The landscape of scams shifts quickly, exploiting advancements in technology and social engineering.
Last year, in our blog on Your Financial Security – Beware of Scams, we highlighted common scams and practical tips to avoid falling victim.
Today’s update will delve into current threats, helping you stay vigilant in the current digital landscape. The scenarios referenced were from our personal experiences either directly, or though friends and family.
Scenario #1 – AI-driven phishing
Scammers use artificial intelligence to create highly convincing phishing emails that lack the usual grammatical errors, making them harder to detect.
One of our team members received the following email:
Indicators that this was a phishing attempt included:
- Words such as “crucial” and “essential” were used to highlight its importance and create a sense of urgency.
- The hyperlink in the first paragraph was in a different font than the rest of the email.
- If you search for www.cpp.ca, you will see it’s for insurance, not the Canada Pension Plan.
- They reference that the file is compatible with computers only. This is a clear attempt to gain access to the recipient’s computer and gain access to sensitive personal information.
- Checking the sender’s details shows that it’s not coming from a corporate agency.
Scenario #2 – Email bombing
In recent months, a scam involving Aeroplan points surfaced.
In a CBC article on one victim’s experience, they highlighted the use of email bombing to successfully access the victim’s points. Email bombing is a technique used by hackers to overwhelm someone’s inbox with useless emails in a short period of time. The goal is to take your focus away from the one message you should be paying attention to.
The fraudsters exploited weaknesses in account security to steal points from members, and the notification of points used was missed.
Scenario #3 – The Old-Fashioned Approach
Fraudsters continue targeting vulnerable populations through mail. Fraudsters send official-looking letters that mimic correspondence from legitimate institutions, directing recipients to call a phone number or visit a fraudulent website. They use social engineering tactics to include personal details that make the letter seem more legitimate.
A family member recently received a letter mentioning an estate settlement. It referenced her deceased spouse’s estate, including his first name, leading the individual to consider this may be a legitimate communication.
Indicators that this was a phishing attempt included:
- Words such as “crucial” and “essential” were used to highlight its importance and create a sense of urgency.
- The hyperlink in the first paragraph was in a different font than the rest of the email.
- If you search for www.cpp.ca, you will see it’s for insurance, not the Canada Pension Plan.
- They reference that the file is compatible with computers only. This is a clear attempt to gain access to the recipient’s computer and gain access to sensitive personal information.
To reduce the likelihood of falling victim to a scam, consider these three key practices:
- Be Skeptical and Verify Sources
Approach unsolicited communications with skepticism. Whether it’s an email, phone call, or text message, don’t trust it at face value.
If you receive a suspicious message from what appears to be a legitimate company, contact them using a verified phone number or email address from their official website, not the contact information provided in the message.
- Enable Multi-Factor Authentication (MFA)
Using multi-factor authentication adds an extra layer of security to your online accounts by requiring more than just a password. This typically involves a second step such as a text message code, authenticator app, or biometric verification. Enable MFA on all your important accounts, including email, banking, and social media.
- Have a conversation
If you’re unsure about a request that you’ve received, speak with a friend, family member, or advisor. Sometimes, just getting a second opinion can be enough to spot a red flag. What might seem plausible to you in the moment could appear suspicious to someone else.
Scammers often prey on emotions, such as fear, excitement, or urgency, which can cloud judgment. A trusted person can also provide an objective perspective on the situation.
In these uncertain times, safeguarding yourself against evolving scams is crucial. As your trusted advisors, we are here to help you stay informed and protected.
