If you receive an email about your Social Security statement, proceed with caution. Hackers are impersonating the Social Security Administration (SSA) to trick people into installing a remote access tool and handing over full control of their devices. The SSA is no stranger to phishing scams, but this latest one has a hint of authenticity to it. It begins with an email that appears to come from the SSA with the message, "Your Social Security Statement is now available" and a prompt to download an attached document. The supposed statement is actually a ScreenConnect client, which grants remote control of the affected device. ScreenConnect is a legitimate remote support platform for IT pros to help users configure systems and resolve technical issues by allowing the same access as if they had your device in hand. Once hackers have control of your computer via ScreenConnect, they can use it for anything from installing malware to transferring files to accessing sensitive data, like bank and financial account information, all without your knowledge. This scheme is hard to identify because the phishing emails originate from compromised WordPress sites with legitimate domains. The email body may also be sent as an image rather than text, making it harder for filters to detect it as malicious. All of the common cautions for avoiding phishing scams apply here. Do not click on links or download or open files or attachments sent via email, especially if the message is unsolicited. Go directly to the company's or organization's website to locate important documents and verify communication. Attacks that come from compromised — but legitimate — domains can be trickier to catch, so be especially wary of anything you're instructed to download, click, or fill out from an email. If you're unsure whether an email or message is real and safe, copy some of the text into a search engine to determine if it's part of a known phishing campaign.
