Stu Sjouwerman is the founder and CEO of KnowBe4 Inc.a simulated phishing and security awareness training platform.
Online scams have become increasingly widespread. According to the FBI’s Internet Crime Complaint Center (IC3), billions of dollars are lost to online scams every year, and that number is increasing exponentially. While fraudulent acts committed by cybercriminals can vary, they broadly fall into these five main groups:
1. Cash, discounts and gifts
Cash, discounts and freebies attract everyone’s desire to find a bargain. From playing the lottery to entering sweepstakes and tax refund scams that promise 75% savings, there are countless ways crooks trick people into giving them their identity or financial information such as bank account and card numbers. credit.
2. Job scams
Job scams are another tactic used by fraudsters. Scammers start by creating a fake company online presence complete with fictitious employees and social media profiles. So job seekers are lured with the carrot of a lucrative pay or easy employment conditions. Under the pretense of completing the employee onboarding process, scammers steal personal information such as social security numbers and contact information. Sometimes they ask for an advanced service fee to complete the hiring process.
3. Romance or friendship scams
These scams consist of criminals creating fake online profiles and registering on social media and dating sites. They spend a lot of time building a bond of trust with the victim, and once trust is established, they ask for favors or money. Examples include requesting medical treatment for a sick family member or money for travel.
Sextortion, where someone threatens to distribute private material (eg nude photos) if their demands are not met, is also common. According to iC3, Americans lost $956 million in romance scams in 2021.
4. Fear or Threat
Scammers are known to exploit public fear by using it to hook victims. Examples include messages like:
• “You will lose all your data and photos, and only our software can help fix it.”
• “Pay your electric bill now, otherwise you will lose energy.”
• “This is a notice from the local tax authority. Complete this action now or face a fine or lawsuit.”
• “Your Netflix service will terminate unless action is taken.”
The Covid-19 pandemic has provided an important resource for scammers to exploit fear and uncertainty.
5. Technical support scam
Here, scammers pose as service representatives of well-known domestic brands to offer assistance to fix a problem that doesn’t exist or provide technical support that you don’t need. Unsuspecting victims allow these unauthorized technicians to access their computers remotely and install unwanted programs or malware that can steal confidential information or corrupt data and services. According to FBI estimates, US tech support scams caused losses of more than $347 million in 2021, up 137% from 2020.
Social media scams on the rise
While it is common for fraudsters to use phone, web and email to trick users online, the FTC has warned that social media scams are fast becoming the “weapon of choice” for cyber scammers. According to the FTC, more than 95,000 people in 2021 were victims of fraud initiated through social media platforms. Losses from social media fraud alone totaled a staggering $770 million, which is nearly a quarter of all reported fraud losses in 2021.
Social engineering red flags
To avoid falling victim to online scams, it is imperative that consumers are extremely cautious and alert when communicating and transacting online. Start by keeping an eye out for these social engineering red flags:
• Watch out for “stressful events” that exploit emotions to make victims act impulsively. Scammers can goad the victim into rushing to strike a deal that “expires soon” if the transaction is not completed.
• Avoid clicking on suspicious URLs or downloading file attachments from unknown senders or replying to untrustworthy people.
• Be wary if someone is willing to buy a premium product or service, especially if they say they’re willing to pay by check. Fraudsters propose issuing a check to buy something for more than the stated price, with a promise to refund the difference before the victim discovers the check is fake.
• Be suspicious if the scammer cannot talk on the phone or meet face-to-face or make excuses to make a financial transaction in an unconventional way (e.g., payments via gift card or cryptocurrency).
• If someone calls you unexpectedly and offers assistance, find a way to verify your identity. Do not allow an unknown person to remotely connect to your computer without proper verification, even if they seem to have a solution to your problem.
Most online scams are surprisingly easy to spot. Studies show that frequent security awareness training exercises are incredibly effective in reducing the chances of a cybersecurity incident by up to 70%. If you believe you are a victim of Internet fraud, please contact your local FBI office and file a complaint with IC3.
The Forbes Technology Council is an invite-only community for world-class CIOs, CTOs and technology executives. do i qualify?