However, they also state that, due to the emotional impact of the crime on some victims, only about 20% of cases are actually reported. This leaves the real extent of the problem unknown.
With new techniques being developed, technology continuously advancing and more and more people falling victim to scams, there are no signs of it slowing down any time soon.
A huge topic over the past year has been crypto-currencies, such as Bitcoin, Ethereum and Ripple. Being online based currencies, it is likely that fraudsters will see this as a huge opportunity to use it as the topic for their online scams.
Below are a couple of ideas of what scams we could potentially be seeing a rise of, throughout 2018.
Phishing scams are one of the biggest online scams with fraudsters sending out thousands of phishing emails in one go. Phishing emails are designed by fraudsters to look like they have come from a legitimate company, but actually contain links which are designed to either infect your device with malicious malware or steal your personal and/or banking information.
It is likely that next year we will see an increasing number of phishing emails with crypto-currencies as the topic. These will either be designed to either steal their victims’ real crypto-currencies, or to make their victim invest in fake ones.
Fake Investments: Fraudsters may claim that they have a special offer where crypto-currencies can be bought at a hugely reduced price, guaranteeing their victim a good return on their money. They may also claim that they have inside information and the prices are about to increase so you should invest now, or they may encourage you to invest in an entirely new currency that the fraudster has made up.
They normally create fake websites to support the emails and will insert a link to this fake website. The website is designed to look like the legitimate company’s site, so people will be fooled into thinking it is real. There, they will be asked to enter personal and bank details to purchase their crypto-currencies, which is then captured by the fraudster. Once the transaction has gone through, the fraudster will disappear with their victim’s money and information to, most likely, defraud them further.
Theft: These phishing emails are also being used to steal real crypto-currencies from victims. A common way this is being done is by also providing a malicious link within the email, but the fraudster will more likely pretend to be a company that trades crypto-currencies. They normally claim that there has been a problem with their account, and their investments are at jeopardy, encouraging them to follow the link to authorise their account.
Once the victim has been led to the fake website, they will be asked to enter their account log-in details which is then captured by the fraudster which they use to access their victim’s account. Once they have done this, they are free to withdraw any investments.
If you haven’t heard of rubber ducky scams, now might be a good time to learn about them! This type of scam is when a fraudster loads up a USB stick with malicious malware to infect the device it is plugged in to. This malware is designed to embed itself into the device, unknowingly to the user, and it tracks their movements on the device. This is then able to capture sensitive information, such as, online banking log-in details and passwords for other online accounts.
We believe that next year we may see an increase of rubber ducky scams using crypto-currencies as leverage.
As an example we have thought of, a fraudster can easily write on the USB stick that it holds a crypto-currency, for example; ‘bitcoin wallet’ or ‘ripple wallet’. The fraudster would then leave it in a public place, or they often target specific powerful people and companies. A lot of people are aware of the increasing value of certain crypto-currencies, so it is likely that, at some point, someone will be tempted and will take it to see what’s on it. Then, once the device has been plugged into their device, it will be infected with malware which will track their movements.
Brexit has, arguably, been the biggest topic of the last year, so there’s pretty much no doubt in my mind that we will see Brexit as the topic for many more scams to come – both on and offline.
Below are a couple of ideas of the types of scams we will see relating to Brexit.
Investment scams (also known as ‘boiler room’ scams) are already very common, but we predict that we may see a surge of new scams as we move further into the Brexit process.
An investment scam occurs when the fraudster gets into contact with their victim, usually by cold calling, to tell them of new investments opportunities available to them, which are normally completely worthless or don’t exist at all. They normally claim to have inside information of the stock market, or encourage you to invest in expensive products such as; wine, art, gold, diamond and silver. Once the fraudster has encouraged you to invest as much money as they can, they disappear with their money and become completely untraceable, just when the victim is expecting their money to be returned.
We are predicting that fraudsters will begin to use Brexit as leverage over the victim, explaining that they have information on what will happen to prices of particular products in the UK once we leave the EU.
Identity theft can be committed in a huge amount of ways, but we predict that we may see more attempts of it throughout the next year with Brexit as the subject.
With the uncertainty of Brexit leaving some people confused, there’s no doubt in my mind that fraudsters will use this to trick people into handing over personal information.
For one example, fraudsters may claim that people need to update/renew their passport ready for when we leave the EU. They would normally do this in a phishing email and make it appear like it has come from a legitimate source, such as, Gov.uk, by using this as the sender’s display name.
It is likely that the email will lead the reader to a link to a fake government website which has been created by the fraudster and designed to capture the details that are entered. This is where the victim will be asked to enter their information for their passport update, this would be information such as; name, date of birth, address, phone numbers, mother’s maiden name, and any other information they can get hold of to defraud someone.
Once the fraudster has obtained this information, they can use it to, for example, access and open bank accounts, obtain credit in their victim’s name, or re-direct their victim’s mail to their own address to obtain even more information.
If this happens to you, you may find yourself facing difficulties in securing loans, mortgages and credit cards, resulting in serious, long-term effects on your finances.
Last year saw two nationwide ransomware attacks; ‘WannaCry’ which target computers running the Microsoft Windows operating system, including those used in the NHS, and ‘Bad Rabbit’ which took random computer systems under ransom, demanding Bitcoin as payment for their system to be released.
Ransomware is technology used by cyber-criminals to infect peoples’ devices and hold them under ‘ransom’ which means the user can’t access their own files, or, they are locked out of their computer entirely. Then, in order for the system to be released, the criminals demand a payment – this figure can vary dramatically. It is important never to pay the demanded fee. There is no guarantee that your computer will be released and the criminal often uses the information you enter to defraud you further.
With two nationwide attacks successfully claiming thousands of victims last year, not to mention the thousands of other attacks that probably weren’t reported, it is likely that we will see another surge of ransomware over the course of 2018. Cyber-criminals are continuously developing new ways and new systems to pull off these attacks, which are almost impossible to get ahead of.
As mentioned before, phishing emails are one of the biggest online threats, targeting millions of people all over the world. They are easy to create and can be sent out thousands at a time. These emails are designed by fraudsters to capture sensitive information from their victim’s.
They normally pretend to be from an already reputable company, which they can do easily by simply changing the display name of their email address to any company they choose. A very common claim is that your account details with the company have been compromised and you urgently need to take action to keep your details safe. They often use urgent language to make the victim worried and act quickly, without thinking.
Then they will urge you to click on a link provided in the email. This link normally either; leads you to a fake website which asks you to enter either personal or banking information, or it will infect your device with malicious malware which embeds itself into your device, without you knowing, and tracks your movements. This will then capture sensitive information such as online banking log-in details.
Phishing emails are probably one of the easiest scams to fall victim to, as most of us are likely to receive at least one of these emails a day. The easiest way to detect a phishing email is by checking the sender’s email address. Ignore the display name, as this can be set to whatever the sender choose, and check to see whether the email address is what you would expect it to be from the company. If it is a legitimate company email address, the domain name will show it. For example, an email from Amazon would have ‘…@amazon.co.uk’, and an email from NatWest would have ‘…@natwest.com’. If it shows anything unusual, delete the email straight away without clicking on anything within it.
Find it useful? Please share!
Find it useful? Please share!
Last updated: 23 January 2020 | © KIS Bridging Loans 2020 |