The current cybersecurity researchers are reporting about a new digital fraud scheme which uses advanced methods to trick people into thinking it is legitimate. Modern attacks can successfully bypass advanced security measures because they combine artificial intelligence technology with basic visual deceptions. The methods exploit American citizens because they take advantage of our trust in well-known brands and the credibility which comes from high-ranking executives.
The “rnicrosoft” Visual Trick
The most successful scam recipe uses an intelligent font design to create fake official documents. The letters “r” and “n” combine together to create the appearance of the letter “m” in certain fonts (rn vs. m). Scammers choose to create domains that include the name “rnicrosoft.com” instead of using the correct address of “microsoft.com.” The email delivers an official appearance which allows users to easily enter their login information.
AI-Powered Perfect Grammar
The first sign of a potential scam operation appeared as people began to use poor spelling skills combined with broken English. The people who commit scams have started to use artificial intelligence technology for developing email content that appears to be professional and perfectly written. The messages take context into account which allows them to refer to real projects and vendors that your company uses making them impossible to identify as fake emails.
Bypassing Multi-Factor Authentication (MFA)
The new kind of attack called “Device Authorization” scam can bypass the security of two-step authentication systems. The scammer needs you to click on their link which will provide access to their device on your account instead of requesting your password. They use the acquired token to access your emails and files without needing your password or code.
The Rise of “Ghost Tapping”
Experts have discovered a new physical fraud scheme which targets digital wallets together with tap-to-pay cards. Scammers set up concealed readers in busy locations to carry out ghost tapping operations on your phone or card which stays in your pocket. The unauthorized payments will begin without your knowledge because it will take place before you become aware that your phone has gotten close to a reader.
Deepfake Voice and Video Calls
AI technology has achieved the capability to duplicate both the voice and facial appearance of a person. Scammers utilize deepfakes to create fake identities for a CEO or a family member who is in a state of emergency. The person will contact an employee with an important requirement to move funds or will contact a grandparent who pretends to be their grandchild in an accident. The system creates an exact replica of the familiar voice which leads people to trust it automatically.
Physical Phishing Letters
The criminals are returning to snail mail which represents a strange method of scamming people. The criminals send fake letters which contain official logos and stamps to deliver their fraudulent message to people’s homes. The letters inform recipients about a financial account security update and include a QR code which leads to a fraudulent website which will steal their login credentials.
Look-Alike Brand Ads
Scammers use legitimate-looking advertisements which they purchase on social media or search engines to promote their schemes instead of sending users malicious links. When you search for a luxury brand or a bank, the top result might be a “cloned” website that looks 100% real but is actually run by scammers to collect your credit card info.
Urgent “Job Search” Scams
Remote work has become a popular trend which has resulted in job scams reaching unprecedented levels. Scammers create fake job postings which they distribute through text messages to offer nonexistent high-paying jobs. The scammers will request that you pay for training equipment or they will ask for your Social Security number to conduct background checks before a real interview occurs.
The “Hi Grandma” AI Scam
This is a modern version of an old scam. Scammers use a short clip of a relative’s voice from social media to create a fake AI voice. The criminals call elderly people with a voice that requests money for an emergency which makes them panic because they think there is a real emergency happening.
Parcel and Delivery Fee Scams
Americans receive texts which claim that their package is currently on hold because of an unpaid minor fee. The link leads to a professional-looking site where you are asked to pay just $1 or $2. The small amount appears minimal however you are actually providing your credit card information directly to a group of criminals.
Credential Recycling
The people who use identical passwords across multiple platforms have become a target for scammers who use credential stuffing methods. Criminals use automated software to test the password which they obtained from a lesser-known website on your banking and email and social media accounts. The criminals can access all systems if they succeed in getting through one system.
