In today’s technologically forward world, online scams have become both common and effective. The Internet Crimes Complaint Center (IC3) states that there were $6.9 billion in reported losses for 2021 alone. Keep in mind that these are only the figures which people reported. Clearly then, continued education is vital surrounding these hovering threats. This article will dissect some various scams that cybercriminals use, dive into their tactics and techniques, and teach you how to protect against them.

Common Types of Scams

There are several common types of scams. Let’s look at five.

Gift Cards, Freebies, and Other Financial Offer Scams

Money-related scams appeal to a vast majority of people because they lean on an individual’s need to provide. These scams could be presented in many ways, from tax refund scams to “you’ve won” scams.

Romance Scams

Romance scams consist of scammers creating fake online profiles and leveraging these across social media and dating sites. A lot of time is invested into building rapport and trust with their target, then requesting various favors or money. Friendship scams work similarly.

Fear-Based Scams

Fear-based scams exploit common fears to push their target into a quick action. Some fear-based messaging may be something along the lines of “your account will be terminated unless action is taken”, or “this video of you will be sent to your friends and family unless you take this action”.

Tech Support Scams

Scammers sometimes pose as technical support specialists representing known household brands offering to fix a nonexistent problem. They will request access to their target’s computers remotely and will then install programs or malware that can steal sensitive information.

Work-Related Scams

A popular work-related scam includes the scammer impersonating your boss requesting you to purchase gift cards. Then they request the gift card information be sent back to them. Other work-related scams may include the impersonation of interns or colleagues.

Why These Scams Work

Why do these scams work? They rely on triggering various emotions. Fear, greed, and curiosity are just three emotions that the above scams focus on. Scams that raise these emotions in the target are more likely to get a reaction and influence an action. This, coupled with a sense of urgency, can be a powerful thing. Additionally, tactics like using authority or sympathy themes can influence the target to act when they otherwise may not.

Examples

For example, imagine you get the following email from someone impersonating your boss:

“I am thinking about implementing an employee reward system. Can we purchase some gift cards today to put a smile on some faces? Keep this message confidential until we give these cards out.”

What tactic discussed above does this email leverage? If you said authority, you are right! It’s coming from “your boss!” While this email hinges on the nicer side of potential scams, you can see how it may be effective.

Now, what if you received the following calls?

“Your auto warranty is about to expire, please press 5 now to renew this warranty.”

Or the very common tech impersonation scam which may go something like this:

“Hello, I am calling with Microsoft support. I received a report that your laptop was infected with a virus, so I’m calling to help you fix this. All I need is remote access to your computer.”

What emotion do these attacks lean on? Fear! They may seem like simple attacks, but even those can leverage intense emotions to their advantage. Countless scams such as the ones above abound.

Tips to Stay Secure

With online scams becoming so prevalent, how can we stay secure? First, think “verify, verify, verify.” Who did the message come from? If it’s a phone call, how can you get verification of who the person is? For example, if they say they’re calling from your bank, hang up and call your bank directly. Do not take a call back number from the unverified caller. If it’s through an email, follow a similar process. Do not reply to any number included within the email, rather, verify from an outside and trusted source.

Next, pay attention to any call, email, or text that contains a strong sense of urgency. This is a common tactic employed to make you act without thinking too much. Take a moment, take a breath, and ask yourself if what they’re asking for really makes sense.

Finally avoid clicking on links from any unverified source, even if the source claims to be someone you know. Visit the mentioned website via a trusted link or bookmark rather than clicking the link provided in the email. If you keep these points in mind, you’re on your way away from falling victim to some of these online scams.

Images:
https://www.finance-monthly.com/2018/07/fraud-epidemic-costs-3-2-trillion-globally/
https://www.paymentsjournal.com/wp-content/uploads/2021/09/Data_security_111-1-scaled.jpg

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer. Read the original post at: https://www.social-engineer.org/social-engineering/common-scam-tactics-and-techniques/