This type of crime has been on the rise in recent times.
Despite having several variants, the best known are the theft of credit/debit card data, improper access to bank accounts or payment services such as paypal and accounts of shopping services, such as Amazon or eBay, among others, and fake social media profiles, or fake emails, pretending to be known companies or celebrities, for dubious purposes.
In 2011, for example, the owners of a hairdressing salon, known for having famous clients, such as Jennier Anniston or Liv Tyler, raised $300,000 by cloning the data from the credit cards of their customers.
Another example was Tiger Woods, the famous golfer, who sued Anthony Taylor for having usurped his social security number and made some loans worth US$17,000.
In 2014, Luís Flores Jr., a 19-year-old boy, stole the personal data of the socialite Kim Kardashian, managed to get a credit cards sent to his address, that were supposed to be charged in Kardashian’s name. In this case, however, he was discovered, before he could make any payments.
Other examples include criminals who, also pretending to be celebrities, try to get any help on dealing with specific situations mostly foreign issues, like business deals or specific purchases, that were impossible to do within national grounds. This type of work is thorough, as it requires months of contact between victim and criminal, until some trust is created, so that the criminal feels comfortable asking the victim for a favor.
Linked to this are also the “419 Scam” crimes that we talk about in phishing, and which are also part of this type of scheme. They might come as emails from banking companies, Nigerian princes, or billionaires, these criminals present themselves as having a huge amount of money that they can’t use, and they need someone else to pretend to be some interest part, to help them transfer it.
Armed with the victims’ personal data and a copy of the victims’ documents, they proceed with transfer requests, usually using companies such as “Western Union© “. The alleged victims actually receives the amount in question, but not as a “fixed” amount, but as a loan.The victims, then, proceed to transfer the agreed amount to the criminals, leaving only the “profit” part, but a couple of weeks, Western Union© contacts the victims, demanding a full refund of all the cash.
There have been cases in which victims, in desperation, try to follow the trail of money, and end up losing their lives, as, in most cases, these are organized groups, often with military pretensions.
The most common cases are related to the cloning or duplication of data associated with bank accounts or credit cards, where victims are faced with withdrawals from their accounts, in more or less large amounts, without being aware of them.
In this case, we will give an internal example: an employee of ours, from UNNE, was faced with an attempt to withdraw 2500 euros, in purchases, in Ireland, by someone who would have managed to steal credit card details. Our collaborator was grateful for the fact that he had 2FA, that is, “2-factor security”, which frustrated the criminal’s expectations.
What led to this? An apparently legal purchase of a cloud service, in which the owner of the service also managed an organized group of cybercriminals, specializing in identity theft.
There are, however, sicker cases related to identity theft associated with social networks. Sexual predators who profile teenagers in order to get to know other teenagers online, mgain their trus, and try to create a more intimate relationship, which ultimately leads to the sharing of photos and other intimate content.
After this degree of trust, the victim finds himself blackmailed into meeting the predator, and either finds himself extorted from various monetary amounts, or is forced to make another type of payment, usually associated with sexual favors.
How to avoid this type of crimes?
First things first, make sure you deal with reputable companies or organizations, analyzing any and all contact sources (email address, telephone number, etc.), and contact the companies in question, through official channels, in order to validate the communication previously received.
Never send data or personal documents, unless the applicant is duly validated.
Be very careful with the connections that are created in social networks, always bearing in mind that, in the virtual world, everything can be falsified.
And, above all, enter, only trusted websites, which do not appear to have any security risk and preferably bear SSL certificates (normally, these sites start with https instead of http, and in the upper left corner, behind the URL, there is a padlock icon. On that padlock, when hovering over it, the SSL credentials will be visible).
At UNNE, all our sites carry SSL certificates, to guarantee their legitimacy, for the safety of companies and people.
What to do if you are a victim of this type of scam?
Start by calling your bank, if you were a victim of bank data theft and expose the situation. Immediately afterwards, file a complaint with the authorities, to validate the crime itself, and to be able, among other things, to proceed with a request for reimbursement of amounts lost, at your bank, or to proceed with the request for the creation of new identity documents,
in case of the crime being personal data theft.
In order to guarantee your safety and that of your customers, contact us to create your store or webpage, always with safety in focus. We have specific tools that allow us to mitigate the effects of hacking attempts and/or falsifying access to websites created by us.
UNNE Design | Create Curiosity. A worthy partner.