If you get an email that says something like ““Your Social Security Statement is now available” do not click on or download the attachment. If you do, you may be giving a scammer complete and unrestricted access to your computer.
Malwarebytes, a leading cybersecurity company, says that with this unrestricted access, hackers can:
- Install malicious software
- Access and steal sensitive files
- Monitor your online banking activities
- Capture passwords and login information
- Transfer money from financial accounts
- Collect personal data for identity theft
This latest scam is the work of a sophisticated phishing group. Their scheme is particularly effective because the perpetrators are accurately impersonating the look of an official Social Security Administration letter, but the Social Security Administration (SSA) does not typically send emails with attachments or links to download statements. The supposed statement is actually a download of legitimate software that grants unfettered access to your computer.
Don’t click on any links and delete the email.
If you wish to check on your Social Security account, instead of responding to an email, go online directly to your MySocialSecurity account.
Don’t be a victim. To avoid this and similar scams, take these precautions:
- Never download attachments from unsolicited emails, even if they appear to come from government agencies or other legitimate-looking sources.
- Be very suspicious of any email asking you to download files.
- If uncertain about an email’s legitimacy, search for phrases from the message online to see if they’re associated with known scams.
- Keep your security software updated on all devices.
