Romance scams and confidence scams cause both emotional and financial pain. According to the latest FBI's Internet Crime Complaint Center (IC3) figures for 2019, confidence/romance scams cost victims an astounding $475,014,032.
Social media users should be wary of romance scams as Valentine’s Day approaches, TechRepublic says. Users of dating sites and apps are particularly at risk, and TechRepublic offers a list of tips from the FBI for staying safe from these scammers. First, stick to well-known dating websites that have good reputations. Scammers are present on these sites too, but reputable companies are better at tracking them down.
Second, use reverse image search to see if their profile photos were pulled from the internet. This won’t prove that the person isn’t a scammer, but it can sometimes expose them right off bat.
Additionally, exercise caution if someone begins telling sob stories designed to make you feel sorry for them. These are usually meant to establish an emotional connection with you and they often precede requests for money.
Be particularly suspicious if someone seems like they’re trying to isolate you from your family and friends. This is a common tactic used to prevent you from asking others for advice.
Above all, don’t send money or financial information to anyone you meet online, no matter how convincing their stories are. Chris Morales, head of security analytics at Vectra, told TechRepublic that you shouldn’t trust anyone you don’t personally know.
“Holidays like Valentine's Day are a particular focal point for social engineering tricks as people tend to have elevated emotions,” Morales said. “As many people feel particularly lonely on this day, any kind of attention would be comforting. No matter how desirable a person may sound online, everyone must tread with caution. Only trust those you know in person and even then be cautious.”
Likewise, Terence Jackson, chief information security officer at Thycotic, emphasized that social engineering is much easier when emotions are involved.
“For cybercriminals, Valentine’s Day is just another holiday and the opportunity for just another scam,” Jackson said. “If you don't know who the mark is, it's most likely you. Phishing is still the attacker's weapon of choice, and there will be no shortage of well-crafted emails and messages designed to emotionally engage you and prevent you from making rational decisions.”
While these scams are personal, the personal can easily become the professional. New-school security awareness training can teach your employees how to avoid falling for social engineering attacks in both their professional and personal lives.
We strongly recommend sending a Valentine's Day phishing template to your staff. We have a whole lot to choose from:
TechRepublic has the story: https://www.techrepublic.com/article/13-tips-to-avoid-valentines-day-online-romance-scams/
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
