The most convincing little-known scams 2024: ‘Spear phishing’, tapjacking, and deepfakes

A host of scams are not only effective at ripping people off, but are also little-known or understood. Here’s how they work, and how to avoid falling victim.

Last year was another fruitful one for scammers.

Millions of us were targeted by conmen trying to dupe us out of our money, and while many attempts were unsuccessful, plenty of people did fall victim to the scammers.

A report from UK Finance, for example, found that in the first six months of last year alone, fraudsters made off with a whopping £580 million.

Those scams come in all sorts of different forms, however, and while some are well known, there are also little-known variations that run the risk of catching us out and leaving us out of pocket.

The consumer champions at Which? and ThisisMoney have picked out a handful of little-known scams that you need to beware of.

Spear phishing

Phishing scams have been used by fraudsters for years, where you are messaged out of the blue by what appears to be a reputable business or organisation but is really the scammers themselves.

It’s very much a mass-market tactic, with these emails sent out to thousands of people at once, in the hope of a bite from a potential victim.

Spear phishing is a bit more targeted though, where scammers make use of personal information about you ‒ obtained from previous data breaches or information you’ve shared online ‒ to appear more convincing.

If the message appears to be more personalised towards you, or the person on the end of the phone can share some information like your actual account number, then there’s a better chance that you’ll believe it’s genuine.

Of course, legitimate firms and organisations don’t tend to call you out of the blue and expect you to share sensitive information, so any such request should set off alarm bells.

If you’re in any doubt about whether the call or email is legitimate, contact the business or organisation directly through numbers or addresses they publish on their actual website to check.

Quishing

Quishing is another scam modification of the original phishing tactic. 

The sneaky trick though is the setting up fake QR codes, the codes that we scan with our phones which have become so prevalent over the last few years.

Many of us have got used to ordering in bars and restaurants using QR codes, or even using them to get details for concert tickets and the like.

That’s where the scammers step up, setting up dodgy QR codes that take you to fake websites designed to get you to share your details or sign up to costly subscription services without actually realising it. 

A family member was caught out by one of these scams recently, attempting to pay for parking on their phone, only to end up signing up for a wellness subscription service which would have cost the best part of £50 a month.

It’s not just parking meters though ‒ these scam QR codes have been emailed out by compromised email addresses as a way of duping victims too.

Tapjacking

Tapjacking is seriously sneaky. Essentially you are shown an image on your phone, but it appears to be clickable. So you tap away, trying to get rid of it or follow the instructions.

But underneath that image, there are clickable options, which you don’t necessarily realise are there, and which you are clicking away at.

As a result, you could be signing up to all sorts of different things, without realising it, simply because of the phoney overlay you’re being shown on your phone screen.

This is apparently particularly common in shady gaming apps, where it’s used to con people into making purchases or signing up to subscriptions without realising it.

The best way to avoid this is to ensure you only use apps that you download via reputable stores like Google Play or the App store.

It’s also important to do some research on those apps before adding them to your phone.

Deepfakes

Artificial intelligence (AI) is becoming far more commonplace, and that’s opening up opportunities for scammers. 

Which? reckons that scammers are increasingly making use of AI tools to spread misinformation, particularly through creating deepfake videos ‒ videos which use convincing alterations of genuine people ‒ to con potential victims.

For example, we have seen a host of such dodgy videos using the likes of the Prime Minister and Martin Lewis to try and promote dodgy financial products.

With this technology still in its infancy, it’s all too easy to be caught out by it. So before believing anything you see in these videos, be sure to do your own research and question how genuine it seems.

Scammers are adapting ‒ we have to as well

The sad reality is that scammers never rest on their laurels.

They are always looking for new methods, new ways of getting into our lives and separating us from our cash.

As a result, it’s important for all of us to be proactive in guarding against them.

By brushing up on the techniques scammers are employing, we are better placed to ensure that their attempts to con us will not be successful

Comments


View Comments

Share the love