Online scams go viral as pandemic gives fraudsters new opportunities

Scammers have become more sophisticated in trying to pass themselves off as legitimate

Even if a call seems legitimate, never give out bank details or other financial information to someone who calls unsolicited.
Even if a call seems legitimate, never give out bank details or other financial information to someone who calls unsolicited.

Payments for Covid-19 tests, fake customs demands and threats of legal trouble: the scams have been coming thick and fast in the past few months.

It has been a busy time to be a scam artist. But unlike many industries, online fraud hasn’t been dampened by the coronavirus pandemic; if anything, it just gave them more ammunition for their endeavours.

Scam artists are opportunists; the online variety are no different. That means capitalising on current events and switching up the scams to make them more believable.

The pandemic had barely been declared before the machine swung into action. Suddenly people were getting hit by ads for fake anti-Covid antivirus software for their computer, or offering free (and fraudulent) Netflix passes to soften the subscription bill blow. Another scam offered to tell you how many people around you had been infected with the new coronavirus – for a small fee. Instead, it harvested your credit card details. Other sites offering similar software installed malware on your device instead.

READ MORE

Then there was the straightforward financial demands, to keep your good name intact. At least one family member has had a phone call claiming to have her PPS number on an arrest warrant, and asking for money to make it go away. A quick check online reveals she isn’t the only one. In recent days there have been many reported incidents of similar calls to Irish internet users, with the arrestable offence varying from the mundane to the more serious.

How easy is it to spot a scam though? It’s not always as obvious as you might think, as fraudsters get more sophisticated and better at hiding their true intent. There are some things you can do to protect yourself though.

Check the email address

Pay close attention to the email address that your communication comes from. Scammers can often try to mimic a genuine address, but make some almost imperceptible changes. Email addresses can be spoofed too, so don’t assume an email is genuine.

Is the link suspicious?

If a message directs you to a website, don’t click without doing some investigating first. Does the web address look different to the usual site? On a computer, you can hover the mouse over the link without clicking it to see the URL that it points to at the bottom of the browser window.

If you still aren't sure, you can use a website checker, such as Google Safe Browsing, to see if the link is flagged as potentially fraudulent.

Is this out of the ordinary?

If you bank usually contacts you by phone or post but has suddenly started sending you emails, that should raise some red flags.

Ditto for a friend suddenly getting in contact to ask for financial help – or asking for a security code that has been sent to you “in error”.

If someone is suddenly contacting you in a way that seems unusual, there is no harm in verifying their identity for yourself.

Check the language

If you get an email or text that seems suspicious, pay careful attention to the language of the message. Does it seem unusual or stilted? One giveaway for the WhatsApp scam was that the language seemed overly formal and not the usual tone of communications.

Is it too good to be true?

Whether it’s an email offering to bump you to the head of the vaccine list or a knockdown sale on a must-have item, if something seems too good to be true, it usually is. Treat it with the suspicion it deserves.

Never give out details over the phone

Even if a call seems legitimate, never give out bank details or other financial information to someone who calls unsolicited. You can always call the company or financial institution independently and give them the details they have requested.

There are some common scams people should be aware of that are currently targeting Irish internet users.

Blackmail

Would the threat of exposing your dark secrets be enough to force you to hand over your money? Fraudsters are hoping to strike it lucky with this tactic, and it has popped up in a few different forms in recent months.

Irish Times columnist Karlin Lillington was one of the people targeted by this blackmail attempt. Writing for The Irish Times, she said described it as "a long, impudent email in messy English" that informed her that keylogging software had been installed on her computer as a result of a supposed visit to a porn site.

“The writer claimed to have activated the camera on my computer to record me visiting the site, as blackmail evidence. And they also claimed to have full access to my computer,” she wrote.

The proof that they have been monitoring you? A password of yours, disclosed in the message.

It’s all a scam, of course. The password is likely an old one gathered from one of the many data breaches that have happened in recent years. But it’s enough to scare some people into paying up.

In this case, the email had been swept into her spam folder, but others haven’t been so lucky, handing over the required cryptocurrency to safeguard their reputation.

The new one is a call from what looks like a local mobile number, claiming there is an arrest warrant with your PPS number on it; naturally, this will all go away if you pay up.

The Prime scam

A recurrent one that was doing the rounds again in January, when my own mother got two phone calls about a phantom Prime account that was due to expire unless she paid up. An automated voice informing the listener that their Amazon Prime subscription was due. To cancel the transaction, all you had to do was press the numeral one. Although momentarily confused by the call, she hung up.

She didn’t have an account, and the landline number they used was unlisted and not attached to any online account, so the fraud was easy to spot.

The best-case scenario was that she would have been transferred to an “operator”, while the charges for the now premium rate call were mounting. Another scenario could have seen her offered a fake refund and, naturally, they would need her to disclose her bank details or card details to process it.The worst-case scenario could see large amounts of money, relatively speaking, drained from bank accounts.

Given the shift to online streaming and shopping in the meantime, it’s likely that the Amazon Prime scam will have found some new marks. Some readers have been in touch to report similar calls in recent weeks, and only in the past couple of days my mother again received a call about her Prime account.

This time, she actually had signed up for Amazon Prime, and it was due for renewal. But again, the call came on the landline, and her account is paid monthly, so it was easy to spot the fraud again. But others will not be as lucky.

A few things to remember: Amazon don’t call your home to renew or cancel a subscription; they will send you emails instead. In the most cautious mindset, you shouldn’t click on links within any emails, but rather visit your Amazon account through the app or online by navigating to the Amazon site yourself. There, you can check on the status of your Prime account, and update financial details.

WhatsApp:

“Hello, I’m sorry, I sent you a six-digit code by SMS by mistake. Can you transfer it to me? It’s urgent.” If you’ve had this WhatsApp message supposedly from a genuine contact, hopefully you ignored it. It may be from a genuine contact, but it’s still a scam. The six-digit code is actually the security code that will allow them to activate your WhatsApp account on another device. They won’t have access to your message history, but they will be able to send unsolicited messages to all your contacts requesting the same security code, and thus continuing the cycle.

Because of the security features on WhatsApp, it can take two hours to activate the account on your previous phone, and regain control of your account. In the meantime, scammers can message your contacts, potentially requesting money or other login details.

At best it’s annoying; at worst, it could lead to actual monetary loss. The moral of the story? Even if the message seems genuine, it’s worth checking – not through a WhatsApp message, incidentally – that it has been sent by your friend or family member, and that their WhatsApp account has not been taken over by a fraudster.