To trap Internet users, hackers have a multitude of different tactics. They can, for example, pretend to be a bank advisor, a romantic suitor using deepfakes, or even a company's customer service. In addition, scammers have a huge number of strategies to lull their victims' suspicion and push them to act urgently.
These well-honed tactics are so well-crafted that they sometimes go unnoticed. Under these conditions, it is not always easy to avoid falling into a trap... To protect yourself from scammers, we recommend that you adopt the seven good habits below.
Check the URL and email address: the devil is in the details
Armed with AI-based tools, hackers are now able to develop complete and convincing messages. In phishing emails or text messages, we no longer necessarily find gross spelling mistakes, approximations or convoluted turns of phrase. With artificial intelligence, any scammer can write in perfect French.
To detect a scam, we must therefore look at the details of their communications. First of all, let's mention the email address. In most cases, hackers communicate with their target using an address that is close to an official address. For example, they will choose an address that uses words containing typos. It is often one letter more or less, in order to go unnoticed if you take a quick glance.
Sometimes, hackers don't bother with an address that looks like an official address. Some of the phishing emails we have received are in fact sent from improbable addresses, made up of a random succession of numbers and letters. This is an easy sign to spot that you are in the sights of a scammer.
Similarly, cybercriminals can share links to malicious websites with you. In this case, it is important to check the URL. Similarly, the URL can be very close to the address of an official website. It may be very close to that of your bank. However, there are elements that allow you to understand that it comes from a fraudulent address.
Do some research online
Before trusting an unknown contact, take the time to do some research on the web. You are never forced to respond urgently to a request, even if your contact is pressuring you. Instead of making a hasty decision, which would suit cybercriminals well, take a step back. Alone or with the help of a loved one, compare the information provided by the hacker with the data visible online.
If a bank advisor contacted you, do a search on the bank's website. Check if the number you called is listed, as is the email address. If you can't get anywhere, pick up the phone and contact the organization directly to find out for sure.
If a scammer asks you to transfer money to MoneyGram or Western Union, do some research on these payment methods, along with the words used by the hacker in his messages. In short, type everything on the Internet, even the explanations or names given by the crook. This way, you could come across sites that mention scams of this type. This is a good way to detect scams and avoid getting scammed.
Never call back... ever!
Some scams rely on premium rate numbers. These are called “ping calls” or “call backs,” phone scams that aim to get victims to call back a premium rate number. The scammer makes a short call that cuts off immediately or after a single ring, without leaving a voicemail. If the victim calls back, they get a voicemail billed by the minute. Obviously, many people, intrigued by the call, are very keen to call the number back to find out what it’s about.
This is why we strongly recommend that you never call back a number you don’t know. If it really is an urgent call, your contact will be sure to leave a number or call back. In addition, do not hesitate to use an application that will analyze your calls to detect fraudulent communication attempts. This is the case with Orange Téléphone for example. Then, take the time to systematically block all the numbers that call you in the hope of relaying you to a premium rate number.
Stay firm with your interlocutor
To the extent that you are exchanging with a stranger on a dating app or social network, set yourself clear and unwavering limits. For example, never agree to send money, regardless of the reason or explanations of your suitor. In addition, do not communicate personal information, even data that seems harmless to you, until you have been able to confirm the identity of the person you are speaking to.
Be careful, scammers can provide you with a multitude of proofs to convince you. With deepfakes, they can create photomontages or even make video calls that seem convincing. In these conditions, you must remain firm and never give in. If you remain inflexible, the scammer will come up against a wall... Furthermore, the more a person tries to convince you, the more you must question their motivations.
Fight AI with AI
Hackers have massively adopted artificial intelligence to help them in their misdeeds. As a potential target, you can use AI to identify scams and fight fire with fire. For example, we recommend using solutions like Scamio by Bitdfender. This chatbot is programmed to identify scams. All you have to do is provide it with the message received so that it can analyze it.
More generally, don't hesitate to use ChatGPT, Google Gemini or Perplexity to analyze scammers' messages or find a flaw in a communication. These models have been trained on mountains of data, including information on the most widespread scams. Don't blindly trust the opinion of a chatbot, but it is sometimes a good basis for detecting a trap. To confirm any doubts you may have, you can also visit the Cybermalveillance website, which offers a diagnostic tool that can detect scams.
Choose a good password
Unsurprisingly, we also recommend that you choose a well-secured password. Proofpoint advises choosing "three random words to create a strong and memorable password". Be careful not to make the mistake of recycling the same password to secure multiple sites. You should choose a completely different password for all the sites you connect to.
In the same vein, don't forget to activate two-factor authentication on all your accounts. This security measure, which is very quick to implement, will block the path of most hackers by requiring an additional authentication code, in addition to the password.
Notify your bank urgently
Finally, if you have fallen into a scammer's trap, do not delay in notifying your bank. If the latter has made fraudulent withdrawals, following the theft of your bank details for example, you will be able to demand a refund. Indeed, the law requires banks to reimburse victims of fraudulent withdrawals within 24 hours. The bank does not have to wait for the end of an investigation to prove the victim's statements. However, this only applies to complaints concerning fraud that occurred in the previous twelve months. If you let too much time pass, the bank will not be obliged to reimburse you. That’s why you need to keep a constant eye on your account, check your statements and report any irregularities.
By adopting these seven reflexes, you should be able to protect yourself against most computer attacks and other online scams. As explained by Siggi Stefnisson, Chief Technology Officer at Gen, "it is no longer enough to protect just our devices; we must protect every individual from all forms of online manipulation aimed at stealing personal information or spreading malware". It's all in your hands.
0 Comments