The sophisticated machinery of online scams renews its set of lures every year to trap new victims.
In this note, what are the
four financial threats
that cybercriminals deploy in the online world and how
to avoid falling into the trap
.
“Cybercriminals take advantage of new technologies to camouflage their attacks so that the theft goes as unnoticed as possible.
“ QR codes
or
cryptocurrency
wallets
are new sources for distributing computer viruses,” says Gabriel Zurdo, CEO of BTR Consulting, a cybersecurity specialist.
A survey carried out by
Fiserv
- a global payment provider - analyzed the purchasing habits of Argentines and determined that 20% of buyers suffered at least one scam and 18% of merchants went through the same situation.
"People over 60 years of age are the most likely to fall for these scams. The most frequent types of attacks are spread through
,
or
social networks
," says Zurdo.
Below, the four
latent dangers online
in the 2024 season.
Digital wallets
Digital wallets, among the main targets of attackers.
61% of the Argentine population over 15 years of age already uses a digital wallet to make payments, according to a survey by the Argentine Fintech Chamber.
This represents more than
40 million accounts
in the sector.
A figure that, for criminals, represents a more than succulent loot.
Payment with counterfeit virtual wallets (CVU) is growing domestically.
Attackers use an
operational replica
- as happened with the Mercado Pago app - to pretend that a transfer was made.
When paying, they argue that they can only make the purchase through the alias or CBU/CVU, since the camera that takes the QR is damaged.
When the merchant provides their information, they are entered into the fake application and the scammers type the amount indicated to them.
To avoid suspicion, they carry out the operation in full view of the seller.
Although apparently there are details that do not match, such as the
typography or the logo
, doubts are dispelled when when transferring the amount, it is shown that it is deducted from the supposedly available money.
The malicious software generates a fake transfer receipt and even emits the characteristic sound.
The employee assumes the purchase went through, but the money is never credited to the bank account.
Always one step ahead of his prey, the scammer shows him a sign where he claims that there are delays in transactions, something that really usually happens.
Especially when it is the first operation that is performed.
These applications are available to any citizen, although they cannot be obtained in official stores.
They are usually purchased on the black market or made to order.
Banking Trojans
What the fearsome Mekotio Trojan is like.
Photo Martín Bonetto.
One of the most disturbing data in cybersecurity, according to the Kaspersky firm, is that, in Latin America,
scams
through banking Trojans quadrupled.
These reached the figure of 10 thousand attacks during 2023: the equivalent of 30 attacks per day.
In these lands, the Mekotio Trojan sets off all the alarms, since it has a very original method to steal financial information and credentials to access bank accounts.
It is mobilized through e-mail and disguised in an official notification from the Federal Police, it deceives the victim into believing that they have a traffic ticket.
There is another variant in circulation where it alerts about an unpaid bill.
The fake message prompts you to click to access a form that actually downloads the Trojan.
As usually happens, the victim realizes the mistake once the scam has been completed.
The first reaction is to click on the attachment to see what it is about.
Mekotio's actions consist of collecting data through a keylogger, a screen capturer or an overlay of the homebanking home page.
These impersonations imitate the most popular banks in Argentina.
The serious thing about this variant is that, once the theft has been completed, financial and banking entities, in principle, do not respond to the claims.
Their main argument is that they are not responsible for allowing the virus to access the computer.
Reports from the ESET firm show that Argentina (52%) is the country with the most Mekotio activity, followed by Mexico (17%), Peru (12%), Chile (10%) and Brazil (3%).
In the last year, more than 80 variants of this predatory Trojan were detected.
Cryptocurrencies
The risks of operating with cryptocurrencies.
AFP Photo
One of the most common techniques is the so-called "pump and dump" or market manipulation, which managed to raise $241 million in 2023, according to Chainalysis' Crypto Crime Report.
In this scheme, scammers seek to raise the price of the digital currency by spreading false information or rumors.
Once the price skyrockets, they sell their shares making a profit and leaving the rest of the investors with assets that have no value.
To make their facade credible, they pose as financial advisors, company representatives, or use influencers to convince novice investors.
They even create fake profiles on social media or dating apps.
Between January and December 2023, 370 thousand tokens
were launched
on the Ethereum network, of which - according to Chainalysis - 168,600 were available for trading on at least one decentralized exchange (DEX).
Of the total, 54% are presented as possible market manipulation.
According to statistics, only 14.1% of all tokens achieve at least
$300
of liquidity.
Only 5.7% of those launched in 2023 are currently above that threshold.
Which implies that, in the medium term, they either disappear without leaving a trace on the blockchain or are adopted by some group of frauds to convince dreamers that they are facing the opportunity of a lifetime.
online betting
The risk of online betting.
Photo Shutterstock
Online sports betting – many of which today sponsor the big teams in Argentina – is a growing phenomenon among teenagers.
The belief is that a streak of luck will help them get quick money.
The problem is that, in view of this belief, there are some scam sites that promise immediate profits with almost a minimum of risk.
Something that is impossible to achieve, since these sites are governed by chance and not by logic.
In this area, clandestinity abounds, since
80% of the platforms
in the betting market are illegal, according to data from the Argentine Chamber of Casinos, Bingos and Annexes (CASCBA).
In addition, each province has its own legislation and they are the ones who control the sites.
But in parallel, several sites emerged, without registration, do not pay taxes, accept the entry of minors and do not guarantee payment of prizes.
“Illegal online betting sites are the worst threat in the world of entertainment, just as they are for any other game, illegality is one of the great architects of the degradation of the recreational component,” commented Guillermo Gabella, Director of Business Affairs. Public and Legal of the Boldt Group.
Since they are ghost platforms and are not audited by an official entity, they simply disappear and there is no safeguard of funds.
The problem also arises when one intends to withdraw the profits, since it is only designed so that the money enters but does not leave.
“One way to tell if it is a trustworthy site is to pay attention to the domain of the website, if it ends in bet.ar they are trustworthy and you can play with peace of mind,” Gabella clarifies.
How to avoid online scams
Tips for operating in the digital world.
Photo Shutterstock
To escape digital tricks, Zurdo offers some behavioral guidelines that can avoid some scares.
Use a
single card
, which is exclusively used to make online purchases, this will allow easy tracking of transactions.
Avoid offers by email and WhatsApp because they can lead to fraudulent sites.
Be wary of payments directed
outside of
company platforms or sites.
Do not save payment details on the device.
Many, to avoid entering information again, store credit card data.
It is advisable not to do so.
Create
complex
and unique passwords every time you sign up.
Key managers can be a helpful tool.
Enter the bank account to control the card debits and the account statements to monitor that no transactions occur that one did not make.
SL