With Mother’s Day taking place this weekend, millions of Americans are purchasing gifts online. It’s easy to see why – with online shopping, you have many options to choose from, often at a good price, and access to items that may be hard to find in brick-and-mortar stores. Who would want to give up that convenience in our busy lives? But, as consumers rush to the internet, so too are the criminals looking to defraud them – using impersonation and deceit to scam individuals through a slew of malicious tactics.
With that in mind, this Mother’s Day, we’re keeping an eye on these particular schemes:
- SMS Phishing / Delivery Scams: Also commonly referred to as smishing, this form of social engineering attack targets victims on their smartphones. A smishing attack uses text messages that appear to come from a legitimate organization. And with the massive hike in shipping performed by Amazon and other e-commerce carriers, many scammers will send lookalike texts or emails informing consumers of a pending (non-existent) delivery. Once opened, these links often direct victims to a malicious spoofed website, falsely promising to deliver their goods in exchange for personal and sensitive information.
- Investment Scams: These scams falsely promise individuals the opportunity to achieve quick payouts, large sums and immediate returns on investment. Commonly contacting their victims by email or text, investment scammers often use the potential for a ‘fast buck’ to entice individuals to hand over their money and confidential data. These scams can be particularly effective during the run-up to major holidays due to consumers’ desire to achieve extra cash and, by extension, afford gifts and services for their loved ones.
- Impersonation Scams: Arising from messaging platforms such as WhatsApp or through text messages and emails, these schemes involve criminals pretending to be a loved one, family friend or a representative from a bank or other financial institution. Once contact is made, the scammers will ask the victim to transfer money through a payment platform, often to either pay a debt or resolve a false issue. In recent months, ‘Hi Mom, Hi Dad’ schemes, in which criminals masquerade as the victim’s child, have become particularly popular.
- AI-Based Voice Scams: With the advent of new artificial intelligence technology, criminals now have the ability to impersonate a loved one with a higher degree of accuracy, using a simple voice sample to replicate and then call someone requesting money. And, thanks to the rise of social media, there is no shortage of samples for criminals to choose from, leading to a new era where literally anyone could be impersonated and used for an attack. Recently, senior citizens in Canada lost up to $200,000 through AI-based voice scams. Even more alarmingly, criminals can also use stolen voice samples to try and bypass security protocols for a user’s bank account, allowing them to move about freely and siphon funds.
- Facebook Marketplace Scams: The move to online buying and selling on forums like Facebook Marketplace also represents a chance for criminals to defraud interested buyers before Mother’s Day. Customers may believe they are getting a deal but then find themselves scammed after the money is sent via a peer-to-peer payment platform – with no chance of recouping lost funds.
Another tactic deployed at higher rates is remote access trojan (RAT) attacks. A RAT attack involves using malware to hijack a consumer’s phone, tablet or other device. Once the malware is installed, often by tricking the consumer into installing it themselves, attackers can not only execute fraudulent schemes through direct manipulation but also surveil the victim so that they can perpetrate further social engineering schemes (as detailed above).
Recent BioCatch data shows that RAT scams are on the rise, with over 70% of these scams originating from a single phone call. Additionally, 85% of these remote access cases involved seniors, illustrating the increased attention paid by scammers to our vulnerable populations.
As we continue to prepare for Mother’s Day and other holidays, it’s imperative that consumers are knowledgeable about the tactics that criminals have in store for them. A seemingly innocuous phone call can easily function as the gateway to a larger fraud lifecycle, resulting in the theft of substantial amounts of money from the individual and causing significant emotional and financial harm. And, as stated elsewhere, it is the most vulnerable among us that criminals are targeting, often aiming their schemes at those with low technology know-how and, consequently, the inability to defend themselves.
However, just as criminals are unveiling new tactics, so is consumer awareness growing daily. Additionally, technologies like behavioral biometrics promise to identify and halt scams before they’re even deployed. As these solutions achieve widespread efficacy, we all must remain alert, vigilant and ready to report fraudulent schemes whenever and wherever they crop up – both during this holiday and beyond.