The Home Page Network

Most cybercrime scams are social engineering attempts that try to trick the user into clicking on a link or calling a number in an email or pop-up window on their screen. Today, one of the most prevalent of these scams is the Tech Support Scam.

In such scams, fraudsters posing as tech support use scare tactics to trick the victim into paying for unnecessary tech support services to supposedly fix a software program that doesn’t exist. Scammers may call you directly on the phone and pretend to be representatives of a trusted tech company (like Microsoft or Norton Security). They might even spoof the caller ID so that it displays a legitimate support phone number from a trusted company. They’ll probably ask you to install applications that give them remote access to your device. Once they’ve hacked your device, they seek access to your financial information.

How to Identify a Social Engineering Scam

Most social engineering attacks have four common traits, which signal a far higher likelihood of a scam if all are present. They are:

• Did the message arrive unexpectedly?
• Is it the first time the sender has asked you to perform the requested action?
• Does the request include a stressor, such as “you need to do this now”?
• Can performing the request harm your interests?

If you answer yes to these questions, you should go out of your way to confirm the request is legitimate. Use a trusted method like calling or texting the sender before taking any action. But never call the number in a suspicious email, even if you do business with the referenced organization! Call the Customer Service number on the organization’s website and ask about the transaction described in the email.

Of course, not every message with these four traits is absolutely a social engineering scam. Our email inboxes, voicemail, and postal mailboxes are full of unexpected requests. But it is best to remain cautious if you receive a message with any of the four traits listed above.

What to Do

If you think you are being targeted by a scammer:

• Never share financial account information, and do not allow anyone access to your accounts.
• Monitor your accounts and credit for unusual activity, such as large sums of money that you did not deposit or loans that you did not apply for.
• Contact your local law enforcement agency to file a report and notify your financial institutions.
• Resist the pressure to act quickly. Criminals create a sense of urgency to instill fear and the need for immediate action.
• Be cautious of unsolicited phone calls, mailings, and door-to-door service offers.
• Never provide any personally identifiable information. Never wire money to persons or businesses you have solely met online. Verify any email requests for money.
• Ensure all computer anti-virus and security software are up to date. If you receive a suspicious pop-up or locked screen on your device, immediately disconnect from the internet and turn off the device.
• Do not open any emails or click on attachments or links you do not recognize or were not expecting.

If you do fall victim to one of these scams, don’t let embarrassment stop you from reporting the fraud. The best way to protect your accounts is by reporting the incident. If you are unsure whether your accounts have been compromised, reach out to someone you trust to help you.

If you suspect that you may have been a victim of financial fraud or exploitation:

• Call your bank and credit card company immediately
• Request free copies of your credit report from a credit bureau or freezing your credit
• Request copies of documents related to any potentially fraudulent activities
• Dispute fraudulent or inaccurate information on your credit report with one of the credit bureau

Although prevalent, avoiding online scammers is possible. Stay alert, and think before you click!

For more information about protecting yourself from fraud, visit the FCCB blog.