Tragedies And Funerals Like A Honeypot To Scammers
Criminals and scammers are ambushing well-meaning people during times of tragedy, so it is important to be on the lookout, a cybersecurity expert warns.
Author of the book 'She'll Be Right (Not!) – a cybersecurity guide for Kiwi business owners – SMB cybersecurity expert Daniel Watson, said that unfortunately, no matter how tragic an event, there will always be criminals waiting to take advantage of these moments to steal from others.
Following the recent death of British Queen Elizabeth II, it took only a few days for scammers to create fake emails enticing people to give up their personal details—data is a highly valued currency in the criminal world.
The scammer tried to mimic an official Microsoft email (Microsoft had nothing to do with the message) asking people to click on a link, enter their condolences about the Queen and submit a few personal details.
According to the scammers, the purported goal of the email was to help create a fictitious "interactive AI memory board in honour of Her Majesty Elizabeth II."
The scammers were using a platform known as EvilProxy which embedded a clickable link that took the unwitting griever instead to a credential harvesting page.
Watson said such scams are all too common and can be highly damaging for people if they are caught out. Perhaps even more worrying, he added, is that many people must still fall for these simple tricks, which is why the scammers persist in sending them out.
“Younger people are generally very trusting of others because they don’t have much life experience. Trust is a great thing. But it is also the reason scammers believe their tricks will work.
“On the other hand, when older people succumb to these scams they do so because they aren’t used to the online environment and believe they are safe when they really aren’t,” he said.
Online scams come in all shapes and sizes: money collection for fake charities or political campaigns, romance scams, fake animal welfare causes, anniversary scams (like 9/11), Covid-19 scams, cryptocurrency scams and many others.
Last month, the New Zealand Government’s computer emergency response team (CERT) reported that 110 Kiwis were the victim of "romance scams" in the first six months of 2022.
New Zealanders lost $3.9 million in online scams between April and June of this year - $200,000 more than in the previous quarter.
“It is so simple for scammers to mock up a website, upload a handful of heart-tugging images and entice people to hand over their hard-earned cash.
“And it can be so difficult to get rid of these people. If you mistakenly give up some money to a scam group, they will keep coming back with different approaches, hoping to trick you again,” Watson said.
Just knowing that scammers exploit tragic events is a key part of staying safe online, but Watson offers a handful of other concrete pieces of advice for anyone worried about avoiding scams.
1. Take it offline
Scammers prefer to conduct their tricks on the internet because almost everything is done online these days—from banking and shopping to communications and business. Watson said this is precisely why moving a scam call offline immediately is so important.
“A good habit is to ask for the name of anyone who calls you from an unknown number. Then hang up and call that company’s main office using the number listed on the company’s website. Don’t use any call-back number the caller gives out.
“If the call was legitimate, someone else at the company will be able to verify the reason for the call. Most scams can be avoided with a bit of awareness like this,” Watson said.
2. Two-factor identification
Setting up two-factor identification (an extra layer of security for online accounts) will mean a user must create an extra step for logging into their account. But while this might be frustrating, a password is no longer enough to keep cybercriminals at bay.
“It can be tempting to skip this layer of security. But don’t skip it. Add two-factor identification to all your sensitive accounts and devices. If you’re unsure how to do this, check out the help section of the software or device,” Watson said.
3. Follow your rules
Technology will always be stronger than human willpower, which is why scammers try to trick people, not the computers. So, it is wise to have a few basic rules.
“One of the best rules I have is—never do donations over the phone. It doesn’t matter how desperate the caller sounds. I simply will not give out credit card or bank account details over the phone.
“If I am to donate, then it must be through a secure website or in person. Everyone should adopt similar rules and always stick to them. You can be a kind person, while also being a hard target for scammers,” Watson said.
For more information visit: https://www.linkedin.com/in/daniel-watson-smb-cybersecurity-expert-07424b12/