While going through my research related to domain names, I stumbled upon this awesome podcast called Federal Drive with Tom. In an episode, Mr. Roger Kay came as a guest and talked about an interesting phishing scam related to the Department of Labor.
Kay during his work noticed a pattern in a number of cases reported by users. They were all about a scam related to the DOL. The scamsters initiated the scam through similar domain names like DOL-gov.com, DOL-gov.us. The domain names announced the arrival of a big contract and a chance to avail it.
Some people who invest regularly would likely be tempted by it. They click on the link and the scam begins. This particular scam was a Credential Harvesting Scam.
A Credential Harvesting Scam is the one in which someone tries to access/harvest your credentials, i.e., LogIn Ids and Passwords related to different accounts. This scam harvested the victim’s Microsoft credentials.
One of the unique ways the hackers tried to blend in, was to copy the original DOL platform as much as they could. They used email Ids of verified domain names. By this they bypassed several security checks as the Emails came from Id of a verified domain name. They sent the PDF files that were an exact replica of Government PDFs.
They had a brilliant plan to get most out of the victim’s credentials. They asked for credentials many times. The strategy was that if the user enters the same credentials, it would be double verified. However, this can also happen that the user tries to LogIn through a different set of Ids and Passwords. In such a case the hackers can avail more than one account credentials.
After 3 LogIn attempts, the hackers prompted them to the original domain name of the DOL, DOL.gov. However, before the victim realizes what has happened to him, the scam is long over. The hackers got what they wanted.
The best way to protect yourself from such a scam is to look at the domain name. As in this case, DOL.gov is the genuine website, while DOL-gov.com and DOL-gov.us are fake ones. How did we decide this? By looking at the extension. .gov domain names always belong to a government entity are always secure.
Mr. Kay is a cybersecurity entrepreneur and Vice President of Strategy at INKY. The podcast is broadcasted at Federal News Network. You can listen to the full podcast here.
To be aware and informed about scams happening online and to protect yourself remain updated and Subscribe to our channel.