Technology
The most dangerous encounter to avoid in social media
They are dangerous, tricky scams designed to tug at your better judgment, draining bank accounts, creating havoc with your friends, and manipulating your reputation. Social engineering scams – the type of scams used by criminals to exploit a person’s trust to obtain money or sensitive information or both – have become much more sophisticated with the rise of artificial intelligence.
I’m passionate about protecting your privacy and security. I often hear from people saying, “Why should I care? I’d never fall for one of these scams.” Guess again.
Until now, popular phishing scams typically involved scammers calling innocent people, claiming to be from a company, and convincing them they owe money on an invoice or something. To combat this, brands have tried to protect their customers by saying, “They’ll never call.” But with OpenAI’s recent announcement of its voice-mimicking tool, we’re heading into a new era of social engineering scams.
We spoke to Tom Tovar, CEO of Appdome, a cybersecurity company dedicated to protecting mobile apps. He unveils the unsettling truth about social engineering scams and warns that it’s not just about being aware – it’s about being prepared. The time to change our mindset is now or risk becoming the next victim in the ever-evolving game of digital deception.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER
Illustration of artificial intelligence (Kurt “CyberGuy” Knutsson)
How to spot a social engineering scam
In the intricate world of cybersecurity threats, social engineering scams really make their mark by cleverly manipulating our human instincts and emotions. According to Tovar, “Social engineering scams exploit the everyday fear, uncertainty, and doubt in humans to gain access to protected accounts, information, resources, payments, and more. These attacks can also abuse commercial expectations, business processes, and psychological tactics to trick humans into interacting with the scam.”
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Illustration of artificial intelligence over data (Kurt “CyberGuy” Knutsson)
MORE: UNFORGETTABLE MOTHER’S DAY GIFTS 2024
What are some of the most recent social engineering scams?
In these scams, fraudsters masquerade as employees from banks, financial institutions or government agencies to gain the trust of their targets. Another social engineering scam could look like a vacation giveaway from a familiar friend but is instead a trick to get you to engage. By leveraging this trust, they manipulate individuals into divulging sensitive information or making financial transactions that benefit the scammer.
“In these attacks, the attacker has to get the user to interact,” Tovar explains.”So, they may send a very convincing text message to the victim purporting to be the fraud department of the bank.” This text message will say something like, “Did you make this purchase?” showcasing a supposedly fraudulent amount, usually concerning enough to panic the victim into replying “no” as quickly as possible. When they do this, they may receive a response saying, “Thank you. Someone from our fraud team will be in touch with you shortly.”
From there, the attacker and the victim are now in direct communication, where they can be tricked into handing over their sensitive information. In other scenarios, they may be told they need to download specific software to mitigate whichever situation the scammer convinced them of. With this software, the scammer can control the entire device.
Though there are other variations of this new social engineering style, they all involve taking advantage of the victim’s emotions and vulnerability to commit their deceptive act. When we asked Tovar how we can expect social engineering scams to change with this current wave of AI-supported, AI-generated scams, he said, “It’s just the wind before the storm.”
Illustration of AI aimed at you (Kurt “CyberGuy” Knutsson)
MORE: CAN AI HELP SOMEONE STAGE A FAKE KIDNAPPING SCAM AGAINST YOUR FAMILY?
How should you adjust your outlook to recognize better and combat social engineering scams?
Many brands have told their customers, “We’ll never call you,” to fight these impersonation scams. It makes sense but only leads scammers to devise new ways to trick their victims. Not only this, but according to Tovar, there’s another issue with telling your users that you won’t call them. “As brand loyalists, enthusiasts and supporters, that’s not really what we want our favorite brands to say.” He’s right. After all, one of the reasons customers may choose one brand over the competition is the ease with which they can talk to somebody if they have a question or concern.
Scammer using AI to trick you (Kurt “CyberGuy” Knutsson)
MORE: HOW SCAMMERS HAVE SUNK TO NEW LOW WITH AI OBITUARY SCAM TARGETING THE GRIEVING
Beyond gut feelings: Navigating the blurred lines of AI-driven scams
Tovar says, “Of course, if someone calls you, you want to be aware of what you’re being asked to do, and if it sounds fishy, don’t do it.” But because of AI’s sophistication and the clever, innovative tricks that scammers have up their sleeves, asking you to go with your “gut feeling” is simply not enough. “The line between what feels fishy and what feels real is gone.”
A woman answering phone call while on her laptop (Kurt “CyberGuy” Knutsson)
Proactive steps against sophisticated social engineering scams
Protecting yourself from social engineering scams, especially in the age of AI, requires a multifaceted approach. Here are some steps to help you safeguard against such threats.
1. Stay informed: Keep up to date with the latest scam tactics and cybersecurity news. Awareness is the first line of defense.
2. Verify independently: If contacted by someone claiming to be from a company, verify the claim by contacting the company directly through official channels.
3. Guard personal information: Be cautious about sharing personal information, especially in response to unsolicited communications.
4. Use two-factor authentication: Enable two-factor authentication wherever possible to add an extra layer of security.
5. Be skeptical: Approach too-good-to-be-true offers and urgent requests for action with skepticism.
6. Secure communications: Use encrypted communication channels and avoid discussing sensitive information over unsecured networks.
7. Regularly update systems: Keep operating systems and cybersecurity software up to date to protect against known vulnerabilities.
8. Avoid unknown links and downloads: Do not click on links or download attachments from unknown sources, as they may contain malware. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
9. Report suspicious activity: If you suspect a social engineering attempt, report it to the appropriate authorities.
By implementing these steps, individuals and organizations can build a stronger defense against the evolving landscape of social engineering scams. It’s important to remember that as technology advances, so do the tactics of scammers. Continuous education and vigilance are key to staying protected.
Kurt’s key takeaways
Sadly, dodging sneaky social engineering scams is part of our everyday life in the world of connecting online. It’s like a game of digital cat-and-mouse, and we’ve got to stay one step ahead. So, what’s the game plan? First, let’s keep our eyes peeled for the latest scammer tricks – it’s all about staying in the know. However, it’s also about prevention, not just detection. If you get a call or message that smells fishy, trust your gut and double-check with the official sources. Remember, sharing is not always caring, especially regarding your personal information. Oh, and those too-good-to-be-true offers? That’s a big red flag. Let’s not make it easy for the scammers.
Have you ever encountered a social engineering scam? What red flags helped you recognize it? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/23249791/VRG_ILLO_STK001_carlo_cadenas_cybersecurity_virus.jpg)
A security lapse could let millions of college students do free laundry, thanks to one company. That’s because of a vulnerability that two University of California, Santa Cruz students found in internet-connected washing machines in commercial use in several countries, according to TechCrunch.
The two students, Alexander Sherbrooke and Iakov Taranenko, apparently exploited an API for the machines’ app to do things like remotely command them to work without payment and update a laundry account to show it had millions of dollars in it. The company that owns the machines, CSC ServiceWorks, claims to have more than a million laundry and vending machines in service at colleges, multi-housing communities, laundromats, and more in the US, Canada, and Europe.
CSC never responded when Sherbrooke and Taranenko reported the vulnerability via emails and a phone call in January, TechCrunch writes. Despite that, the students told the outlet that the company “quietly wiped out” their false millions after they contacted it.
The lack of response led them to tell others about their findings. That includes that the company has a published list of commands, which the two told TechCrunch enables connecting to all of CSC’s network-connected laundry machines. CSC ServiceWorks didn’t immediately respond to The Verge’s request for comment.
CSC’s vulnerability is a good reminder that the security situation with the internet of things still isn’t sorted out. For the exploit the students found, maybe CSC shoulders the risk, but in other cases, lax cybersecurity practices have made it possible for hackers or company contractors to view strangers’ security camera footage or gain access to smart plugs.
Often, security researchers find these security holes and report them before they can be exploited in the wild. But that’s not helpful if the company responsible for them doesn’t respond.
/cdn.vox-cdn.com/uploads/chorus_asset/file/24748328/236706_Mac_Pro_AKrales_0094.jpg)
Throughout 2024, though, all of Apple’s laptops (except the MacBook Air) will move to the M4 chip that the company just gave the iPad Pro, Gurman writes. Amusingly, this herky-jerky chip upgrade cycle means that the iPad Pro is currently the single-core performance champ of Apple’s lineup — and it will continue to be for about another year, when compared to the Mac Studio and Mac Pro.
This is a silly comparison, of course — The current crop of Mac Studios and Mac Pros are incredible computers that hold more RAM, have more ports, and won’t throttle as quickly as the iPad Pro, even with that heat-conducting Apple logo. They also don’t have an operating system that stands squarely in the way of pushing their hardware. And high-end Mac users should be used to waiting a while between revisions. Still, I’m sure more than a few people will appreciate the upgrade when it comes.
As the world celebrated #InternationalDanceDay, a unique duo took the stage, or rather, the screen, to showcase a different kind of choreography.
Spot, the quadruped robot developed by Boston Dynamics, found a new friend in Sparkles, a dazzlingly dressed counterpart designed to explore the fusion of robotics, art and entertainment.
Sparkles and spot canine robots dance (Boston Dynamics)
A cartoon come to life
At first glance, the video in question seems like a whimsical animation straight out of a children’s show. Yet, this is no fiction. The footage is a testament to how far robotics has come, featuring Spot adorned in a blue, sparkly, albeit slightly creepy costume, performing a dance routine that could rival any animated character.
Sparkles and spot canine robots dance (Boston Dynamics)
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Meet Sparkles
“Spot is meeting another strange dog and making friends through the power of dance. Meet Sparkles!” Boston Dynamics announced. The video features two Spots — one in the recognizable black and yellow, and the other, Sparkles, in the blue, sparkly dog costume — engaging in a robotic dance-off that culminates in a mechanical kiss.
ASK ANY TECH QUESTION, AND GET KURT’S FREE CYBERGUY REPORT NEWSLETTER HERE
Sparkles and spot canine robots kiss (Boston Dynamics)
This display of robotic affection and agility has sparked conversations about the potential applications of such technology in entertainment venues like theme parks, where robots could add a layer of realism to character interactions.
Social media’s mixed moves
The reception on social media was as varied as the dance moves displayed. Some viewers were enchanted, praising the mobility and innovation, while others expressed discomfort, humorously suggesting that the cute facade could well be the stuff of nightmares.
CLICK TO GET KURT’S FREE NEWSLETTER, THE CYBERGUY REPORT
Sparkles and spot canine robots dance (Boston Dynamics)
HUMANOID ROBOTS ARE NOW DOING THE WORK OF HUMANS IN A SPANX WAREHOUSE
Kurt’s key takeaways
After watching Spot and Sparkles bust a move together, it’s pretty wild to think about where robotics is heading. It’s like we’re watching a live-action cartoon, isn’t it? These robots are not just showing off some fancy footwork; they’re opening our eyes to a whole new world of possibilities. Whether they’re making us smile or giving us the heebie-jeebies, they’re proof that creativity knows no limits.
How do you feel about robots displaying human-like behaviors such as dancing and kissing? Does it concern you for the future of human-robot interactions? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on Facebook, YouTube and Instagram
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
Two students find security bug that could let millions do laundry for free
Iran's president, foreign minister, other officials confirmed dead in helicopter crash
Schumer says Senate to take up border bill again this week
Many families take patients off life support too soon after traumatic brain injuries: study
Timberwolves overcome 20-point deficit to stun defending-champion Nuggets in Game 7
See it: Tesla crashes into Columbus convention center at 70 mph
Colorado Rockies game no. 116 thread: Zac Gallen vs José Ureña
Fox News Politics: Georgia the whole day through
Death of missing Oregon girl found in stream ruled homicide
At least 2 dead as tornadoes hit Alabama, damage homes across Southeast
Schumer says Senate to take up border bill again this week
Fake news on the rise as the European elections draw near
At age 90, America's first Black astronaut candidate has finally made it to space
Morehouse defends students, faculty who turned their backs during Biden speech: ‘We are proud’
French forces clear New Caledonia roadblocks as official vows to end unrest
-
News1 week agoSkeletal remains found almost 40 years ago identified as woman who disappeared in 1968
-
World1 week agoIndia Lok Sabha election 2024 Phase 4: Who votes and what’s at stake?
-
Politics1 week agoTales from the trail: The blue states Trump eyes to turn red in November
-
World1 week agoBorrell: Spain, Ireland and others could recognise Palestine on 21 May
-
World1 week agoCatalans vote in crucial regional election for the separatist movement
-
Politics1 week agoNorth Dakota gov, former presidential candidate Doug Burgum front and center at Trump New Jersey rally
-
Movie Reviews1 week ago“Kingdom of the Planet of the Apes”: Disney's New Kingdom is Far From Magical (Movie Review)
-
World1 week agoUkraine’s military chief admits ‘difficult situation’ in Kharkiv region