It’s no secret that the internet is full of crooks and criminals trying to gain access to our money, credentials, and online assets to turn a profit. And for a long time, the industry has lumped these kinds of problems under broad, catch-all terms like ‘cyber security’ or ‘privacy-related’ issues.
But as we move into a time of significant technological advancement, where our online lives are intricately linked to almost everything we do, and AI promises to shape our futures in ways we could never have before imagined, vague industry jargon to describe real threats seems less and less fitting.
People aren’t talking about cyber security or privacy issues – they're talking about scams.
Online scams: your biggest cyber threat?
In this article, F-Secure Threat Intelligence Lead, Laura Kankaala, explores the emerging significance of scams today, and the value of protecting our digital lives against them.
I spend a lot of time speaking with a lot of people about their online and digital security. And I see first-hand what happens when things go wrong. When someone who is a victim of data theft, phishing, or malware talks about it, they don’t say that they’ve fallen victim to a ‘cyber security’ or ‘privacy-related’ incident. Instead, they tell me they’ve been ‘scammed.’
The stakes are higher than ever before
Back in the day, websites were dangerous. Torrenting was common and led to nasty bugs on your computer, very few people really bothered with strong passwords, and two-factor authentication only started to roll out slowly in the mid-2000s.
But times were different too. The internet wasn’t closely enmeshed with our daily lives like it is today. Instead, it was a novelty, a place of fun, games, and experimentation. And cyber criminals took the same approach – in those days, they would do things like hack the websites of private individuals and claim ownership just for kicks. Now we call these ‘defacement attacks’ and while they’ve always been serious, today they’re very often politically or ideologically motivated, taking them to a whole new level.
In 2024, we have come to an interesting paradox. Generally, the technology we use online has improved tenfold, and the security posture of updated software has mostly improved too. Yet our reliance on the digital world in our everyday lives makes the consequences of hacks and scams much more severe than what they used to be. Ultimately, the stakes are higher when it comes to cyber crime – and scams are no exception.
Today’s scammers use a wealth of tools
It’s very fitting to call online criminals scammers. Because today, if someone hacks you or steals your money with the help of technology, there’s almost always an element of manipulation involved. Scare tactics, fake promises, emotional manipulation – the list goes on. Nowadays, it’s fair to assume that any nasty trick imaginable is in the playbook of scammers online.
Phishing, malware, fake ads, fake websites, and fake profiles are all merely a means to an end leveraged by scammers depending on their goal, and what they’re ultimately looking to steal. AI only throws fuel on the fire by making it possible to generate text in multiple languages, audio, video, and images, helping scammers fool us into believing things that aren’t real.
Scammers want our most valuable asset
While we can’t touch or feel it, our data has become incredibly valuable both to legitimate businesses and scammers alike. Law-abiding companies crave personal information that lets them personalize offers and sales hooks, sell indirectly to advertisers or other parties, and even feed AI systems. But on the flip side, there’s a criminal business that’s booming too.
Credentials to social media accounts, streaming services, and payment services are regularly sold on illegal marketplaces and instant messaging platforms such as Discord and Telegram. But it doesn’t stop there – credit card details, social security numbers, utility bills, home addresses, email addresses, and phone numbers are all at risk. For the right price, virtually any personal data can be sold on the dark web to scammers who are eager to use our most sensitive details for their own gain.
Technology makes scamming more effective
A scammer’s tactic could be a simple convincing conversation on social media, instant messenger, or a dating app. Or it could be combined with phishing – luring an unsuspecting victim to a fraudulent site and stealing whatever data they provide. Phishing doesn’t just happen via email either – it can occur via text message too, something the industry coins as ‘smishing’.
Whichever way you look at it, the ways in which scammers can use today’s online world and technology to carry out malicious activities are extensive. And with the arrival of generative AI, these are only set to increase – both in volume and sophistication. Scamming may have been around forever, but today’s technology just makes it more effective.
It's crucial we protect our lives on and offline
Scammed, swindled, tricked, cheated, fleeced, hustled, conned. Whichever way you want to look at it, these words have one thing in common: they portray the pain we feel when we’re manipulated, and something is taken from us by someone – or something – we trusted. And unfortunately, this isn’t going anywhere.
So how do we tackle the scamming epidemic? Of course, legislation and government action are important, but they can only fix so much. The law is only followed by the law-abiding, and scammers will always throw out the rulebook when it comes to using modern technology to their advantage.
Ultimately, it’s up to us to take back our power and protect ourselves by combining education, best practices, vigilance, expertise and, of course, technology. While we’re all in some way married to the devices that enable our digital moments, we must make sure we’re doing what’s needed to protect them too.