The Insider Threat – The Networks of Scammers

A SCARSSCARS SCARS - Society of Citizens Against Relationship Scams Inc. A government registered crime victims' assistance & crime prevention nonprofit organization based in Miami, Florida, U.S.A. SCARS supports the victims of scams worldwide and through its partners in more than 60 countries around the world. Incorporated in 2015, its team has 30 years of continuous experience educating and supporting scam victims. Visit www.AgainstScams.org to learn more about SCARS. Insight

Did You Become A Target Because Of Your Connections?

Scammers Are Very Much Like Telemarketers, They Work Through Lists And Networks

Scammers need new prospects just like any mass-marketing company. They work through those on their lists, but constantly need to find new prospect victims. But as any telemarketer will tell you success or failure is all about the lists.

Prospecting

First, we need to separate the three main types of scamScam A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost. victim prospecting:

• Massive Email – massively sent emails to identify possible victims and future targets.
• Predictive – these are both email and phone-based – targeting potential victims by demographics and attributes.
• Selective –  these are where scammers enter or access a network and then will systematically prospect within the network.

If this sounds like sales processes, it is because it is. Scammers use the same techniques as professional sales and telemarketing companies. Many times they are even using the same tools marketers use such as the Salesforce application.

Scamming is big business and their organizations have learned to adapt to better business models that will allow them to succeed.

Email Campaigns

Since email is effectively free or nearly so, scammers can send out billions of emails a month. These are sent from hijacked email & webservers servers around the world as well as servers they own or control. Email is easy, just send a broad generic message to everyone and see what happens. This is how phishing scamsScams A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost. work mostly – there are exceptions, but in general, this is just about seeing what sticks or what they can catch.

The secret for the scammers is to just send out vast quantities of emails constantly, changing the message every so often to try to hook different kinds of people.

Some of the emails will provide a link to a webserver/website, or an app, or expect a reply. All of them attempt to hook a victim to be exploited. Based upon the message and the goal, they can be to gain information or set the victim up for groomingGrooming Grooming is a form of setting up a victim for a scam or other crime by befriending and establishing an emotional connection with the victim, and sometimes the family, to lower the victim's inhibitions with the objective of the scam or criminal activity.  Grooming includes the development of a trust relationship between the criminal and the victim, getting the victims to the point where they can be more completely manipulated.   for a more complex scam, such as a romance scam, lotto scam, or something else.

Predictive Campaigns

Just as telemarketers have “predictive dialers” scammers have them also. The predictive approach allows for a broad demographics-based focus to try to connect with potential victims based upon things they may have in common or in specific regions.  We see this most commonly with phone & text-based scams.

The phone scams can be anything from IRSIRS The Internal Revenue Service (IRS) is the revenue & tax service of the United States federal government responsible for collecting taxes and administering the Internal Revenue Code (the main body of federal statutory tax law.) It is part of the Department of the Treasury and led by the Commissioner of Internal Revenue, who is appointed to a five-year term by the President of the United States. The duties of the IRS include providing tax assistance to taxpayers; pursuing and resolving instances of erroneous or fraudulent tax filings; and overseeing various benefits programs. Visit www.IRS.gov to learn more., Social Security, etc. These do not really target individuals, but it is much more refined that just random. And a prospect victims’ behaviorBehavior   Behavior / Behavioral Actions Otherwise known as habits, behavior or behavioral actions are strategies to help prevent online exploitation that target behavior, such as social engineering of victims. Changing your behavior is the ONLY effective means to reduce or prevent scams. when contacted may result in more refined targeting as well. We see this when people answer these calls then they will be fully targeted for more and more rapid scam calls.

Remember, scammers do not truly choose anyone at random. Why? Because it wastes the most valuable thing a scammerScammer A Scammer or Fraudster is someone that engages in deception to obtain money or achieve another objective. They are criminals that attempt to deceive a victim into sending more or performing some other activity that benefits the scammer. has – their time. Only in the broadest email campaigns is it truly random – if they can get an email address they will send an email out – but they never forget. So this will go on forever.

Selective Campaigns

Once a scammer identifies a network and the individuals in that network, they will begin a campaign designed to exploit the people in it.

Network examples:

• Industry or commercial networks
• Employment type networks
• Personal affiliation or affinity networks
• Extended families and friends networks

We see this in various kinds of business scams working individuals on LinkedIn and other business networks. We see this with animal scams too (such as puppy scams) with individuals that are part of animal lover groups or networks. Charity scamsCharity Scams Scammers call asking for charitable donations, often after large-scale disasters. They may make up phony charities or spoof a real charity to trick you out of your money. target individuals on Facebook that have charity fundraisers. Ebay car buying scams target people looking for new cars – especially when they give their emails to fake websites offering deals or information.

We all saw how scammers targetted people looking for information and cures for COVID19, this is a perfect example of selective targeting.

Scammers have become so sophisticated that they set up the same kind of websites and appsApps Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing. that a generation ago offered a free cruise just for filling in a form. With scams, it is all about access to more and more prospective victims.

Make no mistake, not every scammer is capable of this – most are not – but they buy lists of prospects from services that collect them. Scamming has become like everything else: an outsourced business model – it is all about scamming support for a fee. Scammers buy complete lists and scripts – basically scamming in a box for anything from a few hundred dollars to several thousand. They even hire other companies to do their prospecting for them. This is part of the “scamming as a service” approach now prevalent.

Families and Friends

In addition to the networks, scammers also exploit family and friend networks. A scammer can develop a relationship with one person and then mine that person for all they know about their friends and family. They may not even ask for money from the person they are talking to, since the information is far more valuable in many cases. Even if they do scam the original point person, they still carefully extract every bit of information they can get.

Scammers know from the information they get which friends or family are single, married, have had a hard time, and maybe are vulnerable.

Anyone that has been a victim should try to remember the questions their scammer asked them about their families and friends – especially those in their social media friends or contact list. This is the scammer mining the victim for all they can get. This then all goes into databases for potential future use.

Scammers, like telemarketers, treat this as a business. They keep records (maybe as a spreadsheet or in a contact management application – CRM – like Salesforce or Act). These records allow them to selectively target individuals based upon probabilities of vulnerability and the ability to pay.

Find Out

After a person has been scammed, the very first thing to do is look through their contact or friend’s list to identify any strangers and remove them. But each victim should also do the same with their friend’s and family’s friend’s lists because their scammer may still be lurking (under another identity) in one of their lists – giving them the ability to watch their targets.

We constantly hear from victims that they were contacted by another scammer months after their scam ended – this is how that works. One of them is hiding in a friend’s friend list giving them visibility of all of that friend’s connections. What a victim thinks may be private is probably still shared with their friend – the “friends of friends” network. Somewhere in that friends of friends is probably the scammer that scammed that victim, waiting and watching for the next opportunity.

After a scam, scammers know – because of their access – what new vulnerabilities may come up, or new prospect victims that become available. This is very much like a spider just waiting for the web to twitch, and then knowing there is another victim to harvest.

The Greatest Mistakes

Victims make many mistakes when it comes to online safety!

The first and most obvious is starting to talk to strangers online, but after the scam, rarely do they fully explore potential ways in which scammers are still observing. Few victims take the steps necessary to really secure their lives after a scam.

We don’t blameBlame Blame or Blaming is the act of censuring, holding responsible, making negative statements about an individual or group that their action or actions are socially or morally irresponsible, the opposite of praise. When someone is morally responsible for doing something wrong, their action is blameworthy. By contrast, when someone is morally responsible for doing something right, we may say that his or her action is praiseworthy. Blame imparts responsibility for an action or act, as in that they made a choice to perform that act or action. them, we just point out the steps necessary to remain safe both before and after a scam. Each victim makes their own decisions about what they do or do not do. But the problem is that any failures can also create opportunities for scammers to target their friends and families to.

Remember, that after a scam every victim remains vulnerable and if they do not fall for another scam then scammers will use the information they provided to go after people they knew.

This is made worse by victim’s reluctance to talk with people that they know about their scam experience, so scammers have a free ride to exploit everyone they know – men, women, and even children. The only solution is to talk with everyone each victim knows – put the shameShame Shame is an unpleasant self-conscious emotion typically associated with a negative evaluation of the self; withdrawal motivations; and feelings of distress, exposure, mistrust, powerlessness, and worthlessness. aside and think about their safety.

AS LONG AS EACH VICTIM REMAINS SILENT, THE SCAMMERS WIN!

NOTE ABOUT ONLINE DATING:

Online dating would seem not to apply to this thesis since the victims went looking for stranger contact. Yet, in reality, it still does because an online dating website or service is nothing more than another form of a network. The members join a network of other “daters” looking for a relationship with a stranger – an ideal network for scammers to infiltrate and mine for all it is worth.

TAGS: SCARS, Information About Scams, Anti-Scam, Scams, Scammers, Fraudsters, Cybercrime, Crybercriminals, Romance Scams, Scam Victims, Online FraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim., Online Crime Is Real Crime, Scam Avoidance, Married Scam Victims, Internet Infidelity, Scam Victim Divorce