What to do

Before acting on a video or audio request, think of the tone of the message. Did the words and phrases they use sound like your boss or family member? Then, try getting in contact with that person on a different platform, preferably in person, to see if the request is truly from them. 

Social engineering

Why it’s on the rise

Social engineering is a tactic used by cyber criminals to trick you into thinking they are a person or an organization to get personal information or money from you. Unlike deep fakes, social engineering will typically come in the form of emails, SMS, or phone calls. For example, when you receive a fake text from your boss claiming he needs gift cards urgently. 

Advancements in machine learning have increased the abilities of tools to gather extensive personal information in a quick amount of time. This enables cyber criminals to craft even more convincing social engineering attacks. Relying on grammar or spelling mistakes to spot a suspicious email is no longer enough. 

What to do

Before opening any emails, hover your mouse over the sender address to see if the email domain seems suspicious. Compare this to other emails you’ve received from this person or brand, is it the same? Similarly, for texting, check if you have received a legitimate text from this number previously. 

If you still want to take action from this message after doing these checks, try communicating with the person in another way to check that it is them. If it comes from a brand, go directly to the company’s website and find the customer service number provided there, not in the message you received. 

Trusted organizations phishing scam

Why they’re on the rise

Ranked the second most popular finance scam in the UK by Natwest in 2023, trusted organization phishing scams are a specific type of social engineering that tricks you into believing they are a trusted organization. Did you receive any suspicious texts from your bank, mailing service provider, or energy provider this past year? The answer is likely yes. 

With the advancement of AI tools, scammers can release mass SMS messages from brands. They use a “shotgun” approach, focusing on quantity of targets rather than quality. They likely send out these messages to hundreds of people a day. Many people receive packages from UPS and pay their energy bills, so they are betting on those few people falling for the scam. 

What to do

Like all social engineer scams, always verify the sender. Use the number or email domain check system and go directly to the company’s platform to avoid clicking on malicious links. 

Job listing scam

Why they’re on the rise

Raghu Valipireddy, SVP CISO at Axos Financial, named job listing scams as one of the top two predicted up-and-coming scams at the end of 2023. Job listing scams create fake websites, job listings, and recruiters to convince victims to give up personal information before being “interviewed”. 

With layoffs and unemployment on the rise, scammers are capitalizing on job seekers’ vulnerabilities. Job listing scams often promise lucrative opportunities, preying on individuals desperate for employment.

What to do

Research potential employers and job opportunities thoroughly. Be wary of requests for payment or personal information before signing an official contract. 

Know that even if the “recruiter” does have a LinkedIn, it doesn’t mean they are legitimate. Scammers are smarter now and know this is where people go to check for employees. 

The Grandparents Scam

Why they’re on the rise

In our live Cyber Security Awareness Forum panel on helping vulnerable populations, security expert poll participants voted the elderly as the most vulnerable population online. The rising popularity of The Grandparents Scam proves this to be true. 

The Grandparents scam is when scammers exploit the emotional vulnerability of elderly individuals who have grandchildren. Fraudsters typically pose as distressed grandchildren in urgent need of financial assistance using the tools of deep fake audio or a convincing email. AI not only makes this easier, but scammers are slowly learning what works best to trick loving grandparents. 

What to do

Take time to educate grandparents or elderly individuals within your close circle (sending them this article could be a great start!). Tell them about the new scam that is going around so that if a call or message ever lands in front of them, they’ll be able to identify that it may not be what it seems. 

Establishing a code word is another great tool to combat social engineering and deep fake audio. In-person, establish a word with your grandparents or parents that you will use in an emergency to confirm that is you. Use something obscure that the scammer would never be able to guess. 

In the ever-evolving landscape of digital threats, awareness and vigilance are our greatest defences. By staying informed about the latest scams and adopting proactive security measures, we can collectively create a safer online environment. Spread the word about these growing scams by sharing this blog with your team members, family members, or close circle. 

Remember, skepticism is a valuable tool – if something seems too good to be true or feels off, it’s crucial to investigate further before taking any action. Together, let’s build a more secure digital future.