Be Safe, It’s a Jungle out There…
This article is hopefully useful for my many widowed friends out there.
You just can’t go a day, week or month without some scammer slipping into your Direct Messages either through various Social Networks or WhatsApp Style texting etc. Many times, it’s obvious they’re a Scamster, other times, when you’re feeling low, vulnerable, stressed, not focused these messages can seem inviting, plausible, friendly, making you feel special, needed, even wanted and the most important person in the world to them.
Don’t underestimate the lengths scammers will go to, their only goal is to relieve you of your hard earned savings, assets and sadly won’t stop there until they’ve maxed out your line of credit. Trust me, they certainly do not care for your welfare or safety. They’ve honed their craft (Social Engineering Skills) over many years having their own recipes/patterns and scripts to work from, tugging on your heart strings, play on your compassion, conscience and possible injustices around the world.
Their profile picture will most likely be stolen from any of the images freely available on the internet. Commonly they may claim to be a war veteran, doctor/surgeon, architect, banker or one of many professionally recognised jobs around the world, even a refugee trying to flee some ongoing world issue. They’re very aware of global events and use them to their advantage. Shortly after the Tsunami in Japan, there was a flood of fake requests from scammers needing money to get out etc. Sadly it’s becoming harder to distinguish genuine cases from the opportunists out there.
They will usually start off with banter, general chit chat, to warm you up to their faux personality before dropping in that they need some funds for an emergency, whether it’s a medical care, a new phone for their job, the loan of cash for a flight to get to wherever their going or even to meet up with you. The smarter ones may even “Borrow” small amounts of money from you and actually pay that back with a little interest to reel you in for the bigger pay off.
I stress this, DO NOT Send money, or bank transfer, Venmo, Cashapp, PayPal, Western Union or the many various methods this industry uses.
They will usually persuade you not to discuss the money transfer with anyone because of “Their embarrassment of the situation”, secrecy of a business deal, there’s usually pressure on a time limit to get funds to them, sometimes even immediately.
Banks and Building Society’s are improving their detection of unusual transaction patterns and thankfully they do try and break “The Spell” of lies these Scammers weave. Don’t be offended should the bank challenge an unusual transaction pattern or your behaviours, they’re trying to make sure you are protected the best they can. Sometimes it works, and sadly many times these scammers get away with it.
If something seems too good to be true, it very usually is, and sadly many people fall foul of scammers everyday, sadly some widowed friends who have been scammed out of huge sums of money over “business deals” having never met anyone in the transaction chain. These are very literate and intelligent people too. Once the scam has been successful you likely won’t hear from them again, or if they need more “Emergency Cash”, they rely on your own embarrassment /foolishness to not report it to the police or Action Fraud.
Sadly, the chances of getting your money back is very low. It’s usually long gone being syphoned off to different accounts around the world.
What can I do if I’ve been Scammed
Did you know the National Crime Agency estimated £7bn a year was lost personal individuals in 2017? https://www.nationalcrimeagency.gov.uk/what-we-do/crime-threats/fraud-and-economic-crime
First and foremost if you’ve been a victim of a fraud/scam or feel your being pressured right now please report it! If you’ve lost money, assets etc, as nerve wracking as it is, or as silly as you may feel about what happened. Please report it to your local police and to Action Fraud. They are professional people used to dealing with this, they don’t judge you as they know how persuasive and convincing these people can be. Don’t let these people continue to commit these “Silent Crimes”.
Citizens Advice offer some solid guidance here: https://www.citizensadvice.org.uk/consumer/scams/reporting-a-scam/
Action Fraud should also be notified: https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
Realistically the chances of getting your money back is slim, these Scammers operate very fast once they’ve received your funds. That said by reporting these events, the professionals involved with investigating can build a profile and patterns of these people involved and with strong investigative skills and the intelligence you provide may help bring these gangs to justice or make it harder for these scams to operate.
What can I do to protect myself?
This is a good question, with the amount of information available on the internet these days about you, it’s proving trickier as time progresses, especially with Data Breaches from companies big and small.
First thing to do is use a search engine like Google, Bing, Yahoo, DuckDuckGo etc to research your own name and see what can be found. With common names you often have to include a city or location too.
This will give you an idea of what the average person may find out about you, other tools like 192.com can give more information about the address you live at.
What can you do if you spot a suspected scam email or message. Surprisingly there are things you can do, here in the UK. The National Cyber Security Centre (NCSC) has some very sound guidance and advice https://www.ncsc.gov.uk/collection/phishing-scams and it’s free to report them (not including your internet/phone connection fees etc).
As of June 2022 the NCSC received 12 Million reported scams resulting in 86,000 scams being removed from 159,000 URLS alone. This shows how committed and resourceful scammers are, and it will always be a never ending process to remove them.
In a nutshell, there’s obvious advice such as never click a link/url or make that phone call where it looks suspicious.
Email: Forward suspicious email to firstname.lastname@example.org
Text: Forward Suspicious Texts to 7726 (UK) you will be asked the number the text appears to originate from.
Phone: In England, Wales, Northern Ireland either visit www.actionfraud.co.uk or call 0300 123 2040, Scotland call the Police using 101
Scam Website: Report it using this tool https://www.ncsc.gov.uk/section/about-this-website/report-scam-website
Scam Advert: Report it using this tool https://www.asa.org.uk/make-a-complaint/report-an-online-scam-ad.html
Tips on how to spot a scam: https://www.ncsc.gov.uk/collection/phishing-scams/spot-scams
Advice on limiting your digital footprint: https://www.ncsc.gov.uk/guidance/social-media-how-to-use-it-safely
Why is searching for yourself important?
Simply put, the more information a Scammer knows about you, the more sophisticated and convincing their script will be, tailoring their “interests” to those of your own, to help establish commonality/common interests, hobbies, thoughts, feelings, absolutely anything to gain your trust and lower your guard. Long gone are the days of bandits with stockings over their heads and sawn offs, these people are more sophisticated and prepare very well for their next victim.
Sometimes it can be eye opening how much information is available, or known about you, especially with data breaches happening around the world daily, but we’ll come onto that later.
Don’t be fooled that information is limited just to these engines, there are professional OpenSource Intelligence techniques professionals employ to gain more publicly available data using bespoke scripts or tools like Maltego and Recon-ng, but that’s out of scope of this discussion.
Has your data been leaked in a known breach? a useful tool to use is https://haveibeenpwned.com, this site is run experts in their field designed to help you know when your data has been compromised. You can even add your email address to their notification list, and they’ll send you an email when your email address pops up.
Want to see some of the companies that have suffered data breaches? take a look here: https://haveibeenpwned.com/PwnedWebsites its a bit of an eye opener really, and these are the ones reported, there are many that go unreported annually.
They may start with an unsolicited message or Friend Request. If you don’t know them, then don’t accept the friend request straight away as they’ll have access to all the information in your social feed that’s shared with friends.
With messages, where possible click on the profile and take a look. If it’s been created in the last two years, it’s most likely fake, sometimes the Gender doesn’t match the photo. Yes I know it’s 2022 and we’re all inclusionary etc. However the number of times I get a Hot Blonde in her early 20’s sending me messages and the profile shows four friends and the account was created last month with a gender of Male, clearly shows this is a scam account. Think about it, how many young people have only just joined Facebook for example? And also the number of friends is usually suspicious.
Don’t know them? leave the request hanging for a a long time, check periodically that the photo doesn’t change from different people too.
Reverse Image Search
Have a War Vet or Surgeon telling you how much they love your photo? Use tools like Google Image search https://images.google.com that let you put the picture of the person contacting you and it will try and find a match. You’d be surprised how many aren’t who they say they are, and the real person is probably unaware their image has been stolen for fraudulent use.
Remember, if it’s too good to be true, it usually very much is. As desperate as we maybe for a distraction, affection or even conversation with another human, apply the same logic and principles if you were out in a bar, and don’t give strangers too much information.
Secure your Social Media
Sounds logical? You’d be surprised how many people leave their Social Media posts set to Public and not just friends. As a general rule, you would need Public Privacy settings for Information Pages or Business you’re responsible for.
Thankfully Facebook provide a way of limiting your historical posts to just your friends, either go to settings in your web browser/mobile device or go to https://www.facebook.com/privacy/checkup/
I would suggest starting with a “Privacy Checkup” where Facebook have tried to make it as easy as possible for you.
Work your way through each of the options provided to you, for example, Who do you want to know your phone number, Email Address, or even Data of Birth? Remember this information is not only useful for friends to remember when to wish you a Happy Birthday, but also useful for Scammers to use to research more about you, or even steal your identity.
This is one of the most useful security features. I do recommend setting your default audience to Friends or a custom list, the same for Stories too.
Limit Past Posts – Is very useful, especially if your Facebook profile has all your posts set to public. Click Limit and you’ll be greeted with the following :-
Click Limit. It may take a while for search engines like Google, Bing, Duck Duck Go etc to remove your information, but it’s a start. If you’re friends don’t have any privacy set on their posts, you may still appear in searches of their data, so something to be mindful of if you allow tagging of your name/photo.
Here’s some useful links that Social Media companies have provided to help you secure your accounts and protect your privacy. Their apps are updated fairly regularly, I’ve found creating a how to guide is usually out of date within a few months, hence it’s best to refer to them directly.
I do strongly recommend Two Factor Authentication or Two Step Verification enabled on all your accounts and don’t reuse the same password across different online accounts. Use a password manager either inbuilt to your device or Agile Bits 1Password https://1password.com
Report Phishing Scams: https://www.gov.uk/report-suspicious-emails-websites-phishing
Visualising Data Breaches
Given the volume of breaches that appear in the news, I often refer people in my real job to this website which shows the size and frequency in which your data is lost to bad actors worldwide.
Do you have any safety tips to share, or even your own experiences of dealing with Scammers? Why not share in the comments below.
Thank you for reading, I hope you found this article useful, if you did please consider making an optional small donation to buy me coffee!