Johannesburg - In our tech-savvy world many of our interactions are online. Our cellphones, tablets and computers open our world to a wealth of communication.
They also make us vulnerable to a plethora of online threats. To ensure software safety we come up with complex passwords, put up firewalls and instal antivirus software, but it seems that cybercriminals are always one click ahead of us.
Cyberscams have always been a threat to online safety and in this era of booming social network sites, the threat has moved on to our screens.
To stay ahead, cyberscammers have altered their bag of tricks to include Facebook cloning schemes, faux competition SMSes and Sars eFiling fraud e-mails.
To understand these scams better, The Star sat down with Jacques Van Heerden, an IT security specialist whose job involves online forensic investigation along with teaching corporates how to hack. He has worked in IT for 10 years and believes teaching people how to hack their own systems teaches them how to protect them. He spoke to us about four types of scams:
With this scam a Facebook account is cloned by either taking a screenshot of the account or copying its details, including the account’s friends.
The cloned account is then used to send friend requests to those friends. When the request is accepted, a message is sent asking the friend for money. Sometimes they say they’ll pay you back or that they are in dire need.
According to Van Heerden the cloning happens when your account setting is on “public”. “This means that anybody from the public can see you, see your details and has access to your friends,” he explained.
“When that happens they’ll create a separate account, which looks similar to your account.”
This scam is popular in Ghana – hence its name. It is executed by sending a seductive and intriguing Facebook message to someone declaring your interest in them and stating you have “something very important” to tell them. When the message elicits a response, the scammer then tells a sad story – either they’re living in a refugee camp in west Africa or their entire family were murdered. Then they ask for financial assistance.
This scam is more drawn out because the scammer wants to build a relationship with the victim.
“The point of these scams is to extort money,” explained Van Heerden.
“It’s typically men from either Nigeria or Ghana and they upload a picture of a beautiful woman.
“They usually say they have a large pay cheque they can’t bank, or they need to come to South Africa, and when you pay the money over to them that money is gone, that person never existed.”
Van Heerden said cybercriminals have begun to put effort into emotional manipulation. “All I need to do is create something with an emotional value on top of it and then ask you do to something for me,” he said.
This e-mail scam lures you into clicking on a link by promising you a reward for eFiling. The link usually takes you to a fake bank page where you are instructed to enter your details. Through that the scammers get your bank details and access to your money.
“The intent is always to direct unsuspecting victims to click on a link where they will be asked to respond to questions of a confidential nature,” said Kalyani Pillay, the chief executive of the South African Banking Risk Information Centre. Pillay said the Sars logo and the logos of all major banks are on the e-mail sent out during tax season.
Van Heerden said people should look out for spelling mistakes and check if they mention the wrong bank. He said the scammers warn you not to respond to the e-mail.
The SMS scam seems to be the most well-known one. You receive a text telling you that you have won a large amount of money from a cellular network or a cellphone manufacturer and should call a number to claim it. You’re asked not to respond to the SMS. When you call the number, you’re either asked for a lawyer’s fee or your personal details. “That happens very often,” said Van Heerden. “We don’t know why people fall for that.” He advises people to ignore these texts and delete them immediately.
How to avoid being caught
Types of scams