Download and print the designed version of this Consumer Alert
Criminals insert themselves into private text, email, or instant message conversations, making the communication look safe because it is coming from a trusted source.
This sophisticated two-step scam starts with what’s known as a “phishing” attack that steals login credentials. Once criminals have access to your account, the next step is to get into your ongoing conversations and send scam messages and malware from you. There are two victims in a “phishing” scam — the person whose account is being hijacked and the person who receives the message that appears to be from you. The recipients are more likely to click on links or attachments in those messages because they appear to have come from you. And when they do, they are pitched a bogus opportunity, prompted to provide personal information, or otherwise scammed — by an email that may have malware already installed.
To report a scam, file a complaint, or get additional information, contact the Michigan Attorney General:
Online