A new wave of phishing attacks is exploiting public trust in government agencies. Cybercriminals are sending fraudulent emails that appear to come from the Social Security Administration (SSA), aiming to trick recipients into downloading a remote access tool that gives hackers full control over their computers, according to a report by Malwarebytes.
The scam emails, often sent from compromised WordPress websites, claim to offer a downloadable Social Security statement. However, the entire message is typically embedded as an image—a tactic that allows it to bypass most email filters. Clicking on the link initiates the installation of ScreenConnect, a powerful malware tool that enables attackers to infiltrate your device remotely.
The campaign has been attributed to a phishing group known as Molatori, whose goal is to extract personal, banking, and other sensitive information. “Once in, the attackers can steal your data, commit financial fraud, and engage in identity theft,” the report warns.
To avoid falling victim, experts suggest staying alert to red flags. These scam emails often contain poor grammar, missing punctuation, strange formatting, and unusual colour schemes for links. Such errors—evident in screenshots shared by Malwarebytes and the SSA—are clear signs of a scam, even as AI-driven tactics make phishing attempts more convincing than ever.
“If you want to view your Social Security statement, the safest option is to visit ssa.gov,” the SSA advises.
What to Do If You're Targeted:
- Cut off all communication with the scammer
- Report the incident to the SSA Office of the Inspector General (OIG)
- File a report with your local police
- If you've lost money, submit a complaint to the FBI’s Internet Crime Complaint Center (IC3)
As phishing threats continue to evolve, cybersecurity awareness remains your best defense.
