Emerging Online Scams | New Tech Means New Scams and Security Risks
Identity thieves are continually on the look out for new methods to steal your identity. It may be a new scheme using existing technology or the use of a new technology. When cyber criminals get creative it means the rest of us need to get more vigilant about internet security.
Mostly, we need to pay closer attention. People tend to have their guard down when they are on a new app that couldn’t possibly be used as a scam. Or could it? For example, people a more prone to question a potential scam on Facebook, because these schemes are common and well documented.
Parents have also read many articles about the popular apps that kids are using, such as Snapchat, Kik Messenger, and WhatsApp.
Education is the first step to protect yourself, but as technology continues to advance there is never a time to stop learning.
Fitness Scams
When I first heard about fitness scams my first thought was, huh? I couldn’t imagine what it was. Perhaps it was about people being approached while someone was outside jogging or working out in a gym.
On the contrary, this scam happens through fitness apps. We usually don’t think of a fitness app being related to social media. But when people connect with other joggers, yoga partners, or weightlifters, they are now socially connected with these friends and colleagues
This is when cyber thieves begin to work their schemes to steal someone’s private data, glean money through a scam, or find out where a person lives.
Criminals also use a person’s passion for health and fitness to entice you with tried-and-true methods, like incredible offers via email or text. If you receive a text message that claims to have a drug for a cheap price that can make you lose weight immediately, you should not follow the link and purchase it, even if the deal appears to be too good to pass up.
Ways to Protect Yourself
Many fitness trackers will store users’ locations on their systems, and if this information gets into the wrong hands, it could be used for malicious purposes. Keep your account secure with a good password and email/text authorization to ensure no one can attempt to log in without your knowledge.
And regarding the social media aspect of a fitness app. If you are sharing your location or connecting with others through the app, scrutinize all communication. If you receive a message on a legitimate fitness app from someone new or a friend, it does not mean the message is safe. It could be a scammer attempting to build a fitness relationship with you learn personal information about you.
These fake relationships start innocently enough, but over time they will try to get personal information from you. You also don’t know if a friends apps has been hacked and it’s a scammer contact you from their account.
Quishing: Malicious QR Code Scams
Just when you think you’ve seen it all, Quishing is like is Phishing (email scams), Smishing (SMS text scams), and Vishing (voice call scams). QR codes are common but if you are not familiar them or have never scanned one, here’s how they work:
QR codes are a type of barcode that can be scanned using a smartphone camera. When scanned, the code opens a website, pdf, or other type of digital page. If a malicious QR code gets scanned, it could lead to malware or a malicious website.
This QR code when scanned on your phone will take you to our website’s home page. You can trust it’s safe because we created it. Always be cautious of unsolicited emails with QR codes. Before scanning a code, verify the legitimacy of the website or the email sender. QR codes are a legitimate method used for authentication purposes on your phone.
Scanning a malicious QR code is the same as clicking a malicious email link or in a text message. It will either infect your computer or access personal information from you.
However, they can cause havoc if created by a hacker. Check for red flags such as suspicious email addresses or requests for sensitive information. But even an email address you know could be used to carry out the scam, such as a hacked email account of someone you know. It may require you to talk to or text the person who sent for confirmation.
For an added layer of protection, consider using a trusted QR code scanner app instead of scanning with your camera phone. These apps often scan for malicious URL’s and give warnings about potential dangers.
Scams Powered by AI
Thanks to new developments in artificial intelligence scammers are taking advantage. This new technology is accessible to anyone for any purpose, good or bad. Using AI allows users to make presentations more realistic, even to those who are suspicious.
AI is used by scammers for:
- Writing: AI can write emails and texts and track response rates of the message to increase effectiveness. Traditionally, one of the common traits of a scam message is misspelled words and grammatical error. This can be eliminated using AI.
- Voice: Be extra cautious of calls from friends or employers who ask for personal information. AI can mimic a voice to be a certain age or have a specific accent. Scammers no long need to make these calls themselves, which opens up the scary prospect that AI could even have a conversation with you. Plus, it’s all automated like a robocall, but an intelligent one.
- Deepfakes: There is already plenty examples of AI creating deepfakes of celebrities for the purposes of advertising on social media or simply for entertainment. Deepfakes add authenticity to offers that fool unsuspecting victims who are enticed by big savings or winning a contest.
AI can also produce deepfake photos used to create fake online profiles for romance scams. This is where scammers gain the trust of someone seeking a relationship online and later manipulate their victims to divulge personal information or steal from them.
Event Scams
Scammers often try to create a sense of urgency by offering good deals on sold-out events, but these ticket scams are fake. They advertise last-minute deals on tickets at prices that seem too good to be true. Phishing emails related to event scams may mimic legitimate ticketing services, including using their official logos and similar language.
Official sources are the safest bet for streaming events. By sticking to these sources, you reduce the risk of encountering scams that exploit the popularity of streaming services.
Cybercriminals will also use social media to advertise fraudulent streaming services. These ads might lead to fake websites designed to steal personal or financial information.
To avoid streaming platform scams, one should try to stick to the official broadcasting lists from the event’s website or official social media page.
Payment Apps
Banking fraud is common there has been much education about how to avoid divulging login details about your accounts. However, with the dawn of new payments apps it’s never been easier to send and received money to and from friends and family. These convenience of not having to deal directly with your bank makes it easier for scammers to steal from you.
Spoofing calls may be made to you about security issues and requesting personal information regarding a payment app you may be using. You may also receive links from your bank or payment app requested you to login to verify or correct information. In any of these situations, be very suspect.
In general, one should always pay close attention to the apps they are downloading. Recently, Apple found an app in their store that was mimicking a reputable password manager app.
Cyber Gateways for Scammers
Are cybercriminals watching you or listening to your conversations? Many don’t think about Bluetooth and how it can affect your privacy and even computer security in the home. Hackers can access your devices and data if your Wi-Fi or Bluetooth settings are weak. They can learn personal information about you to carry out targeted phishing attacks against you and your family members.
Bluetooth Security and Smart Devices
Fortunately, there are steps your can take to make sure your home is secure. We’ll first explore Bluetooth vulnerabilities, followed by what you can do to increase awareness and safety.
Potential Bluetooth Vulnerabilities
Here are things you need to be aware of when it comes to smart devices.
Eavesdropping Attacks
Devices like Alexa and Google Home make our lives easier, but they can be hacked, and malware can be installed to listen in on your conversations.
Device Hacking
Smart appliances like washing machines and refrigerators rarely have their default passwords changed. These can be used as a means to infect every other device on the network.
BlueBorne
BlueBorne is a set of vulnerabilities that affect devices with Bluetooth connections, allowing attackers to potentially take control of devices, spread malware, or steal data without requiring the devices to be paired.
Bluetooth Sniffing
Bluetooth signals can sometimes be intercepted by nearby devices using specialized equipment, allowing attackers to eavesdrop on communications between devices.
Weak Encryption
Some Bluetooth devices may use weak encryption methods or have security flaws that make them susceptible to brute-force attacks. To protect against weak encryption vulnerabilities, use Bluetooth devices that support stronger encryption protocols, such as Bluetooth 4.2 or later, and keep your devices updated with the latest firmware.
Bluetooth Impersonation Attacks
Attackers may attempt to impersonate trusted Bluetooth devices to gain unauthorized access to your device or data. To prevent Bluetooth impersonation attacks, be cautious when connecting to unknown devices and verify the authenticity of Bluetooth devices before pairing with them.
Smart Doorbells
Cybercriminals use a search engine called Shodan for this purpose. Cybercriminals use a specialized IoT search engine to find unsecured devices or devices with only a default password in place.
Solutions to Enhance Bluetooth Security
Bluetooth Pairing: Make sure to pair devices in a secure environment and verify the devices’ identities during pairing. Avoid pairing with unknown or untrusted devices. Use strong, unique passwords for Bluetooth pairing whenever possible. Replace any default pin codes.
Separate Your Networks: Your fridge and laptop should never be on the same network. If they are, hackers could gain access to your data on any device connected to your Wi-Fi. Even home surveillance cameras and become infected with malicious code to carry out cyber attacks.
More Tips for Bluetooth Set Up and Usage
- Avoid Using outdated Bluetooth devices.
- Keep your Bluetooth-enabled devices updated with the latest firmware and security patches.
- Disable Bluetooth when not in use, especially in public places.
- Consider using Bluetooth devices that support secure pairing methods, such as Bluetooth Low Energy (LE) Secure Connections.
- Regularly monitor your device for suspicious activity and review Bluetooth connection logs if available.
- Devices that are loaded with sensitive personal and business information should never be on the same network as IoT devices which are more vulnerable to attacks.
Smart TVs
IoT devices are a network of physical devices that connect and exchange data with each other over the internet. IoT stands for the Internet of Things. Basically, anything connected to the internet. One device that is often forgotten about is the Smart TV. Because Smart TVs connect to the internet and are therefore considered an IoT device.
Though convenient, Smart TVs can be exposed to cyber threats similar to phones and laptops. Cybercriminals who have hacked a Smart TV may change your privacy and security settings. They can even lock you out of your TV ask and as you for payment to unlock it. This is called a ransomware attack.
Hacking into you TV can allow them to access private information, including your credit card details. A hacked TV allows scammers can watch you and listen to you from your TV. And just like any security breach, they can send you targeted phishing attacks based on what they have learned about you.
Hacked TVs also become a gateway to access other devices that are connected to your home network. Also, once inside your TV, cybercriminals can create malicious apps designed to look like legitimate ones.
Ways to Prevent Smart TV Hacks
- Make sure your software is up to date. Do it manually when you think of it and enable automatic updates for those times you forget.
- Use strong and unique passwords for account associated with the TV.
- If you can hard wire your connection, this is much safer than using Wi-Fi.
- If you wonder if you TV has been hacked because of strange activity, disconnect it from the internet and perform a factory reset.
- Be sure update other passwords across all other accounts and make them unique from each other, including your Smart TV
Cyber awareness about all the devices connected to the internet in home will help keep you accounts and devices safe.
Election Scams
Elections scams are not new, but AI technology is adding fuel to the fire as those with ulterior motives seeks to disrupt and influence election outcomes.
Cybercriminals often impersonate political figures to deceive users into revealing personal information, downloading malware, or donating money to fraudulent causes. They distort reality and exploit the stress and excitement around elections to manipulate users.
Deepfakes can be used to impersonate political candidates, making it sound like they said things they never did. Deepfakes distort voters’ perception of reality and can have serious consequences for voter perception and trust.
Fake Social Media Accounts can spread disinformation quickly, making it sound credible and widespread. This can also lead to phishing attacks. Bots are also rampant online doing the work of scammers at an increasingly fast pace.
Foreign influence campaigns aim to create division and undermine trust in the election process. Campaigns might use phishing emails, fake social media accounts, or bots to steal personal information, install malware, and spread disinformation.
Advice to Avoid Falling for Election Scams
Practice Skepticism
Question sensational or shocking content, especially on social media. Verify authenticity through multiple sources, including fact checking websites. Be weary of accounts with generic photos and ones that repost from other sources frequently.
Scrutinize Unsolicited Emails and Phone Calls
Don’t give out any personal information. Avoid clicking any links. Verify details of the call or email by contacting a candidate or political party directly.
Check Website Security
When visiting any website for any reason, check for basic security. Ensure it has the https: before the URL. It should also shows a secure symbol in front of it, such as a padlock. Do not engage any website that is not secure. Leave the website and search Google for legitimate websites related to what you are seeking to do online.
Be wary of AI chatbots used by scammers. These bots can mimic human conversations, making it harder to detect fraud. Scammers may use them to steal personal information, trick users into financial schemes, or spread malware. Always verify the source of any chatbot interaction, avoid sharing sensitive details, and be cautious of unsolicited messages that seem too good to be true.
Final Reminders
Always use official sources for information. Stay away from social media as a reliable source for information, even if it looks like a trusted news or government website or account.
If any of your accounts are compromised in a breach you should change your password immediately. The same goes if someone guessed your password and manages to log in. After changing your password, take the steps offered within each of your accounts to enhance login security.
Never give our personal information over the phone until you are sure who you are speaking with. Tell the caller you will call them back at the number you have in your contacts. The same goes for links. Don’t click a link in an email. Visit your bank or employer’s website directly from one of your bookmarks or by searching Google.
Learn more about how scammers try to dupe you into clicking malicious links or responding to messages with personal information. Give yourself a well-rounded education about common scams and remember to never stop discovering ways to protect your devices and your identity.