Online Phishing Has Risen by 297% Over the Last Year and Cybercraig Warns that it Should Disturb All of Us

Posts by: Paulo Franco

The online shopping world has evolved tremendously over the last few years. Despite all of the benefits and convenience it brings to online shoppers, it has also become a fertile breeding ground for online phishing and cybercriminal attacks. The offenders take advantage of the relatively anonymous virtual world to trick merchants and customers, causing them damage that reached to more than $57 billion last year.

phishing hook and credit card

We'll get to that, but first things first. What does online phishing mean?

Phishing is a fraudulent attempt to collect sensitive personal information from online users, such as credit card details, usernames and passwords. The classic phishing attempts were carried out through emails and instant messengers. However; newer phishing techniques include building authentic-looking websites to fool unsuspecting shoppers or using fake Instagram accounts to trick merchants.

Sounds quite scary doesn't it?

Unfortunately, this is only the tip of the iceberg when it comes to online phishing and scams. Imposter scams, for example, have hurt 1 in 5 people across the world with a recorded $328 million reported stolen, not including the many people that haven't reported being a victim of online scammers… Read on to discover the worst online scams and online phishing you need to avoid today.

So, how do online scammers manage to pull off these scams, technically speaking?

Well, the basic methods are very straightforward. First, the fraudsters must obtain the victims credit card information. This can be achieved through several sophisticated phishing tactics or by buying the stolen details on the 'dark web', the part of the web that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.

After the cybercriminals have the credit card details in their possession, they order services or purchase goods from retailers. Retailers, then fulfill the orders by providing products or services but, then get stuck with the payment as soon as the real owners of the credit cards dispute the transactions and the bank or credit card company chargeback the funds from the merchant.

Newer phishing techniques include building authentic-looking websites to fool unsuspecting shoppers or using fake Instagram accounts to trick merchants.

How It Became So Easy to Trick Merchants

As opposed to financial institutions, such as banks and payment providers that have more advanced security defenses, other retailers and merchants usually have weaker security protocols, making them relatively easy and low risk targets for online fraudsters.

Moreover, the abundance of online merchants is huge today and eCommerce fraudsters become almost untraceable by using VPNs (encrypted virtual private networks) and shipping addresses from anywhere in the world.

Did you hear about the online car sale scam that caused losses of millions of dollars and lasted more than 3 years? Read more below!

Worst Online Scams of 2018

Car Scams

Since May 2014 through January 2018, the FBI has received almost 27,000 complaints from people who were victims of cruel online car sale scams, causing losses of more than $54 million. The car scam started with a fraudster posting an online ad of a car for sale with a low price, to provoke buyers' attention. Then, the criminal would send the buyers more photos and details to increase his trustworthiness. Next, they would ask for a payment in pre-paid gift cards in the amount of the car for sale. The buyer shares the gift cards' codes with the fraudster, on the provision that they would receive the car in the next couple of days. Needless to say that the buyers never received the vehicles they paid for.

Fake Banking Apps

In late 2017, Avast's security researches discovered a sophisticated trojan virus that targeted banking apps that were installed on users' devices. The malware would create a fake banking app that overlaid the existing one, tricking users to fill in their usernames and passwords, and putting their financial data at serious risk.

Fortnite Free V-bucks Scam

The super-popular online video game was the target of some malicious scams this year. In Fortnite there are V-bucks, virtual money that players can use to buy new gear. Many scammers offer you 'free' V-bucks by following their instructions. They would usually lead you to websites where you share a shady code from your game account. By sharing this code, your account would be compromised and it would allow scammers to gain access to your payment information. Additionally, many of these websites contain malicious ads that by clicking on them may lead to the installing of spyware or malware on your device.

Since May 2014 through January 2018, the FBI has received almost 27,000 complaints from people who were victims of cruel online car sale scams, causing losses of more than $54 million.

How to Protect Yourself from Online Phishing and Scams

  1. 1. It's highly recommended to install a leading Antivirus software for your PC or Mac. Antivirus products scan your computer for malware and virus and have real-time protection against numerous threats, making sure you browse the web safely. Many Antivirus programs have secured online browsers and automatic email scanners that can minimize the risk of online phishing.

  2. 2. Be aware that fraudsters and online scammers are lurking everywhere nowadays. Stay extra cautious while opening suspicious emails from people or organizations you don't recognize and never click a on a link from these shadowy sources.

  3. 3. Don't get quickly tempted by ads and banners that offer free apps. It's better to conduct a quick search about the company offering this free app before clicking on its ad, just to stay on the safe side.

  4. 4. Keep your devices' software up to date. This means downloading the latest security and operating system updates when they're released. Often, these updates include patches that fix security issues and data breaches

  5. 5. Download apps from official stores only, such as Mac App Store, Google Play and Microsoft Store. These companies take serious step to ensure the apps on their stores are malware-free.

  6. 6. Use two-factor authentication, which requires you to provide a second piece of proof to verify your identity. It may come in handy on numerous websites and can reduce the risk of online phishing, especially when fraudsters get a hold to only one of your credentials, such as an email address or a phone number.