Superior Police Warn of Possible Scam for Local Verizon Customers
The Superior Police Department is warning citizens and businesses, especially ones who use Verizon. The scam involves very well crafted phishing emails that are trying to get your personal information or download malicious software on to your PC. You can read the full warning and tips on how to protect yourself after the jump.
This email that appears to come from Verizon attempts to scare you by informing you that your $900+ phone bill is ready for payment. The sender, subject and format of the email look identical to the actual Verizon notifications that get sent out. If you ever have questions about a bill or statement and want to check it online you should always go directly to the company website by typing: www.verizon.com (in this case) into your browser, and logging into their portal to view your bill. Never click on links in email to view your bill. More information is provided below including: Why this is a concern, How you can protect yourself, and What the scam email looks like.
Why This is a concern:
Often times cyber criminals use email to try to scare citizens and try to get them to click on links to download malicious files or take them to fake website to try to compromise sensitive or personal information. We call this activity “Phishing”, as in fishing for information. This particular email is a big concern because it looks exactly like a typical monthly Verizon email communication, including the content, sender, and subject. The only difference is the links in this email are malicious, they do not go to the actual Verizon site.
How should I react to these types of Email:
You should be always be cautious with email. You should never click on links in un-solicited email. These links can download malicious software or take you to fake sites to harvest your personal information including credit cards, SSN’s, account names and passwords. If you have a concern about your account and want to check it online you should type the company directly into your browser (in this case www.Verizon.com) and access their portal with your login and password. You can also contact the company directly using a valid phone number from a previous bill (do not use the phone numbers in the email because they too could be malicious and not take you Verizon customer service).
Here is the Warning from Verizon:
The email (sample below) looks like a VZW generated message advising that the bill is now ready and showing a large amount owed. Key points, the email is missing the account’s last 4&5 digits and the hyperlinks within the email are non-vzw pages. We’ve escalated to corporate security and an IM alert has been requested to show:
Possible phishing scam “Your Bill Is Now Available” with a large account balance owed. Confirm the account balance and advise the customer to:
Look for a generic greeting with missing account information (last 4 of the account and 5 digit account level).
Advise the customer that this is not a legitimate email from Verizon Wireless.
Do not respond to the email or address in the body of the message.
Do not click on any embedded website links as these could lead to malicious websites.
Customers can drag and drop the email or insert the message into a new email and send to firstname.lastname@example.org.