What Can We Do About Online Scams?

AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to mitigate the damage inflicted by scams. Various security providers are supporting features to detect and block the damage from scams, financial frauds, and phishing. However, security products alone cannot block all the scams. To prevent scams, users must take extra caution individually, foresee the signs of scams, and respond appropriately.

This article is the last of the Online Scams series and provides guidance on scam prevention and individual & corporate protection.

Contents

1. Know the Latest Scam Threats
2. Take Caution
3. Configure Security and Privacy Settings
4. Use Security Products
   • AhnLab TIP
   • AhnLab V3 Mobile Security
   • AhnLab MDS
   • AhnLab XDR
5. Always Report Damage Incurred 
6. See Related Articles

Definition

Scamming is defined as the crime of deceiving others via immoral means for financial gains, stealing intellectual property, or unauthorized access to assets. Scammers (criminals and attackers) mostly utilize direct channels such as voice calls, messages, emails, messengers, social media, and websites to coerce their victims into performing deeds they want done.

Know the Latest Scam Threats

Learn about the latest scam threats to see the signs of scams and detect the ones that are about to occur. The scams have evolved to the point of using AI to mimic the voices of loved ones.^[1] Inform not only yourself, but also family members and friends of the latest scam types, schemes, and measures to take against them. Companies and organizations must conduct regular security awareness education and training sessions to prevent targeted spear phishing attacks. The following websites provide information about the latest scam cases. Readers are advised to check various cases as there are many different types and purposes of scams in each country.

• Financial Supervisory Service | Consumer Alert
• Global Anti Scam Alliance (GASA)  | Research
• Federal Trade Commission | Consumer Advice
• FBI | Scams and Safety
• ScamAlert | Bringing you the latest scam info
• Scamwatch | National Anti-Scam Centre
• Australian Signals Directorate | Scams
• National Cyber Security Centre | Phishing

AhnLab also provides information about the latest scam threats via the ASEC Blog and AhnLab TIP. In addition, the ASEC Blog provides information about international and Korean scam threats that target individual users as well as analysis information about spear phishing attacks targeting companies and organizations.

Take Caution

Before performing the demanded task such as transferring money, entering information, running files, or sending information, make sure to clearly identify the person demanding it. The person may try to apply psychological pressure by making sudden demands or saying that a special opportunity will pass if the task is not done before the specified time limit, but you must assess the situation objectively and take caution. Excessive promotions of financial gains and opportunities are likely to be signs of scams, and the first few instances of investment returns and dividend payouts may be the bait to draw in even higher investment funds. When making risky investments, only invest to the extent where losses are recoverable.

Do not trust the person solely based on the information they gave. Examine the situation through various channels such as searching online and checking reviews. If the activities involve viewing login screens or online shopping websites, search for websites’ URLs to see if they are legitimate websites as it is difficult to identify scams with only the screens shown. If you are having difficulties assessing the situation objectively, seek the aid of people around you or professionals.

Configure Security and Privacy Settings

It is recommended that you set the two-factor authentication (2FA) for website or corporate business accounts you use frequently. 2FA asks for additional authentication other than the password for the login, meaning that accidents can be prevented even when the account information is leaked. Additionally, you can minimize the exposure of your information and prevent it from being exploited by scammers by checking and setting privacy settings of social media accounts so that only the specified people can see your personal information or friend list.

• Google | Turn on 2-Step Verification
• Microsoft | How to use two-step verification with your Microsoft account
• Adobe | Secure your Adobe account by using 2FA or two-step verification
• X | How to use two-factor authentication (2FA) on X
• Facebook | How two-factor authentication works on Facebook
• Instagram | Securing your Instagram account with two-factor authentication
• WhatsApp | About two-step verification
• Telegram | Two-factor authentication
• LINE | Help center
• Naver | What is 2FA and how to enable it
• Kakao | Two-step verification
• Facebook | Basic Privacy Settings & Tools
• Instagram | Privacy Settings & Information
• TikTok | Account privacy settings

Use Security Products

Using security products can help prevent and block scams. The following AhnLab security products help you respond to scams.

AhnLab TIP provides more IoC information and analysis reports than the ASEC Blog. Through diverse information such as weekly phishing email threat reports and real-time mobile smishing threat statuses, AhnLab TIP helps users conduct a comprehensive analysis of threats. Furthermore, users can use AhnLab TIP’s information with other security products to respond to threats more effectively. 

AhnLab V3 Mobile Security provides features to detect SMS phishing (smishing threats) and block malicious apps on Android devices. Personal users can use it for free.

AhnLab MDS checks the identity of the email’s sender and blocks scam emails using the “Scam Protection Settings” feature which prevents spoofing. Additionally, it dynamically analyzes malicious email attachments in real time and prevents them from flowing in.

AhnLab XDR can detect and respond in real time to dangerous events such as account hijacking and internal asset breaches due to phishing scam emails. It categorizes users and assets by risk, assesses the level of influence, and uses event log analysis to evaluate the risk level of the scam threats. It can also link with AhnLab TIP to swiftly implement the latest phishing threat information and enhance detection and response system.

Always Report Damage Incurred

It is important to swiftly report any damage incurred by a scam or a financial fraud. Victims are advised to first report to credible organizations before seeking the assistance of private damage recovery institutions or law experts. The organizations in charge of handling such reports may differ by country, but mostly, the police or the national cybercrime report center handle them. Reporting scam damage allows people to recover from their loss and helps reduce the number of subsequent cases in which victims fall to similar scams.

See Related Articles

1. Online Scams: Are You Safe From Impersonation, Blackmail, and Deception?
2. Online Scams: What Are Online Scams?
3. Online Scams: Fraud Through My Phone
4. Online Scams: Blackmail, Deceptions, and Victims
5. Online Scams: I Just Wanted to Make a Lot of Money Easily
6. Online Scams: Are These All Scams? Distinguishing the Legit from the Scam
7. Online Scams: Anyone Can Fall for Scams
8. Online Scams: So What Should We Do About It?

[1] “Mom? Help me.” AI-generated voice phishing mimicking daughter’s voice

The post Online Scams: So What Should We Do About It? appeared first on ASEC BLOG.