Online Fraud: Phishing, Fake Av And Social Engineering

Information and communication technology (ICT) is a technology that focuses on communicating. One of the examples is social media, cell phones, internet and others. This technology helps us to communicate better and easier. It’s really beneficial if the society can use it carefully and correctly, the example of the benefit is when there’s a natural disaster this technology helps us to communicate and spread words about it, the news can be spread globally without us needing to be there to know about it or when the government want to update us about the country, it will be easier and faster to get that information. This technology benefits us from a lot of perspective like in economy, in economy information and communication technology play a big role to a firm, they use information and communication technology to manage the transnational networks and to develop their business strategy. Not only in economy information and communication technology also plays a big role in education, with information and communication technology students can enables self learning, the internet provides learning materials for the students, enriches interaction and collaboration and others. There are still a lot of benefits in using information and communication technology in our daily life, but there are still a lot of people that aren’t aware of what they’re doing, so that the technology is un-beneficial. Some of the example of the disadvantages are student tend to get lazier since there are social media, cultural acts that is not appropriate for all ages, some of our privacy will becoming public knowledge since it’s easier to get information these days and there are a lot of crimes that happen because of information and communication technology.

Online scams or online fraud is a crime that will trick us, like the name online the scams usually happened on the internet. Usually the person who is doing the scams is tricking us to give information, money, social media login information and it can lead to identity theft. The person who’s doing the online scams is called cybercriminals. In online scams, cybercriminals have no specific targets for this crime, they usually targeted people from all age, whatever their background is, and where they are. This type of scams is really disadvantaging the victims. There are three types of most used tricks for online scams, which is phishing, fake AV and social engineering. The three of them are really dangerous and adverse. The cybercriminals usually tricks the victims by communicating through their social media such as instagram, facebook, email and others or through phone calls.

Phishing

Phishing is a form of scams that usually tricks us to click on a link, it is based on the word fishing which mean they are fishing for victims who fall for their tricks. Based on searchsecurity.techtarget.com “Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels. The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including the extraction of login credentials or account information from victims. Phishing is popular with cybercriminals, as it is far easier to trick someone into clicking a malicious link in a seemingly legitimate phishing email than trying to break through a computer's defenses.”

There are a lot of types of online scams that categorised as phishing, the most common type is email phishing, vishing or voice phishing and smishing or some of us know it as sms phishing. Both email phishing and sms phishing is asking the victim to open a link through chats but they come in a different format. Usually email phishing is targeted to a group of people like CEO, CFO, COO or any other big management positions. Even though it is for a group of people but the context is more specific and targeted, normally the context will be about technology, banking and healthcare. The three of them is the most used topic by the cybercriminals in email phishing whiles SMS phishing is more personalise and targeted for a single person. Usually SMS phishing is filled with link that will ask for your private information like your financial information, address, full name and others. SMS phishing is been around since 2009 while email phishing has been around since 2000. Vishing or voice phishing is different than email or SMS phishing since voice phishing happen in calls, usually voice phishing is using speaking skills to trick others for leaking their private information or by asking them to filled email and others.

Even though email phishing, SMS phishing and voice phishing is the most popular scams there are still some phishing that you should know and be aware like Search engine attack, Homograph attack, Hidden link and others. The example for search engine attacks is that the phishers paid other websites to run a champagne to create a fake website with really interesting description, the example are “100% REAL GET FREE IPHONES” or “DOWNLOAD GOOGLE CHROME HERE!!! 100% REAL” that kind of website most of the times are fake and phishing. For homograph attack they usually take a famous and big website and create a similar name, for the example amazon.com becomes arnazon.com, instead of using m they use the letter r and n. Hidden link is also really famous, you usually found a “download here” button in a website, that button usually leads you to other website. That is usually a hidden link button and that website might lead you to fill up a form about your private information. They usually do this scams to get information that will leads them into getting money, because this private information might leads them into getting access for their information.

Fake AV

Anti-virus is a software that is used in removing or scanning virus, their main purpose is to protect the device from virus since hackers constantly develop new virus and that virus spread every wherein the network. The virus can be found in emails, some links, download and others, that virus could ruin your device by making the devices has slow performance, data loss and system crashes, and it might also effect the machine because usually the infected device becomes overheat. While fake AV or fake antivirus is a software that has purpose to protect the devices but instead of protecting it usually it transfer viruses to the device. “Fake antivirus software is a scam commonly used by malicious software creators in order to sell fake security software to unwitting victims. The scam will typically involve a webpage or pop-up that informs the user they have viruses or other malware on their computer, even though they do not. It then offers to clean the infection. When the user opts to clean up they are required to pay to obtain a version of the fake software the will perform the cleanup. After the victim pays the software may or may not cease the fake warnings.”

By having the fake anti-virus and getting infected by it, your device now should have a pop-up information that will spam you, or making your device open up websites that aren’t trusted or even worse you’ll get virus. To remove that all you need to download the real anti-virus that could cost from forty dollars to hundreds of dollars. By having the fake anti-virus you would need to purchase the license one which mean anti-virus selling is increasing. The fake anti-virus not only exists in computers or laptop but it also exist for androids, so androids user should be really careful in using anti-virus. To prevent downloading a fake anti virus you should do research about that specific anti-virus software, the next thing you should do is use security settings enabling firewall will help you in preventing it and the last and most important is be mindful, don’t just trust the internet.

Social Engineering

Social engineering is a skill of communicating and interacting between humans. Social engineering uses psychological manipulation to trick other people into making mistakes. “Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.”

There are some tricks that are used in social engineering, the tricks are baiting, scareware, pretexting and tons of other tricks. Baiting, just like its name baiting is a trick where we lure the victims to fall to the trap, for example leaving a USB in a public space of the targeted person, that USB is filled up by automatic malware installation on the system it’s not always done in physical world, it can be in online world too. The example is automatic malware installation disguise as that “2 BAGS FOR $2”, usually those ads are fake and it will lead us to this type of situation. Other tricks are scareware which basically the same thing with fake anti-virus. Pretexting is a really clever way to trick the victims, in pretexting the cybercriminal act as a policeman, bank teller, co-worker and others people who have right-to-know. This type of scams once again done to get information that can lead them for credit card or identity theft. The cybercriminals will ask a more detailed data like security code, passwords and others. To prevent falling for social engineering you must use multi-factor authentication and don’t open emails and attachments from suspicious sources.

Credit Card Scams

Credit card scams is most of the reason this crime exist, for getting credit card information and for the credit card scams there are 2 types of credit card scams, the first one is where you were ask for money to register the card and then there is another scams where the criminal use social engineering skill/phishing to get information about your credit card without having your actually card.

Since a lot of people fell for online scams I would purpose solution about this problem. My solution is that every bank number or other big company would have their own number and they can’t call their clients without that number, so that no one will falls for people who is pretending to be a cops or bank teller or else there should be a verification about it. The bank should train all their employee and warn their employee about social engineering because if they are aware it will decrease the number of people who falls for it.for email there should be a program where they can check if the massage the other people send is clear from virus or automatic malware installation. The internet should also aware about the fake anti-virus and wiped them away from the internet and lastly people should be aware of this scams, most of the people doesn’t even know this type of scams exist.

My conclusion is that online scam is a crime or fraud that happen on the internet, by people who we called cybercriminals. In online scamming there are a lot of types of scamming, but the most common type is phishing, fake anti-virus and social engineering. Phishing is where they trick them by giving them websites that is filled with form about their privacy, usually the websites name are “GET FREE IPHONES”. For fake anti-virus, it’s a software that puts virus into your device so that you will need to download the license anti-virus which cost a lot and lastly is social engineering is a skills of communicating that’s “decorated” with social situation, so that people will give you information. Most of the scams are to gain information so that they can use it for credit card. People keep falling for these tricks because they are not aware about this scams.

Bibliography

1. “8 Common Types of Online Fraud or Internet Scams.” The HelloTech Blog, 29 July 2019, https://www.hellotech.com/blog/8-common-types-fraud-internet-scams/.
2. “Advantages and Disadvantages of I.C.T - Eportfolio.” Google Sites, https://sites.google.com/site/eportfolioduaa/home/advantages-and-disadvantages-of-i-c-t.
3. “Antivirus.” Antivirus Definition, https://techterms.com/definition/antivirus.
4. Contributor, Top Ten Reviews. “How Do Computers Get Viruses?” TopTenReviews, Top Ten Reviews, 5 Aug. 2015, https://www.toptenreviews.com/how-do-pc-get-viruses.
5. “Fake Antivirus.” Fake Antivirus - Network Security Resources and Events | Sophos Threat Spotlight - Virus, Malware, Web, Antivirus and Social Media Security Trends, https://www.sophos.com/hu-hu/security-news-trends/threat-spotlight/fakeav.aspx.
6. “Fake Antivirus: What Are They And How Do You Avoid Them.” Daily English Global Blogkasperskycom, https://www.kaspersky.com/blog/fake-antivirus-what-are-they-and-how-do-you-avoid-them/2898/.
7. “Fake App Attack: Fake AV Website 10.” Fake App Attack: Fake AV Website 10: Attack Signature - Symantec Corp., https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=23973.
8. Hoffower, Hillary. “There's a Good Chance You're a Victim of Credit Card Scams and You Don't Even Know It - Here's What to Do.” Business Insider Singapore, 15 Oct. 2018, https://www.businessinsider.sg/credit-card-fraud-scam-what-to-do-2018-8/?r=US&IR=T.
9. “ICT in Education.” OLE Nepal, http://www.olenepal.org/ict-in-education/.
10. Musthaler, Linda, and Linda Musthaler. “How to Avoid Becoming a Victim of SMiShing (SMS Phishing).” Network World, Network World, 7 Mar. 2013, https://www.networkworld.com/article/2164211/how-to-avoid-becoming-a-victim-of-smishing-sms-phishing.html.
11. Online Scams, https://us.norton.com/internetsecurity-online-scams.html.
12. “Top Online Scams Used by Cyber Criminals to Trick You.” Heimdal Security Blog, 7 June 2019, https://heimdalsecurity.com/blog/top-online-scams/.
13. “What Is Phishing: Attack Techniques & Scam Examples: Imperva.” Learning Center, Imperva, https://www.imperva.com/learn/application-security/phishing-attack-scam/.
14. “What Is Social Engineering: Attack Techniques & Prevention Methods: Imperva.” Learning Center, Imperva, https://www.imperva.com/learn/application-security/social-engineering-attack/.