Common Scams (Common Sense Prevention) – Part 2
Welcome to Part 2 in our series of scams to be aware of. With a bit of knowledge and some common sense, you can be equipped to protect your identity, your devices, and your bank account. I’m sure scammers sleep, but their schemes and systems set in motion that attempt to infiltrate cyber security forces, do not.
Some scams are carried out in person with a live scammer on the phone. Or, they may be on the other side of a text. However, many scams are spam emails, spam texts, robocalls, fake websites, malware and virus attachments. Some even involve mail fraud. The list of of old and new scams seem endless but before you panic, take a deep breath.
There are simple things you can learn that apply common sense to prevent you from being fooled. So, let’s get into it shall we?
Imposter Scams
Imposter scams, also known as impersonation scams, are scams involving cybercriminals who are pretending to be someone, or something, they are not. The most commonly reported impersonation that scammers will utilize is that of a government official. Other examples are a scammer posting as someone you work with or trust, such as a bank, technology company, or a relative.
Signs of an imposter scams is a sense of urgency to act now to avoid of being arrested, threats of account deactivation, or additional fees being charged. Threatening language and requesting payment in obscure ways, such as with a gift card, are also common signs of an imposter scam.
Artificial intelligence (AI) is also being used to make these scams more authentic by cloning voices or creating deepfake videos.
Wrong Number Text Scams
Receiving unsolicited phone calls from unknown numbers has been common for years. Recently, text messages from unknown numbers or entities are on the rise. Often, the messages appear to be mistakenly sent. Many people may text back with “wrong number”, but this will only verify your number to scammers. Never respond to these messages or you will begin to receive more of them.
Unsuspecting receivers of these messages who beginning communicated with the scammer will eventually receive a malicious link after trust is gained. Never click any link sent to you in a text unless you verify that you are in fact speaking to someone you know. Confirm with them if they sent you the link.
Scammers may send messages for days or weeks before doing anything suspicious. When you receive these messages, check for blocking or reporting options on your mobile phone.
Deepfake Scams
These types of scams are also known as synthetic media or an imposter scam. A deepfake is a type of artificial intelligence that uses machine learning algorithms to manipulate images, audio or videos. You may receive an email from your friend or boss, followed up by a phone call where the scammer has used AI to mimic their voice. Video is often used on social media to give credibility to an offer in an advertisement.
To help spot a video deepfake, experts recommend looking for irregular blinking and eye motion, inconsistent lip synching, flickering around the edges of the subject, and odd-looking teeth.
To help spot an audio deepfake, experts recommend listening for irregular high and low pitches within the audio, lack of background noise, and awkward pauses.
If you received a frantic phone call from a family member in trouble and something seems off, let them know you want to verify that it’s really them calling. Ask them a few questions that a scammer could not possibly know. Such as, what is the color and year of your car? Where did we go on vacation last year? Or, name three of your best friends.
Mail-in Scams
Most people may not think of a scam coming in your mailbox. We are so used to junk mail that much of it is thrown away. But just like phishing through an email, scammers send out bulk mail in hopes of catching someone who is not paying close attention. It may be a fake bill stating that you are behind in your mortgage, or a fake utility bill requesting payment on a fake website or by mailing payment directly.
Fraudulent mail may also come as handwritten notes from a scammer pretending to be a friend. Think of all the ways phishing emails you receive. These can just as easily come in the form of junk male. A scam known as the “Hard Luck Story” takes the form of a scammer impersonating a friend or stranger needing assistance, but this letter is really coming from a scammer.
Social Media Phishing Attacks
Most of us feel comfortable on social media. After all, it’s where we connect with friends and family. There is also the potential to make new friends in community groups. The more relaxed we are in the social media environment, the easiest it is for cybercriminals to scam us.
These scams are dangerous for both an individual and an organization. The takeover of a business or brand’s social media account by cybercriminals can have devastating consequences. Many social media phishing attacks begin with cybercriminals gathering publicly available information. They will use this to fool you into clicking a link or forwarding a message to all your friends.
Use the privacy controls on personal and business social media accounts to keep personal information out of public view. Including your location, full name, and lists of connections. You can also take from the SLAM Method (used to inspect possible phishing emails) and adapt it to social media.
Social Media Cyber Safety
Fake Customer Service Accounts
Scammers will create fake customer service social media accounts of real companies and respond to help requests with a link to fake login pages where they can steal the user’s credentials or ask for payment for repair services.
Reporting all unusual activity you notice or suspect on social media helps keep the whole community safe.
Account Hijacking
Account hijacking happens when someone gains unauthorized access to a user’s social media account, usually through a weak password. Hijacked accounts are actively used by scammers to impersonate the user, send phishing messages to followers, post harmful content, or steal the user’s personal information.
Malicious links that could infect your device with viruses or malware can also come through social media via messages, comments, and posts by other users. If hacked, your account can be used to distribute scams and malware to your friends.
How to Prevent Account Hacking
Scammers often use information from multiple online profiles, such as answers to common security questions, to gain access to your other accounts. Disconnecting third-party apps that you no longer use can help keep your social media account secure.
Don’t use the same password for all your social media accounts. Using the same password across multiple platforms means if a hacker uncovers your password to one account, they also gain access to any additional accounts that use the same password.
Learn how my daughter’s Instagram account was hacked because of malicious link:
Teach the SLAM Method reviewed in part 1 to children so they won’t become another victim of a scamming text that preys on emotions.
Visual Spoofing
Visual spoofing is an action performed by a cybercriminal to disguise a website or email. Domain spoofing can also occur when a website is made to look like a legitimate website. Link in emails can also be cleverly disguised to catch you off guard. Looking closely at the URL will reveal that there are additional characters in the domain that seem to fit at first glance.
Scammers may also use different characters from other languages or accents over letters in the domain name. Something as simple as using the capital letter O instead of the number 0 can fool people.
Scammers don’t stop there. If you happen to end up on one of the scam websites, it may be copied from the original website to look real, including the design and products listed.
Be cautious of all links. It’s always better to access any website directly instead of clicking a link. Look for fake logos, poor website design or spelling errors. Keep your browser up to date allowing for automatic updates for all software and operating systems on your devices.
Pig Butchering Scam
This sounds like a weird name for a scam. In pig butchering scams, the scammer first builds trust through a new business relationship or friendship. It can happen through email or text. So, just like a farmer fattens up a pig before it’s time to send it to the butcher, the scammer is prepared their victim to eventually give them money.
Typically, they use the lure of guaranteed quick profits from cryptocurrency investments to convince the victim to invest. If you find yourself in this situation, conversations may go on for weeks or months until your defenses are totally down and you won’t think twice about investing or helping your new friend.
Be cautious of “wrong number” text scams, which may be a ploy to start a friendly conversation and eventually launch the scam.
Formjacking Scams
In a formjacking scam, cybercriminals target a website and insert malicious code to skim sensitive information from the sites form pages. Form pages can be anything, from a basic contact form to an online shopping cart, or payment form.
The information that scammers are after are passwords, login credentials, and payment information. These can include bank account numbers and credit card data.
Unfortunately, consumers are at the mercy of companies to ensure their forms are not being used to skim information. There’s no way of knowing is a web form is compromised or not, even for the most tech savvy person.
However, there are ways to mitigate the effects in the event your data is skimmed.
Best Practices for Protection Include:
Monitoring your credit card statements, banks accounts, and credit scores for unauthorized, unfamiliar and suspicious activity.
Use banking apps that alert you through SMS or push notifications in real time about transactions made on your account.
Notify your bank as soon as possible if you noticed fraudulent transactions.
Using multi-factor authentication on all accounts when possible.
These methods won’t stop form jacking but they make it difficult for criminals to siphon funds from a compromised account.
Signing up for identity theft protection that monitors your credit score, will let you know about changes connected to your finances. For example, it will email you when a new account is opened in your name. These services also identity theft insurance and provide services to help you clean up the mess made some any cyber breach that causes you financial harm.
Common Sense for Common Scams – Wrap Up
There will never be a shortage of scams to write about. As technology grows and changes, someone somewhere in the world is thinking about a new year to use it for malicious purposes. However, we hope you have seen a common theme of how some basic tips, combined with common sense, can help to be prepared. Always take a second look when something strange comes to you in an email, a text, or app.
Learn more about Scams – Part 1 and Creative Scams Part 3