Fake Social Security Statement emails trick users into installing remote tool
A phishing campaign is targeting users with fake emails purportedly from the US Social Security Administration. These emails aim to trick recipients into installing ScreenConnect, a legitimate remote access tool that can be misused by cybercriminals. The campaign, attributed to a group called Molatori, sends emails with links to download the ScreenConnect client under misleading names. Once installed, attackers can remotely access the victim's computer, potentially leading to data theft and financial fraud. The campaign is difficult to detect due to the use of compromised WordPress sites for sending emails, image-based content to evade filters, and the legitimacy of the ScreenConnect application itself.
Pulse ID: 68133275aea46cd7781eec41
Pulse Link: https://otx.alienvault.com/pulse/68133275aea46cd7781eec41
Pulse Author: AlienVault
Created: 2025-05-01 08:36:05
Be advised, this data is unverified and should be considered preliminary. Always do further verification.