Organised crime is now using real-time spatial databases (GPS location), social media scraping and machine learning to feed highly personal data into AIs that develop one-to-one internet scams that seem so real.
The scam aims to target you with information that only you think that you know. But as security experts have found it is easier than you think to create one-to-one personalised internet scams that seem real.
By internet, we mean using the internet as the delivery vector. That includes email, SMS/Messaging, IoT (security cameras and routers), mobile phone telemetry/metadata and even mobile voice calls.
And it turns out that there is no end of meth-head ‘locals’ – people that live near you that need money – available to help organised crime pull off one-to-one internet scams that are so real.
If we are painting a bleak picture – good.
In 2020 alone there were 216.000 reports of scamming and a loss of $164 million (average $800 per scam). And its not just elderly victims either.
Internet scams that seem so real – some examples
Verify your details
I recently received a call from a person saying that due to money-laundering compliance, they had to verify my account details. Naturally, I refused as phone number spoofing is easy and you must never reveal personal information over the phone.
Next, I got an SMS allegedly from my bank saying that every account holder urgently had to respond to a verification email.
The email looked as if it had come from my bank, addressed correctly, and it had a level of detail that should not be publicly available. I hovered my mouse over all the links. The web address was obfuscated so that the bank’s com.au address was merely a super domain on top of the scammer’s domain name (not the real bank name), e.g., mybank.com.au…verify.AUsecuritycheck.cn
It did not stop there – several SMS messages soon followed, stating the urgency of verification to stop attempted access to my accounts or face suspension of my accounts.
Rule 1 – never give personal information over the phone or via email.
The scam can be modified to come from Australian organisations
These include Telcos, Australia Post, Federal Police, Courts, Australian Tax Office and even the register of births, deaths and marriages.
# Rule 2 – check links and always ensure that the link is the same as your bank
# Rule 3 – Call the organisations (use the White Pages to get its phone number) or its website to check details – never respond to an SMS or email.
Meth (methamphetamine or ice) has become the scourge of the suburbs. In the US, a casual user can spend $25,000 and an addict $80,000 a year. Meth addiction is the cause of spiralling divorce, domestic violence, crime rates, vehicle deaths and mental illness.
To feed the habit, you can become a ‘neighbourhood watcher’ assigned multiple local targets via an anonymous website URL.
Organised crime is reputed to have ‘tens of thousands’ of watchers in Australia. One boasting they could mobilise via its drug dealers up to 50K users to rent to online scammers.
The aim is to fill in gaps in the targets dark web profile to enable ID Theft or a highly targeted scam. The Meth head is given a list of missing data and goes about collecting it from home walk-bys, chatting to other locals, and even following the target to work, the gym etc. They are looking for
Type of home (net wealth)
Car number plates (registration, speeding and other vehicle scams)
Security camera locations (including those on the street)
‘Bin’ nights to allow dumpster diving.
Access points for a potential break-in
If the letterbox is not locked mail is taken and analysed
And overall target movements – when at home or out
Invariably the meth-head gets the confidence to break in and steal passports, cash, jewellery and more.
# Rule 4 – lock your letterbox
ID Theft is so easy – the list of items that criminals want is here at Cyber.Gov.au.
You can also report a cybercrime on the site and let the local police know.
Payment is on results, but a full checklist with a passport, drivers licence and utility bills can earn a $2000 credit with the drug dealer who in turn is paid even more by organised crime.
These scams are all largely about ID Theft and provide data to local criminal gangs for break-ins.
# Rule 5 – look for ways to reduce walk-by information gathering. A security camera on the letterbox is a great idea. Security cameras are still the biggest visual deterrent.
# Rule 6 – buy a good cross-cut shredder to destroy anything that may have your name on it, especially bills.
GadgetGuy’s take – follow the money
Email scams yield small amounts – enough to fly under the radar of money laundering and even banking alerts.
We are talking about major scams designed to identify high net worth people and steal their ID to gain a high return. The fact that organised crime, local crime and drug dealers, and meth-heads are part of the equation means ID Theft is rising.
To reduce ID Theft
Do not share personal information online – that means no pet names, birthdays, or photos used for facial recognition. We recommend # Delete Facebook.
Never use the internet to transmit financial or personal details – use an Express Post satchel if you can. If buying online, use a protected credit card like PayPal.
Use PAID anti-virus from Norton, McAfee, Kaspersky or Trend Micro – never use free AV
Use a paid VPN to conduct all financial transactions and even general web surfing