There have been swindlers and hustlers since the dawn of civilization. As times change, so do the methods fraudsters use to separate you from your money. Are you up to date on the latest online or phone-based scams criminals are using? Below are the tricks that are trending in 2022 and how you can avoid them.
SIM card swapping
Your smartphone’s SIM, or subscriber identity module, card is what makes your phone uniquely your own. It is a memory chip that stores the information on your phone.
A SIM card is intimately associated with technology, but there is nothing high-tech about SIM card swapping. The swindler applies age-old methods to convince your phone operator that he’s you and needs to replace your SIM card, claiming it has been lost or stolen. He then inserts the new SIM card, which has your phone number and information associated with it, into a phone he controls. The scammer then uses your identity to log in to your accounts and reset your passwords.
What can you do to protect yourself from SIM card swapping?
- Immediately report phone theft or loss to your mobile phone operator to avoid having your identity taken over.
- Don’t reply to calls, emails, or text messages that request personal information. Access to your personal information makes it easier for criminals to pretend they’re you. If you get a request for personal information, call the company directly or access its legitimate website to verify.
- Limit the personal information you share. The more personal information an identity thief has access to, the easier it is to answer security questions and access your accounts.
- Set up a PIN or password on your mobile telephone account to protect you from unauthorized changes. Contact your operator to find out how.
- Consider using multi-factor authentication (MFA), an authentication app, or a security key.
One-Time Password (OTP) Bots
One-Time Passwords are a type of multi-factor authentication used to authorize specific, usually financial, transactions by receipt of a password to the mobile phone registered to your account. You then enter the OTP into the app or website that requires it to verify your identity. For financial transactions, an OTP acts as a security key to your account.
A scammer who has obtained a person’s bank account number and password from a data breach or hack may still have to get past multi-factor authentication to access the account. In the past, criminals would use the victim’s account and password information to have an OTP code sent to the victim’s phone, but then have to call the victim and convince him to provide the OTP code sent in order to have full access to the account. Thanks to the emergence of OTP bots, however, criminals can now program many, automated calls and coordinate them with the sending of an OTP code. With that additional information, the crook can make an online purchase or transfer money from your bank account.
If someone asks you to share a one-time password over the phone, you are being targeted for FRAUD. Hang up and report the incident to your bank.
Crypto scams: how scammers are exploiting the cryptocurrency craze
With all the hype around cryptocurrencies, some people may feel they are missing out on an investment opportunity. That fear of missing out gives scammers a chance to exploit human weakness for financial gain. Cryptocurrency scams take many different forms, but usually involve fake prizes, contests, giveaways, or early “investment” opportunities. The fraudster might direct a victim to a fake website, or contact them to convince them to send money, share login information or make an investment. Crypto exchange accounts have also been the target of OTP fraud.
How to spot smishing or SMS scams
Most people are careful to avoid phishing – links that download malicious software fraudsters send via email or direct the victim to a fake website – but fewer are on the lookout for smishing. The term is a mix of SMS (short message service) and phishing and it’s when a phishing attempt is made but via a text message sent to the victim’s phone. The technique has been around for a while but is growing in popularity depending on your location.
A smishing message will try to look like it’s coming from a credible source, like your bank or a government institution, but the purpose is to download malware or get you to enter personal information on a fake website.
Watch out for QR code scams
Can you be scammed by a QR code? Yes. QR codes became very popular during the pandemic as a way to access information like a restaurant menu or make a payment. However, beware of digital and physical QR codes that have been tampered with. Legitimate codes can be replaced with malicious ones that can download malware to your phone or direct the victim to a fake website.
Charity scams: how do you know that a charity is real?
Scammers are masters at manipulating human emotions, and emergencies provide the perfect opportunity to take advantage of people who want to help. Before donating, do you know what to look out for?
- First, think before you click on an attachment or link to donate online. Empathy is one of the noblest human emotions and many worthy charities need our donations, but take a few moments to research a bit before you donate to make sure your money is going to those who truly need it, and not to criminals.
- Check appeals for emergency relief efforts on sites such as BBB Wise Giving Alliance, Charity Navigator, or CharityWatch for more information about legitimate organizations. Go to the charity’s website directly by typing the address into your browser, without using a link, to make sure you’re not being directed to a fake website.
- Pay by credit card so that funds don’t leave your account immediately. Debit cards draw money instantly, directly from your bank account, offering little recourse if there’s a problem.
Check out the Tech section of The Ria Blog for more articles on the latest technological advances and trends.