According To A New Report, Fraudsters Are Breaking Into Their Victims’ Systems By Sending Them The Office Suite On Fake USB Drives Containing Malware.

One of the easiest ways to get malware onto users’ PCs is to trick them into thinking they’ve received a free prize and take control of their computer, precisely what cybercriminals in the UK are doing. They have used it to steal money from their targets.

According to TomsHardware, scammers send USB drives posing as Microsoft Office suites in what appears to be the company’s packaging to various addresses so that victims mistakenly think they have received a legitimate Office Professional Plus suite; A set whose actual value is $439. After plugging the drive into the computer, the installer doesn’t look like the natural Office installation interface, prompting people to call a fake support line.

Martin Pittman, Atenem’s cyber security consultant, said:

As soon as victims plug the fake USB drives into their computer, they will be presented with a warning screen stating that there is a virus on their system and that to fix it, they need to call a toll-free number to restart the computer. As soon as the user reaches the number on the screen, some remote access program will be installed on the user’s system, and as a result, the hackers will take control, and at this point, the user will transfer to the Office 356 subscription team.

Baiting attacks are nothing new, but they tend to target specific people and, for various reasons, use fewer mail packages. In this attack, the attacker uses social engineering to make false promises to the victim to trap him. This process may be carried out to steal personal and financial information or place malware on the target system.

Scammers from the UK targeted random people using parcel post, according to Pittman

. This type of targeting may not seem practical, but it will quickly pay for itself if you ship a thousand fake Microsoft Office packages and steal money from several people. Moreover, the mentioned method can be much more efficient than sending millions of fake emails.

Microsoft is aware of the issue but says such situations are scarce. However, the Redmond-based tech giant doesn’t seem to care much. The company prefers to distribute its software over the Internet and advises customers to visit the official support page to learn more about how to prevent fraud.