Digital Scams to Watch for This Year
3/12/2024
Whether or not you bank, do business or share private information online, it’s vital to stay on top of new ways hackers may try to steal your data.
Safeguarding your privacy must incorporate your “snail mail,” phone calls and physical credit cards, as well as your online habits and mobile device security. Protecting your identity and banking information can feel like a full-time job, so SouthState Bank’s security experts have put together a few fraud alerts to be aware of as you go about your day.
What is deepfake audio fraud?
Deepfake audio is an advanced form of voice phishing. The quality is typically high, meaning that it is extremely difficult for the human ear to discern a real voice from a deepfake. The fake audio uses machine learning and artificial intelligence to listen to the way a particular person speaks in order to mimic accent, pronunciation and pitch.Scammers take audio clips from interviews, announcements, speeches, presentations and other public events to create a fraudulent request for confidential information. They can even take audio from social media posts.
Polling conducted by McAfee Corp. indicates “77% of AI voice scam victims lost money.” Of those surveyed, 25% said they had encountered a deepfake voice scam, either personally or knowing someone who’d been scammed.
Someone could create a fake phone call requesting money for bail for a loved one, medical bill payment from your doctor’s office or any number of scenarios.
In a workplace setting, fraudsters will call employees with the authority to transfer funds and use deepfake audio of an executive, such as the CEO, to ask them to transfer money to a supplier’s bank account belonging to the fraudster. Other examples are seemingly more innocuous, such as requests for business documents, transaction details, a customer order, etc., but they can be leveraged for other fraudulent schemes.
With deepfake technology improving quickly, how can you guard against it? We’ve outlined the following fraud protection tips you can share with family members or employees:
What is peer-to-peer payment fraud?
As cash continues to go by the wayside, there’s been a rise in payment fraud using peer-to-peer payments, also known as P2P – more commonly known as apps like Zelle, Paypal or Venmo.P2P is simply an electronic transaction sent to another person using a mobile device. You may have a P2P app on your phone or built into your bank’s mobile app.
Common types of fraud associated with P2P methods include:
- Scammers try to obtain money for a fraudulent charity, for goods or services, or debt payments. The FCC reports they are now asking for money to be sent to them via P2P instead of their previously used method of gift cards.
- Smart fraudsters convince customers to give out credentials and secure access codes to gain access to their payment apps or online banking.
- People falling prey to scams in which they’re asked to process a refund by transferring money to themselves. In reality, the funds get transferred to the scammer.
P2P fraud can also happen through simple human error. If you’re paying a stranger for an online marketplace purchase, you can errantly send money to the wrong person with one wrong keystroke. Instead, consider using contactless payment options built into your credit cards or bank’s mobile device.
See also: 5 Tips to Strengthen Your Passwords
According to Microsoft, a “phishing kit” or “phish kit” can refer to various parts of a set of software or services meant to facilitate a large-scale scam. This type of phishing provides a cybercriminal with images, scripts, and HTML pages that enable him to easily create an undetectable phishing email attempt and collect credentials through it. A phishing kit can also appear as a spoofed website for a brand or business that draws in unsuspecting customers to collect their credentials. A well-built kit will include dynamic logos, banners and other branding that help make the login pages appear legitimate. A scammer may also incorporate genuine “help” or “password reset” links that navigate cautious users out of the page and onto legitimate sites.
A cybercriminal can build or purchase a ready-made phishing kit. These kits can send a large email campaign designed to harvest sensitive information in a matter of minutes.
See also: 5 Tips to Strengthen Your Passwords
How does a phishing kit work?
You may only experience the final product of a phishing kit, but it’s important to know how they work.According to Microsoft, a “phishing kit” or “phish kit” can refer to various parts of a set of software or services meant to facilitate a large-scale scam. This type of phishing provides a cybercriminal with images, scripts, and HTML pages that enable him to easily create an undetectable phishing email attempt and collect credentials through it. A phishing kit can also appear as a spoofed website for a brand or business that draws in unsuspecting customers to collect their credentials. A well-built kit will include dynamic logos, banners and other branding that help make the login pages appear legitimate. A scammer may also incorporate genuine “help” or “password reset” links that navigate cautious users out of the page and onto legitimate sites.
A cybercriminal can build or purchase a ready-made phishing kit. These kits can send a large email campaign designed to harvest sensitive information in a matter of minutes.
If you or someone you know does fall victim to a fraud attempt, contact SouthState immediately at (800) 277-2175. You will also need to change any compromised passwords or login credentials.