5 top online scams to look out for throughout 2022
Every year we get bombarded with advice on the scams that fraudsters use to hijack the online shopping frenzy during the holidays.
However, it would be wrong to think that the scammers only operates during the holidays. They are still very much out there, eager to take your money, and ready to exploit any vulnerability. Here at Admincontrol, we take the issue of security on every level very seriously and monitor everything board level security to attacks on our own employees. With this in mind, here’s our take on the scams you should be looking out for this New Year and throughout 2022.
What are the most common scams to look out for right now?
1. CEO fraud and fake invoices
In recent years there has been a huge rise is CEO fraud − a scam in which cybercriminals spoof company emails to look like they are being sent from executives. This is usually an attempt to fool finance or HR professionals into executing unauthorised bank transfers or sending out confidential accounting information.
Scammers engaging in this kind of fraud also often provide a fake invoice. The invoice may look legitimate, but the account number will have been changed and the money will go directly to the attackers bank account. Always be wary if you’re being asked to urgently process an out of the ordinary payment by your CEO or other senior manager, or if you’re asked to change the bank details of an existing supplier on your system.
2. Fake delivery emails
Throughout the year, you are likely to receive delivery confirmation emails in your inbox or via text message on your phone. Cybercriminals often take advantage of this. For example, news spread last summer of a scam text appearing to be from international parcel delivery firm DPD. The text informed the recipients that a delivery attempt had been made and that they need to arrange a redelivery for a fee. This kind of activity is phishing that will ask you to make payments to fraudulent bank accounts. It will also often be followed by ‘spoof’ callers from banks that will claim your account has been compromised and try to harvest all your personal data. Be alert for this kind of scam all year round – and never share your details with a courier company during the delivery confirmation and tracking process.
According to a recent report by Check Point Research, DHL is now the top most spoofed brand used to send fake delivery notices.
3. Fake offers
In the post-hoilday period, most of us are looking to manage our budgets and cut our spending. This makes us more likely to fall for fake offers when we do need to buy something. One of the most common tactics fraudsters use is to create a fake page for a well-known brand with a must-have, ‘never-seen-before’ offer. Such pages are set up for one reason: to harvest your data or steal your credit card information.
You may also be sent these offers on email, or more commonly via adverts within special interest groups on social media feeds (especially Facebook). If the offer is too good to be true, or you have never heard of the web shop, then take extra precaution.
4. Charity phishing scams
Charity phishing scams play directly on your conscience and can happen at any time of the year, particularly after a natural disaster or other crisis. The scams take advantage of your goodwill, your knee jerk reactions to tragic events, and involve setting up fake sites imitating existing charities. The aim once again is to commit identity fraud or steal your money when you provide your bank details to donate – facilitated by everything from fake crowdfunding pages to reaching out to you by phone.
5. Cryptocurrency scams
The new year can seem like a good time to try new ideas and break new ground. This can make people especially vulnerable to trying their hand at areas like cryptocurrency investment. This is another area where extreme caution should be applied. According to recent research, cryptocurrency crime broke new records 2021 as scammers took $14 billion worth of crypto last year, nearly twice the amount that was taken in 2020.
Be wary of adverts that push cryptocurrency investment via social media and promise guaranteed return on investment (a regulated and accredited provider will never say this). You should also check your local government’s financial regulator for a list of accredited and reputable providers.
How to avoid falling victim to scams
- The best way to avoid scams is to practice basic cybersecurity hygiene.
- Be careful with the links you’re clicking on, and be very wary when asked to give out your personal information such as your name, password and bank account number
- Don’t download anything from a source you are unsure of
- Stay away from retailers you are not familiar with
- Lookout on websites or social adverts for spelling mistakes, mocked up logos or other suspicious details
- Be very careful when it comes to payment: never wire money directly to a seller privately, and always pay by Mastercard, PayPal or other secure payment options (if these payment options are not available, it could be a bad sign)
- Always try to do some background search on companies and people you meet online, for example, by using review websites such as Trust Pilot or feefo
- If you’re in doubt, try to reach the company’s legitimate customer service to ask questions.
At Admincontrol we will be assisting with the drive towards better security in your professional life by introducing Two-Factor-Authentication as a default on our Virtual Data Room solution in 2022. You can also find out more about our certifications, compliance and vulnerability testing regime by visiting our security page.
If you want to discover other ways you increase security in these fact changing times, you may also be interested in our handbook on how to manage the impact of hybrid working on cybersecurity.
How to avoid cyberattacks when working from home or remotely
After corona, employees got new habbits and are still working from home or remotely several of days a week. In this new remote work situation, we will be trying to stay connected with colleagues using chat applications, shared documents, and through conference calls instead of physical meetings, many are probably not vigilant enough of the risk of cyberattacks.