Beware of Celebrity Podcast Scams, Experts Warn
▼ Summary
– The Better Business Bureau warns of a “podcast imposter” scam where threat actors use fake podcast invitations to gain remote access to victims’ computers.
– Scammers initiate contact via email, offering $2000 compensation to appear on a fictional celebrity podcast and then request a tech check call.
– This scam is a variation of tech support fraud, aiming to hijack social media accounts and potentially compromise other accounts with the same passwords.
– Perpetrators target not only influencers but also specialists and executives to access corporate systems through their employee accounts.
– The BBB advises skepticism of unsolicited offers, checking sender details, refusing remote access requests, and maintaining strong cybersecurity training.
Business owners and influencers are being targeted by a sophisticated new scam involving fake celebrity podcast invitations, which security experts warn could lead to unauthorized remote access to computers and social media account hijacking. The Better Business Bureau has issued an alert about this deceptive scheme, urging professionals to remain vigilant against unsolicited offers that appear too good to be true.
Scammers initiate contact by posing as podcast managers representing a well-known celebrity or popular show. They send personalized emails praising the recipient’s expertise and offering a generous payment, often around $2000, for a guest appearance. The message seems professional and enticing, designed to lower the target’s guard.
Once the recipient expresses interest, the fraudster suggests a pre-interview tech check to ensure audio and video equipment works properly. They insist on using a remote access tool during this call, claiming it’s necessary for troubleshooting. In reality, this step allows the scammer to take control of the victim’s device.
With remote access granted, the attacker can quickly harvest login credentials, especially for social media accounts. If the same password is reused across multiple platforms, other sensitive accounts may also be compromised. Martin Kraemer, a security awareness advocate at KnowBe4, notes that this method is an evolution of classic tech support scams, but with a more focused and dangerous twist.
He emphasizes that the threat is no longer limited to influencers. Specialists and executives are now prime targets, as their corporate accounts can serve as gateways for deeper network infiltration. A single compromised employee account can expose entire organizations to data theft, ransomware, or espionage.
To protect against such attacks, the BBB recommends several precautionary measures. Always scrutinize unsolicited emails, especially those with unusual formatting or generic language. Verify the sender’s email address, legitimate businesses rarely use free email services like Gmail. Be highly skeptical of unexpected financial offers, and never allow an unknown person to remotely control your computer.
Most importantly, safeguard login credentials and avoid password reuse. Kraemer stresses that ongoing cybersecurity education is essential. Corporate training programs must evolve to address emerging social engineering tactics, ensuring that all employees can recognize and resist these increasingly convincing scams.
(Source: Info Security)
