We’ve written about cyber scams before, but criminals are always trying out new approaches in their tireless effort to trick their way into our computer systems and bank accounts. While consumers have become savvier about cyber scams, people are also getting exposed to more of them, and criminals are getting craftier. It’s always a good idea to ensure employees and coworkers are aware of the dangers. Here are the top cyber scams of 2019 from McAfee:
Quizzes & Questionnaires
We see these circulating on Facebook, Twitter, and other social media platforms all the time. They seem harmless enough, and sometimes they even offer ways to win prizes. However, these are phishing attacks in disguise. According to Gary Davis, Chief Consumer Security Evangelist at McAfee, “Many appear to be sponsored by big-name brands such as airlines and major retailers, offering free products or discount tickets if you just answer a few questions. The questions are designed to get you to reveal personal information that can be used to guess your passwords or security questions, such as your mother’s maiden name, or your hometown.”
The goal here is for hackers to access your computer to mine for cryptocurrencies. According to McAfee, at the end of 2018, coin-mining malware had grown more than 4000% in one year. “Many of these miners were distributed through phishing emails and websites,” Davis said, “using ‘giveaway’ scams on social media, or even via crypto mining chat groups on platforms such as Slack. Cybercrooks enter the chat rooms, pretending to be fellow miners, and encourage users to download malware disguised as ‘fixes’ to crypto issues.”
Online dating has become so popular, it’s led to a meteoric rise in romance scams. “These often involve bad actors preying on lonely people who are looking to connect,” says Davis. “Scammers build up a sense of trust over online dating and social media platforms, before asking for money. They often claim the money is for an emergency, or a plane ticket to visit the victim. This kind of manipulation works so well that the Better Business Bureau estimates that victims in the U.S. and Canada lost nearly $1 billion to romance scams between 2015 and 2018.”
Fear is a powerful motivator. One fairly recent innovation in cyber scams is to send out emails claiming that the receiver’s computer has been hacked and that the criminals have obtained compromising pictures of the target via their computer camera. All you need to do, the email says, is send money by a certain date, and you can avoid the release of private photos.
Topical News Hooks
Scammers often try to capitalize on whatever latest news story is sweeping the nation. For instance, job scams abounded during the recent U.S. government shutdown, which left 800,000 federal employees out of work for over a month. Phony job ads asked workers to fill out detailed job application forms, in order to steal Social Security numbers and other private information.
During this time, scammers sometimes pretended to be the IRS, and they emailed targets telling them they could get a discount on their tax bills if they paid during the shutdown.
Package Delivery: “Phony package delivery emails usually spike around the holidays,” says Davis, “but in the age of Amazon Prime, delivery scams are circulating year-round. Be on the lookout for more recent Amazon scams that come in the form of a phishing email, asking you to review a product to get rewards. If you click on the link, it could deliver malware, or even ransomware.”
Tech Support: Davis warns, “This is one of the oldest, but most persistent scams to date. Phishing websites and phony pop-up warnings that a computer or device is infected have led thousands of people to hand over personal and financial information to fix a problem they don’t really have.”
Here is how McAfee recommends avoiding getting taken in by these scammers:
- Be careful where you click—Don’t open suspicious links and attachments, and never click on pop-up messages from an unknown source. If you get a suspicious login or payment request, go directly to the provider’s official website to see if the request is legitimate.
- Know how to spot the fake—Phony messages or documents will often look like a simplified version of the real thing, with poor quality graphics, incorrect grammar and spelling, and a generic personal greeting.
- Keep your personal information private—Avoid online quizzes, and never share personal or financial details with someone you don’t know in real life. Review your privacy and security settings on social sites to make sure that you aren’t leaking information.
- Be a smart online shopper—Only buy from reputable websites, and steer away from deals that seem too good to be true. Be suspicious of unusual payment requests, such as buying gift cards or using virtual currency.
- Become a password pro—Choose complex and unique passwords for all of your accounts. Consider using a password manager to help you create and store complicated passwords securely.
- Protect your computers and devices—Use comprehensive security software that can safeguard you from the latest threats.
For more help on keeping your facility safe from hackers and scam artists, contact Vanguard Resources.