Hi Fellow Linden Residents,
As you may know, many business and residential utility customers are targeted daily by impersonation scams. Scammers impersonate the utility company through in-person, phone, and online tactics, claim the utility bill is past due, and threaten to disconnect services unless a payment is made immediately. Customers are pressured to make payments via prepaid debit cards (such as Green Dot, MoneyPak, or Vanilla), wire transfers, cash apps (such as Venmo or Zelle), gift cards, or cryptocurrency (such as Bitcoin). Additionally, scammers may claim that the regular payment portal for the utility company is currently offline, but the target can submit payment through another portal via a link or QR code. This fraudulent payment portal creates a false sense of legitimacy by using spoofed domains, impersonation, and stolen branding. Phishing and smishing tactics attempt to convince the target to immediately take action, such as responding or calling a fraudulent phone number, disclosing sensitive information, or making payment.
Scammers may visit the target’s home or place of business in person, claim to be a utility company collector, present fraudulent identification, and ask for personal information, including account number or Social Security number. However, legitimate employees wear a uniform, visibly display a company ID badge, drive a company car with the utility company’s logo, and visit during a pre-scheduled appointment with the customer.
Additionally, if customers receive an urgent call from their utility company’s trusted customer service number claiming termination of services for non-payment and that someone will arrive in 15 minutes to disconnect service, slow down the conversation before making any quick decisions and verify the information through official sources, as the phone number may be spoofed (faked)!
Hackers are targeting customers who use search engines to contact their utility companies. The search engine results may contain fraudulent websites with fake phone numbers that, if called, will put unsuspecting customers at risk for threat actors to collect personal and financial information. Furthermore, service disconnections are not immediate; there is a multi-step process, including payment arrangement options and multiple notifications to the customer, typically by mail and noted on their regular monthly bill.
Traditional attack techniques of malicious links or attachments are often detected by email security, forcing threat actors to pivot to QR codes as the primary attack method in various schemes. QR codes, sent through unsolicited communications or posted in publicly accessible locations, may appear to be associated with a reputable brand or organization and could direct targets to phishing websites, fraudulent payment portals, and unsuspecting malware downloads. In one campaign, the threat actors persuade their victims to withdraw money from their financial accounts and transfer it to them using a QR code and cryptocurrency ATM to avoid service disconnection. Once the funds are deposited into the ATM to purchase cryptocurrency, the QR code with the embedded address is scanned, and the money is transferred to the scammers.
Please make sure to be vigilant of these and similar impersonation scams. Refrain from answering unsolicited or unexpected communications, especially those containing QR codes. Additionally, do not provide personal or financial information or transfer money, especially in cryptocurrency, to unverified entities. If you need help with this or another type of scam, please call my office at (908) 474 8493 so that I can help.