Another day, another attempted scam coming from your unfriendly neighborhood cyber criminal. This time they’re banking on your fear of unpaid medical bills.
Yesterday morning I woke up and went through my inbox and junk folders as usual, but spotted something strange again. This time it was an email in my junk folder coming from my Dentist. Now you know the drill here, when scammers come after us we break them down step by step to help you spot every scam that comes your way in the future. Now the most concerning part about this scam is either my Dentist’s email account was compromised, or their email list was and now the scammer is using a new fake email to send scams out to all of the patients. But, we’ll leave that part of the scam for another day and get started.
Chapter 1: The Scam Setup
This scam begins how the majority of scams do, over email. An email is sent to me from an email address @yahoo.com that begins with my dentist’s name. Maybe this is a personal account he uses, or maybe it’s fake. Either way, it’s weird coming from a yahoo domain and it’s in my junk folder so our suspicion should be up pretty high so far. Once you start taking into account all of the typos and strange behavior, there isn’t much question if this is a scam or not.
Now the goal here is obviously to capture your attention with the subject of “missing payment”. No one likes to leave a payment outstanding, especially for medical work. Once you move past the subject and the dentist’s information at the top, which is all correct, you see the sketchy part of the email. This is a PDF from “OneDrive” that contains a link to a website. OneDrive is most likely used here to try and give the fake invoice some more credit. It’s not really clear what the goal of the scam is at this point, but we know it’s a scam. So let’s go through with it, and see where it takes us.
Chapter 2: The Scam
If you’re using the Chrome web browser, and maybe some others, even if you fell for the original part of the scam in your email Chrome alerts us along the way several times. First, we’re going to open the PDF and click the link to view our PDF Online. This brings us to a warning from Google right away.
After this warning, you have to manually take the link and paste it into your browser in order to continue. Google obviously wants to try and prevent everyone from going through with this scam. After you manually input the link, you’ll be taken to Chrome’s red warning page. It warns you again that this is a known scam and you should not continue, but alas, we’re moving forward.
Chapter 3: The Scam Payoff
Now we’ve made it to the scam and the intentions behind it are clear. This is a phishing scam that hopes to lure you into entering your email credentials into one of the accounts from the list to “view document”.
Once you put your credentials in, they now have the ability to access your email account and would most likely begin to use your email to reset passwords for social media, online banking, Pay Pal, etc. so that they can profit from the scam.
These scams can come in every shape and size, but the most important thing to remember is that they will almost always try to leverage some actual details about you so that you will be pulled into the scam right away and never think twice. In this case, it was knowing my actual dentist’s information. PC Matic users, don’t forget that your PC Matic subscription comes with free Cyber Security Awareness Training from KnowBe4 to help you and your family brush up on the typical things to look for in a scam and general good practices to use online. Contact our customer service team for details on gaining access to your included training course: www.pcmatic.com/help