• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / January 27, 2022

It CAN happen to you! Are you ready?

I am what some might call a cybervangelist. I am always warning people about cyber scams. Whether through phishing (emails), smishing (text messages) or vishing (voice).

Last week I received a call that looked like it came from Louisville Gas & Electric (LG&E), my local utility company. The number that showed up on my called ID was in fact the number for LG&E. So immediately it seemed legit.

When I answered, I heard a recording saying that my power was due to be disconnected within the hour and to “press 1 to talk to someone to make a payment or press 2 to continue with the disconnection”. Clearly I didn’t want my power disconnected especially since the temperatures are in the teens. So I pressed 1. A man came on the line and asked how he could help me. I told him I received this call which was telling me my power was going to be disconnected. He said that I needed to pay my past due amount immediately. I told him that I have autopay set up to pay this bill and that I would login to check my account and would pay online if, in fact, I owed anything. He said that I couldn’t do that because it would take 1-2 days to clear my bank and would not keep them from shutting off my power.

However, this nice man was here to help. He said either I could go to my bank account online and pay via Zelle or that I could go into my local LG&E office to pay in person. In the meantime, unbeknownst to him, I had logged into my account to see my bill. I told him that since HE called ME, I wanted to protect myself and just confirm he was indeed calling from LG&E. He said, “Of course, I understand.” So I asked him to tell me my LG&E account number to confirm it was legit. The line then went dead.

I immediately called LG&E directly (at the same number that was spoofed because that is the number they list on their website and on the bills) and advised what happened. They did confirm it was a scam and took down all the information I conveyed about the call I had received. I was told that this is a scam they have been seeing and that the script is always the same. I advised that the spoofed number adds a sense of legitimacy and that the cyber security team should be alerted. I was advised to notify the local police department and I also filed a complaint online with the FBI Internet Crime Complaint Center (IC3) (https://www.ic3.gov/).

It is important to notify law enforcement in addition to the organization which is spoofed so that trends can be watched and others can be alerted to be aware of these scams.

Coincidentally, as I was writing this article for this week’s newsletter, I received the same call again four days later. (It sounded like it was the same man as before.) This time he told me that the crew was en route to my house “even as we speak” to turn off my power. Just to see what he would say, I asked him to please tell me where the nearest LG&E office is located so I could pay in person. It was at this point that he hung up again. Next time I will ask if I can pay with bitcoin.

By the way, my power was still on when I got home. I guess their crew got lost.

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT