Home Consumer Look Out for This Social Security Scam That Gives Hackers Full Access...

Look Out for This Social Security Scam That Gives Hackers Full Access to Your Computer

May 7, 2025

If you receive an email about your Social Security statement, proceed with caution: According to a new report from Malwarebytes Labs, hackers are impersonating the Social Security Administration (SSA) to trick people into installing a remote access tool and handing over full control of their devices.

The SSA is no stranger to phishing scams—the Office of the Inspector General put out an alert last month warning the public of fraudulent emails purporting to include Social Security statements that in reality led to fake websites.

The current attack is the work of a phishing group known as Molatori. It begins with an email that appears to come from the SSA with the message, “Your Social Security Statement is now available” and a prompt to download an attached document. The supposed statement is actually a ScreenConnect client, which grants remote control of the affected device.

ScreenConnect is a legitimate remote support platform for IT pros to help users configure systems and resolve technical issues by allowing the same access as if they had your device in hand. Once hackers have control of your computer via ScreenConnect, they can use it for anything from installing malware to transferring files to accessing sensitive data, like bank and financial account information, all without your knowledge.

Financial fraud is believed to be the main objective for this campaign, but as always, stolen data can be used for identity theft or sold to other malicious groups.

As Malwarebytes Labs describes, this scheme is hard to identify in part because the phishing emails originate from compromised WordPress sites with legitimate domains. The email body may also be sent as an image rather than text, making it harder for filters to detect it as malicious.

How to protect yourself

All of the common cautions for avoiding phishing scams apply here. Do not click on links or download or open files or attachments sent via email, especially if the message is unsolicited. Go directly to the company’s or organization’s website to locate important documents and verify communication. Attacks that come from compromised (but legitimate) domains can be trickier to catch, so be especially wary of anything you’re instructed to download, click, or fill out from an email.

If you are unsure whether an email or message is real and safe, Malwarebytes also suggests copying some of the text into a search engine to determine if it is part of a known phishing campaign.

Disclaimer

Artificial Intelligence Disclosure & Legal Disclaimer

AI Content Policy.

To provide our readers with timely and comprehensive coverage, South Florida Reporter uses artificial intelligence (AI) to assist in producing certain articles and visual content.

Articles: AI may be used to assist in research, structural drafting, or data analysis. All AI-assisted text is reviewed and edited by our team to ensure accuracy and adherence to our editorial standards.

Images: Any imagery generated or significantly altered by AI is clearly marked with a disclaimer or watermark to distinguish it from traditional photography or editorial illustrations.

General Disclaimer

The information contained in South Florida Reporter is for general information purposes only.

South Florida Reporter assumes no responsibility for errors or omissions in the contents of the Service. In no event shall South Florida Reporter be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service.

The Company reserves the right to make additions, deletions, or modifications to the contents of the Service at any time without prior notice. The Company does not warrant that the Service is free of viruses or other harmful components.