Cybersecurity Scams: What To Look For

How To Recognize Phishing

Scammers will try to obtain your passwords, account numbers, and social security numbers through your text messages, emails, or by any means possible. If they are successful in obtaining those items, these criminals will potentially have access to your bank and investment account, emails, and other valuable information. They can then either use the information for themselves or sell the information to other criminals who can then profit off your information.

Scammers launch hundreds of attacks a day and while many are not successful it only takes a few successful attempts to be profitable, to remain unseen they will change their tactics to keep from getting caught. Yet some tactics remain as lucrative as ever, for example phishing emails. Phishing emails will usually look like it is coming from a company or friend reaching out for a favor included with a random link. When in doubt hover over the link to expose the hidden URL.  Or simply do not click on the link and check with either the friend or company that sent you the link to confirm the email’s validity.  When in doubt never click the link, that is how they gain access without you even knowing.

Phone and Text Scams

Smishing, also known as SMS phishing, is when an impostor sends a text message posing as a representative of a reputable firm to obtain sensitive information such as your credit card or social security number. There is usually a link in the text that asks you to confirm details. As with phishing emails, never click on the link if there are mistakes in the message or if you feel suspicious.

OTP bots: One Time Password bots or OTP bots, are systems that trick a user into divulging the one-time code received during a login process, these assist in bypassing the benefit of a Multi Factor Authentication or MFA (Multifactor Authentication) Solution.  Scammers will attempt to login using stolen credentials then employ OTP bots to deceive consumers into disclosing authentication codes they have received by text or call as part of the MFA process. You may receive a robocall or text message from someone impersonating a legitimate company, such as your bank.  If you have not attempted to login, ignore the call or text.

Crypto Frauds

Illegal contests, awards, and early investment opportunities are frequently at the heart of cryptocurrency scams. If you hear of an investment opportunity that appears too good to be true, you should be cautious. They frequently target individuals who have previously fallen victim to a crypto scam. They may offer you a refund if you pay an upfront fee or for access to your crypto wallet.

Digital payment app scams

Third-party payment apps are convenient, but they can be used by scammers. While you may normally fight an unauthorized payment with your bank, getting a refund from a payment app is significantly   more complicated. Some common examples include unintentionally overpaying, phony fraud notifications, and phishing emails or messages. If you get a message that looks like it is from a payment app, verify it by logging into your account through the app or website.

Work-from-home scams

These usually begin with an advertisement claiming that you may make a lot of money working from home. Alternatively, after placing your resume on a job search website, you may be contacted by an employer who requests your driver’s license and bank account details before interviewing you. What comes next? If you inquire about the position, the possible employer may request sensitive personal information, and they will 99% of the time steal your identity and/or money.

Online marketplace scams

When selling or purchasing products on Craigslist, Facebook Marketplace, or eBay, keep an eye out for similar scams. If you are the vendor, you may receive a forged payment receipt. Scammers might overpay for a product you are selling and then want a refund. When you submit it, you may discover that you did not get their initial payment.

Digital Kidnapping

This may appear to be a kidnapping in the usual sense, but it is not. Instead, hackers will take control of your social media identities in this hoax. They will then contact you and demand money for your access to be restored. In certain cases, they may threaten to post dangerous or destructive stuff, which frequently has enough of an influence on individuals to open their wallets. If this occurs, you should contact the appropriate social media platform and notify them that you have been a victim of fraud.

How Can Summit Help?

While we may not be able to stop criminals from attempting to scam you out of your personal information. What we can do is provide you and your employees with the knowledge of how to spot and properly act on the phishing attacks we listed above and on many others. If you are interested in learning more about our Security Awareness Training, give us a call today.






On Key

Related Posts

Takeaways from the CMMC Rule Publication

The Department of Defense’s CMMC program has taken a giant step ahead with the publication of the CMMC Proposed Rule on December 26th in the Federal Register . This begins