Have you seen an email or gotten a phone call which to you seems blatantly fraudulent? Whenever I do a talk on security there’s always some folks that wonder out loud “why are scammers successful?” Some of these attempts are comical at best. The fact is, when you are more aware, they do seem more obvious. We are seeing increasing complexity and cleverness however.
I have a couple cases where these criminals are getting very effective at what they do.
We can give you a ride to the bank!
This story https://krebsonsecurity.com/2022/08/scammers-sent-uber-to-take-elderly-lady-to-the-bank/ reported from Maryland talks about how the perfect timing between an event and a scam email. An 80-year old woman with a dishwasher failing at home and an impostor email from Best Buy about appliance install was the bait.
Luckily the woman caught on to the scam, but not before the criminals claimed to have an Uber ride coming to pick her up to take her to the bank.
Even a Silly Message may be Relevant
Criminals run scams as a business. They have a system in place and many times have labor costs (workers in low pay countries) to manage. Even the messaging follows fairly mainstream marketing tactics.
The key is to send a simple message that relates to something a person might react to. Send that message often and to as many people as you can. Eventually you will find the right person in the right circumstances who will be open to having a conversation. Just like our near-victim above.
Online Games aren’t just for Fun
Scams are being perpetrated in unlikely activities, especially ones you might think are fun. Those quizzes that your friend takes and shares the link with their score are tempting. It’s fun to compete with your friends! As many have found out, a quiz scam is a treasure trove of information for criminals.
- They ask personal questions – the answers might be the same as answers you give for secret words to your accounts.
- The link to the quiz might attempt to harvest your social media login info. After the quiz you might be asked to log in to “register” your score. That’s where they get the info.
- The link to share the quiz is tracked so the criminals can tell who your friends are and get their information.
- If they get into your social media, they’ll start to share malware links to all your contacts. They will impersonate you to gain your friends’ trust and try to scam them as well.
Social media quizzes and other ‘act and share’ activities often have subtle nefarious actors behind the scenes and you should avoid participating in them.
“This is really important! Do it now!”
Many scams involve a sense of urgency created from fear, panic or excitement. The phone scams are often conducted in a way to make you think you must act immediately. This could be winning a prize, avoiding a fine or even being arrested.
The criminal knows that if they can get you on board with a sense of urgency, you won’t think through what they’re telling you to do. Many of these scams involve the criminal impersonating the IRS, a sheriff’s deputy or a radio station. The “authority” helps reinforce the urgency and the victim can feel trapped.
If you get a call like these just simply say “please excuse me a moment”, and set the phone down, regardless of their protests. Think about what’s happening for a few seconds. Are you trying to be rushed into something you wouldn’t do if the situation were calmer? If so, that’s a huge red flag that this is most likely a scam.
More great phone handling tips in this article on phone scams: https://www.sans.org/newsletters/ouch/stop-phone-call-scams/
In this article I shared some information about “why are scammers successful”. These criminals use common marketing tactics which create urgency, appeal to authorities, spread by friends and relatives, and just blanketing texts and emails to everyone in the hope something sticks.
I’ve also given some tactics on how to know you may be scammed and what to do about it. Your best takeaway is to remember to slow down a little and think about what you’re doing. Especially if you’re acting at the request of someone you don’t know.
You can find more tips on how to Stay Safe Online here!