CISA warns of criminals impersonating its employees in phone calls
Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money.
This is part of a broader trend in which fraudsters are trying to legitimize their scams by using government employees's titles and names.
"The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency," CISA warned on Wednesday.
"As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret."
The cybersecurity agency also shared some tips that should help targets avoid falling prey to this ongoing wave of impersonation scams.
Those who suspect they're on the receiving end of a scam phone call where a criminal claims to be a CISA employee should never give in to their demands to send money, write down their phone number, and immediately hang up.
Next, they're advised to validate the contact by calling CISA at 844-729-2472 (844-SAY-CISA) or report the scam attempts to law enforcement.
In November 2019, CISA also cautioned of phone scammers pretending to be CISA representatives and attempting to extort money "by claiming to have knowledge of the potential victim's questionable behavior."
$1.1 billion lost to impersonation scams last year
The U.S. Federal Trade Commission (FTC) has also issued a warning in March about scammers pretending to be FTC employees and defrauding Americans of thousands of dollars.
Numerous consumers have reported falling victim to these scams, where imposters pose as FTC staff and use phone calls, emails, or text messages to coerce people into transferring or wiring money.
The median financial loss from these impersonation schemes increased from $3,000 in 2019 to $7,000 in 2024. According to FTC statistics, impersonation scams resulted in losses exceeding $1.1 billion in 2023, three times higher than the figure from 2020.
The FTC collected this data from 490,000 reported scams last year, 330,000 of which involved business impersonation complaints and the remainder relating to government impersonation incidents.
The majority of these scams were conducted via phone calls, which are slowly declining in frequency. They were followed by email and text messages, both of which have been on the rise over the past three years.
"Reports show an increasingly blurred line between business and government impersonation scams," the FTC said.
"Many scammers impersonate more than one organization in a single scam – for example, a fake Amazon employee might transfer you to a fake bank or even a fake FBI or FTC employee for fake help."
The FBI's 2023 Internet Crime Report revealed a 22% increase in reported losses to online crime compared to 2022, totaling a record $12.5 billion.
source: BleepingComputer
Free security scan for your website
Top News:
Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks
November 12, 2024Critical Veeam RCE bug now used in Frag ransomware attacks
November 9, 2024