Can you still be Scammed in 2022? Think you’re scam-savvy? Most of us like to think we know what to look out for when it comes to being scammed online, but unfortunately, scammers have become more sophisticated about how, where, and when they target people.
This is worrying, of course, as many times it is older or vulnerable that fall victim to this kind of crime. But not just that – people seemingly ‘in-the-know’ are also being duped out of their personal details or worse, their hard-earned cash. In 2022, scammers are clever – they know how we like to shop, where we shop, and can get to consumers easier than ever before, via phone, email, or social media.
Since the COVID pandemic, the rise in online attacks has increased. More people were at home shopping, and more people were out there scamming, too. Since the pandemic, a rise in COVID vaccine SMS messages also increased – asking people to falsely pay for their jab. These were simply scammers looking to make some money off the back of the crisis.
So what do we need to look out for?
It’s all about SMISHING
We have heard of phishing, but do you know about smishing? This is a new term this year that combines SMS messaging with the term ‘phishing.’ It is when criminals target people directly by sending them SMS messages, sounding like a reputable company, but actually tricking them into either releasing information about themselves (that they can then use to their advantage) or even getting them to part with their money.
These messages might claim they have won a competition, or that they have unlocked a special offer. An example of what these can look like is shared below courtesy of Wonga. In this particular example targets were sent SMS messages saying that a new loan rate was available, they just had to click a link and pay ‘a small upfront fee’ to get the deal on a new payday loan.
Wonga, or any other reputable company for that matter, would never ask customers to click a link in this way and certainly not ask for an upfront fee, but the message sounded plausible enough and the deal was so tempting that some people fell for it. Asking for a small fee is a common tactic to con people – individually, a small token amount does not appear to be much for the consumer. However, they can then use these bank details to access more money. Additionally, if enough people fall for the scam and pay the small amount, the hackers have actually made a lot of money overall.
Fortunately, Wonga had a fraud prevention team already in place when this incident happened, which enabled them to quickly communicate that these messages were fake and not to click the link or engage in any way. Companies that invest in their cybersecurity will be more prepared and have protection strategies should this happen, so they can react quickly. More and more companies are recognising the importance of allocating a good portion of their annual budgets on this.
Other companies that have faced similar smishing attacks include HMRC, the UK tax collection agency. Multiple times, hackers have managed to access their customer details and send messages via phone and email saying that the customer has received a tax rebate. Of course, receiving positive news like this means many people don’t stop to reflect on the validity or legitimacy of the message, and instead quickly click the link and end up either compromising their personal details or paying a fee in order to collect their ‘rebate’ – the rebate that never actually comes.
Other big companies like Facebook, Apple and Paypal are also always trying to stop similar scamming attempts. It used to be that poor spelling and grammar, broken links and unusual sender addresses would alert you to a possible scam. It used to be pretty ‘obvious’ when a scam had been sent your way. However, now, scammers really cover their tracks so that their messages sound very much like the company they are imitating.
So, the key here is to question every SMS or email you receive, especially if you are asked for money or personal details.
It isn’t just these newer types of scams to look out for, though. According to Get Cyber Safe, the old-school scams are still popular so you need to bear this in mind too.
Automated cyber attacks that try to guess your password mean that you need to stay on top of your password security, ensuring you use strong passphrases for each new login. Get Cyber Safe’s advice is to “Stay sceptical online. Keep an eye out for suspicious messages, sketchy links or anything that feels out of the ordinary.”
If you think something is too good to be true, it probably is. If you want to double check, then contact the company directly using a tried and tested telephone number or website. They can confirm whether this correspondence was sent by them or not.