No one is safe: shield yourself from online scams

Comments · 281 Views

Online scams are evolving at a worrying pace, challenging even the most seasoned IT and online security professionals.

Some of these experts have even admitted to falling prey to cybercrime themselves – which means that no one, regardless of profession or social standing, is safe. 

A comprehensive survey conducted by Mimecast in 2023, encompassing the insights of 1 700 security experts and IT professionals, reveals a chilling truth: 75% of tech wizards have seen their inboxes turn into a minefield of email threats, 66% say their businesses have suffered due to ransomware attacks, and a staggering 80% believe their company is at risk due to the carelessness of employees when it comes to digital security.

Cybercriminals are getting better at fooling online users with scamming techniques such as domain spoofing, which is creating deceptive websites that mimic legitimate ones to steal login credentials and one-time passwords (OTPs). Awareness and caution, coupled with the use of password managers and the thorough verification of Secure Sockets Layer (SSL) certificates, are crucial in combating these scams.

Beware of email scams and malware 

Email scams, particularly those involving impersonation, have landed in many of our personal and professional mailboxes. They come dressed up in all sorts of clever disguises, pretending to be your boss (like when Flow Communications staff received emails from CEO, Tara Turkington asking for odd requests), your colleague or even your friend asking for a favour, a click or, even worse – your credit card details. Scammers often exploit the identities of those we know to ask for assistance, but look out for red flags such as the use of suspicious-looking email addresses or dodgy grammar. 

The rule of thumb here generally is to treat every unsolicited email with a healthy dose of scepticism. Look out for subtle discrepancies such as additional characters in a familiar email address, the lack of an email signature, an incorrect domain name or an unusual request for information, often riddled with easy-to-spot spelling mistakes. You do have to be mindful, however, that scammers can leverage advanced tools like ChatGPT to craft convincing messages these days. Your best defence against such tactics includes the strict scrutiny of emails, especially those containing links related to account details, deliveries or invoices.

Clicking a bad link can lead to malware infections that compromise your computer. In such instances, immediately shut down the affected device and seek professional IT support. Your first instinct might be to fix it yourself, but sometimes those very attempts to rectify the situation on your own only serve to exacerbate it.

Even high-profile people fall prey to confidence tricksters

You don't want your email address or social media profile to be used to further a scam. Imagine someone hacking your WhatsApp account and impersonating you, telling your contacts they need money. Such an incident can be damaging both personally and professionally. 

The experiences of prominent figures like former public protector Thuli Madonsela and politician Helen Zille ought to remind us how crafty scammers can be. In June last year, Madonsela posted on X (formerly known as Twitter) that she was once scammed out of thousands of rands by someone who had hijacked a friend’s WhatsApp profile. It was only when the con artist became too greedy and brazen that she realised that it was a scam and warned other people. 

Zille's encounter with a fraud transaction scam saw her being deceived into sharing an OTP that was sent to her phone, after receiving what turned out to be a fake call from her bank claiming there was a suspicious transaction that needed to be reversed urgently.

Defend your devices like a pro

So, what’s the solution? How do we armour our digital lives against these scammers with more tricks up their sleeves than a magician's show?

One of the most effective shields against a scam is to implement two-factor authentication (2FA) across all possible digital platforms. It's like having a digital bodyguard that adds an extra layer of protection, making it significantly harder for hackers to breach your accounts. 

Whether it's your WhatsApp, email or social media accounts, 2FA is the tech equivalent of locking your doors at night – simple, yet effective. At Flow Communications, for instance, we enhance our online security by employing password management tools with two-factor authentication settings to protect our digital accounts. 

If you want to secure your Facebook account against unauthorised access, you can enable 2FA through the settings menu. After activating this feature, any attempt to log in to your account from an unrecognised device or location will require not only your password but also a verification code. This code is typically sent to your mobile phone via SMS or is generated by an authenticator app. With 2FA enabled, even if a hacker manages to obtain your password, they would still be unable to access your account without also having possession of your phone.

The importance of education, vigilance and technological safeguards cannot be overstated. Adopting two-factor authentication, scrutinising electronic communications and being wary of suspicious links are essential practices that can mean the difference between staying safe online and falling victim to a scam that could result in financial loss, identity theft or compromise of sensitive data. By being mindful of security and implementing protective strategies, people and companies can greatly reduce their chances of becoming targets of the advanced scams that are prevalent on the internet.

_______
Richard Frank is the chief technology officer at Flow Communications, one of South Africa’s leading independent marketing and communications agencies with a permanent team of over 60 professional staff.

Comments