money

Social Engineering & Financial Frauds

As an email user, receiving spam in your email inbox bearing the names of popular banks or government departments on the pretext of releasing some funds to you as beneficiary is a routine. It’s simply unbelievable why someone would give you so much money? No logic. But once in a while there are better crafted stories like good business proposition – I need you to help me gain something and in return you will get your share too. It’s amazing how people fall for it.

These emails are passive attempts. Millions of emails get sent, few respond and fewer get hooked. But the amount gotten fraudulently can be very big and worth all the weeks and months of enacting, persuasion, logistics etc. It’s still very easy to ignore, delete such emails. But what if you get a call on your cellphone?  The scamsters exploit different human emotions to dupe people of their money. Let’s understand some of them which I have experienced or known.

Greed

This is my own experience. The call was offering some freebies to credit card users with very good relationship and financial track record. I asked if they are my bank they said they are Credit Card Service! I would cut the call. But of course the calls continue. During another such call the agent asked to verify few details before explaining the offer. A stream of strange questions followed. Do you have the card with you? What is the logo you see on the card, the bird or the two circles? I found that all too odd. I asked if you are a credit card company you should know my card details. This is just to verify we are talking to the right person, came the smart reply. I cut the call again. Apparently they do this only on call while keeping you engaged in a conversation making you reveal key details and then transact online (without your knowledge of course) while still asking you series of questions. Your bank correctly generates and sends you an OTP (One Time Password) as a security measure but they make you share it with them on call (again without you realising you are giving away your money) and once you have shared OTP…tadaaa! You get another message from your bank about the transaction done. It may sound all too obvious but the tactic is amazingly simple yet smart. So smart that one of my honest colleagues said he had received 4 to 5 such calls before, had warned them not to call again, knowing fully that they are some scam of a sort and still got duped in a latest call. Again it’s amazing how social engineering can use greed to cheat even the educated and regular users of internet and banking.

Fear and Threat

Recently a call center racket got busted in Mumbai and Ahmedabad. Again an extraordinary use of social engineering duping American citizens. Their targets were mainly immigrants who may not be aware of their rights and fearful of law enforcement agencies. They would be threatened of arrest or deportation and would be asked to buy iTunes or cash cards or even make fund transfers.

During my work trip to UK, I got several emails from my employer warning about the scam calls where they have very, very detailed information about you and threat you of arrest or deportation because something wrong has been found in your visa. The convincing part is the amount of correct details they have of you. But authorities warn that they would never call if such was really a case. It would always be through email or letter as a formal communication.

What to do?

Just like computer viruses and hacks there will always be new ways of cheating people. But with some common sense and presence of mind these attempts can be averted. Email frauds mentioning lottery you didn’t buy, job offers abroad with minimum education/skills yet high pay package and all sorts of perks have SCAM written all over it. Use your logic to see they are too good to be true and don’t fall for it.

Unlike fraudulent emails, calls are hard to ignore specially when they are full of threats. Common sense wouldn’t help here but presence of mind can. Typically scamsters push for immediate action i.e. giving them your money. They understand that if you had time to think through things you will likely doubt, question and ignore the call altogether. And that is what one needs to do. Sometimes callers are persistent and they trap their targets in so much fear that they don’t even share it with family members. It helps to share it with a family member or friend because may be they don’t look at it or believe it the way you do and you need that different perspective and not give into that pressure of giving money. Also it helps to google around. You may come to know that it’s a known method of fraud. Lastly always report such incidents to police, bank, immigration etc as may be suitable. I like to believe that it’s brave and responsible people who would have reported back such incidents that busted call center racket I mentioned above.

Do you know of any other ways of social engineering used to commit financial fraud?

 

Leave a Reply