Scammers have a new secret weapon. With it, they can break through even the toughest firewall.
It doesn’t matter how good your internet security is. It goes far beyond that. I’m talking about Social Engineering using emotional and psychological tactics to get your money.
It’s a game of chess, well-planned and executed by criminal minds that are three steps ahead of you at all times.
Too much information
Imagine you’re in line at airport security and you strike up a conversation with some happy newlyweds. You’re excited for them, so you tell them about your honeymoon adventures, your marriage, and your life as a happily married couple. Just friendly conversation? Maybe.
But think about it. By the time you’re through the security line, you’ve told them your name, where you’re from, where you got married, your husband’s name and maybe even your pet’s name. They’ve seen your children’s pictures on your phone. How much info did you give them? Did you beam any info from your phone to theirs? Did you friend them on Facebook?
It’s sad, but right there in airport security, you could have been the victim of a Social Engineering Campaign, scammers who take advantage of friendly, helpful people to get access to their money.
“Friendly and Helpful” are just two character traits that make up “easy prey” for social engineers. Let’s use this airport scenario as an example. The couple can now take your phone number and make a call to your credit card company from your phone number. Yes, the technology is out there.
It’s called “number spoofing” or “vishing.” Using a crying baby sound effect in the background, they create a sense of urgency with the customer service rep over the phone. Together, they prey upon the helpful rep from your bank. They give the rep a bunch of your personal information to prove that they are YOU, and then go about changing your password right there over the phone. It happens all the time. Don’t believe me? Watch this video.
Lonely people are also easy targets. Case in point, fake online romances. The FBI’s Internet Crime Complaint Center claims that 15,000 romance scam complaints were filed in 2016. That’s 20 percent more than 2015. That’s 15,000 (or more if you count unreported) hearts that were broken by handsome, beautiful, exotic creatures from across the sea, hearts and wallets emptied of their contents to the tune of $230 million dollars, according to the FBI.
The aftermath, as you can imagine, is financially and emotionally devastating. Fearful people are overly cautious, but that doesn’t mean they’re protected from social engineering.
More emotional traits
Scammers manipulate their prey using fear more than any other emotion. Did you ever get one of those emails that put you in a state of urgency? Maybe it said your bank account was compromised, or a fake PayPal email thanks you for a purchase you didn’t make, or you get an urgent notice from the IRS. These scams cause instant panic, forcing the distraught victim to act quickly without thinking. Before you know it, you’ve clicked, and the damage is done.
Other commonly exploited emotions include greed, rebellion (human trafficking of teens and pre-teens), a trusting spirit and lack of technical knowledge.
Understand your risk factors
In my podcast, I interview Dr. Drew Carson, an expert in Internet Psychology and Psychological Assessment Testing about the emotional traits that make up the perfect social engineering scam victim. If you haven’t heard it, you can listen in the player below. It’s absolutely crucial that you understand what your risk factors are.
So, let’s recap. Usually, I talk about credit report scams, job scams, identity theft, credit card fraud, stuff that happens because of weak security measures. But in this article, I’m talking about another weakness - our feelings.
When your emotions start tugging you into a financial decision, or into a personal relationship with someone you don’t know very well, just stop and think for a moment. Could this, in my wildest dreams, be a trap? Now, if you get caught in a trap, you can file a report with the Internet Crime Complaint Center at ic3.gov. These guys are partners with the FBI, the National White Collar Crime Center and the Bureau of Justice Assistance.
If you have a complaint about a company, business practice or identity theft, you can reach out to the Federal Trade Commission. You can also report a bogus website that is designed to steal people’s personal information. Visit Safe Browsing at Google. Just remember to keep your eyes peeled. It takes the average user 200 days before they discover they’ve been hacked.
Cybercrime is much different than car theft. You can’t just call the police and be done with it. Remember, the internet is unregulated. You’re basically swimming unprotected in totally foreign waters, but this doesn’t mean you have to hide your head and heart in the sand.
Trust, love and a willingness to help are all positive human emotions. It’s a shame there are people out there who will try and take advantage of your good qualities. If you keep listening to my shows, subscribe to my podcast and read my articles, you’ll have everything you need to operate wisely in the world of technology. It’s good education, and it’s totally free. It just doesn’t get any better.