not featured
2023-06-30
Fraud
published
5 Minutes
In the days of frequent technological advances, the risk of cyber fraud is higher than ever. The truth is, with the recent increase in the frequency, scale and sophistication of cyber fraud, no one is immune from an attack.
One of the best ways to reduce the risk of losses stemming from this type of fraud is to understand the three most common methods that cyber criminals use to gain access to some of your most sensitive information.
Criminals tend to use methods like social engineering, phishing, and malware attacks to open the floodgates of personal information and behavior trends of individuals being attacked, many times, without the victim’s knowledge.
So, what are these methods and how can you recognize them?
Let’s begin with Social Engineering.
Social Engineering are interactions with cyber criminals such as phone calls, emails, normal conversations or via social media that can manipulate a user into revealing sensitive information.
Examples of this method consist of:
- Phishing involves being coerced into performing a specific action or revealing information. These actions could be to click a link to an attachment or webpage which can infect the computer with malware, enabling the cyber-criminal to monitor the user’s behavior and keystrokes.
- Brand Impersonation. Brand impersonation is when a cyber-criminal disguises themselves as a well-known organization and tricks the victim into logging into their account on a page mimicking that of the organization, in order to gain access to their account credentials.
- Pretexting situations occur when an attacker uses a fake scenario to coerce a victim into sending money or information. The attacker may impersonate a known friend to the victim via social media or simply claim to be a trusted party who needs to verify the victim’s identity.
It’s likely you’ve seen these types of attack attempts on social media and email. In many cases, the elder community can be more subject to financial exploitation because of their benighted understanding of ever-changing technology and how criminals use it to target certain individuals.
Have you ever gotten a friend request from someone you know who already has another existing account? Did they send you a message immediately after accepting their request saying something like, “I think you knew them. They died in a car accident” and had a link attached to the message coercing you to click the link to find out who they are talking about?
Have you ever received a phone call from a bill collector urgently saying you owe them money when you either do not do business with that company, or you know you’ve already made that payment?
Or maybe you’ve received a call from law enforcement letting you know your name has come up in an investigation and they need your social security number, or that you failed to appear for Jury Duty and must immediately pay a fine to avoid going to jail.
TO VIEW MORE EXAMPLES OF FRAUDULENT MESSAGES, CLICK HERE
These are just some of the ways that cyber attackers can use Social Engineering to gain access to some of your most sensitive information, but not the only way.
Phishing, as mentioned above, is another way cyber attackers can manipulate individuals to sharing information.
Phishing is a fraudulent practice of creating authentic looking emails from reputable companies to entice their victims into disclosing personal and financial information such as credit card details, bank account numbers, social security numbers, etc. Spear phishing will target specific individuals or small groups personally by personalizing these messages or using text and social media messaging.
During a phishing attack, cyber criminals ask for information like:
- Date of Birth
- Social Security Numbers
- Phone Numbers
- Home Address
- Credit Card Details
- Login Details
- Passwords
- Security Question Information
They may also ask victims to update a password, click an attachment or respond to a friend request on social media.
Malware is another one of the trick’s up a cyber criminal’s sleeve.
Malware is malicious software planted by a cybercriminal on a user’s computer or network, usually via an email attachment or infected website. Usually placed during a phishing attack, malware enables the cyber-criminal to monitor the behavior of a victim, looking for frequently visited websites and keystrokes to identify account numbers, passwords, identification info, etc.
This intrusive software comes in many forms and can cause serious damage to your computer while also stealing your data.
Some forms of malware are:
- Ransomware: capable of encrypting user data and exchanging the release of that data back to the user for payment.
- Keyloggers: programs that can record the keystrokes of users and send sensitive information to hackers.
- Viruses: programs that can infect and replicate on a variety of other files and programs installed on your computer.
- Trojan Horses: harmful programs disguised as legitimate programs which can steal information.
It is always a good idea to contact your bank to discuss their fraud protection options and see what procedures they have in place to help protect you from attacks on your financial information. Most of the time, they will have plenty of resources including information on questions their financial institution will never ask of their customers – so you know how to identify attempts at social engineering and phishing.
CLICK HERE FOR FRAUD PREVENTION PROCEDURES AND QUESTIONS WE WILL NEVER ASK OF OUR CUSTOMERS
Although it is impossible to protect yourself from every type of fraud, knowing and understanding how cyber criminals attack can prevent individuals from falling victim to these unfortunate situations.