Home › Technology › How to prevent high-tech scams, according to a cybersecurity expert
Home › Technology › How to prevent high-tech scams, according to a cybersecurity expert
Anyone can become a victim of fraud, especially with the use of increasingly sophisticated technology by cyber criminals. Follow these expert tips to safeguard against such scams.
TEXT: EVELINE GAN
PHOTOS: SHUTTERSTOCK
Have you read about unfortunate scam victims in the news and thought, “There’s no way I would have fallen for that”? Well, you may be surprised, given how cybercriminals have managed to deceive even the savviest among us by harnessing technology.
Contrary to popular belief that cybercrime victims tend to be older folks who are less digitally-savvy, a 2022 study by the Institute for the Public Understanding of Risk found that those under the age of 25 were 10 per cent more susceptible to scams than those aged 65 years and above. Weighing in on the statistic, Mr Gary Gardiner — head of security engineering, Asia Pacific and Japan, at cyber security firm Check Point Software Technologies — says that young digital natives tend to develop strong trust in online platforms. As a result, they can be scammed, just like the older generation.
To avoid being a victim of scams, Mr Gardiner has this advice: “Think about who you are communicating with online and what they are asking for. While not everyone is looking to defraud you, the consequences of not being vigilant can be severe.” It also pays to be aware of the latest high-tech scams. From complex phishing operations to the use of Artificial Intelligence (AI) impersonators, here are five trending scams to keep on your radar.
1.PHISHING
Phishing scams using malware are among the most common ways of targeting victims across all ages in Singapore. They may attempt to deceive individuals into revealing sensitive information such as banking credentials by impersonating trustworthy entities such as an internet service provider or a bank through emails, text messages and weblinks.
Such scam tactics are not new, but they are carried out in novel ways. In May, news reports highlighted a case of a 60-year-old who lost S$20,000 after scanning a QR code on a sticker pasted outside a bubble tea shop. She completed an online survey and downloaded a third-party app to get a free cup of tea, not realising that malware was being installed on her Android phone. This granted scammers remote access to her device.
HOW YOU CAN PROTECT YOURSELF
When visiting sites that you trust, Mr Gardiner advises using two-factor authentication (2FA) to avoid having your credentials stolen. Add another layer of protection by downloading cybersecurity tools such as the ScamShield app, which can scan incoming messages for fake sites, phishing scams and malicious content before you even receive the email or SMS, he adds. “Never share your personal information or passwords online, or even over the phone or video call with anyone,” Mr Gardiner advises. “If any communication asks to verify your username and password this way, it must be fake. No legitimate institution such as a bank would send you this request.” If you are unsure about anything online, contact the company using another method such as through a phone call, he adds.
2. E-COMMERCE SCAMS
It can be hard to resist a “good deal” online for your favourite seafood or Musang King durian. But with e-commerce scams on the rise — there was a 74.5 per cent increase in such cases in 2022 — it pays to think twice before making that purchase. A common e-commerce scam involves swindlers posting fake offers online and failing to deliver the promised items once victims have made payment. In some cases, victims are re-directed to fraudulent websites and expose their credit/debit card details. There is also an emerging trend of scammers posing as buyers. Here, scammers may approach e-commerce vendors to express interest in their products. To receive payment, the seller is asked to click on a URL link or scan a QR code that redirects them to a spoofed banking website where they reveal their confidential details.
HOW YOU CAN PROTECT YOURSELF
If you receive a QR code or link, always carefully examine the web address, Mr Gardiner advises. Scammers often use domain names that are similar to or even contain the official URL, so always look out for subtle spelling errors. Do also note that most phishing sites now include an SSL certificate (the padlock symbol), so that’s no longer a fool-proof indication of a legitimate website. The best way to avoid such scams is to manually search for official company websites instead of using QR codes or URLs in emails.
3. AI-DRIVEN SCAMS
While AI-driven scams may not be as common currently, Mr Gardiner notes that Check Point has seen an increase in the use of AI by scammers to craft more realistic content. “Previously it was easier to spot a scam due to bad grammar and spelling. However, the quality of spam emails has improved drastically with the introduction of AI,” he shares. There have also been reports of people being tricked into thinking that the person on the other end of the line is someone they know and trust through the use of deepfake voice recording, he adds. These highly realistic fake audio recordings of individuals are generated by training AI models on large datasets of their voices.
HOW YOU CAN PROTECT YOURSELF
As with any forms of communication, Mr Gardiner stresses that being cautious is key. And don’t make decisions in a hurry. “Always look for signs that something may not be right. Be aware if the conversation goes down the path of money or investing,” he cautions.
4. ONLINE ROMANCE SCAMS
Besides bringing on heartbreak, at least S$35 million was lost to Internet love scams last year, according to the Singapore Police Force’s Annual Scams and Cybercrime Report 2022. Along with traditional scam techniques of gaining your trust and affection, the latest generation of online romance fraudsters may also tap on AI tools such as deepfake voice and video technology to look and sound more convincing.
HOW YOU CAN PROTECT YOURSELF
According to the National Crime Prevention Council, a red flag would be the swift profession of love shortly after making contact. Watch for other warning signs, such as constantly refusing video calls and sharing sudden stories of misfortune while requesting money. In some cases, the scammer may even send you gifts to gain trust.
5. SIM SWAP SCAMS
Imagine losing phone service, being unable to send or receive messages, make calls and access your online accounts. This frightening situation can become a reality when scammers hijack your phone number by contacting your mobile service carrier and impersonating you, using details such as your NRIC number and birth date. They’ll claim to have lost or damaged your SIM card, and that your mobile number needs to be transferred to a different one. After taking control of the mobile number, they can then access various accounts that rely on 2FA via SMS, potentially allowing them to take over the victim’s online accounts or conduct financial fraud.
HOW YOU CAN PROTECT YOURSELF
“Individuals are usually not aware they are victims of the swap until their phones start glitching,” Mr Gardiner says. Besides being unable to use your phone, other tell-tale signs that your SIM card has been swapped out include receiving a text message that the SIM card for your mobile number has been changed. To avoid becoming a victim, Mr Gardiner advises practising good cyber hygiene. This means not trusting any calls, texts and clicking on any links sent to you, unless you are absolutely sure of the source and sender. It is also critical to not give out any passwords, OTP and personal information for no good reason.
HOW TO STAY SAFE WHILE SHOPPING ONLINE
Mr Gardiner from Check Point Software Technologies shares safe online shopping tips.
To keep up with the latest scams, visit the Singapore Police Force’s Scams Bulletin.
Like our stories? Subscribe to our Frontline Digital newsletters now! Simply download the HomeTeamNS Mobile App and update your communication preference to ‘Receive Digital Frontline Magazine’, through the app settings.