Scam: a fraudulent or deceptive act or operation
It’s a scary world out there when it comes to scams. It is said that there are people whose job it is to log in and scam people from 9-5, like any other job. We have seen a lot going on with these and wanted to highlight some common scams and some not-so-common scams.
One of our own experienced a recent scam that appeared to be McAfee requesting payment for renewal. This started out with the client calling the number on the email, they were not sure they wanted to renew and wanted to avoid an automatic payment. A series of events occurred after this, causing their bank account to be hacked, a falsified deposit, and a request to return the funds (to the scammer). The client was asked to purchase several high-value gift cards and then, when that started to take too long for the scammer, they asked them to send a $10,000 wire from the bank. Luckily, the bank was alerted by this request, they paused long enough to say “is this a scam?” and stopped it from going any further. In the end, the client lost $2500 from the gift card purchases but it could have been much worse.
This is one of many stories we have heard over the years and we wanted to highlight a few things to check to avoid this happening to you:
- Don’t click on links in emails if they are from an unknown sender
- Always double-check the phone numbers in emails through an external source
- Don’t buy gift cards as payment for anything, reputable companies will not ask for this
- If you are asked to lie to bank employees regarding the use of a withdrawal, think twice
- Check the email address you received the email from, are there any typos? Is it from a valid URL?
While this particular incident was disguised as an email from McAfee, there are so many others that happen every day. People receive fake invoices, falsified emails from PayPal and HR departments, password reset links, and even alerts about the unusual sign-in activity. These emails are designed to heighten your senses and make you feel insecure. This creates a sense of urgency for the receiver and often results in people missing the small warning signs that can save them from a lot of trouble.
As technology evolves and we change the way we communicate, so do scammers. A form of scamming called “social engineering” has steadily replaced more recognized scams. Social Engineering is meant to manipulate targets by using the personal information posted publically to online channels. The NIST (National Institute of Standards and Technology) defines “social engineering” as “The act of deceiving an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by associating with the individual to gain confidence and trust.” This type of manipulation can look like scammers mirroring accounts of those that you know and trust on social media. To avoid “social engineering” scams, the same precautions as above can apply, never share sensitive personal data in public forums online, and always be suspicious of unsolicited direct messages, or other requests for information while enjoying social media.
The client in the above story had to change bank account numbers, re-establish automatic payments, and re-issue checks. After all of that, they reported the incident to the police as well. A few simple checks could have saved the client weeks, probably months, of picking up the pieces from this scam.
Stay vigilant everyone, because those that make scamming their full-time job, sure will be.