Latest News

5 cyber scams to watch out for in 2024

Scams are deceptive and fraudulent practices executed by individuals attempting to con others for the purpose of financial or personal gain, and scammers have no intention of stopping their nefarious behaviors anytime soon. Recent research by Citibank shows that even though 90% of respondents believe that they can comfortably detect and avoid scams, more than a quarter still became victims of one eventually. 

Many people fall for scams due to a lack of awareness regarding common scam tactics and also because of scammers’ abilities to exploit their victims’ emotional and psychological vulnerabilities. Here’s a look at a few different virtual scams that may appear frequently as we begin 2024:

1. Peer-to-peer (P2P) payments fraud

Peer-to-peer payment methods such as Venmo or PayPal have become a common way of completing transactions in a quick and seamless manner. Along with the convenience comes an increased risk of encountering suspicious and fraudulent scam attempts, such as:

  • Overpayment scams: These incidents involve cybercriminals sending their targets an overpayment and then later requesting the difference between the initial and extra amount back. The catch here is that the surplus payments are actually counterfeit and cannot be deposited, so victims ultimately lose money and risk their financial information being stolen.
  • Fake payment notifications: Scammers impersonating P2P payment providers falsely claim that money has been transferred via the app, a widely used technique to steal login credentials after users access an infected URL.
  • Two-step authentication scams: Similar to fake payment scams, con artists attempt to bypass multifactor authentication measures by posing as financial institutions or the fraud department so that targeted individuals can accidentally share verification codes for logins when they’re requested. This serves as another common tactic used to compromise the accounts of P2P payment users.

2. AI-enhanced scams

Generative AI has made its way into practically every industry to help simplify certain tasks, but it is a double-edged sword because it’s being used by cyber adversaries as well. Scammers are manipulating this technology to produce believable texts/emails and convincing audio and visual clips masquerading as trusted individuals (CEOs, celebrities, government entities, etc.) to make it easier to trick victims into sharing confidential information or sending money. 

Other AI-powered systems such as WormGPT and FraudGPT are also being used for malicious purposes, and these sophisticated systems have made it easier for bad actors to produce and execute deceptive content campaigns. Attackers are also using AI to create deepfakes. Some deepfake scam strategies involve voice cloning, text generation, and the creation of hyper-realistic deepfake videos. Without proper regulations in place, these advanced and easily accessible tools will make these types of scams more powerful and simple to carry out. 

3. Government account takeover scams

The ongoing digitization of government services has facilitated a rise in a new wave of government account takeover attacks, and with the 2024 tax season in full swing, scammers are looking to catch people off guard. In many of these attacks, people receive fake IRS emails claiming that they’re eligible for a refund during tax filing periods with phishing links embedded into the body of messages. 

Similarly, fraudsters are attempting to target tax preparers by disguising themselves as taxpayers who need assistance with taxes so that they could potentially access client data. Such unanticipated email solicitations can also lead cybercriminals to log into victims’ IRS or Social Security accounts to file fake tax returns or claim benefits under their name.

4. QR code scams

During the COVID-19 pandemic, the use of QR codes proliferated as demand for contactless options grew. Their speed and convenience made many tasks easier, including the ability to make payments or access information within a matter of seconds. However, scammers and cybercriminals have started to capitalize on this emerging technology to initiate a sequence of QR-code-based phishing attacks, or quishing. 

A recent study indicates that there was a 587% rise in quishing attacks between August and September 2023. Last year, proper email security solutions that addressed quishing concerns were limited, which increased the likelihood of successful attacks. Deceitful QR code images are generally less obvious and harder to detect, both by people and traditional email security tools, and scammers will continue to find new ways to manipulate this technology throughout 2024.

5. Job listing scams

With the influx of job seekers in today’s market, employment scams are increasing and are undoubtedly impacting unsuspecting applicants. A common scam tactic in this area includes cybercriminals posing as recruiters and asking candidates to transfer money for the purchase of remote work equipment with the guarantee that they’ll be reimbursed after receiving their first paycheck. 

This should serve as a red flag as most companies will provide work-from-home employees with the necessary supplies needed to do their jobs. Also, unsolicited job offers on sites like LinkedIn can be recruitment scams in disguise and are merely attempts to get money or access to personal data for malicious purposes.

In the case of scams, skepticism is always valuable and can help in building a safer digital future. AI-powered email protection systems like Barracuda Phishing and Impersonation Protection can also help reduce the risk of threats reaching inboxes by providing advanced real-time detection and monitoring and minimizing the potential damage that may be caused.  

To discover the right protection plan that your organisation needs – email now.