Have you ever thought you were communicating with someone you know only to find it was a scammer? The situation can be embarrassing, but more than that, you can have your data compromised and even lose your money.
This was demonstrated by the 2020 Twitter hack that was masterminded by a 17-year-old hacker and his accomplices. It was part social engineering scam, identity theft and crypto scam. All the elements came together to create what could have been a comprehensive fraud that might have robbed consumers of millions until Twitter management caught it in just a few hours.
Social engineering scam is just another danger in a long list of frauds that are affecting consumers around the world. It is important to learn from the methodology of these frauds to stay safe, protect your data and your funds.
Crypto scams are out to take your money, but Scam Survivor will protect you and help you make a successful claim. Our professionals are experts at every aspect of the fund recovery process. We consult with people who have been affected by crypto scams and forex trading scams and provide solutions to refer you to the right fund recovery professionals.
What Are Social Engineering Scams?
Social engineering scams may have the kind of name that sounds like a college course, but the idea is quite simple. A hacker pretends to be someone the victim knows to gain access to accounts, devices, and sensitive data.
This can happen when a scammer pretends to call from a government office and ask for verification through a social security number or poses as a technician requesting access. In some forex trading scams, a fake broker will claim that they can help their clients with a trading platform by gaining access to their computers and making trades themselves.
The prevalence of social engineering scams and the ability of fraudsters to successfully hack into others’ accounts or to fake their identity through doctored photos and voice technology is alarming. This means that it is important to always verify the identity of someone, sometimes through several means, if they are requesting sensitive data or access to devices.
It should also be noted that even IT people and technicians very rarely need actual access to devices. When they do, the person can guide them through the process so the other party can type in passwords without their having to directly access their account. Most of these requests for access are unnecessary and need several forms of verification on the rare occasions they are justified.
How Was Social Engineering used in the Twitter Hack?
In 2020, a teenage hacker managed to gain access to the Twitter accounts of former President Barack Obama, Elon Musk, and Bill Gates. They posed as IT technicians and since many of the employees were working from home because of the pandemic, it was harder for IT to work with employees in person. Therefore, the hackers masquerading as IT asked for access to employee devices.
When this was allowed, they could then access data that gave them entrance into celebrity accounts. Then they posted as celebrities promising users the ability to double their bitcoin in just a few hours. Twitter management caught the scam at the very beginning when they made away with $116,000 in bitcoin which could have been more of course if the crypto scam had not been closed down.
Social engineering was used to convince the employees that the hackers were from the IT department and again when they gained the trust of users who thought the “double your bitcoin” deal was being offered by Barack Obama, Elon Musk, or Bill Gates. The use of manipulated photos, fake logos and copies of emails, and human voice technology make mimicry easier and the methods of these frauds more efficient.
What Are the Methods Used in Social Engineering Scams?
The following are methods used in social engineering scams:
- Manipulation of voices and photographs through technology
- Fake communications with letterheads and logos that seem authentic
- Haste and pressure to act fast
- The victim, as in a workplace situation, is in a constrained position and may not feel they can question the request
- The fraudster either pretends to be someone close to the victim or represent an organization that may find intimidating, such as the IRS, law enforcement, or a debt collection agency
- These fraudsters are well-versed in technology and often rely on their targets being less tech-savvy
5 Steps to Stay Safe from Social Engineering Scams
Although the fraudsters in social engineering scams may be clever with technology and complex methods, there are ways you can keep your data and money safe.
- Be Skeptical of Any Request to Access Your Device
- Follow Your Gut Feeling and Check
- Ask for a Video Call
- Take Down a Number and Call it Back
- Take Some Time and Investigate First
Most employees can count on one hand or even no hands the number of times IT has needed direct access to their device. Most of the time it is IT’s job to talk people through solving a problem themselves because they prefer that the user login with their own data. Be suspicious of any technician who suggests giving them access immediately, particularly if they seem offended by having to verify their request or identity.
Follow your gut feeling, particularly if it tells you to double-check. Don’t be afraid of insisting that you have time to investigate the request before acting on it. Call management or contact the government office and ask if what the person request is consistent with their records. You may want to ask for a video call. This is enough to intimidate many scammers.
If you feel a phone call isn’t genuine, but they are insisting the information is important, take down their number and call them back. This will verify where the call is coming from. Do not be worried about taking the time to investigate. Any employer would be pleased that employees are alert and check things before handing over sensitive company information.
In spite of these precautions, you could still fall victim to a social engineering scam. If this has happened to you, seek assistance right away from a trusted service like Crypto Scam.
Have You Been Affected by a Social Engineering Scam? Talk to Scam Survivor
If you have been affected by a crypto scam or a forex scam and need fund recovery services, talk to us. The Scam Survivor team has vast experience investigating fraud and aiding clients with their complaints. Our strong working relationship with regulators, authorities and financial services gives you a decisive advantage and helps you in your pursuit of fund recovery.