Being aware of the scams that took place in 2022 – and knowing what’s out there as we head into 2023 – is one of the best ways to protect yourself. In this article, we cover:
Zelle Facebook Marketplace Scams
Zelle Facebook marketplace scams have been some of the most widely searched scams of the year. According to our tools that measure the search volume of keywords, tens of thousands of people have been searching Google for information on these scams every month. This state of play has made Zelle a favorite for scammers. In one type of Zelle Facebook marketplace scam, a “buyer” – who is actually a scammer – contacts a seller, requesting their email addresses in order to pay them via Zelle for an expensive item. However, no payment is sent. Instead, the scammer sends a fake email purporting to be from Zelle, detailing how the product has been bought using a business account, and that to receive the payment, the seller must have a business account too. The scammer then pretends they’ve received a similar email and informs the seller that they have transferred some money to cover the seller’s business account upgrade (they haven’t) and asks to be reimbursed, banking on the fact that the seller won’t check their account before doing so (Image Credit: Reddit user u/ImRoxi).[/vc_column_text]
“Hi Mum”/“Hi Dad” WhatsApp Scams
WhatsApp has been a hotbed for scams in 2022, and one scam that has been spotted multiple times this year is the “Hi Mum”/”Hi Dad” scam (Image Credit: Mosman Collective). The scammer will then construct a story, such as pretending they’re stuck in a foreign country and their bank card isn’t working, in order to coax targets into sending cash via a bank transaction or some other form of money transfer. Several different iterations of this scam have been observed in 2022, with a number of different “stories” deployed by cybercriminals.
Crypto Scams
In terms of total money fraudulently obtained, there are few scamming methods that have reached the dizzying heights that crypto scams have. In June of this year, the FTC reported that more than 46,000 people had lost a combined $1 billion to crypto scams since the beginning of 2021. This amounts to one out of every four dollars lost to scams and makes it by far the most fraud-laden type of payment. The vast majority of stolen cryptocurrency is taken through investment-related scams (typically fake investment opportunities), while romance scams are also a popular scamming method that was used to illegally obtain bitcoin and other digital currencies from unsuspecting victims in 2022.
Romance Scams
Romance scams aren’t all about cryptocurrency – in fact, they have a much wider reach. Romance scams involve victims being duped into sending money to criminals who have convinced them, through various means, that they have romantic intentions that have already or will lead to a loving relationship (Image Credit: Reddit User u/curlyangel85) One romance scammer even found himself at the center of one of the most-watched documentaries of the year, the Tinder Swindler, which was released just before Valentine’s Day – a time of year that usually sees an explosion of romance-based fraud. Shimon Hayut, who masqueraded as a millionaire businessman to extort a collection of women out of hundreds of thousands of dollars, was initially arrested in Greece in 2019. Between the year of Hayut’s arrest and 2021, romance scams increased by 25% – and multinational credit reporting company Experian predicts the statistics will soon show 2022 was another blockbuster year for perpetrators of this scamming method.
Geek Squad Email Scam
Best Buy – and more specifically, its computer support service Geek Squad – hit the headlines throughout 2022 after scammers consistently impersonated the company and tried to con hundreds of thousands of customers. Geek Squad is a subsidiary of Canadian electronics corporation Best Buy and offers various on-demand tech support services for clients. The service is widely used across both the United States and Canada. The high frequency of Geek Squad scams has led the FTC to put out several alerts showing people how to spot them (Image Credit: FTC). However, Geek Squad “overpayment” scams, as well as Geek Squad “tech support” scams – the latter of which involves threat actors subsuming remote control of victims’ computers to fix non-existent problems and instead steal their information – have also been spotted.
Cash App Scams
Cash App scams were another collection of scamming methods widely used throughout 2022 to try and con victims out of their hard-earned cash. Cash App scammers will deploy a myriad of different social engineering methods to achieve this, including pretending to send “random” payments, offering investment opportunities, impersonating the company’s customer support, and demanding you “re-verify” your account. As well as traditional scamming methods, there have been several reports this year of Cash App scammers utilizing physical debit cards in their operations. Some scammers have reportedly bought stolen details on the dark web, and started posting unsolicited Cash App debit cards to the people the stolen information belongs to while also setting up Cash App accounts in their name. Inside the Cash App mail, victims will find instructions to scan a QR code to set up their Cash App card – but as we know, the account has already been set up by the scammer, and they’ll have access to any funds that their victims deposit. Because Cash App is so regularly impersonated by scammers, it’s important to treat all correspondence purporting to be from the company with great caution.
Google Voice Scams
Google Voice is becoming an increasingly popular choice for businesses that need a VoIP solution – and naturally, this means scams have increased too. Now, Google Voice is being used to steal people’s phone numbers and, in turn, other personal information. Google Voice scams require a prospective victim to have first posted something online along with their phone number – maybe they’re selling something on a site like Craigslist, or have lost their pet. The scammer will track down these users and claim they want to purchase such an item, or that they’ve found their lost pet. However, they request that you verify your identity before continuing. The scammer will then send victims a “verification code” – but what they’ve actually done is set up a Google Voice account with the victim’s phone number and this is the two-factor authentication code that Google will send to devices when new accounts are registered (Image Credit: FTC). Eva Velasquez, President & CEO of the Identity Theft Resource Center (ITRC), told NBC12 that have taken “thousands of calls to the center from victims of this scam”, with 6,700 reports coming in the last 15 months.
Paypal Scams
Paypal is one of the most commonly impersonated brands, and if you take a second to think about it, you can probably work out why – it’s a money-transferring service that sends out large volumes of correspondence and information to customers regarding transactions they’ve made or received. Last year, the Better Business Bureau found that Paypal was the most commonly impersonated payment system, and was used to scam people significantly more than Zelle: However, there are also “advanced fee” scams, in which victims are conned into sending money to scammers on the proviso that they will be sent more back (which never happens). “Overpayment scams”, on the other hand, often require more complex hacking and subversion tactics to make it appear as if victims have been transferred a large amount of cash. They are then asked to send it back, after which those who fall for the scam simply send their own money over to the criminal. In 2022, SMS is still being used by scammers as an avenue to wreak havoc, and it’s likely they’ll continue to flood our phones with malicious links as we head into 2023.
How to Protect Yourself From Scams in 2023
As we’ve mentioned previously, the best defense you have against scams is knowledge. Being able to recognize the common formats scam messages typically take is vital. If you’re a consumer, remember the golden rule: if you weren’t expecting to receive correspondence from a company and you have, or something just doesn’t seem right, contact the company’s customer support channel. On top of this, never hand over your phone number, email address, bank details, or any other personal information unless you’re completely sure you’re talking to a legitimate representative of a company with whom you have prior dealings. If you’re a business owner, on the other hand, regular training for employees, which could include exercises like phishing simulations, online cybersecurity courses, and enforcing password best practices, is crucial to keeping your systems safe. After all, you could have the most watertight security system money can buy, but if employees aren’t clued up, they’re just as much of an exploitable vulnerability as a misconfigured firewall. However, that’s not to say tech can’t help. Password managers, for example, can ensure that employees aren’t just reusing passwords, or not making them long enough, in an effort to remember them. If account information is stolen during a scam, this will greatly minimize the damage any given threat actor can do. These are just one example of a step you can take to protect your business. If you’d like to stay up to date on news regarding the latest scamming techniques, data breaches, and software vulnerabilities, as well as the latest tech you need to bolster your defenses, sign up for Tech.co’s weekly email newsletter today:
title: “The Worst Scams Of 2022 And How To Protect Yourself” ShowToc: true date: “2022-11-08” author: “Robert Bishop”
Being aware of the scams that took place in 2022 – and knowing what’s out there as we head into 2023 – is one of the best ways to protect yourself. In this article, we cover:
Zelle Facebook Marketplace Scams
Zelle Facebook marketplace scams have been some of the most widely searched scams of the year. According to our tools that measure the search volume of keywords, tens of thousands of people have been searching Google for information on these scams every month. This state of play has made Zelle a favorite for scammers. In one type of Zelle Facebook marketplace scam, a “buyer” – who is actually a scammer – contacts a seller, requesting their email addresses in order to pay them via Zelle for an expensive item. However, no payment is sent. Instead, the scammer sends a fake email purporting to be from Zelle, detailing how the product has been bought using a business account, and that to receive the payment, the seller must have a business account too. The scammer then pretends they’ve received a similar email and informs the seller that they have transferred some money to cover the seller’s business account upgrade (they haven’t) and asks to be reimbursed, banking on the fact that the seller won’t check their account before doing so (Image Credit: Reddit user u/ImRoxi).[/vc_column_text]
“Hi Mum”/“Hi Dad” WhatsApp Scams
WhatsApp has been a hotbed for scams in 2022, and one scam that has been spotted multiple times this year is the “Hi Mum”/”Hi Dad” scam (Image Credit: Mosman Collective). The scammer will then construct a story, such as pretending they’re stuck in a foreign country and their bank card isn’t working, in order to coax targets into sending cash via a bank transaction or some other form of money transfer. Several different iterations of this scam have been observed in 2022, with a number of different “stories” deployed by cybercriminals.
Crypto Scams
In terms of total money fraudulently obtained, there are few scamming methods that have reached the dizzying heights that crypto scams have. In June of this year, the FTC reported that more than 46,000 people had lost a combined $1 billion to crypto scams since the beginning of 2021. This amounts to one out of every four dollars lost to scams and makes it by far the most fraud-laden type of payment. The vast majority of stolen cryptocurrency is taken through investment-related scams (typically fake investment opportunities), while romance scams are also a popular scamming method that was used to illegally obtain bitcoin and other digital currencies from unsuspecting victims in 2022.
Romance Scams
Romance scams aren’t all about cryptocurrency – in fact, they have a much wider reach. Romance scams involve victims being duped into sending money to criminals who have convinced them, through various means, that they have romantic intentions that have already or will lead to a loving relationship (Image Credit: Reddit User u/curlyangel85) One romance scammer even found himself at the center of one of the most-watched documentaries of the year, the Tinder Swindler, which was released just before Valentine’s Day – a time of year that usually sees an explosion of romance-based fraud. Shimon Hayut, who masqueraded as a millionaire businessman to extort a collection of women out of hundreds of thousands of dollars, was initially arrested in Greece in 2019. Between the year of Hayut’s arrest and 2021, romance scams increased by 25% – and multinational credit reporting company Experian predicts the statistics will soon show 2022 was another blockbuster year for perpetrators of this scamming method.
Geek Squad Email Scam
Best Buy – and more specifically, its computer support service Geek Squad – hit the headlines throughout 2022 after scammers consistently impersonated the company and tried to con hundreds of thousands of customers. Geek Squad is a subsidiary of Canadian electronics corporation Best Buy and offers various on-demand tech support services for clients. The service is widely used across both the United States and Canada. The high frequency of Geek Squad scams has led the FTC to put out several alerts showing people how to spot them (Image Credit: FTC). However, Geek Squad “overpayment” scams, as well as Geek Squad “tech support” scams – the latter of which involves threat actors subsuming remote control of victims’ computers to fix non-existent problems and instead steal their information – have also been spotted.
Cash App Scams
Cash App scams were another collection of scamming methods widely used throughout 2022 to try and con victims out of their hard-earned cash. Cash App scammers will deploy a myriad of different social engineering methods to achieve this, including pretending to send “random” payments, offering investment opportunities, impersonating the company’s customer support, and demanding you “re-verify” your account. As well as traditional scamming methods, there have been several reports this year of Cash App scammers utilizing physical debit cards in their operations. Some scammers have reportedly bought stolen details on the dark web, and started posting unsolicited Cash App debit cards to the people the stolen information belongs to while also setting up Cash App accounts in their name. Inside the Cash App mail, victims will find instructions to scan a QR code to set up their Cash App card – but as we know, the account has already been set up by the scammer, and they’ll have access to any funds that their victims deposit. Because Cash App is so regularly impersonated by scammers, it’s important to treat all correspondence purporting to be from the company with great caution.
Google Voice Scams
Google Voice is becoming an increasingly popular choice for businesses that need a VoIP solution – and naturally, this means scams have increased too. Now, Google Voice is being used to steal people’s phone numbers and, in turn, other personal information. Google Voice scams require a prospective victim to have first posted something online along with their phone number – maybe they’re selling something on a site like Craigslist, or have lost their pet. The scammer will track down these users and claim they want to purchase such an item, or that they’ve found their lost pet. However, they request that you verify your identity before continuing. The scammer will then send victims a “verification code” – but what they’ve actually done is set up a Google Voice account with the victim’s phone number and this is the two-factor authentication code that Google will send to devices when new accounts are registered (Image Credit: FTC). Eva Velasquez, President & CEO of the Identity Theft Resource Center (ITRC), told NBC12 that have taken “thousands of calls to the center from victims of this scam”, with 6,700 reports coming in the last 15 months.
Paypal Scams
Paypal is one of the most commonly impersonated brands, and if you take a second to think about it, you can probably work out why – it’s a money-transferring service that sends out large volumes of correspondence and information to customers regarding transactions they’ve made or received. Last year, the Better Business Bureau found that Paypal was the most commonly impersonated payment system, and was used to scam people significantly more than Zelle: However, there are also “advanced fee” scams, in which victims are conned into sending money to scammers on the proviso that they will be sent more back (which never happens). “Overpayment scams”, on the other hand, often require more complex hacking and subversion tactics to make it appear as if victims have been transferred a large amount of cash. They are then asked to send it back, after which those who fall for the scam simply send their own money over to the criminal. In 2022, SMS is still being used by scammers as an avenue to wreak havoc, and it’s likely they’ll continue to flood our phones with malicious links as we head into 2023.
How to Protect Yourself From Scams in 2023
As we’ve mentioned previously, the best defense you have against scams is knowledge. Being able to recognize the common formats scam messages typically take is vital. If you’re a consumer, remember the golden rule: if you weren’t expecting to receive correspondence from a company and you have, or something just doesn’t seem right, contact the company’s customer support channel. On top of this, never hand over your phone number, email address, bank details, or any other personal information unless you’re completely sure you’re talking to a legitimate representative of a company with whom you have prior dealings. If you’re a business owner, on the other hand, regular training for employees, which could include exercises like phishing simulations, online cybersecurity courses, and enforcing password best practices, is crucial to keeping your systems safe. After all, you could have the most watertight security system money can buy, but if employees aren’t clued up, they’re just as much of an exploitable vulnerability as a misconfigured firewall. However, that’s not to say tech can’t help. Password managers, for example, can ensure that employees aren’t just reusing passwords, or not making them long enough, in an effort to remember them. If account information is stolen during a scam, this will greatly minimize the damage any given threat actor can do. These are just one example of a step you can take to protect your business. If you’d like to stay up to date on news regarding the latest scamming techniques, data breaches, and software vulnerabilities, as well as the latest tech you need to bolster your defenses, sign up for Tech.co’s weekly email newsletter today: