People have duped others throughout human history, and scamsters evolve with the times. Sandeep Suri offers tips on staying safe
It was early morning on a beautiful summer day. I reached my office in Dublin, Ireland. As I was looking through the glass outside an old, timber-framed French window I watched the beautiful sun rising to brighten the earth, and I felt more in sync with nature and all it had to offer, but then someone knocked on my door, it was my admin Wendy who was looking quite hassled. I realised that there was something not quite right with her that day, she reluctantly told me that her 82-year-old mother was cheated by a fraudster when she innocently answered a few simple questions over the phone, succumbed to the creative tricks of the fraudster, and lost about €1000 in just in a matter of minutes. This is an example of how vulnerable we are to these cyber security crimes in our society.
I don’t want to scare you, but the fact of the matter is that you turn on the news or leaf through a newspaper, and there is a reasonably high chance you will find a story about economic crime or fraud. Throughout the human history, people have attempted to dupe others. The face of economic crime is changing at an unprecedented rate. The internet has changed the complexities of fraud. With most consumers owning smartphone, tablets, laptops, the digital market is here to stay! Indeed, technology is supporting the large volume of online transactions, but the real currency of digital commerce is TRUST. As businesses witness digital transformations in their fields, they recognise the importance of technology which is one of the biggest enablers to build scale and efficiency. Building trust through technology without disruption is increasingly the goal, while there are natural barriers to this audacious goal, it is now more critical than ever to transact with utmost care.
Converging trends have propelled the increasing scale, diversity, and complexity of frauds across the globe. As an example, a shift from conventional methods of making payments to more sophisticated ways of transferring money has accentuated the pace and scale of frauds. We genuinely believe that the internet is a safe place where you can’t fall for all types of online scams, but it’s always good to do a “reality check”. We can become an easy target for malicious actors who want to steal our most valuable personal data. Economic crime is appearing to be one of the most problematic issues-both in India and worldwide. Remember, the scale of Economic crimes at the corporate level and individual level is hugely different. With Fraud gaining momentum and becoming a global threat, it is increasingly catching the eyes of regulators. Given its scale and cross-border implications, it is not surprising that enforcement of fraud is a global priority. Still, the silver lining is that the regulators are cooperating (inter-country) to prosecute fraud perpetrators. Through this brief article, I am attempting to share a few pieces of the jigsaw puzzle that may help us in understanding this complex web of scams and mitigate the risks associated with it.
Data breaches are exposing the crucial set of pieces of information to fraudsters. Once stolen, this information can be used in facilitating fraudulent activities. As cyber criminals see more opportunities to have a windfall in these deals, they see every reason to stay invested! We are facing the ‘perfect storm’ of risk. Scams aren’t as rare as you might think. You must know how to prevent and deal with Scams if they come your way. Hence, we are simply NOT winning this game! Fraud is like a natural disaster: it is so intrinsic to the nature of the individuals that are hard to anticipate by definition. It happens to be one of the biggest threats of all times that we face in today’s fast-paced world. As the risk landscape is evolving almost on daily basis-the bad guys (perpetrators) are trying to stay ahead of the curve and take full advantage of people’s ignorance and negligence.
Let me tell you, scammers are inventive and they keep coming up with new ways to con people not just out of their money but also play with their emotions. You can safeguard yourself by being aware of the most common scams in practice. Some of them are easy to spot, while others are so sneaky you may not even realise until you are scammed. Remember one cardinal rule to stay protected, if it sounds too good to be true; it probably is a scam! Almost everyone will be the target of fraud at some time. You may have already been scammed. You can dodge these scammers by being aware of the most common scams.
Let’s start with the type of scams prevailing in the world with some sophisticated engagement methods the cybercriminals adopt with the victims. Of course, this is not an exhaustive list, but yes, for sure, it would give you a good idea that we usually come across in our everyday lives:
- Stealing your e-mail password: This is the most common way of taking data in the cybercrime space. The fraudster customizes the idea to steal e-mail credentials that bypass any authentication security protocol as it doesn’t rely on any easy-to-spot phishing methods. Here’s what one needs to know to stay ahead of the e-mail password-stealing Scam curve.
Cyber criminals need to know the e-mail address and associated phone number of the user to lead this part of the scam. Contact details can often easily be compromised. The scammer can then capitalise on the password recovery process that allows an e-mail user to gain access to your account by a verification code sent to their mobile. The
attacker later texts you with a message, asking you to share the verification code while posing as the e-mail provider. In these quick steps, a cybercriminal gains access and takes over your e-mail account. With access to your account, the scammer could just lock you out! The attacker could also add an alternate e-mail address to your account without your knowledge and start getting your messages to this new address. Meanwhile, you don’t even know if your private messages have been intercepted!
Be careful when you get suspicious SMS text messages asking about your e-mail verification codes. If you are not sure about the legitimacy of such request, contact the e-mail service provider directly.
Tip: Remember as a best practice, always use a unique password in all your accounts and don’t get trapped to have the same password across your accounts.
2 Impersonation scam: This is the next category of scam that is quite traumatic by nature. Typically, the way this is played out is a scammer pretends to be from a well-known business house like a mobile service provider or an internet service provider. The scammer may call and ask for remote access to your computer to ‘fix a problem’. They may also e-mail you fake tax challans or invoices threatening to cancel your service or charge excessive penalty fees, if some kind of overdue payment is not paid immediately. Once the fraudster has remote access to your computer, he can often infect your computer with malware. It is often seen that the victims get trapped in such conversations and succumb to the threats posed by the cybercriminals.
Tip: Be suspicious of calls or messages you receive out of the blue. Also, just delete any suspicious texts, pop-up windows or e-mails and don’t ever click on links or open attachments and most importantly, never give anyone remote access to your computer.
- Lottery, sweepstakes and competition scams
Sometimes an e-mail or a text message lands in your inbox from an overseas lottery or sweepstakes company out of nowhere. The idea of these scams is to trick you into giving your personal details for giving money upfront or receive the prize. Once you are deceived, Scammers typically claim that you need to pay fees or taxes before your prize money is released.
Tip: Remember, you cannot win a prize if you haven’t entered!
4. Dating and romance scams
Well, this is the category of scam where not only youngsters get trapped, but people from all age groups and sex
could be the potential target of following these scammers. The scammers create fake profiles on legitimate dating websites, and once you come to their terms, they try to enter into a relationship with you so they can get a hold of your money and personal details. Gradually the scammer develops a strong rapport with you then ask for money to help cover costs associated with illness, injury, travel or a family crisis. Like a drip-feed, it just doesn’t stop here, slowly the scammer start exploiting your emotions as well!
This is often seen as a slow-burning sting, with gullible victims groomed by a succession of texts and e-mails after contact is first made on social media or a dating site. Some are so ashamed to have fallen for these scams that they go unreported!
Tip: Never share personal credentials with any unknown identity over the web; it has a massive potential of getting misused!
5 Credit Card fraud
Credit card fraud isn’t rare; it happens when a fraudster uses your stolen credit card to make purchases in your name. Though Indian financial institutions have developed multilayer security protocol and a secured validation process, still one has to be extra careful about the transactions taking place in your account. Here are a few examples of how a credit card transaction could take place:
- Someone found your discarded receipts or credit card statements that included your account number and used that information to rack up fraudulent charges.
- You were dining out last night, and an unscrupulous waiter stole your card number and used it to his benefit.
- You went to a gas station to fill gas, you swiped your card, and later you realised some fraudulent purchases have been made on your card. There is every possibility that the scammer had installed a credit card skimmer to steal your account information.
- Sometimes it could just be a breach of information from a retail store or a restaurant, and for no fault of yours, your credit card information was compromised.
Tip: Do regular checks on your credit and debit card transactions. Inspect what you expect!
6 Identity theft
This category of Fraud is all about stringing the facts together about a victim from various sources. The fraudsters might get their hands-on things like financial statements, bank statements, Aadhaar number or your PAN details. To prevent identity theft, make sure you keep your reports and sensitive information secure.
Tip: If you have physical copies of any identities, keep them locked in filing cabinets that only you can access. For digital copies, make sure you use complicated usernames and passwords and avoid falling for phishing scams. Don’t hand your information out to anyone.
7 Synthetic Fraud
Synthetic fraud occurs when a perpetrator creates an identity instead of stealing an existing one. The scam involves taking some personally-identifying information (PII) like mixing real Aadhaar or PAN no. with other pieces of information like names, addresses, and birth dates to put together an entirely new identity, technically called ‘synthetic consumer’. The newly created identity is often used by the Scammer to open a bank account, apply for a credit card, apply for loans and, of course, purchase things.
Tip: Keep your PII information safe and secure, shred them before discarding such document(s) that contains your personal information.
8 Phishing E-mails:
Phishing has a social engineering element that is often used for stealing user data, including login credentials and credit card numbers. Usually, the scammers appear to be a trusted entity, dupes a victim into opening an e-mail. Soon the recipient is tricked into clicking a malicious link, which leads to the installation of malware that results in freezing of the system or revealing of sensitive information. It could then result in these unauthorized purchases, the stealing of funds, or identify theft.
Scammers are opportunists by nature, and the most recent trends observed in this direction are about they taking advantage of COVID19 and seeing this as an opportunity to steal more! The virus has affected the lives of millions of people around the world. It’s impossible to predict its long-term impact. But for sure, it is possible to take steps to help protect yourself against coronavirus-related scams. The overwhelming news coverage about the novel coronavirus has created a new danger. In essence, phishing attacks as these scammers look to exploit public anxiety and fears about the deadly virus.
So how does it work? Cybercriminals send e-mails claiming to be from legitimate organisations with information about the coronavirus. The e-mail messages might ask you to open an attachment to see the latest statistics, clinic details for treatments, list of doctors, and so on. You click on the attachment or the link, and that’s what the fraudster was waiting for you to do. As you download the malicious software onto your device, you know the rest…
Tip: Never get lured by these e-mails that may ask you to open a link from a suspicious party, this could be a phishing attempt by a Scammer. So do yourself a favor and don’t respond. You can check the link by hovering your mouse button over the URL to see where it leads. Most of such e-mails will not be from a legitimate sender. If found, just delete the e-mail!
HOW TO AVOID SCAMS:
- Research reports on fraud suggest that generally, senior citizens are more vulnerable to scams than any other group. The thinking behind this is that older people can be confused easily. Hence, these fraudsters tend to babble and aim to confuse their victims, so the real trick is if someone is trying to rush you, that’s a cue for you to back off. Also remember, there is a significant amount of money sitting in senior citizens’ accounts, and they are on fraudsters’ ‘watch list’.
- Shred all your credit card receipts: Identity theft is a huge business. Regularly monitor your bank and credit card statements and never give out personal information over the phone to someone unknown.
- Sign up for the ‘do not disturb’ (DND) and take yourself off multiple mailing lists by hitting the unsubscribe button from the unwanted e-mails.
- Be sceptical of all unsolicited offers. Be sure if someone is trying to reach you and be an informed consumer.
- If you have any doubts, a simple Google search could do the magic. It would clarify your concerns instantly; you may want to Google the name of the organisation the caller claims to be calling from.
THE GOOD VS THE BAD GUYS:
Unfortunately, the more the good guys refine the defense mechanism necessary to lock out fraudsters, the faster the cybercrime ecosystem evolves the offensive tools. There is no ‘magic wand’ that will simply banish fraudsters. The most important thing is to preempt what fraudsters are thinking and to stay ahead in this game.
IF YOU SUSPECT…
If you think you’ve been scammed, don’t be afraid or embarrassed to talk about it—waiting could only make it worse. Just in case you suspect any wrongdoing, don’t be scared or embarrassed to talk about it with someone you trust-your friend, family member or anyone else. Remember, someone can help, and you are not alone in this. Doing nothing could be a costly affair and could make things only worse. Keep the phone numbers handy and resources you can turn to, including the local police, your bank etc. Don’t take a chance, just cancel any debit or credit cards linked to the stolen account, if you suspect and quickly reset your personal identification number(s).
Before I close, some golden rules that I expect all of us to follow:
- Always assume that anyone cold calling you is a ‘con artist’ at the first place; don’t give them the benefit of the doubt to start with. Let them work hard in earning your trust!
- Any unexpected text or e-mail coming your way has a purpose of cheating you.
- And any investment with a “guaranteed return” is a “guaranteed way of losing money”.
Fraud will continue to evolve to evade detection. The best way to insulate yourself from fraud is to protect your personal information as best you can. You have got to defend yourself. If you’ve fallen prey to a scam – stay calm and emerge stronger!