Virtual scams
continue to be the order of the day
, and among the most widely used forms of deception, criminals often pose as fake company representatives to steal financial data from victims and then their money.
To carry out these
frauds, scammers
use various methods, ranging from
fake sites
that appear in the
first results of Google
, fictitious profiles on social networks or phone calls.
"It is important that people
are attentive and never share personal information
, since generally companies do not request personal data
by telephone
, through
or via
social networks
. Much less share this information if we were contacted unexpectedly", warned the Head of the ESET Latin America Research Laboratory,
Camilo Gutiérrez Amaya
.
The objective of the scammers is to communicate by phone with the victim, to achieve this they usually resort to different alternatives.
Photo Pexels
What are the 4 new virtual scams and how to detect them in time?
Criminals usually
try to establish telephone communication
with the future victim, but to get to this point they usually resort to different alternatives.
From ESET, the company specialized in proactive detection of threats, they analyzed the
main methods
used to carry out this type of scam and thus learn to detect them on time:
1. Fake sites in Google search results
The first few results are usually legitimate sites, and people click almost automatically.
The problem is that criminals know this and try to take advantage of it.
Fake sites
can
appear
on the top of Google results
through paid ads or through fraudulent SEO techniques.
Therefore, it is important
not to blindly trust the first few links offered by Google
or another search engine.
ESET recently identified the case of a person who
Googled the customer support number
for a service and clicked on one of the first search results.
She thus accessed a site in which she had to leave her phone number to be contacted.
When the false representative contacted them, they explained that they needed to upload the collection data to the system due to an inconvenience they had suffered in their database.
The victim, convinced that she was talking to an official agent, shared
her credit and debit card numbers
with the offender , as well as the security code for both cards and the expiration date.
As if that were not enough, I send you photos of the front and back of the identity document via WhatsApp, as requested by the scammer.
Fake customer support sites can appear at the top of Google results.
Photo Shutterstock.
2. Fake profiles on social networks and the use of bots
On social networks such as Twitter and Instagram, ESET observed cases showing how
scammers monitor comments
users make with certain keywords or when tagging a verified profile.
These messages are usually complaints or some kind of inconvenience raised by users that need to be resolved.
When this happens, from these
fake profiles
that
do not have the verification mark
, they send direct messages making the victims believe that they are communicating from the official account (they use the same logo and a variation of the official name) and offer the contact of the service of Customer Support.
It is then that they request personal information, bank accounts or credit cards to defraud them.
For this
they use bots that monitor people's comments and legitimate profiles
.
Fake customer service representatives are contacted by Instagram.
Photo: courtesy Eset
3. Fake WhatsApp numbers
In these cases, the scammers are
contacted via WhatsApp
from profiles that contain the logo and a description to make believe that it is a legitimate account.
In some cases, they even use
WhatsApp accounts stolen from companies
or that have the verification mark.
Once they contact the victim, they use a wide range of possible excuses to
convince them to share their bank account details
, their personal information, or to take some other action.
4. Vishing, direct phone calls
Vishing is a social engineering attack that occurs through
phone calls or voice messages
.
This form of deception has been around for several years and is still used by scammers posing as official representatives of companies, services or public bodies.
One of the many modalities that they use consists of
calling the clients of financial institutions
with the excuse of providing the entity's new contact numbers and then trying to
persuade the victims
to share their card numbers.
Criminals often access
databases that are sold on clandestine forums
and that contain phone numbers, full names, and in some cases even card numbers.
This information can reach these sites in various ways, either by
data leaks suffered by a company
, by data theft through malware or even by compromising websites through skimming (a fraud that consists of accessing the data of your card through its magnetic stripe, using special technologies), or some other type of malicious code.
As a security measure, ESET recommends, in the case of WhatsApp and social networks, verify that the account with which you are communicating
has the verification mark
that ensures that it is an official account.
When in doubt, always look for the
contact number
through
official channels
and
verify that everything is legitimate
.
LN
look also
Properties: how to sell a big house faster and at the best price
Driver's license: how to do the procedure by WhatsApp to get it for the first time
Fake profiles on dating apps and social networks: 7 warning signs to spot them
Opening an account in the US from Argentina: how the app that allows you to do it virtually and free of charge works
How to become a programmer in less than a year: 5 keys to training and getting a job fast