Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label fraud prevention. Show all posts

India's Digital Rise Sees Alarming Surge in Online Scams Targeting the Elderly

 

With India advancing in the digital landscape, the country is also witnessing a concerning rise in online scams. In recent months, thousands of individuals have lost substantial sums to these cyber criminals, either hoping to earn more money or after being threatened. Scammers employ new tricks, targeting people across all age groups, with a notable increase in elderly victims. Cyber criminals use increasingly sophisticated techniques to exploit the vulnerability and trust of senior citizens, causing significant financial and emotional distress.

In one case from Bengaluru, a 77-year-old woman named Lakshmi Shivakumar lost Rs 1.2 crore to a scam. It began with a call from someone posing as a Telecom Department representative, falsely claiming a SIM card in her name was involved in illegal activities in Mumbai. The caller mentioned a complaint with the Mumbai Crime Branch to add credibility.

Within hours, she received another call from individuals impersonating Mumbai Crime Branch officers, accusing her of laundering Rs 60 crore and demanding her bank account details for verification. Using threats of arrest and showing a fabricated FIR and arrest warrant, the scammers coerced her into sharing her bank details, ultimately transferring Rs 1.28 crore from her account, promising the money's return after the investigation.

In another case from Chandigarh, an elderly woman was deceived out of Rs 72 lakh under the pretense of a digital arrest scam. She received a call from someone claiming to be from the Central Bureau of Investigation (CBI) office in Andheri, Mumbai, falsely implicating her in a drug case connected to a man named Naresh Goyal and threatening to freeze her bank accounts.

The scammer linked her ATM card to the suspect and claimed obscene messages from her phone were circulating. Under immense pressure, she complied with the demands, participating in a video call where a fake police ID was shown. Over a week, the scammers defrauded her of Rs 72 lakh, promising to return the money after proving her innocence.

Older people are particularly vulnerable to such scams due to several reasons. They often struggle to keep up with the latest technology and digital security measures, making them easy targets for tech-savvy criminals. Additionally, older adults are more likely to trust authoritative figures and may not recognize the signs of deceit in official-looking communications. Their financial stability and natural inclination to trust and cooperate with law enforcement further increase their susceptibility.

How to stay safe and protect the elderly from scams

To protect the elderly from falling prey to such scams, awareness and vigilance are crucial. Here are some essential tips:

  • Inform elderly family members about common types of scams and the tactics used by fraudsters. Regular discussions can help them recognize and avoid potential threats.
  • Encourage seniors to verify any unsolicited calls or messages by contacting the official organization directly using known contact details, not the ones provided by the caller.
  • Ensure that devices used by the elderly have updated security software to protect against malware.

Double-Scam Alert: How Fraudsters Exploit Scam Victims Twice

Double-Scam Alert: How Fraudsters Exploit Scam Victims Twice

The ACCC (Australian Competition and Consumer Commission) has cautioned that scammers are approaching victims with false offers to assist them in recovering from scams. 

Scammers and Fake Recovery Offers

The National Anti-Scam Centre warns Australians who have had their money stolen by scammers to be wary of offers to recover it for an upfront charge.

The ACCC cautioned that scammers are targeting victims of scams with schemes that demand an upfront charge to recover funds lost in previous scams.

The ACCC advisory said “Reports that involve a money recovery element are on the rise. Between December 2023 and May 2024, Scamwatch received 158 reports with total losses of over $2.9 million, including losses from the original scam. The number of reports increased by 129 percent compared to the six months prior, however, financial losses decreased by 29 percent from $4.1 million.”

Victims of prior frauds are easily identifiable by thieves, who frequently retain and sell information about those they have abused. Australians 65 and over were the largest reporting category, with the highest average losses.

The Double-Scam Strategy

  • Initial Scam: Victims fall prey to an initial scam—whether it’s a romance scam, investment fraud, or phishing attack. They lose money, personal information, or both.
  • Enter the “Recovery” Scammers: Seemingly out of the blue, victims receive unsolicited calls or emails from individuals claiming to be fund recovery experts. These scammers promise to help victims retrieve their lost funds—for a fee..
  • The Catch: Victims are asked to pay an upfront fee or a percentage of the recovered amount. Desperate to recoup their losses, some victims comply.

Authorities are concerned about re-victimization, which can aggravate the financial and emotional suffering caused by scams.

Red Flags

1. Unsolicited Contact: Legitimate recovery services don’t cold-call or email victims. Be wary if someone reaches out to you unexpectedly.

2. Upfront Fees: Legitimate recovery services typically work on a no-win, no-fee basis. If someone demands payment upfront, it’s a red flag.

3. Pressure Tactics: Scammers use urgency and fear to manipulate victims. They might claim that time is running out or that they need immediate payment.

4. Requests for Personal Information: Scammers often ask for personal details under the guise of verifying your identity. Be cautious about sharing sensitive information.

Accounts on Payoneer in Argentina Compromised in 2FA Bypass Incidents

 

A significant number of Payoneer users in Argentina have reported unauthorized access to their 2FA-protected accounts, resulting in the theft of funds while they were asleep. Payoneer, a financial services platform facilitating online money transfer and digital payments, is particularly popular in Argentina for its ability to enable earnings in foreign currencies without adhering to local banking regulations.

Starting last weekend, users with 2FA-protected accounts experienced sudden loss of access or discovered empty wallets upon login, with losses ranging from $5,000 to $60,000. Prior to the incidents, victims received SMS messages requesting approval for a password reset on Payoneer, which they did not authorize. Some users claim they did not click on the provided URLs, and a few only noticed the SMS after the funds were stolen.

The stolen funds were reportedly sent to unfamiliar email addresses using the 163.com domain. Investigations reveal that many affected users were customers of mobile service providers Movistar and Tuenti, with the majority using Movistar. Suspicions arose regarding a recent Movistar data leak, but the leaked data did not include user email addresses necessary for Payoneer password resets.

One theory suggests a breach in the SMS provider delivering OTP codes, granting threat actors access to codes sent by Payoneer. However, an official statement from Movistar denies responsibility for messages sent through its network and mentions blocking the numbers used in the smishing campaign.

Payoneer, while acknowledging the issue, has not provided specific details about the attack, attributing it to phishing and cooperating with authorities. Tech reporter Juan Brodersen received a statement from Payoneer blaming users, alleging they clicked on phishing links in SMS texts and entered login details on fraudulent pages. Affected users refute this, accusing Payoneer of deflecting responsibility and not addressing potential platform errors or vulnerabilities.

Despite Payoneer's SMS-based 2FA and password recovery process, which relies solely on SMS codes, users argue that the platform should not have had access to later OTP codes required for transactions if the attack was purely phishing-based.

The exact mechanism of the attack remains unclear, with various hypotheses under consideration. Payoneer users in Argentina are advised to withdraw funds or disable SMS-based 2FA and reset passwords until the situation is clarified.

In an update on January 20, a Payoneer spokesperson acknowledged instances of fraud where customers were lured into clicking on phishing links, leading to compromised account credentials or mobile phones. The company asserted swift action to contain fraud attempts and emphasized collaboration with regulators, mobile carriers, and law enforcement agencies. While restitution details vary, Payoneer is actively working to protect customers' funds and recover possible losses.