Seven minutes, that’s all the time a fraudster took recently to convince an Emirati over the phone to share confidential data to update information with his bank.
Initially, he was hesitant, but later the confident tone of the imposter hardly left any room for doubt according to the person duped. A number of studies in developed markets have shown that surprisingly it is often the educated people and those with experience in investing who end up becoming victims of scams.
For instance, Rashid was convinced to share his password with the imposter and within an hour of hanging up the call, money was wiped out of his account.
Investigations are in progress, but this fraudulent incident sheds light again on the need to remain alert and not share sensitive information or data with anyone.
Common ways to fool people
– Phishing: This is when people are contacted primarily through emails posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details, and passwords.
Voice phishing (also known as vishing): It’s a fancy term referring to fraudulent phone calls made to people to trick them into giving money or revealing personal information. It is more like a telephone scam, but with a more sophisticated term.
“Phishing is a known threat, while vishing is calling a victim and trying to lure sensitive information under plausible pretext. A common form of it is the so-called ‘support scam’ when a victim is getting contacted by scammers pretending to be a tech support team of an application or a service. Another one is a ‘call from a bank anti-fraud team’ when a victim is alerted of a ‘suspicious transaction’ and asked to provide their details to stop or revert it. There are seasonal scams with tax returns and tax submissions. Recently there was a wave of ‘eCommerce return’ scams when a victim receives an email looking like a legitimate purchase confirmation from an online shop. There is a phone number in the email of ‘customer service’ and the user is prompted to call it if they did not place the order,” said Muhammad Khaled, Senior Solution Engineer Middle East at Acronis.
– Smishing: Text messages containing spurious links with an intention to commit fraud are categorised as smishing. “Criminals gain access to the victim’s bank account and take the money illegally. It usually involves contacting the victim via text message (smishing) and providing a link to click through to a scam website, which can take any personal and financial details. Bank frauds can also happen on the phone, with fraudsters tricking people into handing over their bank details or banking security details,” said Devesh Mamtani, Chief Market Strategist, Century Financial.
Besides, the other common ways to con people include the use of malware mobile applications and the compromised websites that collect payment data.
Most of these ways are used to swindle people of their hard-earned money. The pandemic has led to increased crime risk. The UAE Covid-19 cybercrime survey 2020 by KPMG reveals, 83 per cent of UAE businesses surveyed had seen a change in cybercrime as a result of the pandemic. Businesses expect to see a significant change to phishing scams, security breaches, email spamming, ransomware, and online scams this year, according to KPMG.
“The number of reported investment scams rocketed by 152 per cent this year,” says Mamtani. While people were working from home and had extra time at hand, fraudsters lured many with an array of exotic-sounding alternative investments and even impersonated private banks or investment firms to gain the victim’s trust. “Fraudsters are getting increasingly creative, latching on to whatever big theme is in the news. Some other schemes people have fallen for involve fraudsters claiming to have access to private pre-IPO shares of big companies about to go public,” added Mamtani.
How to stay protected
“The best way to be protected from such scams is to use the appropriate cyber strategy and to be aware. Especially for business corporations, there needs to be awareness training incorporated within the company,” said Khaled.
Don’t let your guard down
– Open only attached files of known sources
– Avoid clicking on links that you receive via emails or text messages from unknown sources, even if they are luring with a fully paid holiday
– If you want to avoid the hassle of the additional costs of buying multiple software, you can use one single tool which in itself has one platform for the antivirus
– Use multi-factor authentication, wherever available, as an added layer of security Multi-factor authentication has two or more different ways of identifying you to be able to log in. One of the most common ways is using your mobile phone to receive a text message with a unique code
– When choosing your passwords, don’t reuse them across websites. Do not use your birthdays, anniversaries, your spouse’s name, etc. as passwords. While these might be easy to remember, they are easy to hack as well and can compromise the safety and security of your account
– Block calls, if need be, from cold calling marketing agents of firms offering ‘once-in-a-lifetime’ opportunities to make money
– You can also block companies from sending you promotional messages or calls. Etisalat customers can text ‘DNC’ to 1451. du subscribers can send a blank SMS to 5293
– Do not store credit card information on websites. Make the effort of keying in your details every time you shop. And if you are shopping online from a new website, explore the option of cash on delivery
Spot, stop and report
– Spot: Know who you’re dealing with. Fraudsters are good impersonators
– Stop: Never fall prey to these scammers by opening emails or links from unknown sources
– Report: The sooner you report the case, the better the chances of stopping the fraud