You are probably generally familiar with the concept of phishing, or when scammer impersonates a trusted company in order to trick you into handing over sensitive information like passwords or credit card numbers. Every day, scammers send fraudulent emails, texts, or make fraudulent calls to people like you and me. At this point, you have probably learned to ignore unprompted texts or emails, even if they sound convincing. As the public becomes more and more aware of these scams, scammers are forced to create more convincing and sophisticated scams. Some scammers have learned to do their research about an individual or company before deploying a scam.
Imposter fraud can take many forms, but in this context it describes a cyberattack in which scammers impersonate a company or employee that you regularly work with. Scammers know that receiving an email from a company you have never worked with before will be easy to spot as a scam, so they’ve begun to dig a bit deeper. For example, a scammer may hack the email of an employee, then send a fraudulent email from their account to people they regularly email. Then, the recipients won’t be suspicious because the email address will be legitimate, and the message is seemingly being sent by someone they trust. This method is particularly dangerous since it is much harder to identify as an illegitimate email before it is too late.
Imagine, your boss sends you an email telling you they need your username and password for a certain business account to verify their records. Although this is a bit of an unusual request, you reply with your user credentials and move on with your day. In this scenario, you have just unknowingly handed over your account to a scammer who was impersonating your boss.
Often, scammers pretend to be companies that are involved in finances, including investment companies, the IRS, Social Security, or a charity. They do this because money can be used to manipulate people very easily, whether it is the promise to earn high amounts of money quickly or the threat of taking high amounts of money away. Though these scams are tricky, there are ways to avoid becoming a victim.
The best way to avoid getting scammed is to verify the validity of a message via a different form of communication. For example, if you receive an unprompted email from a company you recently interacted with, you can look up the company’s customer service phone number online and call to verify the validity of the message. It is especially important to do this around the holidays since scammers take advantage of the increase in online communications and shopping. Many companies will never contact you about your account out of the blue, and most will never contact you via text message, Facebook messenger, WhatsApp, etc.
Before you ever give someone remote access to your computer, make sure to verify their identity and the validity of their request. Some scammers will pose as customer service representatives and ask for remote access to your device. If you receive an unprompted call or message from a customer service representative or company ambassador, it is probably a scam. Also, as usual, avoid clicking on links in emails, texts, or on social media unless you are confident that they are legitimate. And, if you ever come across an opportunity, sale, or other deal online that seems too good to be true, it is probably a scam.
Some other things to watch out for include urgency or pressure tactics. Sometimes, scammers will send messages labeled as urgent or will call you with an urgent request. This tactic is used so that recipients don’t have enough time to actually think through what they are doing. For example, if you receive a communication pressuring you to invest in something quickly with promises of unusually high returns, this is probably a scam. In any case, it is important to do your research and always be cautious while online.
Read our previous post here: How To Be Prepared For A Ransomware Attack
