More than 1 in 10 U.S. households have fallen for a financial scam in the past year, due to increasingly sophisticated methods and technology. What should you look out for?
March 18, 2024 INSIDE THIS ARTICLE, YOU'LL FIND: |
While most people are aware of scams targeting their personal details, banking information, or even cash, some believe they are too knowledgeable to fall victim to scammers, be it through email, text, or phone calls.
Increasingly, however, scamming methods are evolving. And these days, scams can leverage artificial intelligence, deepfakes, and the ever-changing digital landscape to create new and sophisticated schemes. Even people as savvy as financial advisors have recently admitted to being tricked into handing over tens of thousands of dollars to someone pretending to be from the CIA.
While most organizations mandate online security courses and tests, and many individuals know that they should follow best practices around passwords and tools, 15% of all U.S. households say they have fallen victim to a financial scam in the past year. And we must expect scammers to become even more heavily armed with the tools and information they need to trick more people as time goes on.
Let’s review how scammers have enhanced their capabilities and made it more likely that even the tech-savvy and most confident person can be taken advantage of in the wrong circumstances.
Trends in scamming methods in 2024
Scams are nothing new. Different types of fraud and tricks have been used by unscrupulous people for thousands of years. In the modern era, however, the anonymity of the internet allows scammers to distance themselves emotionally from their victims, and it’s become easier for them to perform their tactics at significant scale.
Many people are familiar with certain types of digital scams, including phishing, multi-factor authentication scams, and credit card fraud. But in recent years, more sophisticated scamming methods have emerged, and are wreaking havoc in 2024.
Michael Ballard, Director of Intelligence at Global Guardian, noted that the following scams are the most common that he’s seeing compared to previous years:
- AI-powered scams: Scammers are utilizing artificial intelligence to create more convincing phishing emails, deepfakes, and personalized messages. AI can make existing scams sound more natural and believable.
- Student loan forgiveness scams: With changing student loan forgiveness policies, scammers exploit people’s hope for debt relief. They create fake application sites, charge hefty fees, and steal personal information.
- More advanced phone scams: Robocalls and impersonators continue to plague phone lines, but this isn’t your traditional robocall scam. Today, some robocalls can even respond to questions, making them harder to identify as scams.
- Virtual kidnapping: This type of cybercrime, where scammers falsely claim to have kidnapped a loved one, is a growing concern. They use threats, emotional manipulation, and deception to extort money from the victim. Unlike traditional kidnappings where physical abduction occurs, virtual kidnappers rely on psychological tactics to create fear and urgency.
Combining technology with emotional manipulation
As technology gets more sophisticated, scammers are also learning to combine their new capabilities with preying on people’s emotional state. The extent to which AI technology is allowing scammers to use people’s information, fears, and loved ones against them is becoming truly dangerous.
When scammers perform a virtual kidnapping, they have robust tools they can utilize which are so powerful that victims may not understand how they are real. For example, voice cloning: scammers can create deepfake audio—voices that sound exactly like a specific person – to convince a victim that they are speaking to or hearing a loved one. They harvest voice biometrics from publicly available sources (such as social media) to generate these fake voices.
With cloned voices in hand, scammers can deploy several manipulative tactics. This includes making loved ones sound distressed, crying, or pleading for help. They can use the voice as “proof” of a kidnapping and threatening harm unless they receive a ransom. Moving quickly and demanding immediate action, scammers don’t allow victims the time to think through whether it truly is their partner, child, or friend on the line.
Deepfake technology isn’t limited to audio. Scammers can also create lifelike video deepfakes that convince their victim they are speaking to real people. In a recent high-profile scam, a finance worker at a multinational company was tricked into transferring a staggering $25 million to fraudsters. The scammers utilized deepfake technology to impersonate the company's chief financial officer, and other staff, during a video conference call.
Scammers understand that our fears — of getting in trouble at work or having something bad happen to afamily member — can be used against us. AI tools are making it easier than ever for them to exploit those fears against their victims.
Green flags that are actually red flags for a scam
Though many people are generally aware that information about them is available online – such as in databases and/or on the dark web – they may not know the extent to which scammers, hackers, and other fraudsters know exactly who they are.
It may only take a scammer knowing one piece of information about you to begin to unlock the puzzle of your identity and finances. If a scammer knows your address, for example, they can target you with phishing mail, bypass security questions, scan the dark web for more information to buy or steal, spoof your identity to other organizations, or even begin the process of tricking you with your own information over the phone.
Global Guardian has identified several types of information that victims may think of as “green flags” – meaning they think this is a good sign the call is safe – but are actually “red flags,” and thus signal danger.
- Birthdays: Scammers may use your birthdate to impersonate familiarity. Be cautious if someone claims to know your birthday without proper context.
- Mother’s maiden name: Often used for security questions, scammers may pretend to know it. Don’t trust this as a sign of legitimacy.
- Previous addresses: Scammers might mention old addresses to appear genuine. However, this information is often publicly available.
- Requests for passwords: Legitimate organizations, such as banks, won’t call or text you asking for your password to “confirm” your account.
- Social Security Numbers (SSNs): Legitimate entities won’t ask for your full SSN over the phone or email, but don’t be surprised if a scammer knows your SSN and can provide you with it. This alone doesn’t signal legitimacy.
- Bank account info: Be wary if someone requests your account number, PIN, or login credentials. Legitimate institutions won’t ask for this via email or phone, but again, this is also information that can be obtained through hacks or the dark web.
- Official websites or phone numbers: Scammers can manipulate the caller ID information displayed on the recipient's phone, in an act known as “spoofing.” This information can be any number the caller chooses, making it appear like the call is coming from a familiar number or even a trusted organization. Just because your phone ID says “Amazon,” for example, doesn’t mean that it is, even if the number matches what appears on the website.
- Statements connoting fear, urgency, or even reassurance: Scammers often use phrases such as “We noticed some unusual activity on your account,” “We have to act quickly,” or “We’re here to help,” when trying to gain your trust. Try to put aside your emotional, human side when hearing phrases like this, especially if you are unable to verify exactly who you’re speaking to. As mentioned above, you may not even be speaking to a human.
What to do if you are getting scammed
Some scam methods are so sophisticated and difficult to uncover that anyone could be a victim of them, such as a video call with your CFO and their staff. But many scams that people fall for every day are routine phone calls, emails, and other low-stakes interactions that can be stopped by taking a few quick steps.
- Hang up: This is simple, but if you fear that you’ve been going down a path with a scammer towards divulging more information or handing over cash, hang up the phone. Even if you aren’t positive that you’re being scammed, fraudsters prey on urgency, and giving yourself the space and time to evaluate can make all the difference.
- Call them back: If you’re not sure whether the person you’re speaking to is from the organization they represent, end the conversation and call them back at the official number listed. Whether it’s your bank, law enforcement, or your partner, you can continue your conversation once you’ve reconnected – and you may find that you were not talking to an official representative or loved one after all.
- Ask questions: You can flip the script and ask the person calling you for information to confirm they are who they say they are. For example, Ally Bank suggests asking “When’s the last time I called you?” This request for information, which the bank should have, will likely cause the fraudster to give up.
- Report the incident to the FTC and law enforcement: According to Gallup, “many Americans may not have reported these crimes because they weren’t sure whom to contact... felt embarrassed about having been duped... or they assumed nothing could be done.” But reporting a scam, even if you weren't a victim or stopped it in time, is crucial. It helps the FTC and law enforcement track trends and patterns, potentially leading to identifying perpetrators and recovering stolen funds. It also empowers others through awareness and could potentially discourage future attempts.
- Be skeptical: In general, if something sounds too good, or even too bad, to be true, it probably is. You more than likely did not win a million dollars in the lotto, nor are you likely to be the center of an international criminal investigation. Either way, you can always call whoever you’re talking to back if this is the case.
While the world of scams constantly evolves, so does our defense. By staying informed of modern scamming methods, practicing caution, and reporting suspicious activity, we can stay ahead of these deceptive tactics. Remember, knowledge is power: Arm yourself with the information in this article and consider teaming up with Global Guardian to monitor and mitigate online threats against you, your family, and/or your organization.
StandinG By to Support
The Global Guardian team is standing by to support your duty of care and security requirements with a comprehensive suite of solutions. To learn more about our duty of care services, complete the form below or call us at + 1 (703) 566-9463.