The raft of recent FBI warnings hitting smartphone and computer users should not be a surprise. The threat landscape is rapidly worsening, whether from Chinese hackers penetrating U.S. networks or unpaid toll scams spiraling out of control. And much more dangerous AI-fueled attacks will soon turn all this up to eleven.
As I reported last week, the bureau is now warning website users to beware “a scam involving free online document converter tools,” with criminals using “converter tools to load malware onto victims’ computers, leading to incidents such as ransomware.”
Now the bureau has confirmed this threat is ongoing, with users continuing to fall victim. “FBI warnings are true,” says Bleeping Computer, “fake file converters do push malware.“ An FBI spokesperson told the site that “the scammers try to mimic URLs that are legit, so changing just one letter, or ‘INC’ instead of ‘CO’. Users who in the past would type ‘free online file converter’ into a search engine are vulnerable, as the algorithms used for results now often include paid results, which might be scams.”
“The best way to thwart these fraudsters,” the FBI says, “is to educate people so they don’t fall victim to these fraudsters in the first place. Every day, we are working to hold these scammers accountable and provide victims with the resources they need.” Yes, you should check URLs and avoid free ads topping search. But in reality you should not use online document converters at all — stick to established apps and platforms.
The FBI did not point out any specifics websites to avoid. Cue threat hunter Will Thomas, who has posted some example URLs on X, and Malwarebytes, which has published “some recent examples of domains involved in this type of scam:
- Imageconvertors[.]com (phishing)
- convertitoremp3[.]it (Riskware)
- convertisseurs-pdf[.]com (Riskware)
- convertscloud[.]com (Phishing)
- convertix-api[.]xyz (Trojan)
- convertallfiles[.]com (Adware)
- freejpgtopdfconverter[.]com (Riskware)
- primeconvertapp[.]com (Riskware)
- 9convert[.]com (Riskware)
- Convertpro[.]org (Riskware).”
This threat, per the FBI’s warning, bleeds into the ransomware attacks hitting organizations across the U.S., public and private, large and small. As CBS News reports, “federal investigators suggest the file converter method of attack may be behind the February ransomware attack of a Davenport, Iowa-based media company.”
Thankfully, this is now getting more press coverage which will increase awareness. As to what you do, per Bleeping Computer, “while not all file converters are malware, it’s essential to research them before using and check reviews before downloading any programs. If a site is relatively unknown, it is better to avoid it altogether.”
