Cybercriminals are skilled at adapting to new technologies, incorporating new ideas, and twisting old scams to hook in as many people as they can.
But some scams remain pretty constant.
NatWest bank has published a list of the top scams people have most fallen victim to throughout 2016. These schemes continue into 2017, and surely beyond — fraud that’s universal and affects thousands of people worldwide.
What can you do about them? How can you protect yourself?
1. Advance Fee Fraud
This is a variation of the well-known “Goods Not Received” fraud, in which a seller asks for money before sending an item. Often, this happens on a separate platform, away from auction sites and third-party marketplaces (like those on Amazon).
Was thinking about putting a jacket on eBay. Took photos of it doing the Macerana. pic.twitter.com/OtSlBbQQhk
— Devlin (@Dev_Chelios) April 19, 2017
It’s tempting because a seller will likely offer a discount for taking discussions away from official sites; after all, eBay takes a percentage of fees in order to keep itself running. EBay is the middle man, who thinks it deserves credit. And you might feel bitter about that. However, auction sites do offer a level of security that you simply don’t get in private negotiations.
Very simply, a seller asks for payment for a product or service before the item is shipped or service carried out. The result is that you lose money because what you’ve bought never turns up.
It’s no shock that, according to the U.K.’s NatWest bank, this was the second most common scam to affect its customers in 2016.
How can you protect yourself? Just refuse. It’s easy to say, but if you’re tempted by offers of a discount, it might be hard to do. You can see why real sellers would want payment in advance though.
Know your rights. In most places, it’s against the law to receive payment for goods without dispatching them first — although there are always exceptions. This even applies to pre-orders, however. Sellers only offer discounted prices on pre-orders so they can factor in how many items they need to buy from their providers before actually submitting their order, not so they can withdraw money early.
If you are tempted to pay in advance, at the very least keep it to official platforms which offer precautionary methods — payment through PayPal, for instance, or using a credit card.
2. Spoof Payment Requests
This is actually a relatively new scam, at least in this form, with the number of cases rising considerably since 2014.
It involves a fraudster sending a spoof email to the accounts department of a business, purporting to be a senior member of staff. That email would request a bank transfer of funds, often with PDFs attached in an effort to look more official.
A prime example of this is agricultural firm, Scoular Company, based in Nebraska. In 2015, an employee wired money to three banks in China after receiving a falsified email supposedly from the Chief Executive, apparently as part of a secret acquisition of a business in China. Because it was hush-hush, the employee kept quiet about the transfer, and those responsible made off with some $17.2 million.
It’s pretty easy to find out the senior staff and email addresses to spoof just by looking on either social media (people love to boast about their jobs on Facebook, yet don’t alter their privacy settings), naturally including LinkedIn, or through governmental departments like Companies House.
How can you protect yourself? If you’re a senior member of staff, inform employees of this, especially the accounts department.
If you receive such an email, check the address: it’ll likely be very similar to the real one. Check the language used: does it sound like the person it’s supposed to be from? Keep an eye out for any other signposts that this is a fake.
The key is this: always check such requests, ideally face-to-face, or alternatively on the phone.
3. Vacation Scams
One of the worst scams takes advantage of your excitement in anticipation of a much-needed vacation.
In a way, it’s similar to the “Goods Not Received” fraud — but instead of offering items that never turn up, this involves you being offered a holiday that doesn’t actually exist.
This could be a full package, a rented property or hotel room, or a tour while on your break. If you’re going through unofficial lines, you’re susceptible.
Then again, you’re also susceptible if you do use genuine sites. Let’s take Airbnb as a prime example of this. It’s a great idea: an online platform to rent out rooms or entire properties to tourists. Home-owners and visitors can reap the benefits, but, despite Airbnb’s altruistic raison d’être, it can still be one big scam.
It’s obviously not the only way criminals target you on vacation: your general good spirits can mean you become more reckless and so blind to some fraud. Just one example of this is asking a taxi driver to take you to your hotel, but you’re soon convinced on the journey that your accommodation has either shut down or is particularly awful. They’ll take you to a better one (and get commission from the new hotel!).
How can you protect yourself? This is particularly a problem when booking online, but that’s something most of us do anyway! Go through the necessary procedures to make sure a site is secure and trustworthy: notably, take notice of the URL. Does it look right? Are there any odd suffixes? Does it employ the encrypted HTTPS?
Phishing is very common. This entails users being directed to a fake site that purports to be a genuine well-known brand. That’s why you should never click on links through emails, but instead search for the real site on a different tab or browser.
Naturally, you should look for reviews before booking anything, although it’s worth remembering some companies pay for good public feedback. Try an image search as well, to make sure a property has not been fraudulently duplicated anywhere.
Knowing Is Half the Battle
That’s not just a phrase meaningless to anyone but G.I. Joe fans: knowledge really is power, and simply recognizing some of the biggest scams of last year lessens the chance of you falling victim to them.
Have you ever ordered goods, only for them not to turn up? Or received a spoof email pretending to be from another member of staff? What did you do?