Parcel delivery scams are spreading around the world: A valuable item, such as a mobile phone, is delivered to your door. The package is in your name, except that you didn’t order anything. (Getty Images/Dougal Waters)
As we begin a new decade, it would be encouraging to say that there has been a significant decline in various types of fraud.
However, this is not the case. As proof, figures from the Canadian Anti-Fraud Centre (CAFC) show that total losses from phishing scams reported in Canada almost doubled between 2018 and 2019 (from $127,128.96 to $296,355.74), even though the number of reports decreased slightly (5,048 instead of 6,760).
Which scams are currently causing the most chaos? According to Jeff Thomson, Director of the CAFC’s Complaints Office, the Harpoon (also known as electronic fraud) remains one of the main sources of income for fraudsters targeting businesses. In fact, it tops the list of financial losses in 2019 ($20,007,419).
Moreover, it seems that the NAS scam and other similar schemes are still claiming victims. Yes, the foxes posing as federal government officials are still prevalent. Even CAFC staff “I have received such calls,” says Mr. Thomson. (The scam is so widespread that the Canadian Radio-television and Telecommunications Commission recently intensified its efforts to fight against it.)
Here are some scams that are commonly targeted by people these days.
1) FRAUD TO GET YOUR ACCESS DATA
Fraudsters are not always out to steal your money. These days, they may want your personal information. As Mr Thomson points out, the CAFC has seen an increase in scams where perpetrators obtain the victim’s login details to exploit applications or online services such as Amazon or Netflix. “Some are even looking for loyalty program points like Airplane Or PC Optimum. »
One of these clever guys, a cyber bandit nicknamed Hamburglar, hacked McDonald’s mobile app to order hundreds of Big Macs at the expense of several unlucky people. So, in April 2019a Toronto resident, was surprised to see charges of more than $2,000 on his bill for meals ordered from various branches of the well-known Montreal chain. And in October, a customer reported that her app had been tampered with to enjoy croquettes and burgers for $34.87 at a McDonald’s restaurant in Toronto – 140 km from her home!
How to protect yourself
- As always, be diligent: use strong passwords and hide them in a safe place if you absolutely have to write them down. If you use the same password for multiple apps or services, change it.
-
If you have been a victim of credit card fraud, request a refund from the card issuer.
- Report the incident to the dealer.
2) PARCEL DELIVERY FRAUD
A scourge that has spread to the UK and elsewhere in the world, this is when a mobile phone or other valuable item is delivered to your doorstep. The package is in your name, but you didn’t order anything.
Shortly afterwards, a sheepish “courier” appears, explaining that the delivery was due to an error and asking you to give him the package. If you do that, you’re in big trouble. In fact, thieves may have previously stolen your personal information and then ordered the item.
In a report Consumer rights expert Adam French from Which? (British counterpart to Protect yourself) highlights that parcel delivery fraud is one of the increasingly sophisticated methods used by fraudsters to defraud their victims.
As with the misuse of login credentials, parcel delivery fraud is only possible if the fraudsters have been able to obtain your details, so you can order whatever they want. If they fail to intercept the parcel before delivery, one of them will pose as a courier who has come to collect the “mistakenly delivered” goods.
One victim said: “We wondered how on earth someone could order a phone in our name.” We also feared it would hurt our credit rating as we were about to buy a house. »
How to protect yourself
If a courier shows up at your door asking you to drop off a package that was delivered recently (and you hadn’t ordered anything), don’t do it. Immediately call the company he says he represents you himself.
Contact the retailer and ask how to return the item.
As always, protect your personal information. “Identity theft is on the rise, so if you notice a suspicious transaction on a bank statement, report it to your financial institution immediately,” advises Mr. French. Also, make sure documents like your bank statements are not left out in the open and throw them in a paper shredder before throwing them away. »
3) RANKING AND DATA EXFILTRATION
Falling victim of a ransomware attack has long been one of the worst nightmares of every Internet user. Ransomware is a type of malware that infects a computer. In this case, the user no longer has access to the contents of their device. A message appears on the screen that the files have been encrypted and will be decrypted after paying a ransom.
Currently, the Ransomware attacks are declining (according to some reports, they decreased by 28% between 2017 and 2018). However, another aspect of this scam is even more damaging: Ransomware developers copy a victim’s data and publish if the victim does not pay the ransom. In such cases, Thomson explains, victims of ransomware also become victims of a data breach.
Last autumn, the company Allied Universal was infected with ransomware, copied the files to servers under the control of the hackers, and then encrypted the local copies. Since Allied Universal did not pay the ransom of more than $2 million, the criminals released nearly 700 MB of data and files stolen from the company. They claimed that they would release the rest of the data if the ransom was not paid – and an increased one at that! (To learn more about how to avoid a data breach and what to do if you become a victim, read our article Data breach: serious potential consequences for you or your company.)
How to protect yourself
Advice on dealing with ransomware also applies to situations where you’ve been the victim of a data breach, Thomson says, but you should know that a company is now required to report any data breach to the Office of the Privacy Commissioner of Canada (OPC).
Individuals:
- Do not click on links in emails that you receive from an unknown sender, or open files attached to such emails.
- Do not give out personal information to untrustworthy sources over the phone or online.
- Install reputable security software on all your devices and secure your Wi-Fi router.
- Disable file sharing and remote desktop.
- Make sure all your software, including antivirus software, is up to date on all your devices.
Have you become a victim of ransomware?
- Don’t panic. Don’t touch the computer again. Contact a trusted IT professional who can try to limit the damage.
- Report the incident to the local police.
- Contact the Canadian Anti-Fraud Centre.
- Visit the website nomoreransom.orgfounded by police forces and companies specializing in computer security to help victims recover their data.
Companies:
- Educate and train your employees in good security practices and consider restricting access rights.
- Do not click on links in emails that you receive from an unknown sender, or open files attached to such emails.
- Use reputable security software.
- Back up your applications, programs and data regularly in the cloud or on media such as an external hard drive that is not constantly connected to the server.
- Create a whitelist of approved applications and programs to prevent software and malware from running.
- Make sure all software, including antivirus software, is up to date on all computers, servers and other devices such as mobile phones and tablets.
- Develop a business continuity plan and an incident response plan.
Has your company fallen victim to ransomware?
- Do not touch the computer again. Contact your IT department or call a trusted IT professional; they will be able to help you.
- Critical infrastructure managers, businesses, and municipal, provincial and territorial governments must immediately report the incident to the Canadian Cyber Incident Response Centre (CCIRC).
- Report the incident to the local police and inform CCIRC.
- Contact Canadian Anti-Fraud Centre.
The RCMP recommends this for several reasons Do not pay ransom:
- There is no guarantee that you will recover your data.
- Scammers may try to extort more money from you after you pay an initial ransom.
- You risk becoming the target of a similar attack in the future.
- Ransomware extortion is a crime, and the money you pay is used to finance criminals or criminal organizations to encourage them to claim even more victims.
- Even if you have paid a ransom, this is the case RCMP encourages you to report the incident.
DID YOU KNOW?
As the 2019 CPA Canada Fraud Survey shows, the fear of identity theft or other types of fraud is of great concern to Canadians. We invite you to read practical advice on this topic in our publication entitled You and your money: How to protect yourself from fraud and identity theft.
Total web buff. Student. Tv enthusiast. Evil thinker. Travelaholic. Proud bacon guru.