New Scams to Watch Out For in 2022

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Well, it's a new year and there's  new scams. So just like every year,   I'm going to make this video going over a  bunch of scams that are either brand new   or maybe they're not even new, but  they're becoming more popular recently   or they're new variation on an old  scam that you should watch out for coming into 2022. But of course, the best way to  defend against them is to simply know about them.   So you should be good by the end of the video for  these, at least. So starting out with number one,   we have the Google Voice verification scam, and  this one's really tricky because you might not   even realize that you were tricked by the  end of it. This one usually targets people   who are selling things online, such as  on Facebook Marketplace or Craigslist,   but really anywhere that people post  their phone number to be contacted. And this even includes, sadly,  people who are looking for lost pets,   for example. So how this scam works  is they'll first contact you and say   they're a little bit hesitant. They  want to verify you're a real person, or   verify that you're the real pet's owner, or verify  anything really. And then they'll say that they're   going to send a verification text or may also be a  voice phone call, and it'll be from Google Voice. It'll say Google Voice verification text,  and then a code, and they'll ask you to   give that code to them. And if you do, even  if you don't have a Google Voice account,   they've got you. So let me explain. Google Voice  is basically a service where you get assigned   a virtual phone number that ties to your  main phone number, and then you can then   receive calls on the virtual phone number  that gets forwarded to your main number. Or you can also make calls from the Google Voice  number, the virtual number. And in this scam,   what the scammer is trying to do is set up a new  Google Voice account with the Google Voice number,   except it'll be associated  to you, the victim, not them.   Because when they set it up, they enter in a  phone number that it will be associated with, and then it sends that phone number, of course,  a verification text. And if you give that,   then they can basically sign up for an account  under your number. And this is basically just a   way for the scammers to get a nearly unlimited  supply of new phone numbers because normally,   obviously, you need a specific phone  number to sign up for each account. But if they're going from person to person online,  they can just trick everyone into signing up and   get a whole bunch of numbers. And then those  numbers would be used to scam other people.   So in this one, you might particularly  not lose any money or anything. But still,   your number is going to now be associated  with some random Google Voice account. And if you do get tricked, you basically have to  go through a process which is called reclaiming   your number, which I believe involves just  signing up for your own Google Voice account   and then re-verifying with your phone  number. But it'll now be switched   on to your actual account that you  created, and take it off the other one. So, yeah, just be aware of this one, because  you might not have realized that this was even   possibly a scam. All right next up, we have these  Zelle payment scam, and this one's interesting   because you might not even realize that a lot  of banks, possibly even your bank, uses Zelle   and may have automatically signed you up so  you can receive payments or send payments through Zelle, even though you never really  made an account for it. And that's what the   scammers take advantage of. So how this  scam works, is scammers will send out mass   text messages to a whole bunch of  people and it'll say something like,   "fraud detected, if you did not make this  charge for whatever amount of dollars, reply   no or yes". And no matter what you  respond, if you do respond at all, they will then call you from a spoofed number to  look like the bank and pretend to be the bank's   fraud department. Then they'll say something  like, "Oh, we need to verify your identity"   and they'll ask for your bank username, not  your password, which some people might be   thrown off by. And the reason for this is what  they're going to try and do is go through the   password reset process with you on the phone,  but you don't realize that's what's happening. So they basically go onto the bank's website, put  in the username you just gave them and say forgot   password, which will then, with Zelle at least  apparently trigger a text message to be sent to   the phone number associated with it. Which again,  is your number, but you might not realize that it   is. And what they'll say is, "Oh, I'm going to  be sending you a SMS message with a verification   code, and you'll have to read that back to  me to make sure you're legit" or whatever. And unbeknownst to you, that's not a  verification text code, it's a code to   reset your password. Anyway, so once they get  this number, they basically are able to get   into your bank account and potentially  even change your password. And because   Zelle is tied to your bank account usually,  they can use this to send money out of it. Now, I believe in some scenarios when they  do go to try and transfer money out, it will   also trigger another confirmation text message. So  what they'll probably do is keep you on the line,   and they'll say that, "hey you're going to get a  text message and it's the refund confirmation. So   you have to make sure that you  confirm it because I'm sending   the money back into your account that  was stolen" or something like that. Meanwhile no, it's actually a confirmation  for money coming out of your account to the   scammer. So you have to be aware of that, that  they will say really anything to get you to put   in these codes or confirm the text message. And  this one is actually part of a larger trend of   scammers realizing they can get around two factor  authentication using SMS codes, because a lot of   websites stupidly basically make it so a text  message turns into a one factor authentication,   where you can reset your password with nothing  but the confirmation code on your phone,   which then opens up the possibility of  scammers simply asking people for it. And even though usually it says,  never share this code with anyone,   people apparently do it anyway. And what's  actually apparently really bad about this one,   is a lot of banks they say in their terms  of service that the Zelle transfer doesn't   actually get covered under certain fraud terms.  So you kind of might just be out that money. So definitely be aware of this one. All right onto  the next one, we have the cloud access job scam.   And this one is another interesting  one because it doesn't always scam   the person directly, but rather uses  them sort of like the Google Voice scam   to scam other people. Although sometimes depending  on the situation, you can be scammed directly. So how this scam works is the scammers  will post a fake job listing online,   which people will respond to, and they may even do   a mock interview where they don't really show  their face, of course. But maybe it's a text   interview or over chat or something like that.  And then they'll offer you the job, of course. And then afterwards they'll say something  like, "Oh, well we do have some requirements   for you to actually be getting into this job  and we have to have you sign this tax form and   an NDA". And first of all with the tax form,  that's not even the main part of the scam,   but they might be kind of double dipping  by when you do fill that information out,   like with your Social Security number, they  might take that and use that later against you. But the main part of the scam is actually this  other document, which they may call an NDA,   and it'll say things like, "Oh, to get this  job, you need to confirm that you're willing   to go through our setup process within  24 hours or else you won't get the job".   And this process basically involves you signing up  for a cloud computing account. Whether that's AWS, Amazon Web Services or Google  Cloud, something like that.   And the payoff for the scammers is they'll  ask you, all right, after you set it up,   give us the username and password and we can  complete our setup process. And then once you do,   of course, then they can use that Google  Cloud or AWS account for nefarious purposes. A lot of times these accounts will have a starting  bonus credit or something like a trial credit,   and those users now used your information that  you're now associated with for fraud, which   obviously is not good. Or sometimes I believe they  may even get you to add your credit card number to   the account and then say, "Oh, we'll reimburse  you and we'll give you a bonus if you do this". And then of course, they can not only just charge  the trial credit, but then start using your credit   card information for fraudulent purposes by  running, maybe a DDoS attack, or whatever   they want to use these computing resources  from this account on other people. So if   someone asks you to sign up for an account and  then you give them the username and password,   that's really suspicious because why couldn't  they have just done that for you then? So just be wary that these types of scams are  out there. Up next, we have post-disaster scams,   which is a more general category. And these  are becoming more common simply because   there is more things happening. For example,  in 2021, there is that huge "tornado outbreak",   it's being called where a whole bunch of  homes across the United States were destroyed,   and then scammers of course lined  up to take advantage of this. For example, you may see an advertisement  or receive a text or phone call, whatever,   and it'll say, "Hey, you're eligible for  FEMA relief funds. You can get some money   and you just have to pay this fee and then  we'll get you the funds". And obviously,   fees for FEMA relief are not a thing.  It's a scam to just take your money. Some scammers may also pretend to be government  officials as part of the relief effort and   say that, "oh, to help you out or get you whatever  resources, we need to first get your personal   information and your banking information", or  maybe even transfer money directly. And of course,   it's the same idea, that they might use it  to steal your identity, something like that. So just be very suspicious and only sign up  for any kind of resources through official   government websites. And an example of  one apparently that was more frequent   was these scammy debris removal services, where  they were not qualified professionals or anything.   But they would advertise these services to remove  debris from your home or wherever. And they would   either demand outrageous prices way above market  rate that didn't even make sense to scammy levels,   or they may demand money upfront and then   have crappy work and then refuse to refund  you, or just crappy work in general. So of course, just remember even if you go through  a disaster. Still try and take the time to vet   some of these people that are claiming to be  who they are, they might not be. All right,   moving on, we have the Geek Squad subscription  scam. And no, this is not saying that Geek   Squad is the scam, but rather scammers  using that name as part of the scam. Now this scam is actually really similar  to other scams, but usually the scammers   use something like Amazon. So I'd never  seen it used before with Geek Squad,   so I figured I'd bring it up. And how this  one works is they'll send you a text message   or probably an email, that will be a  fake subscription renewal confirmation. And then they'll say, "Oh, to contact  for information about this order,   contact this phone number", of course, which is  going to contact the scammer. And then from there,   it's the usual. They ask you, "Oh, what's your  credit card info? So we can confirm the order",   or something like that. And of course, they  just use that to steal and take your money. And the way to defend against these scams,  is to simply call the official phone number   on the actual retailer's website. So in this  case, you go on Best Buy's actual website,   check their actual phone number, don't  rely on the one there's in the email if   you really want to check for it, or just kind  of be able to recognize that it is a scam. And also just be aware that these types  of scams are not just happening for   Apple, iTunes and Amazon anymore,  it's more obscure services. All right,   onto the next scam is the Omicron  PCR testing scam. And apparently   this one is happening mostly in the United  Kingdom, but really could happen anywhere.   And basically, how it works is you'll get a  text message or an email, something like that. Maybe even see an advertisement,  that claims to be a way to get a free   COVID Omicron test. And in the United Kingdom,  at least the one that's mostly going around   sends you to a website that looks like the NHS,  the National Health Service. And basically, you   have to fill out all your personal information,  potentially even a credit card information,   and then they'll just steal whatever you put  in. And then you don't get the test, obviously. And I remember actually talking  about this scam I think last year,   where it was obviously not Omicron, but it  was the same story, scammers pretending to be   a government agency. And in that one, they  did ask for your credit card number for   a fee. So just be aware, to always only go to the  official website and make sure you check that URL. Now this next scam is definitely not new,  but it does show, I think, that scammers are   becoming more bold in their scams, and that  is that some of them are using even prop,   fake money to pay for things they are buying  from you online. And this actually did happen   to someone on Reddit, they posted about  it, which is where I got this example.   Where they sold their iPad in a public place  and the person handed them fake prop money, where on it it literally says "for motion  picture use only". But they, I guess,   didn't inspect it close enough. And you can  kind of see it looks different. And they also   mention it was very, very cold out, which could  have been the reason maybe why he didn't notice   that it felt different because your  hands are a little bit more numb. Now in this example specifically, they were  given 100 dollar bills, but theoretically   it could happen with any denomination. So if  you do receive large bills from anyone really,   always be sure to maybe give it an extra glance  to make sure it is at least passably real. And I   think if you are selling something to a stranger,  then check it no matter what the denomination is. Even if it's very small, you want  to make sure they're not giving   you anything fake that's smaller, because  people might not check smaller bills. Now,   I was under the impression that prop money  was supposed to be either larger or smaller   or have some other characteristics that  made it easy to spot up close as being fake, but either the scammers modified it somehow or  the person really didn't look close at all. OK,   coming near the end, we still have a couple more.  This next one is child tax credit scams. Now,   last year in the United States, the federal  government did send out payments in the   form of tax credits, depending on if  you had children and stuff like that. But theoretically, this could happen anywhere  in the world for any government program   that is involving sending money to  people. And what scammers have been doing   is at the time these payments were going  out and still to this day continuing,   saying that, "Oh well, you  qualify for this tax credit", or   maybe by this point they'll say, "Oh, you're  qualifying to get another tax credit". And how this one works is not really a new story.   They contact you via text message or voicemail  or whatever email, and they'll say, "Hey,   you qualify for this tax credit. You can get this  amount of money, but you have to do x y z first".   And really the sky is the limit after you  contact them and believe it, they could ask   for personal information, banking information  a fee or something for the bank transfer. Whatever they say, they're probably going to try  and get as much as they can out of you. And if you   do seem like a gullible person, they might not  stop at just asking for identity information,   but maybe even try to get you to  directly pay with a credit card,   stuff like that. OK, finally we have the  Emergency Broadband Program impersonators. Now this one is actually a really run-of-the-mill  scam in terms of the technique, but I wanted   to point this one out because the real  program, not the scam one, obviously,   is actually something I think most  people should at least know about,   so I wanted to mention it. It's just  another federal program here in the USA. But basically, if you qualify, the  government apparently will give you   a refund of, or a kind of a rebate of,  50 bucks a month for internet service,   and like 100 for any laptop you purchase.  So that might be worth checking if you're   struggling to pay for your internet bill,  especially in these times of remote work. You might want to look into that, of course,  just on the official government website.   Don't believe any of these scammers.  So let me get to that. The main notable   thing I noticed about this game when I was  reading is that apparently scammers are using   social media advertising to spread it, not  just spam texts and stuff like that. And a   lot of people may fall for it because they  may expect to get spam on their text message   or email , but maybe not see scams in social  media advertising like on Facebook or something. And then what happens, is you click on  this advertisement or click on the link,   maybe they do send an email.  And then it's the usual "Oh,   take sign up for this. We need your identity  information. We need you to pay this fee",   whatever. So just remember if you do see  advertisements for some government program,   even if it is a real thing, definitely look it  up yourself on the actual government website. Google the actual website, don't necessarily  take an advertisement at face value. So by now,   you should be at least more aware of some of the  more popular scams, though don't think that these   are the only ones going around. But if you are  aware of the general patterns of these scams,   at the end of the day, they're kind of  similar so you can start to recognize them,   even if it's not exactly the same. Now, if you guys want to keep watching,   the next video I'd recommend is one I made talking  about how scammers are using new automated bots   to trick people into giving away two factor  authentication codes. Like I mentioned that's   kind of a pattern, and it's a little bit  different than what I even mentioned here. So definitely check that one out. So you're  aware of it. So thanks so much watch, guys,   and I'll see in the next one.
Info
Channel: ThioJoe
Views: 983,156
Rating: undefined out of 5
Keywords: new scam, new scams, latest scams, scary new scam, clever new scam, new scams 2022, 2022 scams, cyber security, computer security, internet security, phone scams, sms scams, email scams
Id: ed7uKTq02i4
Channel Id: undefined
Length: 16min 53sec (1013 seconds)
Published: Sat Jan 08 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.