Your bank account might have been compromised. A neighbor may have been a victim of identity theft. Your best friend could be worried that her grandmother will fall prey to a romance scam.
Cybercrimes are so common these days that few of us are surprised when we hear the news. Such online crimes often take the form of fraud or scams – and they’re spiraling every year, in type and sophistication.
One of the best ways to protect yourself is to become more educated. With that in mind, let’s review some terms about fraud and scams that we should all get to know.
Account takeover fraud
Account takeover happens when a criminal “takes over” a person’s financial account then uses it for shopping, conducting fraudulent transactions, and more. Sometimes the fraudster buys account information from the dark web (one common way to buy stolen login credentials). Other times, they get the information they need directly from the victim.
As more people use mobile apps and web services for transactions (a trend that intensified during the pandemic), account takeover fraud has increased. This is especially noticeable in the retail and financial services industries.
Learn about account takeovers and other types of fast-evolving fraud
There are many forms of advance fee scams. You might get an email from someone claiming to be a foreign official who promises a large share of money in exchange for a lesser amount to enable the deal. Or you could get a call from a fake lottery official who just needs money for taxes before releasing the supposed winnings.
The common factor among these types of scams is that they start with the victim being asked to pay a small amount upfront (usually to cover taxes, shipping costs, or similar). In return, they’re promised a big payday down the road.
To avoid these scams, be skeptical of online interactions and trust your instincts if something doesn’t feel right. Don’t be pressured into acting too quickly or making rash decisions.
"When it comes to scams and schemes, you must start with a strong defense. Treat digital interactions with a healthy dose of skepticism, particularly those related to financial matters or the sharing of potentially sensitive information. Is the person behind that phone call, text or email message who they purport to be? Is it safe to click that link? A few seconds of risk awareness can save you a lot of time and trouble in the long run."
– Stu Bradley, Senior Vice President of Fraud and Security Intelligence Practices, SAS
Buy now, pay later fraud
Remember layaway programs? The modern equivalent is called buy now, pay later (BNPL). BNPL is an increasingly popular short-term financing option that shoppers can use in place of credit cards. People usually finance from $100 to $10,000.
BNPL is offered at the point of sale, either in person or online. Typically, these accounts don’t require a full credit check – so even people with no credit or bad credit can be approved.
This flexible payment option is popular among younger shoppers, particularly Gen-Z. But it’s also attractive for fraudsters, who benefit from the lack of regulation around this payment method. When fraudsters rack up charges on a BNPL account they've taken over, the victim might not immediately notice because they aren't billed right away.
Most credit cards today include chip technology. Chips provide more foolproof protection than magnetic stripe cards, an analog technology that contains unencrypted card data in the magnetic field (making it relatively easy to clone).
As chip cards became more common, credit card fraud shifted from point-of-sale (at a retailer, where a shopper presents a physical card) to online and over-the-phone transactions (where a shopper enters a card number and CVV code). This type of remote, or card-not-present (CNP) fraud, accounts for almost 80% of fraudulent transactions in the US by some estimates.
Anyone can be a victim of CNP fraud. Monitor your credit card statements closely and contact your bank or credit card company immediately if you suspect fraud.
Identity theft and fraud
When someone steals your personally identifiable information (PII), like date of birth, SSN or driver’s license number, they usually do so to apply for credit, file taxes or get medical services – in your name. The huge volume of data breaches over the past few years has made our personal information more readily accessible than ever. Fraudsters collect, test, exploit and sell this type of PII on the dark web.
Children and the elderly are favorite targets of identity thieves. That’s partly because their digital identities are not guarded as closely as the rest of the population’s.
One especially troubling (and common) trend is synthetic identity fraud. This occurs when a criminal combines real and fabricated credentials to create a new, implied identity that’s not associated with a real person. These fake identities are either invented, assembled from various sources, or made by changing breached data.
The Identity Theft Resource Center has great suggestions for people trying to avoid fraud and scams.
Check out their tips on how to protect your identity – including online accounts and physical documents, cards and devices.
Lottery scams are increasingly common. After all, who wouldn’t love to win a prize? Unfortunately, it’s those types of emotions that make it easier to fall for a fraudster’s tricks.
With this type of scam, a fraudster may claim the victim won a sweepstake they didn’t enter – and then ask the victim to send money to cover delivery expenses for the prize. Older consumers are more likely to engage with this type of scam than younger people.
To make it worse, fraudsters aren’t afraid to verbally intimidate over the phone to pull off a transaction or extract information.
A phishing email or text is a message that appears to come from a legitimate entity like your bank, school or utility company. They can include links to dangerous websites (riddled with malware) or they may ask you to provide your account password, date of birth or other information that can be used to commit credit card fraud.
Phishing schemes are prolific, and some are quite convincing. To make matters worse, phishers often use urgent warnings and high-pressure tactics to push their victims into revealing too much.
Read about romance scams, boiler room scams, phishing and more
With romance scams, fraudsters take advantage of their victims’ emotions. Generally, they target victims through dating apps or social media. First, they get close to the person and gain their trust so the victim will be emotionally invested in the relationship. Then they start asking for money. It usually starts with small amounts and increases over time.
Sometimes they claim to need money so they can travel to visit the victim. Other times, they claim to be ill or say they need money to pay rent. Victims, often embarrassed or in disbelief, keep sending money because they don’t want to believe it’s a scam.
If a new love interest you’ve never met face-to-face asks for money to cover a crisis, it’s a scam.