7 unique digital frauds and how to avoid them

Work-from-home (WFH) frauds target individuals, promising remote working, high earnings and flexibility but aim to deceive and defraud. WhatsApp scams are recent examples. (Photo via Unsplash)

A week ago, a 54-year-old Delhi man was trying to book a train ticket through a reputed travel website. In the process, he called their customer care number, which got diverted to another number, the other party asked him to install an application on his phone, asked him to connect his credit/debit cards with the app and as soon as the call was cut, a lumpsum of Rs 1.2 lakh was gone from his account. Who knew booking a ticket from Delhi to Jalandhar would cost him such a vast amount? Who knew fraudsters are coming up with unique techniques to dupe money out of innocent people? Well, to tell you the truth, this happened with none other than my father.

Here's a guide for some unknown types of frauds that are taking place these days and how to deal with them:

Juice jacking

Juice jacking is a hardware-focused fraud tactic where attackers manipulate charging stations or connection cables with malware. By infecting these devices, they hope that unsuspecting individuals will use them to charge their devices, unknowingly exposing their personal information or allowing unauthorised access. This type of fraud exploits the trust users place in public charging stations.

How to avoid juice jacking?

Dhiren V Dedhia, head of Enterprise Solutions, CrossFraud, shares the following tips to remain careful of juice jacking:

● Avoid using public charging stations, especially at airports or other public spaces.

● Disable the option for automatic data transfer when connecting via USB.

● Use power banks instead of relying on public charging stations.

● Consider using a USB passthrough device that only allows charging and blocks data transfer.

OTP-based frauds

In this type of fraud, individuals receive fraudulent messages impersonating non-banking financial companies (NBFCs). The messages offer loans or credit limit enhancements and provide a contact number for the fraudster. When victims call the number, they are asked to fill out forms containing financial details and are coerced into sharing OTP (One-Time Password) or PIN details. This information is then used by fraudsters to conduct unauthorized transactions and cause financial losses.

How to avoid OTP fraud?

CrossFraud’s Dedhia shares the following tips to get rid of OTP fraud:

● Never share OTP, PINs, or personal details with anyone in any form.

● Regularly check SMS and emails to ensure that no OTP is generated without your knowledge.

Romance frauds

Romance fraud is a type of online fraud where criminals deceive individuals on dating websites, social media platforms, or through email by pretending to be a romantic interest. These scammers often create fake profiles and develop emotional connections with their victims to gain their trust. Once trust is established, they exploit the victims by manipulating them into sending money, and personal information, or even engaging in illegal activities on their behalf.

How to avoid romance fraud?

● Maintain a healthy level of scepticism when engaging with people online

● Avoid sharing sensitive personal information, such as your address, financial details, or social security number, with individuals you've only met online.

● Watch out for warning signs, such as inconsistent or evasive answers, reluctance to video chat or meet in person, or excessive declarations of love early in the relationship.

Remote-access scams

Scammers convince victims to install remote-access software on their devices, claiming to provide technical support. Once installed, the fraudsters gain control over the victim's device and can steal personal information or commit financial fraud.

How to avoid remote access scams?

Sanjay Katkar, the managing director and chief technology officer of Quick Heal Technologies, shares the following tips to remain cautious of remote access scams:

● Exercise caution when interacting online, avoid suspicious links, and verify identities before sharing sensitive information.

● Educate yourself and employees about fraud techniques through regular cybersecurity training

● Activate 2FA whenever possible, especially for important accounts like email and banking. This adds an extra layer of security by requiring a verification code in addition to your password.

● If you granted remote access to someone you suspect may be a scammer, disconnect your computer or device from the internet to prevent further access or data theft.

Synthetic-identity frauds

This type of fraud involves creating a new identity by combining real and fake information. Fraudsters use these synthetic identities to open fraudulent accounts or obtain credit, making them difficult to detect.

How to avoid synthetic identity fraud?

Preekshit Gupta, Vice President, APAC & MEA of no-code decisioning platform Bureau shares tips to remain cautious of synthetic identity frauds:

● Firstly, exercise caution and be sceptical of unsolicited communications that request personal or financial information.

● Take the time to verify the legitimacy of the sender or caller before sharing sensitive details. Make sure you verify the numbers online to check if they are actually from the business name they are using

● Always ensure that you have reliable security software installed on your devices and keep it updated to detect and prevent new fraud techniques.

● Double-check the authenticity of UPI handles and websites before making any transactions.

● Stay informed about the latest fraud techniques and scams, and regularly monitor your transaction history for any suspicious activity.

Business-email compromise

Fraudsters deceive employees by impersonating high-level executives or trusted vendors, persuading them to wiring funds or providing sensitive information, leading to financial losses or data breaches.

How to avoid business-email compromise?

● Pay close attention to the email addresses of senders. Scammers often use addresses that closely resemble legitimate ones but have slight variations or misspellings.

● If you receive an email requesting sensitive information, wire transfers, or changes to account details, independently verify the authenticity of the request.

● Scammers often create a sense of urgency or pressure to manipulate recipients into taking immediate action. Be cautious of emails that demand urgent wire transfers, threaten negative consequences, or insist on bypassing normal procedures.

● Before clicking on any links within an email, hover your cursor over the link to reveal the actual web address. Ensure that the displayed URL matches the legitimate website or destination you expect.

● Use robust email filtering systems, anti-spam software, and antivirus solutions to help detect and block fraudulent emails

● Implement and enforce procedures for verifying payment requests, wire transfers, or changes to financial information.

Work-from-home fraud

Work-from-home (WFH) frauds are schemes that target individuals seeking remote employment opportunities. These scams often promise high earnings and flexibility while working from the comfort of your own home, but in reality, they aim to deceive and defraud unsuspecting individuals. The WhatsApp scams are the most recent examples of these scams.

How to deal with WFH frauds?

Sudhakar Raja, Founder and CEO of the Human Risk Mitigation platform TRST Score, presents the following tips to deal with WFH frauds:

● Candidates need to be extremely suspicious of the offers that are made to them from an unknown source. Companies of repute will never approach you with job offers via WhatsApp when you have not applied to one.

● It is a first red flag when there is money demanded to provide a job offer or participate in the selection process. No companies of repute will engage in such practices.

● If the person on the other side is typically pushing you to participate quickly, they are trying to create a false sense of urgency to prevent you from seeing the loopholes. Take a step back and think through what you are being asked to do.

● Use holistic Risk Mitigation Platforms to check the employers and the companies that you are being approached by. This allows you to ensure that you can verify the person approaching you instantly.

How are scammers pulling these scams off?

Even after taking numerous precautions, scammers can pull these scams off very easily. The most educated or highly-graded professional gets scammed without even realising it.

On this, Amit Relan, founder and CEO of a global ad fraud detection and prevention company, mFilterit, says, that fraudsters play with the trust of a person to pull off these phishing scams. They use social engineering techniques to manipulate victims to take a certain action. Usually, they pretend to be authentic and trusted sources by crafting deceptive messages or emails that appear legitimate like posing as a trusted organization or individual. He adds that fraudsters continuously adapt their techniques to exploit vulnerabilities in technology.

On the other hand, CA Manish Mishra, who is also a virtual CFO believes that the fulfilment of those frauds regularly stems from exploiting vulnerabilities in our behaviours and online practices. “Hackers capitalize on our consideration, interest, and desire for comfort. For example, they may use state-of-the-art social engineering techniques to govern victims into divulging sensitive information,” Mishra adds.

What to do if one is scammed?

In case you have fallen prey to this type of financial fraud, experts recommend to:

● First, stop all communication with fraudsters and block them

● Gather all the information and contact details of fraudsters and any evidence of the fraud such as screenshots of conversations or emails.

● Keep a record of all the payments made to the fraudsters

● Report the fraud to the relevant authorities such as the police, cybercrime cell or the consumer court

● Inform bank and credit card companies about the fraud and take the necessary steps to secure their accounts

● Also, make sure you are dealing well with the anxiety and stress that might come up with getting financially abused. Mynoo Maryel, an accomplished author and a thought leader recommends following the AAA approach to overcoming trauma or distress from financial fraud i.e. acknowledge the situation, accept it and accomplish great things by moving on.