Cybersecurity

FBI warns of tech-support scammers that use couriers

Hacking is getting more personalized.
article cover

Parks and Recreation/NBC via Giphy

· 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Add “courier” to the list of professionals that hackers are impersonating for their own gains.

In a public service announcement Monday, the FBI revealed scammers—and in-person scammer couriers—are taking money and assets from unsuspecting victims. The announcement of the fraud spike is another recent example of cybercriminals taking a more personal, less technical tactic.

“Scammers sometimes use a multi-layered approach, posing, in succession, as a technology company, a financial institution, and a US government official,” the agency said in its advisory.

According to the alert, step one of the scheme involves the posers informing victims, “many of whom are senior citizens,” that their financial accounts have been hacked and they need to protect their funds by liquidating assets into cash or precious metals like gold or silver. Step two is the pickup, when a courier retrieves the cash at the victim’s home or a public location.

“From May to December 2023, the FBI Internet Crime Complaint Center (IC3) saw an uptick in this activity with aggregated losses of over $55 million,” the FBI noted in its bulletin.

Malicious hacking lately has involved a level of nontechnical, convincing impersonation.

  • Cybersecurity company Arctic Wolf noted instances of ransomware threat actors posing as ransomware researchers, who then offered to delete the hacked data for a fee.
  • Ransomware group Scattered Spider, considered “experts in social engineering” by CISA, has posed as IT or help-desk officials. The impersonators, reportedly behind 2023 casino hacks and other compromises, have been known to wear down IT pros into giving up passwords.
  • In December, email-protection provider Abnormal Security revealed a phishing attack involving Google Forms, phony invoices, and an over-the-phone “customer support” representative ready to pry for personal info and convince callers to download malware on their device. (The FBI noted an uptick in “callback phishing” in November.)

“Social engineering and behavioral manipulation is really the core to most cyber attacks that we see today,” Crane Hassold, former director of threat intelligence at Abnormal Security, told IT Brew in February 2023.

A year later, the trend continues. Chester Wisniewski, director and global field CTO at cybersecurity company Sophos, agreed that today’s ransomware perpetrators rely more “on the social side of these negotiations and less on technical needs.”

“The difference is going to be the social pressure, the psychiatry, the psychology that goes into crafting the pressure that you’re putting on those victims to make a fast, ill-informed decision to pay you,” Wisniewski told IT Brew in December.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.