Fake apps and romance ruses are among the “most devious and convincing scams” that consumers could be duped by this year, according to new analysis.
Experts at consumer watchdog Which? “have been shocked by the depths cybercriminals will plumb to steal our cash”, as scammers “get more sophisticated in their perpetual arms race with tech companies, law enforcement and ordinary internet users”.
One scheme called “pig butchering” is a “horrible hybrid of romance and investment scams”. Fraudsters meet victims on internet dating sites, then “fatten” them up through love bombing – showering them with affection, in order to manipulate them.
After convincing the victim to move their conversation from the site to a private messaging channel, the scammer boasts of having had some success with a recent financial investment, and offers to invest some funds on the target’s behalf too. They can then be directed to fake digital platforms where deposits can be made.
Another “despicable scam” is orchestrated through social media posts that share fake appeals for help; for instance, asking users to share alerts about a missing person. The scammers share “near-identical posts” in social communities across the world, but with the location of where the events have supposedly happened altered – and with commenting abilities turned off to stop users pointing out these “inconsistencies”, said Which?.
Once the post has accrued a huge number of likes and shares, the content of the post is completely rewritten by the original author – sometimes into “a straightforward investment scam”. “The large number of likes add credibility”, said Sky News, and makes users more likely to trust the post.
Scammers have also been using PayPal to target victims, sending “money request” emails from legitimate email addresses associated with the payment platform. These scams are “frighteningly easy” to pull off, said Which?, who warned not to pay invoices you don’t recognise – and to verify the source of the invoice independently – and not to call phone numbers supplied with these false requests.
“Dodgy apps” are also being used to steal personal data, said The Guardian. Though Apple and Google screen apps before they become available for users to download, “a few malicious ones” have been “slipping through the net”, said Which? – and some can install malware on to your device and steal personal data.
The consumer group recommends double checking that the developer of an app is who you would expect it to be, cross-checking which other apps they own and looking out for a privacy policy too.