Mind Your Crypto
Another $1.46 billion in losses last year was funneled through investment scams, which have jumped in popularity in response to the rise of cryptocurrency. Crypto transactions made up an egregious number of successful cons, enabled in large part by crypto-compatible ATMs, which the FBI has criticized for poor regulation and their instantaneous, irreversible, high-risk transactions.
Interested in a seemingly golden investment opportunity? You’re best off doing your own research. If you want to form a partnership with an investor, think of it like the hiring process—you wouldn’t hire a candidate without a clean background check and solid references. As a general rule, people who contact you out of the blue or ask for something immediately are usually running a scam. Don’t hand them money; take the time to triple-check who you’re investing with.
Beware Your Heart
It’s one thing to be targeted by a seemingly legitimate investor or trusted colleague. But cybercriminals have range, and they know most people can’t resist a good tug at their heartstrings.
In 2021, fraudsters stole a whopping $956 million via confidence fraud and romance scams. In these truly personal attacks, a criminal adopts a false identity, usually seeking romance or companionship, and manipulates their victim’s emotions quickly and efficiently to convince them to share their account information or transfer money their way.
These cons are most common on dating sites and hit older individuals the most, but the dominance of social media in digital spaces has diffused them far and wide. The FBI notes that the scammers are uniquely skilled at building trust and endearing themselves to the victim, and although they may make grand promises and grander statements of love and devotion, they only like you for your bank account. They may also approach their victims purporting to be in desperate situations, seeking humanitarian aid for a recent crisis, or promoting a cause for charity.
When confidence fraud goes for the heart, use your head. Social media makes it easier than ever to search people’s names and photos and see if they’ve been used elsewhere. If your new contact asks you for money right away or personal contact information in favor of communicating via direct messaging, it’s likely the first step in phishing for more sensitive credentials. Ask lots of questions, and remember that if someone or their promises seem too good to be true, they probably are.
Build Social Smarts
Social engineering is and will remain a leading threat, and BAI Security offers serious countermeasures. BAI Security’s Social Engineering Evaluation is designed to turn your team into a human firewall, applying real-world methodologies specially engineered to put your employees against an authentic simulation and encourage a more security-conscious culture.
This service is an excellent complement to our Red Team Assessment, for a real-world test of your security defenses. We also offer a Vendor Management Risk Assessment, ensuring your Technology Service Providers (TSPs) are held to the same standards of risk management, security, and privacy your organization would be if you conducted your own in-house assessments.