From Digitisation To Vulnerable Digital Space
- March 10, 2023
- Posted by: Netrika
- Category: Cyber Security
Cybercrime has become a prevalent threat in recent years, with criminals constantly finding new ways to exploit technology for their own gain. From identity theft, romance scams and KYC scams to job and metaverse fraud, the impact of cybercrime can be devastating for individuals, businesses and even the economies.
This article explores some of the recent cyber frauds that have made headlines and crippled the global security ecosystem.
A forgery acting as a wealthy, voyaging diamond tycoon on the hunt to seduce women online and defraud them of millions of dollars! A viral Netflix video revealed the truth about dating apps, which have absolutely no validity among their users. While topping the viewing rankings, Tinder Swindler swept the world by storm due to its concept and for introducing online dating risks. The show tells the story of Simon Leviev, a convicted con man who defrauds three women on a dating app and affects their lives forever.
Tinder Swindler represents the ultimate romantic scam, breaking these women’s lives and scarring them with horrific and agonising experiences in a story of hundreds, if not millions, of women whose stories go unheard. The documentary’s brilliance resides not in its length but in the lesson it conveys: keep your guard up when using online dating applications. A romance scam is not new, but internet dating apps have certainly given it a contemporary twist. The sophisticated manner in which scammers discover and deceive their victims, often leaving no trace, is cause for considerable concern for people actively seeking love on such sites.
On the same terms, romance scams include matrimonial site scams where even the family members easily chime into the prospect’s profile if it seems attractive. The least one can do is identify the red flags, do a thorough profile check and never indulge in money business with people you do not know.
Bank SMS Scam
Fraudulent emails under the disguise of national banks such as ICICI, State Bank of India, Axis Bank, HDFC, and Punjab National Bank have been circulating for several years. These seemingly harmless emails aimed at big banks are designed to gather personal data, triggering a slew of subsequent illegal behaviours such as banking fraud and data theft.
From the phishing scam of Income Tax refunds taking the SMS, which has affected practically every taxpayer, to the false KYC SMS, which includes unwelcome communication via SMS, there is no real or virtual environment where a user can fool-proof their protection.
So, how do you tell the difference between fraudulent and legal SMS?
To begin, the Indian IT department would not send you a link but would instead direct you to their official website and input your login information to complete the essential prerequisites. Furthermore, you are strongly advised never to discuss your personal information with anyone, including your card details, account number, OTP, Aadhar number, etc. Search for sloppy language, spelling problems, questionable links, and other minor differences to distinguish false from real.
A boss scam is a type of phishing or smishing scam in which hackers send false text messages imitating the boss. The logic underlying these scams is that fraudsters believe that if malicious emails are sent from someone in a position of authority, the employee is more inclined to engage in them. Posing as the boss puts the employee under pressure, prompting them to act quickly and compromise their judgment, neglecting due diligence. Fraudsters add validity to their fraudulent methods by using public information about the organisation from the corporate website or its LinkedIn profile. The information obtained through such schemes can subsequently be utilised for illicit actions, data or identity theft.
The mode of operation in these scams is to use psychological manipulation to get to the victim. Staff is less likely to question anything that comes from their supervisors and to act on these directions as soon as possible. This psychological manipulation enables them to carry out this relatively low-cost and low-tech scam straightforwardly. Once they have faked the employee and received the payment as specified in the email or SMS, they transfer it to mule accounts to make the flow untraceable.
Mobile SIM Swap
SIM swap fraud is a type of account takeover scam that exploits a flaw in some forms of two-factor authentication, in which a call or text message delivered to a mobile phone serves as the second factor or step. The scam uses mobile phone service providers’ capacity to smoothly port subscriber identity module (SIM) cards from device to device with different telephone numbers.
A fraudster gets your mobile carrier to port your phone number to their SIM card during a SIM switch. Fraudsters can quickly access your most sensitive accounts by transferring those incoming messages and performing text-based two-factor authentication tests. They can also take over social network accounts, retail accounts, and any other accounts associated with the phone number, compromising your sensitive information or personal gains.
Crypto Ponzi Scam
The crypto sector has created a plethora of options, and a crypto investor is cognizant of the market’s inventive yet volatile character. Its blockchain technology has the potential to yield massive financial rewards, which is what draws scammers to this market. The rationale for crypto Ponzi schemes is that the crypto sector contains scammers who present hazy investment solutions due to its digital asset nature, innovative origin, lack of proper education, inherent complications, and volatility. Furthermore, most individuals see the crypto market as a thriving field where any platform may become the next Bitcoin. This insufficient understanding and extremely high expectations arise from the drive for quick money and high investment returns.
A Crypto Ponzi scheme is essentially a complex and extensive financial scam established on the cryptocurrency platform to entice investors with the promise of huge and rapid profits. Fraudsters run these fraud schemes on fictitious crypto businesses to dupe investors with fabricated claims.
Scams in Metaverse
Humans were drawn to the metaverse by their fascination with technology, which blurs the distinction between what is real and what is artificial. With this comes the thrilling yet perilous terrain of reproducing one’s appearance, sounds and behaviours to the point of no discernible difference, a concept known as the Digital Twin. This is what allows fraudsters to anticipate dangers and profit from them.
With the worldwide momentum of the Metaverse sector and billions of dollars of investment by tech titans, the metaverse is likely to become a household name in the coming decade. According to Gartner, Inc., by 2026, 25% of the world population will spend at least one hour daily in the metaverse.
Therefore, metaverse attacks have the potential to victimise humans in unimagined ways. Suppose the actual nature of the metaverse comes to fulfilment. In that case, scams will go beyond bounds and expectations, from account takeover to phishing, hijacking digital data, hosting bogus services and stealing identities.
Implications of Cybercrime
The impact of cybercrime can be far-reaching and long-lasting, with consequences that extend beyond financial losses. In addition to financial harm, cybercrime can also lead to reputational damage, loss of customer trust, and even national security threats. As such, individuals, businesses and governments must take proactive steps to prevent and respond to cybercrime.
Prevention measures may include – using strong passwords, implementing multi-factor authentication, keeping software and systems up-to-date and regularly backing up data. A quick and effective incident response in a cyberattack can help minimise the damage and prevent further harm.
Recent high-profile cyber frauds have highlighted the severity of the threat and the need for increased cyber security measures to protect against it. By taking proactive steps to prevent cybercrime and responding quickly and effectively to attacks, individuals, businesses, and governments can help minimise the damage of these threats.