IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

FBI Says Stopping Online Fraud and Scams Requires New Focus

The FBI launched a new nationwide campaign this past week to raise awareness of the surge in online fraud and scams impacting the public and to encourage reporting to law enforcement. 

Close up of a person's hands holding a smartphone and a credit card.
Adobe Stock/makibestphoto
On Aug. 19, 2024, the FBI issued a press release announcing the launch of a new national awareness campaign called “Take a Beat.”

According to the FBI’s latest Internet Crime Complaint Center (IC3) data, there has already been $1.6 billion in losses due to online fraud from January to May of 2024, which is nearly $300 million more from the same time last year.  

“Fraud remains one of the most devastating violations the FBI works due to number of victims and the number of losses,” said Executive Assistant Director Michael D. Nordwall of the FBI’s Criminal, Cyber, Response and Services Branch. “In addition to the immediate financial harm, victims can experience other harm to include emotional and sometimes physical. Preventing fraud victimization takes a whole of community approach, so we encourage conversation between you and your loved ones in signs of potential scams, what to do if you fall victim, and how to report.”

Christina Pullen, the FBI’s press secretary, warned, “If something seems to be too good to be true, there’s an unnecessary sense of urgency, or it’s unsolicited, take a beat, think about it and report it if you think you’ve been a victim.”

Over a five-year period from 2018 to 2022, the FBI saw an explosion of complaints about Internet crime. The financial losses amounted to a staggering $27.6 billion.

What are some of these online scams that are growing in 2024? This FBI website lists some common ones. Here are a few of the financial fraud examples:
  • Advance fee schemes that ask you to invest up front money for a larger return later, such as a loan, contract or gift.
  • “Nigerian Letter” or 419 schemes that ask someone to share in a percentage of millions of dollars that the author — a self-proclaimed government official — is trying to transfer illegally out of Nigeria.
  • Ponzi schemes use current investors’ money to pay previous investors. They inevitably collapse.
  • Pyramid schemes ask you to bring in new investors to make a profit or recoup your investment.
  • Telemarketing fraud schemes try to steal your money over the phone, whether by telling you you’ve won a prize, are in legal trouble or some other approach.

MORE SCAM EXAMPLES


The Los Angeles Times led with this headline recently: “Zelle scams prompt federal probe into whether banks are doing enough to protect customers.” It reads, in part, “From splitting a meal to booking a family vacation, millions of people worldwide use Zelle to transfer money to friends, family and others. But a growing number of users are being targeted by scammers, losing large amounts of money in the process.”

The Huffington Post offers these “10 Sneaky Travel Scams That Too Many People Fall For.” Here are the first five:
  • Fake Travel Document Websites
  • Taxi Overcharge
  • Unsecured Wi-Fi and Hot Spots
  • Car Rental Scam
  • Emergency Calls

Another hot scam was identified by my friend Michael McLaughlin in this LinkedIn post titled “SCAM ALERT: Getting voicemails from debt collectors? Beware!” Here’s an excerpt:

“The scam begins with an official-sounding robocall that attempts to confirm the recipient’s identity and claims the need to process paperwork regarding an account balance to prevent further action. The call provides a callback number and a reference to a website for electronic communication.

“Voicemail: ‘Hello, our office was trying to locate and confirm this number is registered to [Name]. If you’re not this individual, please hang up for privacy purposes. By continuing to listen, you acknowledge that you are the individual we are attempting to contact. We are attempting to process paperwork under your name and social regarding an account balance with our client to prevent possible further action. To hear your options, please call this number back at your earliest convenience. Thank you. If you prefer electronic communication, please go directly to our secure self-serve portal at www.jmlegalteam.com. It is urgent we get this resolved today. Thank you.’

“Both the provided callback number and the website www.jmlegalteam.com are fraudulent. The call originates from a number assigned to a UK-based consulting firm, and the website came online on July 31, 2024.

“Despite the officious tone of the robocall, the associated web presence has exposed significant anomalies. The domain jmlegalteam.com was registered on July 31, 2024, which raises red flags about its legitimacy. The website lacks credible business details and prominently features the suspicious 866 phone number, which has been linked to confirmed scams.

“Calling this number directs the caller back to the website, which then requires submission of a phone number called and the last four of the recipients SSN. If you receive such a robocall or voicemail, DO NOT RESPOND: Do not feel pressured to call back or provide any personal information.”

WHAT CAN YOU DO TO PREPARE?


According to the FBI, while fraud can happen to anyone, there are small steps you can take to protect yourself and your information:  
  • Take precautionary measures to protect your identity should a criminal gain access to your device or account. Immediately contact your financial institutions to place protections on your accounts and monitor for suspicious activity.  
  • Be cautious of unsolicited phone calls, mailings and door-to-door service offers.  
  • Search online for the contact information (name, phone number, email, addresses) of any unknown source which reaches out to you, as well as the proposed offer. Verify the legitimacy of businesses on websites such as Better Business Bureau. Other people have likely posted information online about businesses and individuals attempting to run scams. 
  • Never give or send to unverified people or businesses any personally identifiable information, money, checks, gift cards, or wire information.    

In his LinkedIn post, Michael McLaughlin offers these tips to identify debt collection scams:

“Legitimate debt collection practices include transparent communication and proper identification. Be wary of the following red flags:
-- Requests for extensive personal information that should already be on file. Refusal to provide proof of debt or proper identification.
-- Threats of legal action or other severe consequences without proper documentation.
-- Websites for firms with no other discernible web presence. Stay vigilant and informed to protect yourself from such scams.

“Verify the legitimacy of any debt collection claims, validate details, and vet sources before taking any action. And never, never make any payments through a site without proper verification. Awareness and caution are your best defenses against these fraudulent schemes.”

FINAL THOUGHTS


Another area to consider regarding online fraud and scams is related to elections and voting. I covered some of those topics in this piece on election security. The topic of top cyber threats facing public-sector CISOs is also addressed in this blog from earlier this year, which highlights misinformation and fake news in elections.

Finally, we will cover the election security topic further, including fake news and misinformation, in an upcoming BrightTALK session of CISO Insights in September. You can sign up here for this free webinar called “Defending the Ballot Box: What It Takes to Digitally Protect an Election.”
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.