Security Scam: Taunting your Innocence

Here’s a scam that taunts your innocence.

Subject: Lets put this behind us once and for all I know you broke into my email. Message body: Hate to bother you (name) I have a proof that you broke into my email and stole my private photos and financial information. It can be clearly seen in the files attached to this message. If you don't respond within 48 hours I will have to report you.

Email and web scam artists entice members of the UW-Madison community to turn over online credentials: NetID, password, social security and credit card information. The following example is part of a series on the latest and best scams in circulation. Contact the Office of Campus Information Security via abuse@wisc.edu, if you think your account has been compromised, or you have inadvertently shared credentials with a fake source.

You might not be a hacker but these message senders seem to think you are. Some of these e-mails are quick to accuse you of accessing their personal information. Others claim to have a lead on compromising photos of someone close to you being leaked on the web. Either way, they are preying on your desire to keep personal business offline.

These messages (and they take many forms) may seem to contain proof of your crime. The “proof” is a Trojan horse parading as a photo.zip file attachment that may compromise your information or photos. This malware only affects Windows systems, however it’s better not to believe these claims no matter your operating system.

Unless you suspect yourself of sleep-hacking, trust your instincts and don’t reply, delete.