The Impact of Social Engineering and Online Scams: 5 people tell us their scam story

There has been a consistent increase of online scams in recent years. Social engineering and online scams are interwoven. At first, it may seem easy to spot a scam. You might say, “Oh, I can spot that from a mile away.” But the truth is that you usually don’t realize you’re being scammed until it’s too late.

According to Forbes, almost 100,000 people lost $770 million to scam in 2021 and 54% of all investment scams originated on social media. Regardless of age, everyone is susceptible to a scam, and even more so the elderly. Because the style and structure of these scams are extensive, they are sometimes very difficult to detect.

Furthermore, most cyber scams are a result of social engineering. Social engineering is the art of deceiving individuals into revealing sensitive information or performing actions that they would otherwise refrain from under different circumstances. Most fraudsters and cybercriminals use different social engineering techniques like phishing, pretexting, baiting, and tailgating to manipulate their victims.

Due to the fact that they are so hard to find in the play, we have put together a few first experiences that you can learn from and maybe remember if something similar happens to you.

“My card had issues”- Deji,63

“One evening, I received a phone call from someone who introduced himself as being from the headquarters of my bank. He stated that my card had some issues that could disrupt my banking transactions and that I should provide him with certain information so that he could fix it. He properly identified my name and other details to convince me that he was a member of my bank’s staff, and I immediately believed him, so he instructed me to provide him with the final four digits of my card, which I did. He instructed me to expect a code and send it back to him. I received the code and promptly sent it back to him. I then received a debit notification, and all of the money in my account was gone. That was when I realized that I had been scammed. It was a painful experience.”

Here’s another story: 

“I got a DM from an account that used my bank’s name”- Fatima, 21

“During Christmas, I went to buy things at the market, and the seller said he didn’t get the alert. So I had no choice but to get help from my bank’s customer support. So I went to Twitter and mentioned my bank in a post. Then I got a DM from an account that used my bank’s name and photo. I didn’t double-check the account. I was asked to click a link that directed me to WhatsApp. I was asked to fill out a form, and they asked for a token number. They asked me to keep filling out forms, and that was how I got a debit alert of about 57,000 naira ($123, £99) out of the 59,000 naira ($128, £102)  in my account. They left 2,000 naira ($4,£3) for me”

Deji and Fatima’s experience are perfect examples of a social engineering technique known as “phishing.” Phishing is a fraudulent activity where cybercriminals try to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal details by impersonating a real organization.

“I didn’t know how to receive payments”- Ola, 22

“When I was writing on Fiverr, I didn’t know how to go about receiving my payment, so the person who introduced me to it gave me a contact to help with withdrawals. The contact was like a middleman. The middleman helped me with the withdrawal, and I never bothered to change my password. Several months later, after I received about $190, he withdrew my money on Fiverr into his Payoneer. I was never able to get it back.”

In this case, the fraudster used a social engineering tactic called tailgating. It involves unauthorized individuals exploiting the trust and access of authorized individuals to gain entry to restricted areas or obtain sensitive information. 

“Some guy on Twitter sent me a DM”-Ada, 22

“Some guy on Twitter texted me and told me a really touching story about how he was about to kill himself. I sent him money, and I was really sad that I only sent a little. Later that day, he called to tell me that the money helped him because he was in the hospital, but it wasn’t enough, and I had to send more. Lol”

Ada’s experience is one of the most popular forms of cyber scams. The attacker creates a fake scenario to gain trust. They may impersonate a colleague, a tech support representative, or someone else who seems trustworthy, with the intention of extracting information or manipulating you into performing specific actions. This is called pretexting.

You can read about scams if you want to know about avoiding them. It is possible to avoid social engineering and online scams. At this point, you’ve hopefully noticed the more nuanced situations, where it actually looked a lot more official, like talking to a customer service representative or trying to fix a problem.

As a free resource, you can reach out to us at hi@sendsprint.com to clear up any strange claims you find suspicious or not sure about when using Sendsprint.