The US Social Security Administration (SSA) Office of the Inspector General (OIG) is cautioning the public to be aware of emails that appear to be from SSA and include a link to download a utility tool. This fake email is an attempt to lure individuals to fraudulent sites that are not associated with SSA by claiming there is a problem, a potential error and to correct the issue you must download a ‘Security Update Tool.”
THIS EMAIL IS NOT FROM SSA (see attached). This version of the scam email reads: “Official Notice: Download Your Social Security Statement Now. -ID : 70S802”.
This is NOT an official SSA notice, nor is it from an official government email address. It does NOT have “.gov” as part of the sender’s address. Government agencies always have “.gov” as part of their official email address.
The email suggests you open, download and install a tool to your computer or device.
DO NOT DOWNLOAD THE APP OR CLICK THE LINK MARKED: SSA Support Center Download. This tool is not from SSA and will compromise your personal data and likely damage your computer system once you allow access.
SSA OIG is advising you to always be cautious of responding to or clicking links in unsolicited emails that appear to be from an official government entity, such as SSA, or another federal agency.
Members of the press may make inquiries to Social Security OIG at oig.dcom@ssa.gov
**These emails are a variation of government imposter scams. DELETE THE EMAIL. Do NOT click on links or respond to any text, email, phone call, or letter that has characteristics of a scam. To learn more about scam warning signs, visit ssa.gov/scam.
“THIS IS A SCAM! The email appears to be from SSA and presents a problem to frighten you and then offers an immediate solution to get you to make a quick decision. Don’t click the link. Don’t download these ‘tools’ to your devices.” said Michelle L. Anderson, Assistant Inspector General for Audit, performing the duties of the Inspector General. “Scammers urge you to act fast, so you must be able to quickly recognize the signs of a scam to protect yourself and your data. As part of our mission to prevent fraud, SSA OIG will continue to tell you when we become aware of new scam tactics or schemes.”
To contact SSA for business purposes, visit ssa.gov.
WHAT TO DO IF YOU ARE A VICTIM:
- Stop talking to the scammer. Notify financial institutions and safeguard accounts.
- Report Social Security-related scams to SSA OIG (oig.ssa.gov).
- Contact local law enforcement and file a police report.
- If you lost money, file a complaint with the Federal Bureau of Investigation Internet Crime Complaint Center (ic3.gov).
- Report other scams to the Federal Trade Commission (ftc.gov).
- Keep financial transaction information and the record of all communications with the scammer.
This article is shared at no charge for educational and informational purposes only.
Source: The Security Update Tool
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
Comments