Author: Eddy K

The Future of Scamming

Scammers have always been a part of the global economy, but the rise of technology and the internet has led to an explosion in the number and variety of scams. The most recent trend in scamming is the use of social media and online platforms to target individuals and businesses.

One popular scam is the "phishing" scam, in which scammers send emails or messages that appear to be from a legitimate source (such as a bank or government agency) in order to trick people into giving away personal information or money.

Believe it or not, the few paragraphs above are AI generated. Tools such as ChatGPT allow a user to conduct natural language conversations with software, and the software to respond in a way that on many occasions, pass off as a real human.

Consider 4 years ago, Google highlighted new technology for a digital assistant to make a phone call to a restaurant to make reservations, or to a hairdresser to make an appointment.

Click this link to see it on YouTube.

In the same year 2018 - comedian Jordan Peele produced a deepfake video of President Obama saying things he wouldn't say. Watch it here.

Consider that most scamming and phishing attempts currently received on email or text are poorly formatted, or have spelling mistakes, or bad grammar. In Singapore, the IMDA has gone on a campaign over the past few years educating the public on how callers with a +65 prefix are possibly scam calls. This may cause people to instinctively trust what appear to be legitimate local numbers. Well, the scammers have found a way to call from a non +65 number.

How else can scammers up their game? What if they automated the process using natural language tools and deep-faked voices (or more scarily, deep-faked video)? What if you received an urgent video call from your boss asking you to buy some gift cards? Or from a frantic child saying they have been kidnapped and that her captors are demanding a ransom?

No matter how technology evolves to counter scammers and phishers, the bad actors will always come up with something more sophisticated. Scammers rely on impulsive actions to get what they want. It is up to the individual to be the final line in the defense of their personal information and money.

Some of us are fortunate enough to have corporate training on good cybersecurity hygiene, but continual personal training and practice in critical thinking is the key to keeping safe. Always think of the veracity of the message before you respond.

 

Tip 23: WHAT IF YOU HAVE BEEN VICTIM OF IDENTITY THEFT

What to do:

  • Immediately change all passwords and security/identity questions and responses.
  • Start with the financial services you use first.
  • Use a password manager and never use the same password for 2 sites, or reuse passwords.
  • Contact companies, including banks, where you have accounts as well as credit reporting companies.
  • Cancel and destroy compromised credit cards, apply for new ones.
  • Check to make sure the software on all your systems is up to date.
  • Run a scan to make sure your system is not infected
  • Observe if your system is acting suspiciously.
  • If you find a problem, disconnect your device from the internet and perform a full system restore.
  • File a report with the police if you believe there was a financial crime committed or identity theft.
  • Raise awareness and tell your friends – maybe this will help one of them to avoid this situation.

Why do it?
The objective is to identify and contain the breach, and then prevent future breaches. It is a long process, but you will be stronger for it.

Tip 22: START ON A CLEAN SLATE IF YOUR DEVICE IS COMPROMISED

What to do:

  • Disconnect your computer from the internet
  • Shutdown and remove the hard drive
  • Scan the drive for virus, spyware and malware using another computer
  • Backup your personal files
  • Reinstall your hard drive into your PC, then reformat it.
  • Reinstall the OS and install updates
  • Install anti-virus and anti-malware software and install updates
  • Install your applications and install updates
  • Scan your backups for viruses
  • Restore your backups
  • Make a complete backup of this fresh system

Why do it?
These are the steps needed to “un-zombify” your PC. More research may be needed on your part to find out how to perform some of the steps above according to the type of PC or notebook you have. You could also hire someone to do this for you, preferably someone you trust.

Tip 21: PROPER DISPOSAL OF DEVICES

What to do:
Perform a “Factory Reset” on mobile devices before selling or giving them away. Notebooks and PC’s should be disposed off after the hard drive has been low level formatted, or has some holes drilled into them, or both.

Why do it?
There have been cases of compromising personal information being recovered from disposed devices – anything from names, addresses, banking information and collections of inappropriate content. Mobile devices such as iPhones, iPads and Androids give their owners the facility of performing a factory default reset which deletes all content puts the device into the same configuration as when it left the factory.

PC’s may not have this same facility available. If you can perform a low level format (to get rid of the old data) and do a system restore before giving it away, that is great. Otherwise, the easy way is to pull the hard drive out of the box and drill some holes in it. A sledgehammer would also work and is very therapeutic.

Tip 20: TURN OFF BLUETOOTH

What to do:
Turn off Bluetooth on your device if you’re not using it.

Why do it?
Bluetooth is useful for connecting to speakers, headsets, mouses, and other devices. It can also be an entry vector for unwanted devices and malware.

Keep Bluetooth disabled until you need to connect to a device, this will also reduce drain your battery.

Tip 19: ENCRYPT YOUR DEVICE

What to do:
Enable encryption from your OS (such as Microsoft BitLocker or Apple FileVault) for your PC. Similar settings may be found on iOS and Android mobile devices.

Why do it?
Even if you set a password on your device, attackers can still get access to your private files and documents. They can do this by booting into their own operating system from a special disc or USB flash drive and reading the data from your hard drive.

Tip 18: TURN OFF YOUR PC WHEN NOT IN USE

What to do:
A PC that’s not switched on cannot be hacked into, and if already compromised, cannot be used by the attacker to download info from it, or spend it’s idle time being part of a botnet.

Why do it?
Also, if your main PC is a notebook then turning it off and removing the power plug from it will save your battery from unnecessary charging and performance deterioration.

Regular PC restarts are recommended to allow your Windows (or other operating system) to clean up open files, get rid of temporary files, and update itself.

Tip 17: USE RFID BLOCKERS

What to do:
Use a RFID blocking wallet, purse, bag, or use RFID blocking sleeves to prevent mobile RFID skimming.

Why do it?
Have you seen a person gain access to his office by just touching his wallet to the card reader, or a lady get on the metro by tapping her purse on the ticket gantry? Similarly, a person armed with a mobile RFID reader can skim the data off your credit card in your back pocket or purse.

A RFID blocking wallet, clutch, or individual RFID blocking sleeves can prevent that. I have found that you don’t need to put the cards into the sleeves. Merely having these sleeves slotted into the wallet as the outermost layer will prevent your cards from being read.

Tip 16: COVER UP THE CAMERAS

What to do:
Put some black electrical tape over the camera on your computer notebook/laptop/tablet/mobile phone.

Why do it?
There have been cases where malware on a computer gave an attacker access to the camera, and compromising pictures of the user have been remotely taken.

I currently have tape over my notebook computer and tablet device, but not my phone.
Sure you could buy a fancy one, but tape will do. Just remove for any video conferencing calls you have to make or selfies you have to take, then replace it.

Tip 15: FACEBOOK SECURITY CHECKUP

What to do:
Perform a Facebook Security Checkup once every 6 months

Why do it?
Facebook’s Security checkup will help you with an audit of which apps have access to your Facebook account, and log out of them if they are no longer used or needed. You can also get alerts when someone tries to log into your account from an unrecognised device.

Start here

Posts navigation

1 2 3
Scroll to top