Today, I spoke with a gentleman who was scammed out of his money by criminals who posed as the New Zealand Transport Authority.
He was very upset and had to cancel 2 credit cards.
He went to Facebook to warn other people about the scam.
It was on that Facebook group that I met him. In this group all I was allowed to offer him was empathy and some advice. I couldn't offer him what he really needs, because that would violate the rules of the group -- even though I can actually help him and others like him.
There are lots of ways attackers can get in to your computers, and drop nasty programs.
In the case of this gentleman, he received a Phishing email.
The email itself contained nothing that an antivirus program would flag as dangerous. All it contained was pictures, links logos and instructions.
Your antivirus does not know that the link goes to a site owned by criminals. The email appeared to come from an authority, and the poor gentleman was steered straight in to a social engineering attack.
The link took him to a website where he duly paid the outstanding balance -- or so he thought. He did not say so, but it is a fairly good bet that once the scammers had his credit card details, they started making additional transactions.
Our solution could have identified the website the scammers directed him to. He would have been given advice that access to the site was blocked because it is a known bad actor.