In the advancing time of AI and technology, it’s crucial for every individual to know about the top 2024 scams. 2023 was an intense year for cyber security, with big companies being hit by malware and AI increasing the number of opportunities for cyber criminals. Unfortunately, cyber criminals and scams are only going to get smarter and more common this year.
Whether you are part of the security world or just interested in protecting your personal data, here are the top scams for the year that you should be aware of:
The rise of deep fakes is a concerning trend, driven by the accessibility and sophistication of AI. Going into 2024, there are many tools even the average technology user can utilize to impersonate any person they have enough videos or images of.
This means we’ll be seeing an increase in both video and audio deep fakes used in cyber scams. In a professional setting, deep fake videos or audio may be used by scammers pretending to be your superiors asking for urgent information. In a personal setting, deep fakes may be used to do the same thing, but instead from a family member or friend.
Photo by Lindsey LaMont on Unsplash
For just $325 USD, you can run a 6 week, automated program for gamified phishing awareness training and challenges. (Limited time offer. Normally valued at $999 USD)
Use Promo Code: 6WEEKS
Before acting on a video or audio request, think of the tone of the message. Did the words and phrases they use sound like your boss or family member? Then, try getting in contact with that person on a different platform, preferably in person, to see if the request is truly from them.
Social engineering is a tactic used by cyber criminals to trick you into thinking they are a person or an organization to get personal information or money from you. Unlike deep fakes, social engineering will typically come in the form of emails, SMS, or phone calls. For example, when you receive a fake text from your boss claiming he needs gift cards urgently.
Advancements in machine learning have increased the abilities of tools to gather extensive personal information in a quick amount of time. This enables cyber criminals to craft even more convincing social engineering attacks. Relying on grammar or spelling mistakes to spot a suspicious email is no longer enough.
Before opening any emails, hover your mouse over the sender address to see if the email domain seems suspicious. Compare this to other emails you’ve received from this person or brand, is it the same? Similarly, for texting, check if you have received a legitimate text from this number previously.
If you still want to take action from this message after doing these checks, try communicating with the person in another way to check that it is them. If it comes from a brand, go directly to the company’s website and find the customer service number provided there, not in the message you received.
Ranked the second most popular finance scam in the UK by Natwest in 2023, trusted organization phishing scams are a specific type of social engineering that tricks you into believing they are a trusted organization. Did you receive any suspicious texts from your bank, mailing service provider, or energy provider this past year? The answer is likely yes.
With the advancement of AI tools, scammers can release mass SMS messages from brands. They use a “shotgun” approach, focusing on quantity of targets rather than quality. They likely send out these messages to hundreds of people a day. Many people receive packages from UPS and pay their energy bills, so they are betting on those few people falling for the scam.
Like all social engineer scams, always verify the sender. Use the number or email domain check system and go directly to the company’s platform to avoid clicking on malicious links.
Raghu Valipireddy, SVP CISO at Axos Financial, named job listing scams as one of the top two predicted up-and-coming scams at the end of 2023. Job listing scams create fake websites, job listings, and recruiters to convince victims to give up personal information before being “interviewed”.
With layoffs and unemployment on the rise, scammers are capitalizing on job seekers’ vulnerabilities. Job listing scams often promise lucrative opportunities, preying on individuals desperate for employment.
Research potential employers and job opportunities thoroughly. Be wary of requests for payment or personal information before signing an official contract.
Know that even if the “recruiter” does have a LinkedIn, it doesn’t mean they are legitimate. Scammers are smarter now and know this is where people go to check for employees.
In our live Cyber Security Awareness Forum panel on helping vulnerable populations, security expert poll participants voted the elderly as the most vulnerable population online. The rising popularity of The Grandparents Scam proves this to be true.
The Grandparents scam is when scammers exploit the emotional vulnerability of elderly individuals who have grandchildren. Fraudsters typically pose as distressed grandchildren in urgent need of financial assistance using the tools of deep fake audio or a convincing email. AI not only makes this easier, but scammers are slowly learning what works best to trick loving grandparents.
Take time to educate grandparents or elderly individuals within your close circle (sending them this article could be a great start!). Tell them about the new scam that is going around so that if a call or message ever lands in front of them, they’ll be able to identify that it may not be what it seems.
Establishing a code word is another great tool to combat social engineering and deep fake audio. In-person, establish a word with your grandparents or parents that you will use in an emergency to confirm that is you. Use something obscure that the scammer would never be able to guess.
In the ever-evolving landscape of digital threats, awareness and vigilance are our greatest defences. By staying informed about the latest scams and adopting proactive security measures, we can collectively create a safer online environment. Spread the word about these growing scams by sharing this blog with your team members, family members, or close circle.
Remember, skepticism is a valuable tool – if something seems too good to be true or feels off, it’s crucial to investigate further before taking any action. Together, let’s build a more secure digital future.
Have questions about how to better protect your organization from these emerging threats? Our Director of Cyber Security Solutions, Ryan, can answer any of your questions in a free 1-on-1 Q&A.
No sales, no pitches – Just expert security advice to help create a more positive and informed security culture.