If you’re mailed a random CD, don’t put it in your computer. Here’s why
Although CDs aren’t as common as they once were in today’s digital world, if you receive a random one in the mail, don’t put it in your computer or anywhere else, authorities say.
If you find a mailed envelope from an unrecognized sender and discover one, it’s likely a ruse, police in Maine are warning.
“Please don’t let your curiosity get the best of you, instead immediately dispose of the CD,” the Buxton police department said in a Dec. 2 news release. Buxton is about 70 miles south of the state’s capital Augusta.
A local woman got mail addressed to “a friend” from “a friend” on Dec. 1, the department said.
When she opened it, she found a CD with a handwritten message on it saying “please watch, copy and share with friends,” according to a photo shared by police.
She “used sound judgment and did not put this CD in her computer,” police noted.
They warned that “information gathered from a list of ongoing scams indicates this CD was likely ladened with malware and other programs that can infect a computer and allow hackers to gain access to and steal personal information.”
Although Buxton police said they did not receive similar calls about other CDs when the woman reported it, they suspect others might have received a random CD or they still may.
The department “will be working with the state crime lab to safely determine what is actually on the disk,” Tammy Jo Gerard, a spokesperson, told McClatchy News in a statement.
“We would like to remind all to please stay vigilant about potential scams,” they added.
“Keep your computer’s antivirus and malware software updated, do not put any media in your system unless it comes from a safe source, and be on the lookout for phishing and scam emails.”
It’s happened before
In 2018, security expert and former Washington Post reporter Brian Krebs, who runs a site KrebsOnSecurity covering “in-depth security news and investigation,” alerted the public about “malware-laden CD’s.”
Many state and local government agencies reported getting mail containing malware-laden CDs “apparently sent from China,” according to his post from July 27, 2018.
“This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer,” Krebs wrote.
A non-public alert was sent to government agencies on the local and state levels by the Multi-State Information Sharing and Analysis Center about the scam, he said.
The CD “arrives in a Chinese postmarked envelope and includes a ‘confusingly worded typed letter with occasional Chinese characters.’”
“Attacks like this are a reminder that cybercrime can take many forms,” he wrote.
Ahead of Thanksgiving and Christmas, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency urged the public to maintain “vigilance against the multiple techniques cybercriminals use to gain access to networks,” in a Nov. 22 news release.
“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways — big and small — to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure.”
This story was originally published December 2, 2021 at 6:38 PM with the headline "If you’re mailed a random CD, don’t put it in your computer. Here’s why."
.jpg)