Tough times are a great opportunity for scammers. They are creative in coming up with new schemes to steal other people’s money, and panic and anxiety help in this. It is quite easy to take advantage of the moment when a person loses the ability to think critically and is seized with fear for the life and health of his or his loved ones.
There have already been warnings in the media about people posing as doctors and disinfectants. They enter apartments under the pretext of sanitizing against coronavirus. Someone allegedly “invents” a test for COVID-19 and sells it to citizens bypassing certified centers.
When information about the possible introduction of QR codes appeared, offers to “buy” such appeared. And after the news about fines, mailings began about alleged fines for violating the regime of self-isolation or quarantine. They offered to pay the amount using a link, which naturally leads to a resource created by a fraudster.
Why are we so easily deceived and what to do to protect ourselves and loved ones, especially pensioners, who quite often become the target of intruders’ hunting?
The psychology of influence
“Security is not a product, it is a process. Also, security is not a technology issue, it is a people and governance issue, ”wrote Kevin Mitnick, a legendary cybercrime hacker who served as an information security consultant and author of several best-selling books.
Many schemes are based on manipulation. Fraudsters play on human weaknesses with dexterity. Using knowledge of social psychology, they manipulate the emotions and, ultimately, the actions of potential victims.
So people are “bred for pity” by posting touching or frightening photos with helpless kittens and suffering animals in thematic groups of “cat lovers” with a request to add money for overexposure or recovery of the unfortunate.
Or, in “mothers” groups, they supposedly gather for the treatment of sick children, carefully selecting photographs that will evoke sympathy in women. Oddly enough, many transfer money without checking the source and destination.
But if you wish, there is always the opportunity to transfer money to a large and proven charitable foundation or call the number indicated in the ad and talk to the person who rescues the animal – perhaps everything is true and he is really doing a good deed. The main thing is not to be lazy and check.
Many fraudulent schemes are designed to scare a person. He is not allowed to come to his senses, comprehend, ponder, forced to act quickly. For example, the classic scheme with electricity or water metering meters works exactly like this: a pensioner is called and scared that the meter is outdated, it must be urgently changed, otherwise you will have to pay a fine.
We are talking about a set of techniques and techniques that allow you to control the behavior of people. Various means and methods of manipulation, knowledge of psychology and sociology are used. It is generally accepted that social engineering is used to obtain data from a person or organization.
However, sometimes it is applied in a legal way, “programming” a person or group of people to take positive and useful actions. Be that as it may, fraudsters use these techniques for completely unethical and illegal purposes.
The first to talk about social engineering techniques was Kevin Mitnick. Cybercriminals today use different approaches to gain access to classified information of entire corporations. Individuals are also not immune from such interference. Here are just some examples of social engineering applications:
1. Shoulder surfing, or, more simply, peeping. Looking at the screen of a gadget from behind the user’s shoulder, you can learn a lot of interesting and useful things, including passwords and PIN codes.
2. Carding Is one of the oldest areas in cybercrime. It, in turn, is divided into several subspecies. Today, crooks often use social engineering to gain access to data – from pin codes to account numbers and control codes.
By imitating the calls of bank employees, they select psychological “keys” to the victims and, using the above-mentioned manipulation techniques, receive the necessary data from them, and then transfer the money to their account.
In a quarantine situation, for example, retirees are called to clarify the data on the transfer of subsidies for self-isolation.
Precautions. Information security expert Mikhail Firstov advises: “First of all, you need to keep in mind that no one can request your bank card details by phone, including bank employees.
And instead of telling someone the code sent by SMS, carefully read the message itself. Often, in addition to the code, an operation is written there, for which this code is needed, for example, transferring funds or entering a personal account.
And of course, you shouldn’t keep all funds on one card and pay with it on the Internet. It is ideal to have a separate card for online purchases and transfer the required amount to it immediately before paying. Many banks allow getting a virtual card for such purposes in one click ”.
In such situations, the main thing is not to lose self-control and always require confirmation of the caller’s identity.
3. Profiling – collection of information from open sources. The habit of many people to post information about themselves on social networks opens up many opportunities for criminals. One of the most primitive schemes is hacking an account and sending out a request to transfer money.
But there are schemes that are much more complicated. For example, after finding out the name of a best friend or close relative, finding out what relatives call him, in which bar or cafe friends usually meet, you can use this information to catch the victim by surprise.
Usually, in the middle of the night, when a person cannot immediately understand what is happening, an alleged friend or family member calls him with a request to help, because he was attacked / robbed / taken to the department / something else.
Several years ago, scammers managed to deceive many people in this way, and especially elderly people who were called from children or grandchildren, often even imitating their voices.
Precautions. “In such situations, the main thing is not to lose self-control and always demand confirmation of the caller’s identity,” advises Mikhail. “For example, let him name a pet’s nickname or some fact from a biography, but something that cannot be found in open sources.”
You cannot completely fence yourself off from such attacks: no matter how many antiviruses you install, the most vulnerable link remains a person
Phishing, or “Catch, fish!” One of the most popular cheating methods on the internet. In self-isolation, most people order things and groceries online, and therefore it is now especially common.
The scheme is simple: an attacker creates a website that is exactly the same as another popular resource. For a simple layman, it looks reliable, no different from other sites.
For example, a fake website disguises itself as a large and popular online store. Next, users are offered discounts and immediate free shipping. A person who is convinced that he is dealing with a serious brand enters a card number with an expiration date and CVV or his username and password from a real service, which is disguised as a phishing site.
In some cases, downloading and launching malicious files is started. As a result, the malicious program encrypts all files on the work computer, and the person receives an offer to decrypt them for a certain amount. And the card details that you entered during payment allow fraudsters to withdraw all funds from your account.
Precautions. “Unfortunately, in the modern world it is impossible to completely isolate oneself from such attacks, because no matter how many antiviruses you install, a person will still be the most vulnerable link,” says Mikhail Firstov.
And yet, by listening to the advice of an expert, you can minimize the risk of “falling for the bait” of scammers:
- Check the domain name, i.e. the URL in the address bar of your browser. This is not a 100% guarantee, but it will still allow you to filter out very rude attempts to “divorce”, because you definitely would not entrust your data to a site whose address looks like this: https://vk.com.freedomains.com.
- Do not go to unfamiliar sites using strange links or at the request of friends who suddenly, after five years of silence, start a conversation with an offer to visit a page with very tempting discounts.
- If you still want to buy a nightgown with a 99% discount, then first consult with someone you know who is better versed in safe surfing the Internet.
- Do not enter your data and do not download files from suspicious services, and if you feel the need for this, then make sure that there is an antivirus on your computer, and all your savings do not lie on the card you use to pay on such a site. As mentioned earlier, it is better to have a separate card for online purchases.
- Save passwords in your browser. Yes, this advice may seem strange, because you can only trust yourself and therefore remember your 12-character password by heart, consisting of numbers, letters of different case and special characters, but there is one catch. Some sites are so adept at disguising the domain name that even your eyes can fail. It is for this that the password saved earlier – for example, during the first registration – in the browser will come in handy. If you click on the login line, the browser itself will offer you to insert the saved data from the site into the fields, and in the case of a phishing domain, there will be no such offer, and this is a reason to worry.
“In order not to become a victim of scammers, you need to know your strengths and weaknesses.”
Lydia Fedorova, clinical psychologist
Even in the tale about Pinocchio, the fox Alice and the cat Basilio revealed the main secret of the scammers. They are great actors and manipulators. Someone is looking for a clue to a specific person, like the mentioned heroes. Another prepares a general scheme, and people come across it who, due to their personality characteristics, are sensitive to just such manipulation.
An anxious person will be frightened by the news of an accident and the need to urgently solve the problem with money, a greedy person will be caught for an easy bait, someone who is looking for fame will be flattered, and a feeling of guilt and shame will be caused in someone who does not value themselves enough.
In a situation that is painful for us, we experience strong emotions that prevent us from objectively assessing reality. Especially if a decision is required to be made immediately. In addition, self-confidence brings us down: “This will not happen to me, I am a good judge of people.”
It happens that fantasy draws us a fraudster as such a cold, calculating businessman who is easy to recognize. In fact, they are very good at feeling people and manipulating our emotions. The mask that the fraudster has put on can really inspire trust or empathy.
It is worth more trusting the first impression: a feeling of fear, distrust, a feeling of unreality of what is happening
However, the trap can be avoided if you know yourself well, your strengths and weaknesses. Understand that anyone can be deceived and anyone can be a fraud. Give yourself time to think and analyze the situation, to observe from the outside.
It is worth more trusting the first impression: a feeling of fear, mistrust, a feeling of unreality of what is happening. If even the slightest doubt arises or a person is somehow unpleasant, even if he says very correct things, it is worth giving yourself time to think and understand these feelings.
Of course, it is almost impossible to describe all the methods of fraud, because the criminals, unfortunately, are very creative. But you can use information and advice to help protect your savings.
Since strong emotions make it difficult to think soberly and critically assess the situation, you need to try to remain calm and reason sensibly, give yourself time to stop and reflect, call and get advice from family and friends who can look at the situation from the outside.