Connect with us
  1. Home page/
  2. New Social Security Scam EXPOSED/

New Social Security Scam EXPOSED

Editorial Team Freedom Press
Like Freedom Press? Get news that you don't want to miss delivered directly to your inbox

Alarming new Social Security scams are targeting Americans with sophisticated malware that can take complete control of your computer and steal your sensitive information.

At a Glance

  • Cybercriminals are impersonating the Social Security Administration to install dangerous Remote Access Trojan (RAT) malware on victims’ devices
  • The scam involves phishing emails claiming to provide Social Security statements with malicious attachments
  • Once installed, the malware gives hackers full remote control of your device, allowing them to steal financial information and commit identity theft
  • The campaign peaked shortly after Election Day and is linked to the 2024 presidential elections
  • Protect yourself by avoiding unsolicited links, verifying communications through official channels, and reporting suspicious activity

New Wave of Social Security Scams Targeting Americans

A sophisticated phishing campaign linked to the 2024 U.S. presidential elections is currently targeting Americans by impersonating the Social Security Administration. The operation, attributed to a group known as Molatori, has been distributing malicious emails disguised as official Social Security communications. 

These fraudulent messages typically claim to provide updated benefits statements but actually contain links or attachments designed to compromise victims’ devices and personal information. The campaign began in mid-September and reached peak activity around November 11th and 12th, just a week after Election Day.

Advertisement

The scam operates by sending emails with subject lines like “Your Social Security Statement is now available.” When recipients click on the “View Statement” buttons or download the attached documents, they unknowingly install ConnectWise RAT (also known as ScreenConnect client), a malicious use of legitimate remote desktop software. What makes this attack particularly dangerous is that these emails often originate from compromised WordPress sites with authentic domains, making them harder for security systems to detect as threats.

How the Malware Works and What It Can Do

Once the RAT malware is installed on a victim’s device, cybercriminals gain complete remote access to the system. This access allows them to control the computer as if they were sitting in front of it. They can monitor all activity, steal passwords as they’re typed, access banking information, transfer files, and install additional malware. The hackers typically focus on financial fraud as their primary goal, though the stolen data can also be used for identity theft or sold to other criminal enterprises on the dark web.

What makes this attack particularly effective is that it exploits legitimate software. ConnectWise Control is a genuine remote desktop tool used by many businesses for legitimate purposes. However, when deployed without the user’s knowledge or consent, it becomes a powerful weapon for cybercriminals. Many security systems may not recognize it as a threat because it’s technically a legitimate program, creating a dangerous blind spot in traditional security protections.

Warning Signs and How to Protect Yourself

The Social Security Administration warns that scammers frequently “spoof” official government phone numbers or even local police department numbers to appear legitimate. They may threaten legal action, claim your Social Security number has been suspended, or demand payment through gift cards, wire transfers, or cryptocurrency. These are all red flags that you’re dealing with a scam rather than a legitimate government communication. The SSA emphasizes that they will never threaten you, suspend your Social Security number, or demand payment through untraceable methods.

Advertisement

To protect yourself from these scams, the first rule is to avoid clicking on links or downloading attachments from unsolicited emails. Instead, visit the official Social Security Administration website (ssa.gov) directly through your browser to check any messages or account status. Keep your antivirus software updated, enable two-factor authentication where possible, and be skeptical of any communication claiming to be from a government agency that creates a sense of urgency. Remember that legitimate government agencies typically communicate through postal mail for important matters, not email or text messages.

Reporting Social Security Scams

If you believe you’ve encountered a Social Security scam, report it immediately to the Office of the Inspector General. If you’ve already fallen victim to a scam, take immediate steps to protect yourself. Change passwords for any accounts that may have been compromised, contact your financial institutions, place a fraud alert on your credit reports, and monitor your accounts closely for unauthorized activity. Early detection and prompt action can significantly limit the damage caused by identity theft or financial fraud.

The Federal Trade Commission provides guidance on “What To Do if You Were Scammed” that outlines specific steps for recovery. As these sophisticated scams continue to evolve, staying vigilant and informed remains your best defense against criminals attempting to exploit your personal information and financial resources. Remember that government agencies will never pressure you for immediate action, and when in doubt, verify any communication through official channels before providing information or downloading files.

Tags:
Continue Reading
Advertisement

You may like