Classic online scams brands must be aware of in 2024

While the internet revolutionized our lives, connecting us in ways previously unimaginable and opening doors to vast knowledge and convenience, it also paved the way for a less savory reality: the proliferation of online scams. Exploiting the very tools that have made our lives easier, scammers are a pressing concern in the modern world as the growing sophistication of technology enables them to be more deceptive and reach wider numbers.

From phishing attacks to the sale of counterfeit products, these online scams are becoming more intricate and harder to detect. As these scams grow more complex, understanding their nature and the protective measures against them becomes crucial for both individual users and online platforms themselves. In this article, we highlight the most prevalent forms of online scams in 2024, offering insights on how they operate and how to spot them.

Phishing Attacks

Phishing attacks are one of the most common forms of online deception. Scammers, often posing as trusted entities, will send electronic communications to extract sensitive information like usernames, passwords, and credit card details. The sophistication of these attacks has increased over time, with scammers often using social media platforms to distribute links to their fraudulent landing pages.

The consequences of phishing attacks can be severe. For individuals, it can lead to identity theft, financial loss, and compromised security. For businesses, the implications extend to data breaches, financial loss, legal liabilities, and reputational damage.

Types of phishing attacks

Email Phishing
This is the most traditional form of phishing. Scammers send emails that appear to come from legitimate companies or organizations, such as banks, social media platforms, or government agencies. These emails often contain links that lead to fake websites designed to steal login credentials, personal information, or financial details. They might also include urgent or threatening language to create a sense of panic, prompting quick action without careful consideration.

Spear Phishing
Spear phishing is a more targeted form of phishing. Here, the scammer personalizes the attack to fit the victim. This might involve using the victim’s name, job position, or other personal information (often gathered from social media or previous data breaches) to make the email seem legitimate. Because of its personalized nature, spear fishing can be more convincing and harder to detect.

Smishing (SMS Phishing)
Smishing involves sending text messages that mimic communication from trusted sources. These messages may prompt the recipient to click on a malicious link or provide personal information under various pretexts, such as claiming a prize, verifying account details, or updating personal information.

Vishing (Voice Phishing)
Vishing scams use phone calls – either from a live caller or computer-generated audio – to extract personal information. The caller, pretending to be from a legitimate organization, might ask for sensitive information under the guise of confirming the victim’s identity or resolving a supposed issue with their account or service.

Social Media Phishing
Phishing attacks found fertile ground in social media as they came to prominence in the mid-2000s. Scammers may create fake profiles or hijack existing ones to send malicious links via direct messages. They might also post links in comments or forums, luring users to click on them under various pretenses like participating in a contest or claiming a reward.

Whaling
Whaling attacks target high-profile individuals like CEOs or CFOs. These high-level phishing attacks often involve crafting detailed and sophisticated emails that address specific business issues, designed to steal sensitive company information or initiate unauthorized financial transactions.

Pharming
In pharming, scammers redirect users from legitimate websites to fraudulent ones. This can be done by infecting a computer with malware that alters DNS settings or by exploiting vulnerabilities in DNS servers. Users who type in the correct web address are unknowingly redirected to a fake site that looks identical to the real one.

Business Email Compromise (BEC)
BEC attacks are a form of phishing that involves hacking into or spoofing corporate email accounts. Scammers impersonate executives or high-level employees to authorize fraudulent wire transfers or disclose confidential information.

Hallmark Signs of Phishing

• Unsolicited requests for sensitive information
• Email or message from a slightly altered or suspicious domain
• Urgent or threatening language pressuring immediate action
• Links or attachments in unsolicited emails
• Poor grammar or spelling in the message

Fake Websites (Website Spoofing)

Website spoofing is another classic online scam that involves creating fake websites that mimic legitimate ones. These sites often look authentic, using stolen logos and similar color schemes, tricking users into believing they are interacting with real services or companies. The objective is typically to harvest credit card information or other personal data. These websites are often part of broader phishing campaigns.

Hallmark Signs of Fake Websites

• The website URL is slightly off from the legitimate site’s URL (e.g., additional characters, misspellings)
• Lack of secure connection (no HTTPS or a missing padlock icon in the address bar)
• Poor design, spelling, and grammar errors
• No contact information or physical address listed
• Offers that seem too good to be true

Deepfakes

The advancement of AI technology has led to the rise of deepfakes – highly realistic but fake audio and video content that is used to deliberately deceive people. A term coined from “deep learning” and “fake,” these online scams can be used for impersonation, spreading disinformation, or manipulating public opinion.

Examples of Deepfake Scenarios

Political Manipulation
Deepfakes can be used to create videos or audio recordings of political figures saying or doing things they never actually said or did. This can be used to manipulate public opinion, disrupt elections, or incite political unrest. For instance, a deepfake video could show a political leader making inflammatory remarks or engaging in inappropriate behavior, potentially swaying public perception or causing diplomatic incidents.

Celebrity Impersonation
Celebrities are often targets of deepfakes, where their likeness is used without consent in various contexts, ranging from false endorsements to inappropriate content. This not only misleads fans but also harms the reputation and privacy of the celebrities involved.

Corporate Fraud
Deepfakes can be used to impersonate CEOs or high-ranking officials in companies to disseminate false information, manipulate stock prices, or even trick employees into transferring funds or disclosing sensitive information. A deepfake video of a CEO making a false statement about the company’s financial health could lead to significant stock market manipulation.

Identity Theft
Scammers can use deepfake technology to impersonate individuals in video calls, potentially to defraud businesses or individuals. This can include creating a video of a person requesting sensitive information or authorizing transactions.

Misinformation and Propaganda
Deepfakes can be a powerful tool for spreading misinformation and propaganda. They can be used to create false narratives or fake news stories, which can rapidly spread on social media and other platforms, misleading the public and influencing social or political discourse.

Legal and Forensic Misuse
In legal contexts, deepfakes pose a threat to the integrity of evidence. Fabricated videos or audio could be used to frame individuals or fabricate alibis. The use of deepfakes in such sensitive areas underlines the need for advanced verification methods.

Hallmark Signs of Deepfakes

• Slight inconsistencies in video or audio quality
• Mismatched lip-syncing or facial expressions in videos
• Audio that doesn’t quite match the person’s usual tone or style
• Unusual or out-of-character content from a known figure

Mitigating the Deepfake Threat

As we discussed in our ebook, How AI is Changing Consumer Behavior, the rise of deepfakes necessitates a multi-faceted approach to detection and prevention. Among the strategies being deployed are developing AI that can detect subtle signs of manipulation in audio and video content. These tools analyze various aspects like facial expressions, lip movements, and voice patterns that might not align perfectly in deepfakes.

Implementing digital watermarking techniques to authenticate genuine content and identify alterations is yet another solution that was proposed in President Biden’s recent Executive Order on AI. However, as Sam Gregory, Executive Director at human rights organization WITNESS, told us when we spoke to him about detecting deepfakes and the future of AI content, watermarks can always be removed.

Ultimately, one of the most effective mitigations will be educating the public about the existence and capabilities of deepfakes. Organizations need to encourage critical thinking and verification of sources before sharing or acting on information.

Sensitive Event Scams

As awful as it sounds, online scammers typically exploit sensitive events like pandemics or natural disasters to solicit donations for non-existent charities or sell overpriced products. These scams prey on public sympathy and the urgency of the situation. As an example, just a month after the 2004 tsunami that devastated the coasts of 12 countries in Asia and Africa, researchers found more than 170 fraudulent charities and websites soliciting fake relief donations.

Common Types of Sensitive Event Scams

Fake Charities and Fundraising Campaigns
In the aftermath of disasters or during ongoing crises, scammers often set up fake charities or fundraising campaigns. They use emails, social media posts, and fake websites to solicit donations, purportedly to help victims or fund relief efforts. These fraudulent campaigns may mimic the names and branding of legitimate charities to deceive donors.

Sales of Non-Existent or Overpriced Supplies
During health crises like pandemics, scammers exploit public fear and uncertainty by selling health-related products such as masks, sanitizers, or even fake cures and treatments at inflated prices. Often, these products are either non-existent (the orders are never delivered) or grossly overpriced.

Phishing Attacks Exploiting Sensitive Events
Scammers utilize phishing techniques, sending emails or messages that appear to be from legitimate organizations involved in relief efforts. These messages often contain links that lead to malicious websites or ask for personal information under the guise of donation processes.

Investment Scams
Investment scams in the context of sensitive events involve promising high returns on investments related to the event. For example, scammers might promote stocks or products claiming to be essential in solving a crisis or significantly benefiting from it.

Hallmark Signs of Sensitive Event Scams

• Solicitations for donations immediately following a disaster or event
• Lack of details about how donations will be used
• Unverifiable contact information
• A charity name very similar to a well-known organization but slightly altered
• High-pressure tactics urging immediate donations

Romance Scams

Romance scams, common on dating platforms, involve scammers creating fake profiles to establish romantic relationships and eventually defraud users. These scammers often have compelling backstories and make emotional appeals to solicit money, gifts, or personal information.

How Romance Scams Work

1. Creation of Fake Profiles
   Scammers create compelling and attractive profiles on dating sites or social media platforms. These profiles often feature stolen photographs (usually of an attractive individual) and fabricated backstories designed to appeal to a wide range of victims. As we explained in our blog on how we moderate dating platforms, we have tools that can quickly spot fake dating app pictures and identify potential scammers.
2. Building Trust and Emotional Connection
   If not caught by a content moderator, the scammer, through the fake profile, initiates a romantic or close relationship with the target. They invest time in building trust and often express strong emotions or feelings of love quickly to create a deep emotional bond.
3. Crisis or Emergency Scenarios
   Once the emotional bond is solidified, scammers typically concoct a crisis or emergency, such as a health issue, a business problem, or a family emergency, and leverage this scenario to request financial assistance.
4. Requests for Money or Personal Information
   The requests can range from small amounts, often under the guise of a test, to substantial financial assistance. Scammers might also request personal information under the pretext of sending gifts or arranging visits. We are also seeing more scammers convincing victims they should invest in a crypto product for a great return on investment, which turns out to be fake.
5. Refusal to Meet in Person
   A common characteristic of romance scams is the scammer’s persistent refusal to meet in person, often citing various excuses. They may also avoid video calls, claiming technical difficulties or other issues.

For more on these types of scams, check out our eBook on Content Moderation in Dating.

Hallmark Signs of Romance Scams

• Professing love or deep affection unusually quickly
• Refusal to meet in person or video call
• Requests for money, often for emergencies, medical expenses, or travel
• The person has a highly attractive profile picture that seems too perfect

Counterfeit Products

The sale of counterfeit or misrepresented products is rampant online. The rise of e-commerce platforms and social media marketplaces has made it much easier for scammers to reach a broad audience. These classic online scams typically involve products that are either non-existent or significantly different from what is advertised.

The way these scams work is that scammers advertise products that are either knock-offs of popular brands or purport to have qualities or features that they do not actually possess. They often use stolen images or doctored photos to mislead consumers about the product’s quality. Counterfeit products are typically offered at significantly lower prices than the genuine article, luring in bargain-hunting shoppers.

To make their products appear reliable and popular, scammers will often populate their listings with fake reviews. These reviews create a false sense of trust and satisfaction around the product. Scammers will also use well-known online platforms and marketplaces to sell these counterfeit goods; the perceived credibility of these platforms provides a cover of legitimacy to the counterfeit products.

Hallmark Signs of Counterfeit Products

• Prices significantly lower than the market rate
• Reviews that seem fake or are overly generic
• Poor quality images or photos that don’t match the product description
• Seller is evasive about product specifics or origin

Beauty Scams

Targeting individuals’ desires for quick beauty fixes, beauty scams involve products with unrealistic claims about their effectiveness. These products are often sold through deceptive marketing practices and may be ineffective or even harmful to one’s health.

Most beauty scams typically revolve around products claiming to provide instant or miraculous results, such as rapid weight loss, anti-aging effects, or solutions to complex skin problems. These claims are rarely, if ever, backed by scientific evidence.

Scammers often use aggressive and persuasive marketing tactics, including limited-time offers or exclusive deals, to create a sense of urgency. This pressures consumers into making impulsive purchases without doing proper research.

Fake endorsements from celebrities or influencers, along with manufactured customer reviews, are also common in these types of online scams. These are designed to create a false sense of trustworthiness and efficacy of the product. What’s more, beauty scams are often promoted through social media platforms and pop-up ads, targeting consumers based on their online behavior and preferences, so they feel more personal.

Hallmark Signs of Beauty Scams

• Claims of miraculous results with no scientific backing
• Limited-time offers that pressure quick purchases
• Lack of information about ingredients or side effects
• No clear return or refund policy

Event Fraud

Event fraud involves the sale of tickets to non-existent, unguaranteed, or non-refundable events. Recently, this type of online scam has also been extended to include virtual events and exclusive online experiences, which are harder to verify.

One of the most common forms of event fraud involves the sale of counterfeit tickets for popular events that are either sold out or in high demand. The tickets may appear genuine at first but are either completely fabricated or copied from legitimate tickets.

Scammers will also create false advertising for events that do not exist, even going so far as to set up realistic-looking websites and social media pages, complete with event details, to sell tickets and disappear once the fraud is uncovered. In some cases, the event being advertised may be real, but aspects of it are significantly misrepresented. This could include the lineup of performers, the amenities available, or the overall quality and scale of the event.

Hallmark Signs of Event Fraud

• Tickets sold on unofficial platforms or websites
• No clear information about the event details, location, or organizers
• Prices that are significantly lower or higher than expected
• Lack of customer reviews or feedback about the event