Scams You Didn't Know Were Cyber

Common cyber scams go deeper than you might think.

You may have heard of — or been the target of — phone, investment and even romance scams. These ways to defraud victims continue to be in cybercriminals’ bags of tricks, but the tactics they use are ever more sophisticated and varied. It’s important to know how they’re evolving so you can be vigilant and protect yourself.

Online Purchase Scams are Riskiest

According to the Better Business Bureau 2022 Online Scams Report, online purchase scams continue to be the riskiest, with scammers defrauding their victims by:

• Never delivering the goods or services purchased.
• Setting up fake e-commerce stores that trick victims into making purchases. If you see too-good-to-be-true prices, lack of details, or high-pressure sales tactics, you’ve likely discovered such a site.
• Using triangulation fraud, whereby the scammer takes money from the online purchaser, pays for it with someone else’s stolen credit card, then sends the purchaser the product and pockets the purchaser’s money.

Investment/Cryptocurrency Scams are Rising Fast

Investment fraud complaints increased 127% from $1.45 billion in 2021 to $3.31 billion in 2022. Of those complaints, cryptocurrency investment fraud rose 183% from $907 million in 2021 to $2.57 billion in 2022, with those 30 to 49 years old the most targeted group.¹ Scammers are using some new techniques to get to their victims, including:

• Liquidity mining, enticing victims to link their wallets to an app where thieves can then wipe out victims’ funds.
• Hacking social media accounts, targeting the friends of the hacked user with bogus crypto- investment opportunities.
• Impersonating well-known people, developing friendships with victims and then convincing them to invest in cryptocurrency.
• Targeting real estate agents, offering to buy an expensive property with cash or cryptocurrency. Once the agent is engaged, showing them “proof” of fictitious multi-million-dollar accounts and suggesting the agent buy into one of their investment schemes.
• Creating fake investment jobs, enticing victims to apply online with the fake company and instead of a job, offering them “investment advice” designed to steal from them.

Phone Scams are Constantly Changing

As technology and smartphones’ capabilities evolve, so do scammers’ methods of using the phone to separate victims from their money and personal information. Tactics include:

• Natural-sounding robocalls. Scammers try to sell everything from car warranties to vacations using natural-sounding recorded voices; some can even respond to questions.
• Smishing. Victims receive a text message from an unknown number or email address with the intent to have the victim click on a link to the scammer’s website or app.
• Impersonating trusted people such as IRS personnel, police, survey takers, relatives, delivery people, and well-known companies to threaten the victim or gain their trust. Scammers often use scare tactics related to the victim’s Social Security number, criminal record, or account before asking for personal, account, or credit card information.
• Malicious apps. Scammers may get victims to install a malicious app in order to steal their information or create an identical-looking app and make money from in-app purchases.
• Bogus QR codes. Scammers use their own QR codes and prompt victims to make a small purchase or enter their credentials on look-alike websites for the original QR code.

Beware the Newest Phone Scams

SIM swapping, or SIM hijacking

A new technique scammers use to gain control of a victim’s cell phone number, enabling them to receive the victim’s two-factor authentication codes used by banks and other entities.

How it works: A scammer contacts the victim’s cell phone carrier and convinces them they are the victim (using information they’ve gathered on the victim via social media), and requests that the phone number be transferred to a new SIM card, which is actually the scammer’s. Now the scammer has control of the number and communications that come over it, potentially gaining access to the victim’s accounts.

One-time password (OTP) bots

These bots can initiate a text message or robocall that appears to be from a legitimate and trusted company, asking the victim to authorize a charge and to input the code they were texted. If shared, the scammer can get into the victim’s account.

New Target for Scammers: Student Loan Forgiveness

When students were busy applying for student loan forgiveness applications, scammers were busy too, creating phony application sites aimed at stealing victims’ Social Security numbers or bank account information.

Demanding hefty application fees. Scammers phone victims with urgent messages that they must apply for debt forgiveness before it’s “too late” and charge them an application fee. In reality, there is no application fee, and the U.S. Department of Education does not contact people by phone.

Romance Scams: Looking for Money, not Love

Romance scams continue to be wildly popular among scammers looking to cheat victims. According to the Federal Trade Commission (FTC), people lost $1.3 billion to romance scams in 2022, more than double 2021’s $547 million.²

Scammers steal someone’s identity or create a fake profile on dating and social media apps to meet victims. Once they’ve gained the victim’s trust, they ask for gifts or money from the victim or “mistakenly” send the victim money and ask the victim to send it back or forward to someone else.

Mobile Gaming Scammers Don’t Play by the Rules

Mobile devices have made online games even easier to access to pass the time. Scammers have found ways to cheat the system and trick people into giving up their personal and financial information through sneaky tactics such as:

• Fake gaming apps that install malware on gamers’ devices.
• Charging for fake upgrades, enhancements and other gaming features in an effort gain access to your credit card information.
• Using password and username combinations that have already been stolen in data breaches that live on the dark web to enter into gaming sites to gain access to accounts.

Sources:
1 Internet Crime Complaint Center (IC3) 2022 Annual Report
² FTC Consumer Protection Data Spotlight, Feb. 9, 2023

The Hartford Steam Boiler Inspection and Insurance Company provides The Cincinnati Insurance Companies with a variety of support services, including call center assistance, collaborative claims service and risk mitigation materials.

This loss control information is advisory only. The author assumes no responsibility for management or control of loss control activities. Not all exposures are identified in this article. Contact your local, independent insurance agent for coverage advice and policy service.