Scammers exploit new ‘data-leak compensation’ scheme, details here

A new online fraud scheme has been detected by cybersecurity experts at Kaspersky. Designed to trick victims into thinking they are owed compensation, under the pretext of providing them with compensation, scammers instead persuade their victims into buying ‘temporary US social security numbers’ worth around $9 each. Many victims from Russia, Algeria, Egypt, the UAE, among others have fallen prey to this scam.

As notified by experts, this scheme exploits issues around privacy issues and involves a website that is allegedly owned by the Personal Data Protection Fund, founded by the US Trading Commission. As stated, the fund issues compensation to those who may have been subject to a personal data leak and is available to citizens from any country around the world.

The website reportedly allowed users to check if their data has been leaked. All you need to do is provide certain details like a surname, first name, phone number, and social media accounts. Once this has been done, an alert is shown indicating that the user has experienced a leak, which can include data such as photos, videos, and contact information, entitling the affected user to compensation of thousands of dollars.

READ | Cybersecurity: Hospital pays ransomware attackers to save the lives of patients

However, scammers do not only ask for a user to enter a bank card number but also ask for a user to offer his/her own social security numbers. SSN is a nine-digit number issued to US citizens as well as both permanent and temporary working residents.

In spite of entering the correct existing SSN or in the absence of a valid SSN, the website would alert mistakes and offer to sell a temporary SSN for the price of $9 each. Once the user agrees to make the payment, he or she would be redirected to payment form in Russian or English with the purchase price specified in rubles or dollars, respectively. The currency would depend on the victim’s IP address.

“The new scheme is quite a topical one and is related to offering compensation for data leaks. Once some organizations have started to pay users, fraudsters No such thing as a free lunch: scammers exploit new ‘data-leak-compensation’ scheme decided there is a monetary opportunity for them as well,” said Tatyana Sidorina, a security expert at Kaspersky.

(Photo: Luca Bravo / Unsplash)