Lead Machine Pink 160x1200

Lead Machine Pink 160x1200

promote webinar 600x108 2

Thursday, 23 September 2021 10:59

COVID, lockdowns, tax time: scammers pose triple threat

By Suranga Seneviratne, University of Sydney School of Computer Science
COVID, lockdowns, tax time: scammers pose triple threat University of Sydney

GUEST OPINION: The pandemic, ongoing lockdowns and tax return time are leading to a perfect scam storm, says Dr Suranga Seneviratne from the University of Sydney’s School of Computer Science, who provides timely advice on how to spot and avoid a scam.

“The COVID-19 pandemic has hit Australia again. Many of us were caught off guard and we have all had to quickly react and adjust. Changed work conditions – or lack thereof, home-schooling, social isolation and information overload are making many of us – even the tech savvy, vulnerable to scams,” said Seneviratne.

“Scammers target vulnerability and thrive on disorder – current conditions are the perfect breeding ground for this type of nefarious activity.

“Now, more than ever, we should be on high alert for possible cyber-crime and scam activities targeting us.”

Lessons from lockdown 1.0

“Last year we witnessed several pandemic-specific scamming activities. The early days of the pandemic saw attempts to distribute malware using apps and websites disguised as providing COVID-19 information,” said Seneviratne.

“There were also phone, SMS, and email campaigns around the world where the attackers targeted mobile users with convincing stories, such as pandemic relief packages, test results, information about travel restrictions, and early access to vaccination. During the same time, regular scam activities – such as romance scams and fake advertisements – also increased locally as well as globally.

“For example, according to the Australian Competition and Consumer Commission (ACCC)’s latest report, losses from scam activities sky-rocketed in 2020 – increasing by a staggering 23 percent compared to 2019. The US Federal Trade Commission reported similar trends in the US.”

What’s happening this time around?

“While it remains to be seen whether scam activities have increased during the current outbreak, there’s evidence that attackers are “seizing the moment” with crafty stories designed to exploit people’s heightened vulnerability,” said Seneviratne.

“Just last month, Australian mobile users were targeted by the Flubot scam. Targeted users received a seemingly innocuous SMS with a link to a supposed voice mail message. Once the link was clicked, users were asked to install a voicemail app, which was in fact malware. Some thought this message was related to their COVID test results.

“During the pandemic, people have been getting calls from unknown numbers for all sorts of reasons, and not all of them have been nefarious. This increased communication, coupled with many people being more preoccupied than usual, has caused many otherwise cautious people to absent-mindedly click malware links or answer calls from scammers.

“Business emails have also been compromised by scammers. Some businesses or individuals may be behind their payments due to the pandemic or dealing with challenging remote working conditions. Attackers have been pretending to be suppliers, trying to scam money from businesses.”

“Fake postage or logistic texts and emails, claiming to be DHL, Australia Post and Toll have been rife too, with scammers capitalising on the increase in orders and trade by post.”

“Now that we are in a new financial year, increasingly, scammers are posing as the Australian Taxation Office and are requesting large sums of money. There have also been instances where people have received voicemails telling them they have a warrant out for their arrest because of tax evasion.”

ITWIRE UNIVERSITY OF SYDNEY SURANGA SENEVIRATNE DHL SCAM

A message claiming to be from DHL which contains a link to a fake website. Clicking this link could infect your device with malware, spyware or a virus.

Dr Seneviratne's 6 top tips for avoiding cyber scams

There are several easy, everyday actions we can all take that can protect us against cybercrime, such as: regularly updating our software; using antivirus solutions; creating secure passwords and; enabling multi-factor authentication.

There are also several scenarios in which you should proceed with caution:

1. If you receive an unsolicited message with a link, don’t click it. Many text messages appear to be legitimate, but on closer inspection are not (see fig.2).

2. If you receive a text alerting you to a voicemail, don’t click the link. Instead use your telco provider’s voicemail number to find out if you actually have received one.

3. The same goes with the bank or other similar institutions. If you get a message, don’t click on it. Instead, directly log into the bank from your computer or the app. Many banks are now moving away from sending texts containing links. Rather they only send messages like “there was some suspicious activity in your account, please log in to your online banking portal and check”.

4. Never give out your personal information over the phone on an unsolicited call. There are many occasions that we receive legitimate calls from unexpected numbers at unexpected times. However, if you give away personal information over the phone, it is strongly recommended that you first verify the identity of the other party. For example, if the person claims to be calling from the bank, ask for their name and enquire as to their request, then hang up and call the bank at a verified number and corroborate these details – the bank will be able to tell you if this was a legitimate request.

5. Check email sender information. While email filtering solutions are doing a reasonable job in preventing bulk phishing attempts from entering your inbox, highly targeted phishing and scam attempts can still make it into your inbox. Always check the email address of the sender and do a verification of whether it is really coming from the person it claims to be. For example, if one of your work colleagues emails asking for an urgent financial favour, verify whether it is the correct email. These phishing attempts will often get the names and contact information correct and combine it with a plausible story, but if you inspect closely you will realise the email address is not the one you know. For example, a fake University of Sydney email address might read: john.Appleseed@sydney.au.edu or john.appleseed@sydney.co.

Especially on mobile devices, attacks often manipulate sender names so you only see part of the sender name, such as “Australia Post”. But when you expand the actual email address, such emails will not have a valid Australia Post domain name, as in this example:

ITWIRE UNIVERSITY OF SYDNEY SURANGA SENEVIRATNE AUSTRALIA POST SCAM

An email claiming to be Australia Post. Note the actual email address is “AustralianPost@azedf.z-mcit.org.uk”. Be sure to watch out for small details like this.

6. Remember everyone is vulnerable to being scammed. While all of this may seem obvious and straightforward, many tech-savvy people have fallen victim to these simple tricks and heightened stress is making us all more susceptible.


Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments