Cyber scams have come a long, long way since the first one decades ago. Scammers have resorted to various methods of deception to make money from unsuspecting victims. Every day, we see some kind of novel scam, along with the old tactics that are still able to lure targets. Let’s take a look at the latest scams that have captured the threat landscape currently.
Some stats your way
The Australian Competition & Consumer Commission raised awareness about an increase in money recovery scams, which have increased by 725% compared to last year. Losses reported in Q1 2022 are projected to be around $270,000, a 301% increase since 2021.
As per a new report by the FBI, more than 600 Arizonans fell prey to romance scams, losing over $18 million, in 2021. On a national level, around 30,000 fell victim to these scams.
In 2021, approximately 20,000 people fell victim to RAT scams, as per a report by the U.K's Action Fraud. Collectively, they lost $75 million.
The U.S. lost around $2.4 billion to BEC scams in 2021 - a 33% increase from 2020.
Latest scams circulating
The African financial sector was targeted in a recruitment scam, aiming to poach bank staff. The attackers leveraged the HTML smuggling technique to deploy RemcosRAT to victims’ systems.
A USPS smishing scam is making the rounds stating that it couldn’t deliver the target’s package and urges them to click on a malicious link. Once opened, the link asks the victims to verify their address by entering details such as name, city, ZIP code, phone number, and email and physical addresses.
A WhatsApp vishing campaign was found spreading infostealers on victims’ systems. The cybercriminals attempted to deploy the malware on more than 27,000 Microsoft 365 and Google Workspace mailboxes.
APT-C-23, the Hamas-linked threat actor, was catfishing multiple high-ranking Israeli officials from the defense, government, and legal sectors. Dubbed Operation Bearded Barbie, the attackers dropped custom backdoors for Windows and Android devices as part of a cyberespionage campaign.
A new eavesdropping scam was discovered leaving vague voicemails to get users to call back. Once the victim calls back, the scammers steal their financial and personal information by claiming to provide tax relief services.
SMS group spams are rampant right now, promising offers and free gifts after paying bills. The links are only applicable for mobiles and as of now, it is not clear where they lead to or what the attackers focus on gaining access to.
The bottom line
While users, over time, have become cautious regarding online scams, their success is still mainly because of a lack of awareness. The attack surface has drastically increased, indicating that cybercriminals will continue devising new scam techniques to lure users into giving up their confidential details. Therefore, following basic cybersecurity hygiene is crucial to staying safe from such attacks.