As numbers continue to rise on individuals connected to the internet, the number of cybercriminals looking for their next victims rises as well. Everyone should be aware of the wide variety of scams that cybercriminals use. Whether it’s accessing personal information, or scamming users for money, here are the common online scams to be aware of in 2023.
Phishing
Cybercriminals leverage clickbait to lure victims into clicking on links and downloading malicious programs. Typically, the scam unfolds as follows:
- The cybercriminal sends an email (or text) to a user appearing as a legitimate source. This can be from a bank, a postal service, a social networking site, an online store, etc.
- The user clicks on the link provided and ends up downloading a file or being sent to a scammer’s website which would prompt user information – credit card numbers, home address, etc.
- The cybercriminal will install malware and or use credentials they stole from users to steal more sensitive data.
There are several warning signs to watch for:
- Use of urgent tones or pressure tactics
- Misspelling and poor grammar
- Sites that are clicked through are misspelled. For example, the scammer may send you to Amazon but it’s spelled “Amasson”.
- Will issue threats of financial consequences
- Logos that look different from the original source — some of those images might be blurrier
Ransomware
By extension of malware, ransomware is another form of malware in which it either publishes a victim’s personal data or permanently blocks access to it unless a ransom is paid. In most cases, the ransomware will demand payment through cryptocurrency which is tougher to track.
Preventing ransomware is being aware of some of the signs above as those can lead to computers being vulnerable to attacks. Furthermore, backing up data and downloading antivirus software can either neutralize threats or alert users of potential infections.
Scareware
A newer iteration of malware, this uses social engineering to cause shock, anxiety, or perceive a threat to manipulate someone to perform a certain action. In most cases, the action is to buy a piece of software.
Unfortunately, that software is fake and is used to install malware that will steal sensitive information. Scareware tactics may look like:
- The software, upon download, immediately scans a computer for viruses
- There are pop-ups that are difficult to close
- The pop-ups are demanding users act quickly to buy/click a button
- The software is from a company that is unknown to the user
Fake Shopping Websites
Setting up a website – and specifically an e-commerce store – is easier now than ever. Cybercriminals leverage this to create and publish their own fake shopping websites. These websites can feature genuine products that can be purchased anywhere else, or they could replicate an existing retailer website such as Amazon. Cybercriminals trick you into buying their fake goods and record your banking information at the time of purchase to use for themselves.
There are several signs that indicate a fake ecommerce site:
- The deal is too good to be true. For example, a popular clothing brand being on sale for extremely low prices
- The discounts are incredibly generous
- The look-alike site has a misspelled URL
- You get redirected from one location to an unsecured URL (http://)
Your best practice is to be alert and conscious of anything online that looks suspicious. When in doubt, don’t click!!