Cyber scams & Prevention

This document will help people understand what kind of famous Cyber scams exist and how to prevent yourself from falling for them.


1) Phishing

2) Vishing or voice mail scam

3) Email from CEO and CFO (Know as ) spear phishing or whaling

4) Smishing or Text message scam

5) Romance Scam

6) Social Media Scam

7) Tech and Email Support Mails

8) Robo Calling:

1) Phishing Scams:

In this type of scam, a hacker will send an email to the victim with a clickable link. These emails will appear to come from major companies like facebook, vk, gmail, financial institution or even from the bank you are using for daily transaction.

Even though these emails look completely similar to the one sent by legit companies, but in actual the links in these mails are kind of traps which are set by the scammer and hackers to steal the information. once the link is clicked, the victim will be directed to some fake website, which will ask for login and password. Once the user enters his / her details , the credentials are intercepted by the scammer or hacker.

Solution:

The solution is to delete such mails and avoid clicking the links.

Most of the legit companies and financial institutions will never send mails asking to update your account or submitting sensitive information to fix account issues. The best bet would be to visiting the official site to check your information and If still unsure, making a phone call to the bank or company would save you from falling in the trap.

Look at the url properly and make sure the website address is correct.
Still not sure ? Contact IT Department immediately.

2) Text Message

These scams are phone scams and are know as smishing. They are similar to phishing scam. In this type of scam the hacker or scammer will send you a text message , these messages will appear to come from a legit and established source however the links once clicked will ask for your personal information or funds.

The personal information could be used to steal money or identity theft.

Text message could appear like this:

1) Dear user, we wanted to offer 0% interest on new car.

This could be your lucky day. We will also give you free iphone if you register today. Please click the link to accept this offer now !

2) This is your “Bank” Support Team,

Your account has been locked up due to suspicious activity.

Please click the link below to confirm your identity and keep yourself safe.

https://www.h0mebank.com

**note the 0 instead of o in the above link.

3) Message from postal service, that the parcel is available for pickup and click the link to update the information is correct.

4) Congratulations ! You have won the prize. Click the link to claim the prize now.

Solution:

Delete the message and block the number. Don’t give your personal details to anyone. Call your bank if you have clicked the link and want to make sure if you are still secure.

3) Vishing or voice mail scam:

Vishing, or voicemail phishing, is the act of committing voicemail fraud to try to steal personal information. Similar to phishing.

In vishing attack cybercriminals use an urgent or interesting voicemail message to try to get potential victims to call back with their personal information. Fake caller-ID information is often used to make the calls appear to be from a legitimate organization or business.

Solution:

Hangup the phone and block the number. Do not call back.

4) Spear Phishing or mail from CEO , CFO or Co Workers:

Spear Phishing attacks target individuals with access to sensitive information such as people who have the ability to transfer funds( most particularly Finance / Accounts Departments) Spear-phishing emails typically appear to come from someone the target knows, such as a co-worker at their company or another business in their network.

Whaling is a spear-phishing attack that specifically targets senior executives at a business.

Solution:

This kind of attack requires special attention. Let’s take a look at them one by one.

1) check for signs the sender is who they claim to be:


2) Look at the “from” field. Is the person or business’s name spelled correctly

3) does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?

4) does the email address seem close, but a little different? e.g Microsft.net, or Microsoft.co. Instead of microsoft.com

5) Remember not to click any links

6) Does the sender address you by name? “Customer” or “Sir”

7) Is it generally free from spelling errors or odd grammar?

8) What kind of tone the message has. Is it overly urgent or it’s a normal communication?

If you think the message passed all the above test but you are still suspicious, the best way to beat such attacks are to call the person or contact IT Department immediately.

5) Tech Support Scam:

The scammer will call / text / mail you as a representative of a major tech / IT company such as Microsoft / Oracle / Apple etc and will warn that your computer is being infected with a malware. While in reality there is no problem. Once you reply to the scammer , he might ask for a Remote access to solve the issue. Instead of solving the problem he will lock you out of the computer / encrypt your data and then ask for money, in case you need your data back.

Sometimes the scammers will fix the problem but install a malware as a backdoor for future control and hack.


Solution:

Delete the mail or hangup if you receive such call. These companies will never call the consumer by themselves.

Do not browse insecure sites.

Do not click links sent by an unknown person.

Do not give remote control access to any unknown person.

6) Social Media:

You could receive a text message from a famous public figures/ famous companies , to click on some link.

Or

You might receive a message from someone you know (but in actual a scammer) that you appeared in a video , and to click the link (Phising page)

Or Are you in this video ? I was shocked, here is the link bit.ly/abc123

Solution:

Do not add unknown people unless you have full information about them.

Do not click on links.

If you are buying something , do not send money without buyer protection. Such as Western Union.

7) Romance Scams:

Scammer can use Social media , websites or emails in this scam.

The dangers of such scams are emotionally and financially.

Scammers can contact you by some fake id and keep on the relation until his / her task is completed.

The scammer can ask for funds via text messages or mail. They might not show their face and avoid video calls.

Solution:

Avoid sending funds to strangers.

Use good amount of time to think about the person.

Do not get emotional, but think smart before making any decision.

Profile images are usually fake or stolen, you can check them via Google reverse image check to find out the actual person the picture belongs to.

https://images.google.com/ or right click the image and click on Google image search.

8) Robo Scam calls:

In this type of scam you will receive a call (pre-recorded call). The caller will say that you have won a prize and you need to stay on the line to claim the prize. The calls are mostly Robotic meaning they have Robotic voices but now a days with new technology of AI , the voice may sound like any human.

**Thinking time ???

Why would any one call you and tell you about the prize , if you have not even entered into any competition or giveaway?


Solution:

Hang up the call and block the number.

You can also search from your respective app store for apps like Robot call blocker.

Please search for call blocker in your app stores.

Leave a Comment

Your email address will not be published. Required fields are marked *