The support scams are now the number one phishing threat. During the pandemic, they have proliferated mainly because of our increased reliance on technology and, well, the fact that they work.
COVID-19-era scams follow the news - from phony promises of financial assistance to fake access to vaccines. But one scam is more enduring than any other - tech support scam, claims NortonLifeLock in its October Consumer Cyber Safety Pulse Report.
NortonLifeLock alone blocks nine million threats a day on average. They have prevented almost 900 million attacks from July through September, including over 12 million tech support URLs.
Tech-support scams often arrive as a pop-up. They're designed to trick you into believing you face a dire cybersecurity threat, company researchers claim. Malicious actors behind this seek to steal your personal information, tap your bank account, or install malware on your device. Scammers often impersonate well-known brands to trick and defraud customers.
According to Check Point's Avanan, Microsoft, DHL, and Amazon are the most impersonated brands, but scammers certainly don't limit themselves to those names only.
Tech support scams rely on fear, uncertainty, and doubt.
"They often try to scare you into believing that something is wrong and get you to call a number to fix it. Once they make contact, they can use various techniques to compel you to make decisions that are not in your best interest. That can range from installing software that gives them control of your PC to forking over your credit card number so they can bill you for their ‘services’." NortonLifeLock claims.
The best defense against these types of scams is awareness. Never call a company based on a number on a pop-up or warning. Instead, reach out to the company directly.
NortonLifeLock expects scammers to exploit the holiday season in the upcoming three months. You should be on the lookout for tech support, shopping, and charity scams.
Even though tech-support scams are the number one phishing threat, threat actors have way more tools and tricks to try and defraud you. Anything you do online - shopping, banking, gaming, trading cryptocurrencies, or buying NFTs, expect scammers to follow.
Here are some things that caught NortonLifeLock's attention this quarter:
1. Scammers target gamers. The virtual goods that they purchase, such as a blue "Party Hat" at RuneScape, have real value ("Party Hat" valued at $6,700), and so the scammers find it worth stealing.
Don't trust links from unexpected emails or text messages. When in doubt, go directly to the service's login page by typing it in or using a reputable search engine.
2. Banking scams. Online banking can be quick and convenient. But if you log in to a scam website designed to look like your bank's actual website, you could have a lot to lose. Scammers will try to impersonate your bank, so note that your bank’s representatives will not send you texts or messages asking you to log in with your credentials. Always go directly to the official site when you need to log in to your bank. Or use their official customer support phone number on the back of your card to get in touch with them.
3. Attackers cash out on stolen gift cards. Gift cards can be popular, especially around the holiday season. Norton found a network of attackers selling stolen gift cards. Never buy a gift card online with a considerable discount - it is a clear sign of illegal trade. Always check the value of your gift cards after you buy them. Make sure the gift cards aren't activated until you buy them. If possible, check if a gift card has a long PIN because four digits are far too short.
These are just a few things to look out for. Malicious hackers will try to seize any opportunity they get and figure out new ways to scam you.
For example, romance scams are on the rise. Scammers were soon to follow as people turned to dating apps, such as Tinder, Grindr, or Bumble during the peak of quarantine solitude. Recently, Sophos revealed that iPhone users were ripped off at least $1,4 million through Tinder and Bumble scams. Crooks convinced some users to install fake cryptocurrency apps and then tapped their wallets.
Scammers have already crept into the NFT (non-fungible token) marketplace. Recently, OpeanSea, the largest digital marketplace for collectibles and NFTs, patched a vulnerability that could have caused collectors to lose hundreds of thousands of dollars worth of NFTs.
Whatever you are into, crooks know it and are just around the corner. But you can build viable defenses around yourself by trusting your senses and remembering that if something seems too good to be true, it probably is.
More from CyberNews:
Subscribe to our newsletter