In this article, I will be enlightening you on internet scam and also cite few online scams/frauds and how you can avoid them.
I hope after reading this, you will be well equipped on how to identify online scams and how you can guard yourself against them, do well by enlightening others by sharing this around, happy reading.
Online/Internet fraud/scam is a type of fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance.
Internet/online fraud/scam is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace.
It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. (Source: Wikipedia)
Chemistry Behind Online Frauds
Online scammers make use of a technique in cyber world, we call the technique Social Engineering
Scammers extensively use this technique to scam lots of people on social media and the internet at large.
How Social Engineering Works
An hacker was trying to get hold of the WhatsApp account of Mr A, he needed the WhatsApp account to dupe Mr A’s WhatsApp friends by pretending to be Mr A to them and preying on trust to collect sensitive information from them or dupe them.
The Hacker and Mr A are both on the same WhatsApp group, so… He will use Mr A’s number to open WhatsApp account, he will need to verify the number right? Yes! That’s where social engineering comes in.
He will call Mr A pretending to be the admin of the group, he will claim that he’s trying to register all group members on a platform but need to verify him before he could be registered and a verification code has been sent to him, he will request for the code and if Mr A should send the code, then his account will be hacked without stress.
Mr A isn’t a fool, but he’s not that wise too, the hackers impersonated the admin and tricked him into revealing his WhatsApp number’s verification code, this is purely social engineering technique.
A LAUTECH student was texted this:
We discovered that some hackers are trying to access your bank account, as preventive measures, we’ve temporary banned any transactions on your account, kindly call our customer care on 0703xxxxxxx to reactivate your account.
Seeing this, the girl was dumbfounded and very scared, her school fees was in her account, she called the number straight.
She was asked few questions and they requested for her ATM details which she unconsciously revealed to them, they told her that they’ve rectified it and she will receive alert soon.
Indeed, she received a debit alert, they emptied her account😭😭😭
Now, knowing what social engineering is about isn’t enough, I will identify few scams and also advise you on how you can prevent them.
1. Money Doubling Scams
In money Doubling scams many people are losing there money every single day.
Humans tend to be greedy in nature and we love making free money, this is what Scammers use against us by using social engineering to convince us that they can double our money for us.
We usually see some posts on WhatsApp, Facebook, Telegram or any other platform claiming that they can double money if you invest with them, invest 20k and get 40k in return.
2. Email-based Scams
Email scams are a type of online scams in which the scammers acquire emails and sell it to spammers.
This scam is very common today, but we don’t usually take note of it.
You will see some random links on Whatsapp claiming that they are giving out free money or data, you will be asked to sign up and they will sell all the data they collected to spammers.
3. Advanced-fee Scams
The advanced-fee fraud scam has many variations, and may claim that you are a beneficiary of some estate money or won a lottery.
Whatever the subject, the email is requesting that you send a fee in advance before you can receive whatever is promised.
This type of scam is very popular on Facebook, where a scammer will impersonate a celebrities and ask you few questions, if you answer the questions correctly, some gifts will be listed and you will be told to send some money before they can clear your gifts and send them to you.
4. Charity Scams
Charity scams simply play on the emotions of victims to persuade them to hand over donations to fake charities and organizations.
Subjects might include puppies in danger or disaster relief efforts.
The message typically include some excuse as to why the matter is urgent and may include links to legitimate-looking websites.
Aside from sending money, victims may be handing over their debit card or credit card details to thieves.
5. Work-at-home job Scams
Working from home has so many draws and is a major lifestyle goal for many people.
Scammers capitalize on the dreams of these would-be remote workers by luring them with fantastic yet realistic-sounding work-at-home job opportunities.
The catch? They just need to send a wire transfer or money order upfront to pay for some equipment or educational materials before they can get started, but these never arrive, and there is no actual job.
6. Cancelled Accounts Scams
Some scammers spend a fair amount of time creating official-looking emails from reputable service providers.
They tell the target that the account is about to be suspended and that they need to provide information to keep it open. The email might include a link to a phishing site requesting login credentials and billing details to secure the “continuation of service.”
Another example is the social engineering case two above.
7. Guaranteed Bank Loan or Credit Card Scams
In this type of scam, you will receive some messages or mails that you’ve been granted loan access and they are willing to loan you some money, you will be required to submit some bank details like BVN and Card details which might be used to empty your account.
8. Investment Scams
I’ve cited this under money doubling scams. Scammers present a business proposal to you that looks appealing, you will want to fall for the scam because it looks great and the benefits are high, but in the process, you will be scammed.
Some of what motivated me to put up this post was the news I heard today about a sister that was scammed #85,000 under the claim of investing in a program called Lavita Rica, she was neatly scammed.
I’ve also had many cases of people being scammed in this format.
Ransomware is a type of malware that involves an attacker encrypting your files with the promise of decrypting them only in return for a fee.
One of the most notorious cases of ransomware was the 2017 WannaCry attack in which more than 400,000 machines were infected.
Ultimately, criminals took an estimated $140,000 worth of bitcoin in exchange for decrypting users’ hijacked files. Backing up files regularly can help protect you against the threat of ransomware.
In this form of extortion, victims are typically lured into sharing intimate photos or videos, often through online dating sites or social media.
They may even be prompted to perform explicit acts while being secretly filmed. They are then asked to pay a fee to prevent the photos or videos from being released.
11. DDoS attack
Distributed Denial of Service (DDoS) attacks are similar to ransomware attacks, except that instead of file encryption you often have whole websites or internet services taken down. Web servers hosting these sites and services are flooded with dummy traffic that overwhelms them, slowing the site down to a crawl or even shutting it down altogether. Victims are instructed to pay a fee to gain back control over the service. Businesses are often prime targets for this type of attack.
Phishing is a very smart social engineering technique, let me explain it in such a way you will understand.
I want to Hack Mr A’s Facebook’s account, in cyber world there are many ways to hack the account, but I want to use social engineering to get the login details, I will simply use Phishing to trick him to revealing the login details to me, here is how.
I will go to any free hosting site like byethost and create an account with them, I will try to purchase a domain name similar to what I want to do, like in this example I’m planning to hack his Facebook account, I will simply purchase a domain that is related to Facebook.com, e.g I could use any of the below domains
After I’ve created this domain name, I will add the domain to the host secured above and also install Phishing script in the host Cpanel.
I will then mail Mr A or send him a message on WhatsApp like this.
How to get free data from Mtn
It looks real? Yes! That’s Facebook url na, if he click on the link, it will redirect him to Facebook and he will be prompted to login before he can continue, if he login, the login details will be saved to my Cpanel inside a text file and I can easily login to his account with it.
This can not only work for Facebook, but anything and everything.
Imagine when someone clone UDEMY website and used this trick to access your udemy account and get your card details from there?
Your bank official websites could be cloned and use to perform this trick too.
13. Spear Phishing
Spear phishing is very targeted and the perpetrator typically knows some of your details before they strike.
This could be information gleaned from social media, such as recent purchases and personal info, including where you live.
A phishing email or message might be crafted based on those details, asking for more information including payment details or passwords.
Bank fraud vishing scams are some of the most common you’ll come across. Scammers will typically pose as a financial institution representative and tell you there has been suspected fraud or suspicious activity on your account.
While some will then try to extract personal or bank account information, other scammers have different tactics.
One in particular involves persuading targets to install “protective software” on their computer to block any more fraudulent transactions. What the software actually does is allow remote access to the victim’s computer.
15. Government Agency
If you get an official-sounding call from a law enforcement or government agency, you’d be forgiven for being scared into handing over details. Criminals prey on this fear and often pose as police or government officers to phish for personal information. Bear in mind, any such legitimate contact would be dealt with in person or at the very least by mail.
How To Guard Yourself Against These Scams
How cunning is social engineering? Please find out how Kevin Mitnick becomes the most popular Hacker of all time using social engineering techniques here
Trust me, it is very hard to avoid social engineers, they are very cunning, but I will give some helpful tips below.
One of what these scammers use against us is our greediness, don’t be too greedy and stop looking for free money.
Seeing and sharing posts like
Urgent, in support of all Nigerians
Obtain N4000 Balance credit and 1000GB Free Internet from here:
Can expose you to hackers, there are many posts like that, where they will promise to offer you some money or tell you that government is distributing some money and you should click a link to access it.
Stop falling for the scams of those who are asking you to invest #20k and get #40k in return, if it was that easy they would have also been rich already, they are just planning to prey on your money.
You might get a message from a very trusted friend that you should invest in a business to get double of your money, before you fall for the trick, put a call across to your friend and confirm if he’s truly the one chatting with you. Most of the scammers do hack the account of someone that is close to you and use trust against you.
Google is your friend, if you hear of any investment or any scheme, kindly go to Google and search for “scheme name + reviews”
For example, “MMM reviews” searching for this on Google will bring the reviews on those who have been scammed from the scheme to you and you will know how truthful the scheme is.
If you receive a message that federal government is distributing relief fund to youths, go to punch official website, or federal government official websites, search on Twitter and verify if truly they are doing that before you click on the link.
Any link you click today increases your possibility of being scammed.
Before sending money to someone or doing business with someone you don’t know or trust, talk to few friends and seek advice.
Try setting 2-Step verification on your WhatsApp account, it will save you some days.
I wrote something on how to identify fake links here, you can check it out and know how to identify Phishing links and links that are fake.
Please stay safe and practice social distancing, I wish you all the best.
Do well by sharing this to educate others, comments are expected of you too. Thank you.