Internet (and telephone) scams are becoming more sophisticated and continue to grow exponentially.
In the United States alone, almost 70 million citizens confessed to having suffered some type of telephone scam throughout 2022, causing 39.5 billion dollars in losses to those affected, an amount 32% higher than those registered in the previous year.
The term
scam
has become infamous and is an umbrella that encompasses different types of deception techniques, such as phishing
, vishing
,
or
online
dating fraud (also known as
romance scams
).
The latter are very common on social networks, where scammers pose as what seems to be a perfect person to gain confidence until their victim delivers valuable 'material'.
It should be remembered that after all
scam
, the final objective is economic: the fraudster will try all kinds of stratagems to obtain the credit card number or personal information with which to access a user's account and blackmail him.
Shielding yourself against internet scams may seem relatively simple, but the sophistication of cyberattacks is catching even the most cautious off guard.
How to stay protected against a cyberattack or phone scam?
The best defense is common sense
"We live in a society that is increasingly dependent on technology," explains Fernando Suárez, president of the Council of Colleges in Computer Engineering, "and we want everything now."
According to this expert, this rush makes us click on links in emails and it is in this urgency that our guard is lowered.
“The best defense is common sense, distrust and apply a critical spirit”, explains Suárez, “you have to think twice before carrying out an action on the internet”.
This expert recalls that cyber-attacks through
scam
"are very cheap and profitable" for those who perpetrate them, since in many cases they are carried out by bots.
This fact makes the cost very low and the prosecution of the crime very complex, since it is easy for them to "mask their origin through multiple jumps through the network, making the prosecution of these crimes legally very complex."
Never answer or open content from an unclear source
Within
scam
,
phishing
is sadly the most well-known technique.
After it, the attackers pretend to be a sender —usually a large company or bank— to request data from their supposed client with which they compromise their account.
It should be noted that in these cyberattacks, the "disguise" can be very well made and with the naked eye, it is very difficult to tell if that
is, for example, from the Post Office or not.
"Currently, the vast majority of scams are carried out using
phishing
techniques , by email and SMShing, that is,
phishing
by SMS messages," Federico Dios, an Akamai security expert, explains to EL PAÍS.
This expert warns of the importance of "never responding to these messages or clicking on the links they contain" and the explanation is very simple: "No organization is going to ask its clients to enter a username and password through this type of message" .
Do not reveal personal or financial information
Earlier we warned of the increasing sophistication of attacks using
scam
techniques and a good example of this is what some users of the Booking reservations platform have denounced.
The Infoviajera travel blog reports an incident in which a traveler, after having booked and paid for a room on the platform, apparently received a
from the booked hotel.
In this communication he was urged to re-enter the card details as there had been a payment problem.
In this sophisticated social engineering, the victim receives the request from, presumably, a hotel where they have made a reservation, with which the chances of falling into the trap are very high.
Cyber attackers take advantage of customer trust, which assumes that their data is safe.
From Booking, the existence of a data leak on its servers has been denied, and they point to the vulnerability of "a small number of establishments" that has facilitated the leak of reservation data.
The victims who have managed to avoid the evils of this elaborate cyberattack have done so by respecting a maxim that is more current than ever: never reveal personal or financial information over the Internet if it is not the user who has initiated the interaction.
Use biometrics (face or fingerprint) to protect accounts
Until now, there has been a staunch defense (and with solid reasons) of the sophistication of passwords: the longer and more complex, the better.
However, there are many voices that advocate overcoming them. And how to identify a user unequivocally without using a string of characters?
"The days of 'choose a strong password' are over: passwords are too easy to buy, steal or impersonate," explains Brett Beranek, vice president and head of Security and Biometrics at Nuance, to EL PAÍS, "biometric security closes the door to many of the largest criminal schemes, which means a huge reduction in fraud losses, as well as an increase in customer confidence.”
How can biometrics be used today?
Most mid-range or high-end mobiles have fingerprint or facial identification systems (the one Apple uses on its iPhones, since it cannot be fooled with a photograph).
Beware of flirting on social media
We have previously mentioned what is known as
romance scams
, or scam techniques that are carried out through flirting, and it is that this cyberattack format was responsible for losses worth 1,300 million dollars in the United States alone last year .
The Federal Trade Commission (FTC) has revealed that in 2020, nearly 70,000 Americans were victims of cyberattacks using this seduction technique.
The operation is simple: scammers analyze the victim's information on social networks and contact her with the intention of gaining her trust and laying the foundations for a possible romance.
In this slow-cooked flirtation, some victims find the cake when they try to physically date their better half and excuses arrive.
The FTC cites being stationed in the military, overseas, or even on an oil rig located in the middle of the ocean, as ploys to avoid contact and keep feeding the missives.
And there's a reason to want to keep the flame alive: at some point, the attacker will take advantage of the established trust to ask for money.
As?
The organization cites the most common pretexts: "I have been arrested and a bond must be paid", "I am seriously ill and I cannot afford the treatment" or the less romantic ones, such as "I have an investment opportunity".
These are scams that run for days or even weeks,
How to avoid being a victim of this
scam
technique ?
At the beginning of the interaction, the following measures should be taken:
Check that this person has a profile on social networks, in addition to the site through which they have contacted: cyber attackers often create ghost accounts with false names, making it easy to check the identity they claim to have.
Do a reverse photo search: Google the first and last name of the person you're befriending to match the photos and profile photos.
If he asks for money and always looks impeccable: as much as a relationship may be idealized, alarm bells must go off if the victim is asked for money on the other side of the chat under any pretext.
In the same way, it must arouse suspicion that this person always appears perfect on social networks: not a wrinkle, always elegant... come on, like a model.
You can follow
EL PAÍS Tecnología
on
and
or sign up here to receive our
weekly newsletter
.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/56U4ECEFCRDAFOPWRKT642I7WI.jpg)
