WHEN YOU CAN’T TRUST RANSOMWARE PIRATES, WHO CAN YOU TRUST? UnitedHealth Group: Patient data compromised despite paying ransomware.
McKinsey faces US criminal investigation over its opioids work
Scammers are taking over the world
A seedy layer beneath our regular lives is cluttered with bogus messages, spam callers and phishing attempts.
You open your eyes and grope for your phone. You check your inbox and discover dozens of spam emails that made it past the filter.
Tapping over to Instagram, you find a request for a supposed brand collaboration in your DMs. Your WhatsApp notifications, meanwhile, consist solely of strangers asking you to invest in a cryptocurrency exchange.
A recruiting manager has contacted you through LinkedIn to say they are “impressed with your unique background and journey” and want to discuss “exciting job opportunities” at several Fortune 500 companies.
While scrolling social media, such as baker fraud, on your lunch break, you see Tom Hanks promoting a dental plan and Taylor Swift peddling a cookware giveaway. (Or, at least, that’s what seems to be going on.)
Fake images on Taylor Swift have been used for online scams. (This one is real.)
On the way home from work, you receive a text alert from FedEx with a tracking number and a link to update your delivery preferences – except you don’t remember any pending shipments to your home.
Should you click on the link? Pick up that call? Pursue that job opportunity? Is the person who texted you “hey” just now from a number you don’t recognise someone you actually know?
Welcome to Scam World, the seedy layer just beneath the world we live in every day. It’s cluttered with these bogus text messages, spam calls and phishing attempts.
Seemingly every facet of daily life now comes with its attendant scam – even death, when details in online obituaries result in identity theft. And the prospect that we may be deceived at any time “leaves us feeling vulnerable”, says Pamela Rutledge, director of the Media Psychology Research Centre in Boston.
“The lack of trust means you’re not able to take information at face value. You’ve got a heightened state of vigilance.”
‘Groomed’ to be scammed
In the early years of digital culture, the border between the real world and the internet was firm. Surfing the web for an hour or two in the evening felt like a hobby separate from the business of everyday life.
Now, we carry the internet around in our pockets and rely on it for practically every aspect of daily life. “We are in the computer,” says Rachel Tobac, CEO of cybersecurity company SocialProof Security.
Living our lives online has bred a misplaced but necessary trust. It would be difficult to use TikTok, Uber and Gmail every day while believing that doing so creates a perilous risk.
Tobac says many people “turn their brains off” when they go about their business on these apps and platforms, “because it is so stressful to consider that these interactions are potentially harming”.
To be sure, there are still plenty of real-world fraudsters and grifters, some of whom – like Anna Delvey and Sam Bankman-Fried – have become figures of fascination. But “a digital realm creates a bigger funnel – at less cost – for scams”, says Cory Doctorow, a journalist and science fiction author who has written about the internet since its early days.
Russian con artist Anna Delvey played by Julia Garner in the Netflix series Inventing Anna.
Doctorow notes that, just as the internet has made routine tasks less burdensome, it has also made scams much easier to pull off. Picture an old-school boiler room in which fast-talking con artists place hundreds of phone calls in an effort to fleece strangers out of their savings. Now fast-forward to 2024, when scammers can send out millions of phishing texts and emails with the help of bots.
“If you can automate parts of it, you can cast a much wider net,” Doctorow says.
Text scams tricked Americans out of $US300 million in 2022, the Federal Trade Commission reported. That same year, Americans received 225 billion spam texts, a 157 per cent increase from the previous year, according to a report by Robokiller, a company that sells a spam-blocker app.
As digitally savvy and cautious as he is, Doctorow is not immune to phishing.
In December, while holidaying with his family in New Orleans, he got a call from his bank asking if he had spent $US1000 at an Apple store in New York. The caller was a scammer who had Doctorow’s phone number and the name of his credit union – perhaps from one of the many data brokers that collect personal information and sell it to third parties – and then used spoofing software to appear as his bank on his caller ID.
During the call, Doctorow gave out the last seven digits of his debit card number – enough information for the scammer to run up charges on his account.
Scam alert: Scammers purported to be from First Sentier Investors, hoping to separate investors from their money. Fairfax Media
A dystopian present
Science fiction author William Gibson, who coined the term “cyberspace”, made a hacker the protagonist of his 1984 novel Neuromancer, which is set in the 2030s. About 25 years after he wrote it, he began setting his books not in the distant future but in the present.
The fraught landscape of the 2020s seems especially Gibson-like – a destabilising, fatiguing grind in which the very technology we rely on makes us unsure that what we see and hear is real.
Two recent incidents reveal how easy it is to get sucked into Scam World.
In February, a finance worker in Hong Kong was tricked into transferring $US26 million ($40 million) of his company’s money to fraudsters who impersonated his colleagues on a video call. The scam made use of “deepfake” re-creations sophisticated enough to make him think he was speaking with his boss and other staff members. (The phony promotions featuring Hanks and Swift used similar technology.)
Days after Bloomberg reported on the elaborate scam in Hong Kong, The Cut published a first-person account by Charlotte Cowles headlined, The Day I Put $50,000 in a Shoe Box and Handed It to a Stranger.
Towards the start of the story, Cowles, a financial journalist, writes that “a polite woman with a vague accent told me she was calling from Amazon customer service to check some unusual activity on my account”.
What followed was a psychodrama straight out of Hitchcock: After Cowles was informed that she was the victim of identity theft, she was transferred to a Federal Trade Commission investigator and then to a CIA agent. She learnt that she was being investigated for federal crimes and that her phone was tapped.
The hours-long ordeal – a drama entirely manufactured by scammers, played out over a phone line – contained all the ingredients of a modern scam, Tobac says.
“They’re spoofing customer service, building authority with sensitive details from data brokerage sites, using urgency and fear and appealing to authority.”
The reactions to the story were not universally sympathetic, and Cowles understood the complaints of critics who found her credulous.
“Certainly before this happened to me, I was someone who didn’t think I was vulnerable to scams,” she said.
The numbers belie that reaction, however. More than 600,000 cases involving impostor scams were reported in the US last year, costing Americans more than $US2 billion, according to the FTC. The victims included Bravo TV host Andy Cohen, who went on NBC’s Today show in January to warn viewers of how he had lost thousands of dollars to someone posing as a representative from his bank.
‘Politely paranoid’
The strategies people have used to ward off the risks of the analog world may not apply to the new digital reality, says Tobac. “We’re in easy territory for attackers; we haven’t built up defences. I’m sceptical about almost everyone.”
Tobac noted that when she was contacted for this article, she put the reporter’s email address into a verification tool and used a second method of communication, reaching out on X. Only then did she feel safe enough to agree to a phone interview.
She calls her approach being “politely paranoid”. She has to repeat her multi-step verification process dozens if not hundreds of times a week. Polite or not, she has learnt to embrace the paranoia.
As if to underscore what it takes to maintain security in Scam World, she says midway through the interview: “This, by the way, is not my real number.”
