Tech View: New year, old scams to be aware of on social media

ASSOCIATED PRESS

This combination of photos shows logos of X, formerly known as Twitter, top left; Snapchat, top right; Facebook, bottom left; and TikTok, bottom right.

Just before the holidays, a friend (who shall remain anonymous) was scrolling on Facebook, and a post from “Meta Business Support” warned that his FB business page had violated company policy and would be removed if he didn’t act expediently. It offered an official-looking questionnaire that needed filling out, and he was asked for an ID to prove his birth date.

He complied by scanning his passport.

Even though my friend is usually a smart guy, he didn’t act intelligently. Shortly after sending the scan, he had a sinking feeling he was a victim of a “phishing expedition.” Indeed, he googled “Meta Business Support,” and his suspicions were confirmed. He was indeed scammed.

What can we do to avoid these kinds of incidents?

To get some answers I spoke to Attila Seress, founder of Honolulu-based internet security company Cypac.com and arguably one of the top cyber security experts in the state.

Question: What is the No. 1 tell-tale sign that a criminal is trying to scam you?

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

Answer: Fear and pushing you to act right away. This means that you’re being asked to get gift cards … now. Download this program … now. Enter in your bank account details, credit card, user name and password … now. Or else, something bad will happen to you. That’s the formula. Any sense of urgency should be met with an equal amount of skepticism.

Q: Your clientele is mostly Hawaii-based. What kinds of scams are you seeing that Hawaii business owners should be cognizant of?

A: Our No. 1 is still business email compromise. This is when a bad actor can sneak into an email account for someone in charge, download all their emails, then impersonate the victim and get money wired out of the business account, sometimes to the tune of hundreds of thousands of dollars.

Q: Last year there were several big-time ransomware attacks in Hawaii. Is that still a concern in the Aloha State?

A: It is. Just understand that ransomware is the last step in a kill-chain of events. Before deploying ransomware, which essentially cripples the business unless they pay up, the criminals will hide inside the network, monitor activity, download every file they can get their hands on, and when they’ve run out of things to steal, bang, ransomware. Best of all, they also set up footholds within the network so that after the ransom is paid and they’re back up and running, the criminals can repeat the process. Law enforcement no longer calls it just ransomware, but multifaceted extortion.

Q: What’s the best way to protect your data that is often overlooked?

A: Don’t reuse passwords! Statistically, everyone on the planet does this. The danger is that if an online service gets compromised and your password is stolen, they can make their way inside your bank account, social media, etc., leading to identity theft. There are some good apps that will help you keep your passwords safe. I like Bit Warden (bitwarden.com) and Keeper Security (keepersecurity.com).

Another suggestion I have is to enable two-factor authentication. Did you know that your account is 99% less likely to get hacked if you have two-factor authentication enabled on it? This is where you must type in a code or confirm a pop-up on your phone before being allowed inside your bank account, email or shopping site. It only takes a minute to set up but can save you hundreds of hours of headaches.

A third item to be aware of is gift card theft, which was alluded to above. Gift cards, particularly food gift cards, are the new, favorite currency among scammers. This is part of a social manipulation scenario where high-pressure tactics are used to get you to part with your money. Much like the Meta Business Support scam mentioned above, someone demands via email, phone, messaging, etc. that you must pay. If you don’t, bad things will happen. Often the scammer will ask to be paid with a gift card, money order or bank account.

The added tip-off: If you feel the least bit queasy about a transaction, a red flag should go up if you are asked to pay with a food card (Domino’s Pizza, Safeway, etc). Instead of handing the card to the scammers, use it for your dining pleasure.

Rob Kay, a Honolulu-based writer, covers technology and sustainability for Tech View and is the creator of fijiguide.com. He can be reached at Robertfredkay@gmail.com.