Kinex Telecom users targeted by email scam
Published 12:01 am Thursday, July 25, 2024
If you get an email that seems to be from Kinex Telecom, take a second look before clicking on it. Over the last week, a number of residents, as well as the Herald’s own account, have received emails from a scammer pretending to represent the organization.
Area residents have reported receiving an email that targets Kinex Telecom subscribers by asking them to respond with their username and password. It claims the company is carrying out a maintenance process on the user’s account and that a response is needed immediately.
The message goes on to say this will help the company fight against spam email. “Failure to submit your password will render your email address inactive from our database,” the phony email states.
Kinex Telecom President Jim Garrett said this email, like so many people receive everyday, is a phishing attack from a scammer hoping to get customers’ passwords.
“Just delete it,” Garrett said. Kinex did not send the email and would not ask for such information via email. The company also receives these same types of emails, he noted, as hackers look for ways to bait their accounts. Garrett said they have a few clients who sent the messages to them every time they hit their email inboxes.
“We immediately block the sender’s IP information that the reply goes to, so it kills our clients reply and it becomes a dead email,” he explained.
“The phisher or hacker gets the client’s password and they use it to spam emails from our email server, which we have solutions for, but I cannot discuss our safeguards,” Garrett said.
Kinex Telecom one of several targets
If these hackers have other information, such as that gathered by the recent AT&T hack, he explained they will add the password to that client file and eventually they gather enough information to attempt the person’s bank account, credit card, PayPal or hundreds of other accounts.
“It is like an intelligence gathering operation that goes on and on and they eventually build a file that is very valuable,” Garrett noted.
The Federal Trade Commission said scammers use email or text messages to try to steal your passwords, account numbers or Social Security numbers.
“If they get that information, they could get access to your email, bank, or other accounts,” according to the FTC’s Consumer Advice webpage. “Or they could sell your information to other scammers. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.”
The FTC warns that scammers often update their tactics to keep up with the latest news or trends, but here are some common tactics used in phishing emails or text messages.
Phishing emails and text messages often tell a story to trick individuals into clicking on a link or opening an attachment.
“You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank or a credit card or utility company,” the FTC stated. “Or maybe it’s from an online payment website or app.”
The message could be from a scammer, who might:
- Say they’ve noticed some suspicious activity or log-in attempts — they haven’t.
- Claim there’s a problem with your account or your payment information — there isn’t.
- Say you need to confirm some personal or financial information — you don’t.
- Include an invoice you don’t recognize — it’s fake.
- Want you to click on a link to make a payment — but the link has malware.
- Say you’re eligible to register for a government refund — it’s a scam
- Offer a coupon for free stuff — it’s not real.
Protecting yourself from phishing
The FTC’s Consumer Advice page states that the spam filters in email can help keep phishing messages out of inboxes. However, the agency goes on to say that scammers are always trying to outsmart those spam filters, which means extra layers of protection can help.
The FTC recommended these four ways to protect yourself from phishing attacks.
- Use security software on your computer. Set the software to update automatically so it will deal with any new security threats.
- Set cell phones to update automatically. These updates offer critical protection against security threats.
- Use multi-factor authentication on accounts. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication, which can use a personal identification number, a one-time verification code or something personal such as a fingerprint, retina scan or face scan.
- Back up data. This can be accomplished with an external hard drive or in the cloud. Also be sure to backup phones.
The agency’s Consumer Advice page offers additional information on phishing, including what to do in the event you respond to one of these scam emails and ways to report suspect emails at consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams#recognize.