Magda On Cyber
Published in

Magda On Cyber

7 Online Scams you Must Know

An online scam is a type of fraud that occurs over the internet. Scammers use the internet to try and trick people into sending them money or personal information. They often create fake websites or send emails that look like they’re from a real company, but are actually just a way to get your money or information. Online scams can be very sophisticated, so it’s important to be aware of what to look for.

There are many types of online scams, but some of the most common ones include phishing schemes, where scammers send emails or text messages pretending to be from a legitimate company in order to steal your personal information; and pyramid schemes, where people are promised large profits for recruiting others into the scheme.

A money mule is someone who transfers or moves illegally acquired money on behalf of someone else. Mules are hired by criminals to assist them smuggle money generated through internet scams and fraud and human trafficking and narcotics trafficking.

Some of the people who act as money mules are aware that they are aiding illegal operations, while others aren’t. Money mules may be paid for their services, or they may help someone.

If it is too good to be true, it probably is too good to be true !

Even if you don’t know you’re breaking the law, you’re still breaking the law if you’re a money mule.

As part of a criminal money laundering scheme, you might face prosecution and incarceration if you act as a money mule. You might be charged with wire fraud, bank fraud, money laundering, and aggravated identity theft, to name a few of the federal offenses in the USA, for example.

Additionally, as a money mule, your credit and financial reputation might be harmed. Cyber criminals working with you, may steal your personal information and exploit it for their own purposes, and you may be held personally responsible for compensating the victims.

Anyone may be contacted by criminals to be a money mule, including students, people seeking for job, and those on dating services.

Possibilities for Work at Home that seem to good to be true are a good example of money mule hiring. This might happen through unsolicited emails or social media messages that promise fast money for little or no work have landed in your inbox or social media accounts, web-based email services are used by the “employer” with whom you are in contact (such as Gmail, Yahoo, Hotmail, Outlook, etc.).

As a condition of receiving and exchanging money, you must create a bank account in your personal or corporate name. Receiving money into your bank account and subsequently “processing” or “transferring” it through wire transfer, mail, or a money processing firm (such as Western Union or MoneyGram) are all commons schemes.

They tell you: If you transfer money, you may retain a percentage of it for yourself with no explicit responsibilities are given to you.

Always be suspicious if an offer is too good to be true !

Donations are sought for groups that conduct little or no work, yet the money goes to the fraudulent charity’s originator taking advantage of natural disasters or wars.

Despite the fact that these scams may occur at any moment, they are more common in the wake of high-profile tragedies. Criminals frequently take advantage of you and others who are trying to assist in the wake of a tragedy.

Scams posing as charitable organizations may be delivered to you in a variety of ways, including emails, social media postings, crowdfunding sites, cold calls, etc..

When making a donation to a charity organization, use prudence and due diligence at all times.

Parcel Scam

A parcel scam is when someone attempts to scam you by sending you a package and asking you to pay customs fees. Advanced scam schemes include compromising an account, and sending you a very REALISTIC message regarding an expected parcel. You might then be more prone to actually believe it !

Be very wary of any online offers that require you to pay customs fees. Report any suspicious packages or offers to your local authorities.

Scam

Scammers pretend to be friends with their victims by hijacking their WhatsApp accounts and then chatting with them over the messaging app.

Using hijacked WhatsApp accounts, scammers have come up with an innovative approach to con people out of their money.

A voicemail hack was used to get access to the accounts.

Scammers assume the identity of a friend and attempt to dupe the victim into purchasing gold bars that are being offered at a discount of 30% off market value. These gold bars are being offered at a discount since they were confiscated by the Singapore Customs and Immigration Authority and are now being auctioned off, according to the fraudsters.

Using a false invoice purporting to be issued by Singapore Customs, the con artists tell their victims to wire money to a series of specified bank accounts.

When they don’t get the gold bars or find out that their friend’s WhatsApp account has been hijacked, the victims realize they’ve been conned.

Scammers may get access to a WhatsApp account through a voicemail technique, according to the police.

Using their own smartphone, the fraudster attempts to access the victim’s WhatsApp account and repeatedly enters incorrect six-digit verification numbers.

WhatsApp will ask the victim to proceed with an automated call, if the verification keeps failing.

By phoning the victim’s phone number, it will deliver the verification code in a voice message.

Messages left on the victim’s phone go to voicemail if he or she does not answer them or if the phone is not turned on. As the voicemail is not protected with a different code nor is deactivated, the scammers are able to access the two-factor authentication code.

Another example, is just when someone from your family or friends get compromised, and you think you are talking to them while you are discussing with the scammers:

One Scam — Grandmother scammed out of thousands by WhatsApp fraudster pretending to be daughter — Source: https://nypost.com/2021/11/19/grandmother-scammed-out-of-thousands-by-whatsapp-fraudster-pretending-to-be-daughter/

After reporting that a scammer had pretended to be her daughter on WhatsApp, a grandmother found herself £6,500 ($8,739) in debt. She thought the messages were from her daughter, who was unhappy about an overdue payment and volunteered to pay it.

In fact, she believes the communications were sent by a fraudster, and that the 62-year-old victim paid before recognizing she had been duped. According to her, “The messages were written much as my daughter, Louise, sends text messages.’”

You never know who is behind a screen !

Google Fake Email

Phishing emails are emails that look like they’re from a real company, but are actually just trying to get you to enter your personal information on a fake website. They often have realistic looking branding and ask you to, for example, change your password due to security concerns.

Spearphishing is a sort of social engineering in which you tailor your phishing assault to the victim.

As an example is the one above with the Google email:
As a first step, the attacker may send you an email that seems to be from an official account.
An attempt to connect into your account from another country may prompt you to change your password.

When you click on the button, you are redirected to a fake Google website, and when you change your password, you are actually sending it to the fraudsters.

Love scams, poster by SPF

Online dating has become even more popular since the epidemic spread, as seen by the large number of individuals doing it right now.
Romance fraudsters are on the prowl for unsuspecting victims, and they won’t hesitate to destroy hearts in the process of extortion. A fraudster might leave you bankrupt and devastated if you don’t know what to look out for.

The following are some popular methods:

Victims are enticed into investing by the con artist. Typically, scammers encourage their victims to transfer them money or provide them links to fraudulent investment applications and websites through email. In order to deceive the victim into handing over personal information, fraudsters will use these URLs.

Another scheme is slightly more time-consuming. In order to gain your confidence, fraudsters put in the time and effort to do so (normally 1 to 3 months). In the following weeks on your relationship, they offer you the opportunity to invest in cryptocurrencies and ask you to do so.
You’re directed to a third-party investing application or website, not asked for any money in exchange for your time or attention.

At first glance, everything seems to be in order, and you have the option to take a profit. You decide to invest a lot of cryptocurrency, but the website rejects your request because of numerous reasons, such as taxes or processing fees or other technical concerns. The “customer service” you get may potentially lead to you being asked to give further funds.

It’s at this point that fraudsters vanish; they flee with all of your cryptocurrency.

Another scheme, is the crisis scheme. Despite their love, the fraudsters are unable to meet face-to-face since they reside too far apart. A crisis has erupted, and money is needed immediately. For example, in 2020 at the beginning of the pandemic, a scenario was that they had tested positive with COVID-19 and need financial assistance in order to get treatment. The fraudster disappears as soon as their victim pays them money.

Another scheme is about gifts. Fraudsters say they wish to send a present from abroad, but they need to pay a tariff or shipping cost to do so. Once they get the victim’s bank account information or prepaid cards, they take off with the money.

Sextortion has been reported by several victims who exchanged private images or had intimate video conversations with extortionists.
If the victim does not pay, the fraudsters will post the victim’s sexual images/videos. In the same topic, scammers targeting men between the ages of 20 and 39 were mostly targeted by credit-for-sex schemes. Gift cards were used to lure men into purchasing escort services, sex, or massages in return for the purchase of gift cards. Prepaid gift cards for iTunes, Alipay, and MyCard are just a few examples.

Video — Is this you?

A fraudster with your instant messaging or social media credentials is not just a danger to you, but also to people around you.

If it came from a stranger, such inquiry would be unusual and unsettling, but if it came from a buddy, who wouldn’t want to see what was going on?

So what? The URL shortening service goes to a website that appears like Facebook’s sign-in page, but there is no video here.

When you click on the sign-in page, it prompts you to give away your credentials to see the video, and you do but no video appears, and shortly after you loose access to your social media account.

But, there are other schemes involving videos.. You might be contacted by someone who say they were from a company called XYZ. They tell you that they want to hire you to do a promotional video for their product. They sent you a script and ask you to record a short video clip reading it aloud.

You record the video and sent it back to them. That’s when it starts getting suspicious. They ask for more videos, each one more detailed than the last. And then they want personal information like your home address and credit card number.

Unfortunately, online scams are becoming more and more common. But there are things you can do to protect yourself. If something seems too good to be true, it probably is. And if you’re not sure whether an email or website is legit, don’t hesitate to reach out to the company directly to ask. You can also hire a cybersecurity professional to help keep your computer and information safe.

Always be careful when giving out your personal information online, and never download software from an unknown source.

And, again if something looks too good to be true, it probably is!

Follow Magda on Twitter: https://twitter.com/m49D4ch3lly

Twitter

By Magda Chelly

Chief Security Officer | TEDx Talk | Author & Keynote Speaker | IFSEC Global Top 20 Cybersecurity Influencer | Entrepreneur | PhD, S-CISO, CISSP, Cert SCI (General Insurance)

Find out on magda-on-cyber.com

Awards

Follow Magda on her Social Media Accounts:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Dr Magda CHELLY, CISSP, PhD

Cyberfeminist | Entrepreneur | Former CISO | PhD, CISSP, S-CISO | CoFounder @R3sp_Cyb3r | @womenoncyber | Documentary The Dark Web on @myCanal