Anyone doing anything online can become a victim of digital fraud, and while we are all vulnerable, the people most likely to fall victim to this type of theft, are seniors. They are also the least likely to report a cyber crime to the police, but that’s exactly what you must do straight away to stand a chance of getting your money back.
Detective Inspector Paul Ridley is head of the Bermuda Police Service (BPS) Financial Crime Unit and has been working in financial crime for over 17 years. In the last 12 months, he has seen a “large increase in the number of cyber events” occurring in Bermuda. A cyber event, he explained, is “anything involving the loss of funds via an electronic communication of some sort.”
A current scam that particularly targets seniors is a phone call from someone claiming to be from a local bank who will identify themselves with a western name:
“Typically, the name Sam Parker has been used, and they inform the would-be victim that their account is at risk of compromise, that this senior employee has identified two unauthorised transactions on their account, and that they’ve identified a suspect who’s an employee of the bank,” explained DI Ridley.
The story will go that they are trying to catch the criminal employee and they must therefore keep this secret. Victims will be persuaded to download legitimate software such as Team Viewer or Any Desk, and in doing so will give ‘Sam Parker’ access to their account. He can then transfer funds. They will be told that their funds aren’t at risk and that they will be recovered as soon as the employee is caught.
“Being seniors, they want to help, they’re trusting,” he said. Seniors are also more likely to have a landline and be at home.
Other scams he sees regularly include phishing, ‘sextortion’ and false competitions to obtain credit card information, which can then either be used or sold on the dark web.
“Phishing is relentless,” he continued. “There’s generally two kinds of emails and that is either ‘I want to assist you’, or threatening emails.” Such emails will appear to be from your bank warning you that your account is at risk. You are then persuaded to click on a link that takes you to a ‘phishing site’ where you submit your data.
The threatening emails could be claiming to have hacked your computer, and saying they will install malicious software or circulate compromising photographs of you unless you pay a sum of money.
Such emails may also suggest you have ‘won’ something, but in order to claim that ‘prize’, you have to invest. Or, you may see an advert on, for example, Facebook, seemingly from a local business whereby you have to buy a ticket for as little as $1, but in order to buy that ‘ticket’ you have to submit your credit card details, including CVC number. Then, the fraudsters have everything they need.
With scammers becoming more sophisticated and ubiquitous, what can we do to protect ourselves?
Understanding the ways in which they manipulate people is vital. DI Ridley said they will often have a sense of urgency: “You must complete this,” or “only one remaining, you must put your details in now.”
Another trick, he continued, is confidentiality: “It’s the ‘don’t say anything to anyone’, because if a senior was to say that to a family member or a trusted friend, they’d say, ‘this is a scam, back out of it.’”
Another technique is to use religion to imply honesty, for example: “’I’m a religious man, I’m a God-fearing man, you can trust me’. All complete rubbish,” he said. This is just a way to build up trust with the victims.
Spelling and grammatical errors in the emails, advertisements or text messages can also be a giveaway, but DI Ridley warned that the fraudsters are “getting much better” in this respect.
If you are inputting your credit or debit card details online, he said you must make sure there is a “little padlock in the web address”. This means your data will be encrypted.
WHAT CAN VICTIMS DO?
Victims are often embarrassed by what they have done and are therefore reluctant to report the fraud, but he emphasised, that is exactly what you should do, and quickly:
“If you’re reporting that to the bank within 24 to 48 hours, they can put a freeze on that wire so it isn’t sent to whichever country it’s going to,” said DI Ridley. “The banks have informed me that the earlier it’s reported to the bank, generally within 24 – 48 hours, there is a good chance of recovery.”
But, what if someone has been coerced into doing something embarrassing online, which has been recorded, and they are now being blackmailed?
He said no one should ever feel too embarrassed to speak with him because, he continued, “if it involves fraud, I’ve likely seen it.” You should therefore report it to the police, block the email or ‘unfriend’ them from social media, and never give them any money:
“These persons don’t care for you. They don’t care for any victim. They’re only satisfied when they take every last dollar from you.”
In the case of blackmail, he added: “I’ve never seen one instance where the fraudsters have actually posted anything, because they’ll think: ‘I could still get a couple of hundred dollars down the line’. Not to say that they wouldn’t, but I’ve never known one instance where the scammers have done what they threatened to do.”
If you think you’ve become a victim of digital fraud the priority is to get your money back. Call the BPS first, said DI Ridley, and your bank second. This is because the bank will often ask for a crime reference number to confirm that it has been reported to police. If you’re quick enough, you could save your money.