fools scamming on Friday
by Kevin Frey
Annually, businesses and organizations often put up jokes or pranks for April Fools’ Day. Google, Starbucks, Amazon, etc. are frequent participants.
E.g. Last year, Amazon revamped their site to look their old, original 1999 version… and Google (known for multiples) turned its “Maps” app into the classic arcade game “Pac-Man.”
However, it is important to remember to think twice before clicking on things you receive on email or see on websites on April 1st.
Like Christmas, New Years, and July the 4th in the US, April Fools’ Day is another infamous day for hackers to release viruses and other types of malware… They can mimic well-known or reputable sites/emails for nefarious purposes under the guise of the holiday. One famous virus, Conficker, even threatened to “activate” a malicious payload on April 1, 2009… However, the day came and went without any major issues.
Tax scams are often a major target as well, since April is also the month when taxes are due in the United States.
Fake “updates” to software is another frequent offender.
Don’t panic: If you read rumors of Facebook shutting down, or you get an email saying you are locked out of your bank account, etc. — check by going directly to the site or calling your bank, not via a “link” (that is, YOU initiate the connection or communication independently). And, check other trusted sources to see if it is identified as a prank. Bottom line: Don’t take things on face value tomorrow – “real” events DO happen (after all Marvin Gaye was killed on April 1st), but on the Internet, this day has a special status for both well- and ill-intentioned pranksters.
A single click could make you vulnerable to phishing scams, data loss, identity theft, or worse.
Here are some quick tips/references:
- Trend Micro – Last year’s post on April Fool scams:
- ScamBusters article on April Fools
- FTC page on Government imposter scams:
- AARP Scam Guide for April Fools (2015)
- Always a good idea to check Snopes.com for any “fishy” sounding emails or popups you might receive. Snopes is a site that validates or refutes the validity of rumors, scams, and urban legends. Searching their site and “Hot List” can often provide a quick refutation of scam email claims.
Snopes “April Fools” archive:http://www.snopes.com/holidays/aprilfools/aprilfools.asp
- Fun read: Origin of April Fools’ Day on Wikipedia
It is already April 1 in the Far East, so please take this as a friendly warning and to always “think before you click.”
Towerwall is now partnering with PHISHME. To learn more call 774 204 0700