Internet (and telephone) scams are becoming more sophisticated and continue to grow exponentially. In the United States alone, almost 70 million citizens confessed to having suffered some type of telephone scam throughout 2022, causing 39.5 billion dollars in losses to those affected, an amount 32% higher those registered in the previous year.
The term scam (con, in English) has become sadly famous and is an umbrella that covers different types of cheating techniquesAs the phishing, he vishing or online dating scams (also known as romance scam). The latter are very common on social networks, where scammers pose as what appears to be a perfect person to to gain confidence until he gets his victim to deliver valuable ‘material’. It should be remembered that after all scamthe final objective is economic: the fraudster will try all kinds of stratagems to obtain the credit card number or personal information with which to access a user’s account and blackmail him.
Shielding yourself against internet scams may seem relatively simple, but the sophistication of cyberattacks is catching even the most cautious off guard. How to stay protected against a cyberattack or phone scam?
The best defense is common sense
“We live in a society that is increasingly dependent on technology,” explains Fernando Suárez, president of the Council of Colleges in Computer Engineering, “and we want everything now.” According to this expert, this rush makes us click on links in emails and it is in this urgency that our guard is lowered. “The best defense is common sense, distrust and apply a critical spirit”, explains Suárez, “you have to think twice before carrying out an action on the internet”.
This expert recalls that cyberattacks through scam “They are very cheap and profitable” for whoever perpetrates them, since in many cases they are carried out by bots. This fact makes the cost very low and the prosecution of the crime very complex, since it is easy for them to “mask their origin through multiple jumps through the network, making the prosecution of these crimes legally very complex.”
Never answer or open content from an unclear source
Inside of the scamhe phishing It is sadly the most well-known technique. After it, the attackers pretend to be a sender —usually a large company or bank— to request data from their supposed client with which they compromise their account. It should be noted that in these cyberattacks, the “disguise” can be very well made and with the naked eye, it is very difficult to determine if that e-mail It is, for example, from the Post Office or not.
“Currently, the vast majority of scams are carried out using techniques of phishingby email and SMShing, that is, phishing by SMS messages”, Federico Dios, an Akamai security expert, explains to EL PAÍS. This expert warns of the importance of “never responding to these messages or clicking on the links they contain” and the explanation is very simple: “No organization is going to ask its clients to enter a username and password through this type of message” .
Do not reveal personal or financial information
Earlier we warned of the increasing sophistication of attacks using hacking techniques. scam and a good example of this is what some users of the Booking reservation platform have denounced. The travel blog Infoviajera collects an incident through which a traveler, after have booked and paid a room on the platform, received a wasap apparently from the booked hotel. In this communication he was urged to re-enter the card details as there had been a payment problem.
In this sophisticated social engineering, the victim receives the request from, presumably, a hotel where they have made a reservation, with which the chances of falling into the trap are very high. Cyber attackers take advantage of customer trust, which assumes that their data is safe. From Booking it has been denied the existence of a data leak on their servers, and point to the vulnerability of “a small number of establishments” that has facilitated the leaking of reservation data. The victims who have managed to avoid the evils of this elaborate cyberattack have done so by respecting a maxim that is more current than ever: never reveal personal or financial information over the Internet if it is not the user who has initiated the interaction.
Use biometrics (face or fingerprint) to protect accounts
Until now, there has been a staunch defense (and with solid reasons) of the sophistication of passwords: the longer and more complex, the better. However, there are many voices that advocate overcoming them. And how to identify a user unequivocally without using a string of characters? “The days of ‘choose a strong password’ are over: passwords are too easy to buy, steal or impersonate,” explains Brett Beranek, vice president and head of Security and Biometrics at Nuance, to EL PAÍS, “biometric security closes the door to many of the largest criminal schemes, which means a huge reduction in fraud losses, as well as an increase in customer confidence.”
How can biometrics be used today? Most mid-range or high-end mobiles have fingerprint or facial identification systems (the one Apple uses on its iPhones, since it cannot be fooled with a photograph).
Beware of flirting on social media
We have previously mentioned those known as romance scam, or scam techniques that are carried out through flirting, and is that this format of cyberattack was responsible for losses worth 1,300 million dollars in the United States alone last year. The Federal Trade Commission (FTC) has revealed that in 2020, close to 70,000 Americans were victims of cyberattacks using this seduction technique. The operation is simple: scammers analyze the victim’s information on social networks and contact her with the intention of gaining her trust and laying the foundations for a possible romance.
In this slow-cooked flirtation, some victims find the cake when they try to physically date their better half and excuses arrive. The FTC cites being stationed in the military, overseas, or even on an oil rig located in the middle of the ocean, as ploys to avoid contact and keep feeding the missives. And there’s a reason to want to keep the flame alive: at some point, the attacker will take advantage of the established trust to ask for money. As? The organization cites the most common pretexts: “I have been arrested and a bond must be paid”, “I am seriously ill and I cannot afford the treatment” or the less romantic ones, such as “I have an investment opportunity”. These are scams that run for days or even weeks, increasing the chances that confidence will trump caution.
How to avoid being a victim of this technique of scam? At the beginning of the interaction, the following measures should be taken:
- Check that this person has a profile on social networks, in addition to the site through which they have contacted: cyber attackers often create ghost accounts with false names, making it easy to check the identity they claim to have.
- Do a reverse photo search: Google the first and last name of the person you’re befriending to match the photos and profile photos.
- If he asks for money and always looks impeccable: as much as a relationship may be idealized, alarm bells must go off if the victim is asked for money on the other side of the chat under any pretext. In the same way, it must arouse suspicion that this person always appears perfect on social networks: not a wrinkle, always elegant… come on, like a model.
You can follow THE COUNTRY Technology in Facebook and Twitter or sign up here to receive our weekly newsletter.
#experts #speak #safe #internet #scams #Technology #country
