Could an email from your boss turn out to be part of a scam? How about a request for a one-time passcode? Or a phone call from a loved one?
The answer is yes, yes and yes.
The fact is that cyber criminals are constantly evolving their tactics to ensnare consumers. As fraud attempts become more sophisticated, theyโre getting harder to identify. Thankfully, weโve all got an inner voice that speaks up when a situation doesnโt quite seem right. When that happens, follow our advice to Stop, Scrutinize and Speak Up. We recommend that consumers closely scrutinize the source of the request to truly affirm the legitimacy.
Knowing when to be on guard goes a long way. So to help ensure youโre prepared and able to spot scams, keep reading to learn about ones to be ready for in 2023 and 2024, drawn from reports from the Canadian Anti-Fraud Centre, police forces across Canada, and other sources:
AI-enabled scams
Whatโs the scam? It seems like everyoneโs talking about the power of machine learning โ often better known as artificial intelligence, or AI. And yes, it is impressive, but beware of AIโs power to deceive: Experts are warning of AI-enabled scams that leverage the technology to allow fraudsters to convincingly impersonate trusted people and organizations. Some criminals are using AI to fake specific peopleโs voices over a phone call (โdeepfakesโ).
What can you do? Think before you react to odd calls and situations. Verify information independently before you take any serious steps โ say, if you receive an unusual call from a family member asking them to send you money, call them to confirm itโs a real request.
Loan scams (including loan fee fraud)
Whatโs the scam? To prey on peopleโs need for financial help, loan scammers offer a loan on good terms โ but only after you pay a fee. (The scam is that there isnโt really a loan on offer โ but the โfeeโ youโd pay would be real!)
What can you do? Beware of any loan offer that involves upfront fees (and definitely donโt pay them). Make sure to do your research and only deal with trusted, legitimate financial entities, and be especially cautious about offers that seem too good to be true.
One-time password bot scams
Whatโs the scam? As a way to get around two-factor authentication, scammers use automated bots to request one-time passwords from victims, often impersonating banks or service providers.
What can you do? Donโt share authentication codes. Scrutinize incoming messages very carefully to ensure they really come from the entity they say they do. Hint: Legitimate messages donโt request sensitive information, passwords and codes out of the blue.
Bank scams
Whatโs the scam? Bank scams involve fraudsters posing as financial institutions, hoping to trick you into revealing personal or financial information โ often as part of an attempt to access your accounts or steal your identity. For example, fraudsters have improved their fake website-building skills so it can be really hard to distinguish a fake from the real thing.
What can you do? Check carefully to make sure youโre really interacting with your bank. When youโre banking online, make sure the website is genuine โ avoid clicking on the URL from an online ad; instead, manually type in the financial institution’s URL to make sure youโre not being diverted to a fake site.
And if it’s a phone call, ask yourself: Is it really your bank calling? Offer to call them back, or visit the bank in person to discuss what theyโre calling about. Donโt click on suspicious links in emails or texts. Once again, donโt reveal anything sensitive during incoming calls.
Package delivery scams
Whatโs the scam? Scammers send fake delivery notifications or payment requests for non-existent packages, exploiting online shoppers.
What can you do? Carefully scrutinize the message โ is the email, contact info or website address correct? (Sometimes scammers use addresses that look very close to real courier companiesโ.) Donโt click links in the message either: Verify the request by calling or visiting the official website with the given tracking number. And keep track of your packages โ know whatโs coming your way.
โWhalingโ โ phishing, but in a workplace context
Whatโs the scam? Perhaps youโve heard of phishing? Now thereโs whaling โ itโs phishing, but at work. Scammers are taking advantage of the continuing work-from-home habits of office workers โ which has led to us not seeing our managers face-to-face quite as often โ by stepping in and impersonating the boss. Theyโre making requests, typically via email, that could compromise the company if you followed through.
What can you do? Employees and businesses need to stay vigilant to help spot scam warning signs and avoid phishing attempts and malicious links. If youโre skeptical, find another way (say, face-to-face or a Slack or Teams message) to confirm that youโre really being asked to do what the message says.
Email interception fraud
Whatโs the scam? Your email account is an important part of your digital life, and it can be a point of vulnerability: Itโs where you receive sensitive communications, and links to reset passwords. Cybercriminals are intercepting email communications so they can redirect payments or sensitive information for their own purposes.
What can you do? Remember that your personal email is the gateway to many other accounts, so itโs important to safeguard it. Some email providers offer a โsecurity checkupโ feature, for example, so use that periodically if you can. Beyond that, use strong passwords (which you donโt share with anyone else) and change them regularly. Enable two-factor authentication for an extra layer of security.
Fake QR codes and barcodes
Whatโs the scam? Scammers put fake codes to cover the real ones, so that QR codes on menus, payment requests and other places lead you down the trail to a malicious website โ which can lead to downloads that compromise your device and your data security. There are also reports of people being sent scam QR codes via text.
What can you do? Carefully scrutinize all requests to scan a QR code. Be vigilant when downloading apps from a QR code. Confirm it comes from a legitimate source before proceeding.
More resources for staying alert and protecting your data
As you can see, fraud can come from unexpected sources, playing on your sense of trust. But if you keep your accounts as secure as you can, and listen to your inner voice when something seems fishy, you can be ready to thwart scams as they come your way.
Discover more ways to safeguard your digital self.