Week 3: Online Safety
Quick Links:
Zoom link: https://sdccd-edu.zoom.us/j/9191959460?pwd=OXh0RE9ZTVZTWElTMUQ0ZzAxQzExdz09.
Passcode (if asked): emeritus
Bonus feature: Guide to Online Safety (student created)
Patricias online safety.pdfThis week: Featuring Scams
Scams and fraud can have severe financial and emotional impacts on older adults. Scammers often target older adults because they are perceived to be more trusting, may have significant savings, and may not be as familiar with newer technology. Understanding common scams, how to identify them, and what to do if you are scammed is crucial for protecting yourself and your loved ones. This lesson will provide information and tools to avoid scams, and what to do if you fall victim to one of them.
Video: To get you started, this 45 minute webinar provided information about scams and fraud affecting older adults. Sit back and listen as you listen to Greg Olsen from NY Office for the aging.
Video: Not just older adult scams, but scams for everyone. 15 minutes. Very enlightening!
Video: Although this is about audio equipment, some great tips. What to look for to see if it is legit.
Video: Do you use Facebook? Maybe you should be a little more vigilant! Watch this video if you use Facebook.
Video: Scammers on Zillow and home buying networks. Very scary!
Common Scams Targeting Older Adults
Telemarketing Scams
A telemarketing scam is a type of fraud where scammers use phone calls to deceive individuals into giving away personal information, money, or access to their financial accounts. These scams often target older adults, who may be more trusting or less familiar with modern scam tactics. They work in several ways including:
Unsolicited calls, often using spoofed numbers to appear as though they are calling from a legitimate source.
Robocalls with pre-recorded messages to reach a large number of potential victims quickly.
Other features include persistence: (calling repeatedly to wear down the victim’s defenses.), creating a sense of urgency, pressuring victims to make quick decisions without thinking., providing level of trust by claiming to be from reputable organizations, such as banks, government agencies, or well-known companies.
The Scam Pitch may include things like being told they’ve won a prize, lottery, or sweepstakes but must pay a fee or provide personal information to claim it, or claiming to represent a charitable organization, asking for donations. They might offer help with debt relief, loans, or credit card interest rate reductions, requiring upfront payments or claim that there is a problem with the victim’s computer and offer to fix it for a fee. They might offer promises of high returns on investments that are too good to be true.
Then, they will try to extract information and money. They may ask for personal information such as Social Security numbers, bank account details, or credit card numbers, or for victims to make payments via wire transfers, gift cards, or prepaid debit cards, which are difficult to trace and recover. Scammers may continue to contact victims, claiming additional fees are required or offering more fraudulent services.
Recognize scams if they are from unsolicited callers (especially if they create a sense of urgency or pressure you to act quickly), or are too good to be true, such as winning a lottery you didn’t enter or getting a high return on a low-risk investment. They should not ask for personal information like Social Security numbers or bank details over the phone. And be wary of requests for payments via wire transfer, gift cards, or prepaid debit cards. Always verify the caller’s identity by calling back using a publicly listed phone number for the organization they claim to represent.
What to Do If You Encounter a Telemarketing Scam: If you receive a suspicious call, hang up immediately. Never give out personal or financial information over the phone to unsolicited callers. Report the incident to the Federal Trade Commission (FTC) at ftc.gov or call 877-FTC-HELP (877-382-4357). You can also report the scam to your state’s consumer protection office. Register your phone number with the National Do Not Call Registry at donotcall.gov to reduce the number of unsolicited calls. Regularly check your bank and credit card statements for any unauthorized transactions. Use call-blocking features on your phone or consider subscribing to a call-blocking service.
Image: Work at home scams
One type of telemarketing scam is the Work at Home scam. Here is how this scam might work.
Romance Scams
Online dating sites have become a fountain of opportunity for scammers. In this example, scammers create fake profiles, build relationships over time with their victims, and then ultimately exploit them financially using the emotional connection they have established. Romance scams start with their profile, using attractive photos and interesting narratives to lure victims. They then establish a relationship which can last for weeks or months. They may transition the communicating form the dating site to personal sites like email, text and phone calls. Once that relationship has been established, they will share a story about a medical emergency, travel costs to visit the victim, legal troubles or business financial issues and will request money to help. Payment will be a form that is hard to trace or recover, such as wiring money, using prepaid gift cards, or cryptocurrency. After exploiting the victim, they may either continue or simply vanish. There are red flags for potential scammers with a romance scam. They include:
Profiles that seem too good to be true, or a romance that quickly escalates to love or deep affection before meeting the person
Typically, scammers will avoid face-to-face contact. They may also avoid video calls or provide excuses on why they cannot meet in person or by video.
Any time where a relationship shifts to assistance financially is a red flag!
Scammers may include a sense of urgency to the request, pressuring their victim to act quickly
Sometimes, scammers will move to the private channel (email, phone call). Although this may seem OK, it is being done to avoid detection.
Image: Description of romance scams
Home improvement scams
These contractors often target homeowners who are looking to make improvements. They may comb a neighborhood door-to-door, offering services (roof repairs, driveway sealing, landscaping) at significantly reduced rates, or simply saying that they are in the neighborhood and have leftover materials. After natural disasters (fire, flood) they may target affected homeowners offering quick repairs. In this case, they are taking advantage of the urgency to fix the property. They might also advertise through flyers, newspapers or online platforms, promising low prices for their services. Some might entice older adults by promising a senior discount. Some red flags can be seen in their pitch. They may offer a too-good-to-be-true offer, claiming that you must act now to get this price. They may include pressure to act immediately and avoid other quotes. They will typically ask for a substantial upfront payment.’ The scam can be a failure to start of complete the work. Or, if the work is done, it can be substandard (poor quality, subpar materials, unskilled labor). They might even just disappear after receiving payment. Protect yourself from home improvement scams by researching the contractor. Ask for references and check online reviews. Verify that they have the necessary licenses and permits. Insist on a detailed contract that includes the scope of work, materials that will be used, timelines and payment schedules. Avoid contractors requesting significant upfront payments. It is standard practice to pay a deposit or to pay in stages. And obtain quotes from several contractors to make sure that everything is reasonable and expected.
Image: Preventing home improvement scams
Investment Scams
Investment scams involve tricking victims into putting their money into fraudulent schemes with promises of high returns with little risk. Although they vary, a typical scam will include common features. It begins with the scammer contacting potential victims via phone, email, social media or websites, promising an exclusive or once-in-a-lifetime investment opportunity. They will often have professional looking websites, brochures or documents and may claim to be part of a legitimate company. The pitch will promise high returns with low risk, often claiming insider information or a foolproof strategy. It will include a sense of urgency (time-sensitive) and that it needs to be acted on immediately. It may also include testimonies, reviews and endorsements (all of them fake), presented to make the investment appear safe. This scam may begin small and gradually get larger, asking you to invest more money, suggesting that you take out loans or use your savings. The scammers may show fake reports or accounts showing significant profits and encourage you to invest more. The scam begins to unfold as the victim tries to withdraw their money. They may encounter delays, additional fees or simply be unable to get to their funds. Eventually, the scammer disappears along with the money. There are different types of these scams.
Ponzi scams pay returns to earlier investors with the capital of newer investors.
Pyramid schemes show profits based on new recruits instead of real investment or sale of goods
High-Yield investment programs will include unregistered investments with unsustainably high return on the investment
Advanced fee frauds ask for money up front in exchange for a promise of high returns
You can avoid these scams by researching the investment and the company. Considering consulting with someone you trust before investing. Be skeptical of anything which seems too good to be true. And realize that legitimate investors will not pressure you to make a quick decision.
Image: Identifying investment scams
Tech Support Scams
Calls or messages claiming your computer has a virus and offering to fix it for a fee. A tech support scam is a type of fraud where scammers pose as technical support representatives from reputable companies, such as Microsoft or Apple, to deceive individuals into giving away personal information, money, or access to their computers. These scams often target older adults who may be less familiar with technology. They work in various ways:
Cold Calls: Scammers call victims, claiming to be from tech support. They may use spoofed phone numbers to appear legitimate.
Pop-up Messages: Fake warning messages appear on the victim’s computer screen, claiming that their system is infected with a virus or malware. These messages often include a phone number to call for “help.”
Emails: Victims receive emails that appear to be from legitimate tech companies, warning of security threats and urging immediate action.
They benefit by creating urgency and fear. Scammers use scare tactics, claiming that the victim’s computer is heavily infected or compromised. They may use technical jargon to confuse and intimidate the victim into believing they need immediate assistance.
They then will gain access to your device: Victims are instructed to download and install remote access software, giving scammers control over their computers. Once access is gained, scammers may show fake error messages or system alerts to "prove" that the computer is infected.
And will continue by extracting Information and Money: Scammers request payment for fake services, often demanding credit card information or payment via gift cards or wire transfers. They may also install malware to steal personal information, such as passwords and banking details. Even after the initial scam, scammers may continue to contact the victim, claiming that further issues have been detected or that additional services are needed.
Avoid them by following some key steps: Legitimate tech companies do not make unsolicited phone calls or send pop-up messages asking for personal information or access to your computer. Be wary of any communication that creates a sense of urgency or fear, especially if it asks for immediate action. Never provide payment information to unsolicited callers or through unexpected pop-up messages. Do not allow remote access to your computer unless you are certain the request is from a legitimate source.
If you do encounter a Tech Support Scam: If you receive an unsolicited call, hang up immediately. If a pop-up message appears, close your browser. Never give out personal information or payment details to unsolicited callers or pop-up messages. Report the incident to the Federal Trade Commission (FTC) at ftc.gov or call 877-IDTHEFT (877-438-4338). If you allowed access to your computer, run a virus scan and update your security software. Check your bank and credit card statements for unauthorized charges. Consider placing a fraud alert on your credit reports.
Grandparent Scams
Scammers pretend to be a grandchild in distress, asking for money to resolve an urgent situation. This contact begins with a question such as “Hi Grandma. Do you know who this is?” Once the grandparent confirms with a name, the scam begins. The scammer will tell of an emergency, an arrest, being stuck in a foreign country or other reasons to need immediate financial assistance. This scam will come with a sense of urgency and a need for quick action. They will also ask that you not tell family members to avoid embarrassment or legal complications. They will request money immediately, in the form of non-traceable sources (wire transfers, prepaid gift cards or mobile payment apps). They will include how to send the funds. These scams are often followed by further requests due to changes in the circumstances. It will probably go on until the victim begins to ask questions and then disappear. Be aware that this exists. You might want to set up a code word or phrase that can be used to identify family members in emergencies. Also, remember to pause and verify these calls. Do not share any personal information with the scammer (or anyone that you are not sure of the identity of) and report the scam if you are a victim. Artificial intelligence has created ways to clone voices, which can make this type of scam even more difficult to determine. Realize that this exists and contact someone directly who can confirm that it is legitimate.
Overall information on scams
Dangers of scams to older adults
• Financial Loss: Scams can deplete savings and retirement funds.
• Emotional Distress: Being scammed can lead to feelings of shame, guilt, and anxiety.
• Loss of Trust: Victims may become distrustful of legitimate businesses and even family members.
• Identity Theft: Scammers can steal personal information and use it to commit further fraud.
Identifying Scams
1. Unsolicited Contact: Be cautious of unexpected calls, emails, or messages.
2. Too Good to Be True: If an offer sounds too good to be true, it probably is.
3. Pressure to Act Quickly: Scammers often create a sense of urgency to make you act without thinking.
4. Requests for Personal Information: Legitimate organizations will not ask for sensitive information through insecure channels.
5. Payment Requests: Be wary of requests for payment via gift cards, wire transfers, or cryptocurrency.
Image: Identifying a scam
Steps to Take If You Are Scammed
1. Stop All Communication: Cease contact with the scammer immediately.
2. Report the Scam:
o Local Authorities: Contact your local police department.
o Federal Trade Commission (FTC): File a report at ftc.gov/complaint.
o Internet Crime Complaint Center (IC3): Report online scams at ic3.gov.
3. Notify Financial Institutions: Inform your bank and credit card companies of the scam.
4. Monitor Your Accounts: Regularly check your bank and credit accounts for unauthorized transactions.
5. Credit Reporting Agencies: Contact credit bureaus (Equifax, Experian, TransUnion) to place a fraud alert on your credit report.
6. Seek Support: Talk to family, friends, or a professional counselor for emotional support.
Image: What to do if you are scammed
Tips to Protect Yourself
1. Stay Informed: Keep up-to-date with the latest scam trends.
2. Use Technology Safely: Install antivirus software, use strong passwords, and enable two-factor authentication.
3. Be Skeptical: Question unsolicited offers and verify the legitimacy of businesses and individuals.
4. Limit Sharing Personal Information: Be cautious about sharing personal details online or over the phone.
5. Educate Family and Friends: Share information about scams to help protect others.
Resources for Help
• AARP Fraud Watch Network: Provides information and resources to help older adults avoid scams. Visit AARP Fraud Watch Network for more details.
• National Consumer Protection Week: Offers tips and resources for protecting against fraud. Visit consumer.ftc.gov for more information.
• Eldercare Locator: A public service of the U.S. Administration on Aging that connects older adults to services. Visit eldercare.acl.gov or call 1-800-677-1116.
Interesting articles about scamming
All of the articles below are taken from websites. You can see the link under each one. They may have been edited for brevity.
Scammer Alert: If Someone Calls You Using Any of These 12 Phrases You’re About To Be Scammed
1. "This is an urgent public service announcement
When you hear this, your first reaction might be to listen closely and act quickly. Scammers use this phrase to create a sense of urgency, mimicking official alerts. The intentional use of this phrase causes people to bypass rational thinking and act without skepticism. But remember, genuine public services have other ways of getting in touch. Always double-check these alerts by contacting official sources through their verified channels.
2. "You have won a free vacation!"
It’s exciting to imagine vacations to sandy beaches and sunny skies, especially if it’s free. However, these offers are often too good to be true. Furthermore, they may lead to phishing attempts or hidden costs. This phrase is a classic hook for scams and should automatically put you on high alert. Always ignore such claims and report suspicious numbers to consumer protection agencies.
3. "I need to verify your account details."
This is a common tactic among scammers pretending to be representatives from your bank or a service provider. These types of scams have become even more common following a data breach. However, no credible organization would ask for sensitive details outright. Therefore, this phrase should be an immediate scammer alert.
When data breaches happen, organizations establish processes and procedures to contain them. If you receive such a request, hang up. Do not share any personal information. Instead, contact the institution directly using a known and secure method.
4. "There’s a problem with your payment."
This phrase preys on your fear of financial mishaps. Scammers know that people will do whatever is necessary to avoid additional fees and disruption of service. They use this phrase in the hope of catching you off guard so you provide them with payment information out of panic.
Rather than sharing your account information, check the validity of their claims first. Always verify any payment issues by logging into your account independently or calling customer service directly. These measures could prevent you from wasting time and money.
5. "Confirm your identity with your password."
If you hear this one, it’s a major red flag! Legitimate companies understand the security risks of sharing personal information. In fact, policies prevent them from asking for your password or security code over the phone.
When you hear this phrase, end the call immediately. Then, report the incident to the company being impersonated. It could help others from falling victim to these scams.
6. "This is your final warning."
Using threats of legal or financial consequences is a common tactic to intimidate people. However, it is also a scammer alert. Real organizations do not operate this way and will provide ample opportunity for resolution through proper channels. When you get this call, don’t panic. Instead, keep calm, don’t engage, and seek professional advice if needed.
7. "You owe taxes and must pay immediately."
This scam becomes especially prevalent around tax season and plays on people’s deep-seated fear of owing money to the government. Taxes induce a sense of anxiety for most citizens, and scammers exploit these feelings for their own gain. Remember, the IRS communicates through mail, not unexpected phone calls. You can always verify any tax claims directly through official IRS channels to protect your finances.
8. "We’ve noticed suspicious activity on your account."
By suggesting that your account is at risk, scammers aim to make you act hastily to ‘protect’ your assets. However, impulsive decisions could put you at greater risk. This phrase is a trick to get your personal information or financial details. Never disclose these details if someone contacts you. Instead, reach out to your bank directly using official numbers, not those provided during a suspicious call.
9. "I’m calling from tech support."
If you didn’t request assistance, why would tech support call you? The answer shouldn’t surprise you. This is a tactic to gain access to your computer or personal information under the guise of fixing an issue. Some scammers are after information while others seek to sell you useless software. Don’t become an unsuspecting victim. Always verify the legitimacy of the call by contacting the company they claim to be representing.
10. "Can you hear me?"
This seems like a harmless question, right? Unfortunately, it’s not. It’s a method for scammers to record your voice saying “Yes,” which they can use to authorize fraudulent charges. When you hear this question, it’s best to hang up immediately. Then, check your accounts and statements for any unauthorized activity.
11. "Please make a donation."
Charity scams prey on your generosity, often during times of crisis. However, this shouldn’t prevent you from donating to causes and organizations you want to support. To ensure your donation goes to a legitimate cause, donate directly through trusted organizations’ websites instead. Never respond to unsolicited calls or provide payment information when people call you.
12. "You must decide right now."
Scammers use high-pressure tactics to force a quick decision. The goal is to get you to commit before you have the chance to think it through or consult others. However, you should never act impulsively when you make important decisions. Instead, take your time, seek advice, and never make hasty financial commitments over the phone.
Fraudsters and Social Security
https://edition.pagesuite.com/popovers/dynamic_article_popover.aspx
Social Security-related scams are prevalent, with fraudsters often redirecting benefits to unknown accounts using stolen personal information. Here’s how to protect yourself and what to do if you become a victim.
Immediate Actions:
Check Your Account:
Log into your Social Security account regularly to check for any unauthorized changes.
If you notice discrepancies, contact the Social Security Administration (SSA) immediately.
Report the Fraud:
Report the incident to the Office of the Inspector General (OIG) through their website or call 800-269-0271.
Contact the Federal Trade Commission (FTC) via their website (ftc.gov) or call 877-IDTHEFT (877-438-4338).
Secure Your Account:
Add an e-services block to prevent changes to your account information online. This can be removed only by contacting your local SSA office.
Set up a direct deposit fraud prevention block to stop any changes to your direct deposit information online or through financial institutions.
Preventative Measures:
Create a my Social Security Account:
Sign up at SSA.gov and create a secure account to monitor your benefits.
Be Skeptical of Calls:
Don’t trust caller ID if it says, “Social Security Administration.” It might be spoofed. Always call back using the main SSA line at 800-772-1213 or a local office using the office locator.
Report Scams Promptly:
Report any suspicious activity or scams to the OIG and FTC as soon as possible.
Steps to Recover Lost Benefits:
Contact SSA:
Immediately notify the SSA if you find any unauthorized changes. Be prepared for possible long hold times.
Get Help from a Representative:
If needed, appoint a trusted family member as your “representative payee” to handle your Social Security affairs. Note that SSA does not accept powers of attorney.
Follow Up Persistently:
Consistently follow up with the SSA and other authorities until the issue is resolved.
Additional Resources:
Office of the Inspector General: Report Fraud
Federal Trade Commission: FTC Website or call 877-IDTHEFT (877-438-4338)
Social Security Administration: SSA Mainline
By taking these steps, you can help protect your Social Security benefits from fraudsters and recover more effectively if you become a victim. Stay vigilant and proactive in monitoring and securing your personal information.
Scamming the scammers
https://www.npr.org/2024/04/15/1243189142/scam-baiter-kitboga
Although we are not advocating this for most students, there are those who are baiting scammers in a way to decrease their effectiveness. This includes a person known as a Kitboga, who is a software engineer who uses skills to scam the scammers. Let’s look at how this works:
Who is Kitboga? Kitboga is a computer software engineer-turned-Twitch streamer who uses his skills to scam the scammers. He creates characters, like the elderly woman Edna, to engage with scammers, wasting their time and preventing them from targeting real victims. Kitboga has over a million followers on platforms like Twitch and YouTube.
Why Scam the Scammers?
Disrupt Scams: By engaging scammers, you can prevent them from contacting other potential victims.
Gather Information: Scammers often reveal information that can be reported to authorities.
Educate Others: Sharing your experiences can help others recognize and avoid scams.
Steps to Scam the Scammers:
Create a Persona:
Develop a character that scammers would find appealing, like an elderly person who seems vulnerable.
Use tools like voice changers to add authenticity to your persona.
Engage the Scammer:
Keep them on the line as long as possible by asking questions and expressing confusion.
Use humor and absurdity to keep the conversation going and waste their time.
Gather Information:
Note down any details the scammer provides, such as bank account numbers, names, and locations.
Record the conversation if possible, for evidence.
Report the Scam:
Submit the information to authorities like the Federal Trade Commission (FTC) and the Office of the Inspector General (OIG).
Use the following contact details:
FTC: ftc.gov or call 877-IDTHEFT (877-438-4338)
OIG: oig.ssa.gov/report or call 800-269-0271
Protect Yourself from Scams:
Be Skeptical:
If you receive a call or email from someone claiming to be from a government agency, do not trust it immediately.
Verify the information by contacting the agency directly using official contact details.
Secure Your Accounts:
Create strong, unique passwords for all your accounts.
Enable two-factor authentication where possible.
Stay Informed:
Educate yourself about common scams by following scam baiters like Kitboga.
Watch videos and read articles to understand the latest tactics used by scammers.
Resources:
Kitboga’s YouTube Channel: Kitboga
Kitboga’s Twitch Channel: Kitboga
Federal Trade Commission (FTC): FTC Website or call 877-IDTHEFT (877-438-4338)
Office of the Inspector General (OIG): OIG Website or call 800-269-0271
SDG&E warns customers of new text message utility scam
https://www.nbcsandiego.com/news/local/sdge-text-message-utility-scam-warning/3533745/
San Diego Gas & Electric recently alerted customers to a text-message utility scam trying to defraud local utility customers.
According to the utility company, the scheme attempts to exploit SDG&E's legitimate use of text messages and email notifications to inform residential customers of work orders, such as meter changes, reads and tests.
The scam begins with a text message that includes an SDG&E logo and says there is an immediate work order to disconnect power at the address on file. The scammer asks the customer to call a scammer-run call center to confirm the work order, according to the utility company.
When the customer places the call, they briefly hear a recorded message: "Welcome to the SDG&E call center, you are the first in the queue." After hold music, a live fraudster attempts to demand immediate payment to stop the power from being disconnected, according to an SDG&E statement.
Targeted customers are then asked to pay in non-traceable forms of payment SDG&E doesn't use, such as Bitcoin, Zelle and Green Dot debit cards. The utility company said targets are repeatedly told the payment did not go through and to send it again, which means people could be hit for the cost of the scam multiple times.
According to SDG&E, those most targeted include restaurant owners, small businesses, homeowner associations, older adults and limited-English speakers -- anyone vulnerable.
The scam is intended to route the customer to a fake 1-800 number. The company said legitimate SDG&E texts will always point the customer to SDG&E's main Customer Care Center, 1-800-411-7343, or 1-800-311-7343 for Spanish-speakers.
An example of a format of legitimate text message from the company is as follows: "A member of our team plans to visit your property within the next 3 days to inspect and/or work on your meter or complete your requested work order. Reply STOP to opt out."
Legitimate emails from the company also include the fact that SDG&E technicians will be wearing a company uniform and have a company badge.
The utility company offered several tips to avoid being scammed:
SDG&E will never call to demand immediate payment made over the phone with the threat of immediate service disconnection
SDG&E will never accept any payment over the phone -- any individual requesting payment over the phone is an imposter
The only utility bill payment options are My Account, a branch office location, or an authorized payment location
SDG&E does not accept pre-paid cash cards, Zell, Green Dot, or Bitcoin for bill payments
The utility company will never demand cash in person
Never provide your utility bill information to anyone you do not know or your online utility login credentials to anybody
Never use the call-back number provided by an unknown caller
Always find the official contact information from verified sources
Have a conversation about utility scams with older family members and friends to ensure they do not fall victim
SDG&E customers can always check their bill and payment history through sdge.com/MyAccount.
What can someone do with your phone number
Mine your private data
The easiest way for scammers to use your phone number maliciously is by simply typing it into a people search site, like WhoEasy, Whitepages, or Fast People Search. These sites can reveal personal information about you in less than a few seconds, according to tech expert Burton Kelso.
People search sites purchase your personal information and then sell it to people who want your data, like hackers. The information found through these sites includes your address, bankruptcies, criminal records, and family members' names and addresses. All of this can be used for blackmail, stalking, doxing, social media hacking, or identity theft.
Reroute your number
Another tactic is to contact your mobile carrier provider claiming to be you, says Veronica Miller, cybersecurity expert at VPN overview. Then, the hacker can make it so your number routes to their phone. From there, the hacker will log into your email account. Of course, they don't have your password, but they don't need it. They just click "Forgot password" and get the reset link sent to their phone that now uses your phone number. Once the hacker has access to your email account, it's easy to gain access to any of your accounts.
While many service providers have some security features to prevent scammers from switching phones, if the person has your phone number, they may be able to find enough information about you to get past the security questions. Make sure to learn how to make a private phone call and keep your phone number safe.
Spoof your number
Still wondering, what can someone do with your phone number? There were nearly 26 billion scam calls in 2019, according to data collected by YouMail, and scammers are getting smarter. Now they are using a technique called spoofing to make it easier to scam you. Spoofing is when someone makes your phone number pop up on a caller ID when it really isn't you that's making the call.
You may have noticed phone calls from numbers with your same area code, or identical to those you call often. When a scammer gets you to pick up, they have the chance to trick you into whatever scheme they've come up with by using specific phrases to sound genuine or fooling you into giving them your credit card information. Sometimes it's to trick you into answering a few questions, and when they have your "yes," or "no" recorded, they might use that in voice-activated scams.
It doesn't take much to spoof a phone number. There are apps and websites that allow scammers to simply type in a phone number and make a call. It's super easy and quick, which makes it appealing to scammers. (Thankfully there are also apps for privacy and security.)
Send you a texting scam
Scammers can also use your phone number to send you malicious text messages. This type of scam is called "smishing," according to Ray Walsh, digital privacy expert at ProPrivacy.
In these texts, scammers send links that can infect your phone with malware or that can steal your personal information, or they can straight-up scam you by pretending to be your bank, the IRS, or your doctor. By posing as someone you trust, the scammers will try to trick you into giving them personal information and credit card numbers.
Impersonate you or send you spyware
"Just as it is easy for a hacker to redirect a cell phone number from one carrier to another, it is also easy for hackers to send a message to a consumer to gain access and impersonate the individual," says Ravichandran. Often, hackers will send you a seemingly innocuous message that implores you to click a link to a fake website. This is called a phishing scam. Ravichandran says, "The website may appear legitimate, however, it could record your information to send to the hacker."
If you have ever visited an unknown website, clicked on a strange link, or connected an unfamiliar USB into your device, Ravichandran says these activities "open a consumer up to accidentally downloading malware. Hackers can infect your phone with software, leverage your data, and even extort you."
What to do if a scammer has your phone number
If the worst happens and a scammer gains access to your phone number, you still have options:
Contact your service provider immediately and explain the situation.
If need be, ask them to put a temporary freeze on your line so that scammers can't use your number.
Contact people you know to warn them that your phone may have been compromised.
To protect yourself from being held responsible for any potential crimes committed using your number, document all steps you've taken and everyone you've contacted, and keep track of the dates.
Report your phone lost or stolen (if that's what happened).
Update your contact information immediately on all relevant accounts (bank, social media, your kids' school) to protect more of your information from being compromised.
When AI is the scammer
AI Is Helping Scammers Outsmart You—and Your Bank (msn.com)
JPMorgan Chase's Approach to Combatting Identity Fraud: JPMorgan Chase uses large-language models to fight identity fraud and educates customers about scams. They emphasize that customers are the last line of defense and should never share personal information unless certain about the recipient. They recommend using credit cards for payments due to their protection features.
Rise in AI-Driven Scams: AI helps scammers by tailoring attacks using details from social media and data breaches, creating personalized and convincing messages. This has led to an increase in sophisticated social-engineering attacks. In 2023, scams resulted in $10 billion in losses, with actual figures possibly reaching $200 billion.
Examples of AI-Enhanced Scams:
Joey Rosati: Fell for a jury-duty scam where the scammer knew personal details and almost wired $4,500 before realizing it was a scam.
David Wenyu: Fell for a job scam due to desperation, receiving a fake check for work-from-home equipment.
Banks' Countermeasures: Banks use AI to monitor customer behavior patterns (e.g., typing cadence, device IP address) to detect anomalies. They flag suspicious activities and require additional verification if behavior doesn't match the user's profile. They also monitor for signs of coercion and use two-factor authentication to enhance security.
Recommendations for Consumers: Consumers are advised to use two-factor authentication and to be cautious about urgent requests for money. Scammers often create a false sense of urgency to manipulate victims. It's important to seek a second opinion and validate transactions if anything feels off.
Overall Impact of AI on Scams: AI has made scammers more effective, often outpacing banks in using technology for financial crime. As scammers become more adept, both financial institutions and consumers must adopt stronger security measures to protect against fraud.
Look before you scan- QR code scammers
The Hidden Risks of QR Codes: Convenience at a Cost
Imagine this scenario: You're heading to a meeting in an unfamiliar part of town. It's raining, and you're running late. After driving around for a while, you finally find an empty parking spot. Relief washes over you as you park, but there's a catch – the parking meter no longer accepts coins. Welcome to the 21st century, where payments are often made via smartphones.
Not to worry, you can pay by phone. There are instructions plastered all over the meter on how to pay using an app that, of course, you haven't downloaded yet. The rain intensifies, and there's no mobile signal. Your frustration mounts, but then you notice a Quick Response (QR) code on the meter. A simple scan should redirect you to a payment website. So, you scan it, make the payment, and rush off to your meeting. Problem solved. Or is it?
In your haste, you might not have scrutinized the QR code closely. Was it part of the official payment instructions from the local council, or was it a fraudulent sticker placed over the official code? If it's the latter, you’ve likely fallen victim to a scam.
This exact scenario happened to the sister of digital identity expert David Birch. She parked in a public car park, scanned a QR code to pay, and was directed to a seemingly legitimate website. After entering her debit card details, she realized the site was fraudulent and quickly informed her bank to block the transactions. Unfortunately, many people are not as vigilant and fall prey to these scams. QR codes have become a popular tool for criminals, with one cybersecurity vendor noting that QR codes were involved in a fifth of phishing campaigns detected in the last quarter of last year.
The Rise of QR Codes and Their Security Implications
In recent years, QR codes have become ubiquitous. From boarding passes to rail tickets and restaurant menus, QR codes are everywhere. The push for contactless solutions during the COVID-19 pandemic accelerated their adoption. While they are incredibly convenient, they also pose significant security risks.
QR codes are essentially two-dimensional barcodes that can store much more information than traditional barcodes. They are easy to create using free online services like QR Code Generator. This convenience is also exploited by scammers who generate malicious QR codes to direct users to harmful websites without exposing suspicious URLs.
The Expanding Attack Surface
The proliferation of QR codes has dramatically expanded the "attack surface" – the total area vulnerable to cyber-attacks. The ease with which QR codes can be generated and distributed makes them an attractive tool for cybercriminals.
Recognizing the threat, the US Federal Trade Commission (FTC) has issued consumer alerts about the dangers of QR codes. These alerts highlight scams such as fraudulent parking payments and those conducted via messaging systems. Scammers often create a sense of urgency to trick victims into scanning QR codes. For example, they might claim there's a problem with your package delivery, a bank account issue, or suspicious activity that requires immediate action.
Staying Safe: Best Practices for QR Code Use
To protect yourself from QR code scams, adopt a healthy skepticism and follow these safety tips:
Preview the URL: Many smartphones allow you to preview the URL embedded in a QR code before opening it. Use this feature to check the link.
Avoid Scanning Unsolicited QR Codes: Be cautious of QR codes in emails, texts, or junk mail.
Be Wary of Shortened URLs: Shortened URLs (like Bitly or TinyURL) can conceal the true destination. Avoid scanning these unless you trust the source.
Never Share Sensitive Information: Avoid entering bank details or personal information on websites accessed via QR codes.
Use Common Sense: Think before you scan and be cautious of any QR code that creates a sense of urgency or comes from an unverified source.
By staying vigilant and following these guidelines, you can enjoy the convenience of QR codes without falling victim to scams. Remember, technology can make life easier, but it also requires us to be more cautious and informed users.
FBI issues national financial warning on financial crime
https://www.al.com/news/2024/06/fbi-issues-national-financial-warning.html
The FBI has warned of a financial crime linked to Mexican cartels targeting timeshare owners, particularly wealthy older Americans. Over the past five years, more than 6,000 victims have reported losses exceeding $300 million. These scams are increasingly funding violent Mexican cartels.
Timeshare scammers use high-pressure sales tactics, fake documents, and impersonate trustworthy institutions to convince victims to pay upfront fees or taxes. They also pose as lawyers and government officials to extract more money by promising help or threatening legal action.
Warning signs include requests for upfront payments or power-of-attorney forms and threats of arrest or prosecution. To protect yourself, avoid answering calls from unknown numbers, stop communication if asked for upfront payments, and never send legal documents via email.