Your Social Security Statement Gives Hackers Full Control of Your Computer

Your Social Security Statement Gives Hackers Full Control of Your Computer

July 14, 2025

A recent social engineering scam has been reported by Malwarebytes using the Social Security Administration (SSA) and it could lead to an attacker gaining full access to your computer. It’s the second one in as many months involving downloading statements.

Behind the operation is a cybercrime group known as Molatori. It starts with a phony email that looks like it’s legitimately from the SSA, telling you your statement is ready. There’s an attachment, sometimes an image, with a nudge to open it. But surprise—it’s not a statement. It’s a remote access tool called ScreenConnect. Normally used by IT pros to help people fix computer issues, in the wrong hands, it’s a digital master key.

Once scammers have access, your computer is their playground. They can swipe sensitive files, install malware, or quietly raid your financial accounts—without you ever knowing.

To protect yourself from such scams, consider the following advice:

Be Skeptical of Unsolicited Communications: The SSA typically communicates via mail, not phone calls, or emails. If you receive unexpected contact claiming to be from the SSA, do not provide personal information or access to your computer.

Verify Before You Trust: If you receive a suspicious message, independently verify its authenticity by contacting the SSA directly through official channels.

Avoid Granting Remote Access: Never allow unknown individuals to access your computer remotely. Legitimate organizations will not request remote access, unsolicited, and even then, be skeptical.

Use Strong Cybersecurity Measures: Install reputable antivirus software, enable firewalls, and keep your systems updated with the latest security patches and supported versions to protect against malware and unauthorized access.

Educate Yourself and Others: Stay informed about common scams and share this knowledge with friends and family to help protect them.

If you suspect you’ve been targeted or have fallen victim to such a scam, report it immediately to the Federal Trade Commission (FTC) and the SSA Office of the Inspector General. You can find information on how to do this on their websites.

General News

How To Protect Yourself After A Data Breach

Data breaches seem to happen like clockwork. None of them are your fault, but the responsibility to protect yourself and your personal information rests square on your shoulders. It can seem like a daunting task, but there are some fundamental actions that can be taken right now that can make you a significantly safer from falling victim to a cyberattack. In this video, Jim Stickley will cover a wide range of types of data that can be exposed and how you can protect yourself. Credit Card, SSN, personal information, and other types of data are in the wild, so you need to be prepared. READ FULL STORY

Identity Theft

Billions of SSN’s Exposed—How To Protect Your Finances

There has been a mega data breach boom lately and billions of Social Security numbers have been exposed. The National Public Data breach alone let loose 2.9 billion of our most sensitive records into the hands of cybercriminals. It's unlikely that anyone in the U.S. escaped this breach. And if you did, there's certainly another one that got you. Fortunately, there are several protective steps we can take to minimize the potential financial damage, and they aren't so difficult to do. READ FULL STORY

Scams & Phishing

Spotlight on Retirement Scams: $3.4 Billion and Counting

Maybe this year is the year you will retire from the daily grind of working for a living. For many online scammers, those in retirement are a target ripe for the picking. The FBI reports retirees aged 60 years and older in the United States lost over $3.4 billion to scammers in 2023. This signifies an 11% increase from the year before. Here’s a closer look at common retirement scams and how to know one when you see one…before it’s too late. READ FULL STORY

Your Security

The Growing Threat of Synthetic Identity Fraud

Imagine a crime straight out of a sci-fi thriller: criminals piecing together parts of people’s identities to create entirely new personas. This isn’t fiction—it’s a growing danger known as synthetic identity fraud, or “Frankenstein fraud,” where thieves use fragments of stolen identities to wreak havoc. At its core, synthetic identity theft involves stealing a Social Security number (SSN) and combining it with fake or unrelated personal details—like a different name, address, or birthdate—to fabricate a brand-new identity. The culprits often target the most vulnerable: children, the elderly, or the homeless. READ FULL STORY

Education

Should I, Could I Freeze My Credit Report?

Having your private information or identity stolen is no picnic. It takes quite a long time to make it right, so one of the best ways to help ensure that neither happens in the first place is to protect it as much as you can. In light of the recent Capital One data breach, many may be considering putting a freeze on their credit reports and that is a great idea. However, it's a good idea to be sure to know what that means before taking that action. READ FULL STORY

Email Address

Create a new Verification Phrase Enter any word or words you like.
The email newsletter will arrive from news@stickleyonsecurity.com Please wait...