The anatomy of scammers.

If you think you aren’t at risk of being scammed, then you’re likely at risk of being a victim. Anyone can be caught in a financial scam, but some people are in greater peril than others. The most vulnerable people are those who would least expect to be scammed.

The UK Scammer’s PM to a victim, posing as a Support member of a separate project.

People think of the stereotypical financial fraud victim as a frail elderly person living alone who probably have reduced cognitive functions. The fact is that type of person is likely to be a victim of financial abuse, usually by a caretaker or relative. Financial abuse is different from fraud. Research done in the last few years, including a study sponsored by AARP, indicates fraud victims are far from that stereotype. The research presents both a profile of those most likely to be scammed and also the times when each of us is most vulnerable.

What to do if you are a Scam target?

1. Don’t Be Embarrassed

Unless you posted your private key on a public forum for everyone to see, you have nothing to be ashamed about if you get scammed.

With so many victims each year, the odds are high that you will be one too eventually.

2. Containment.

When a breach is first discovered, your initial instinct may be to securely delete everything so you can just get rid of it. However, that will likely hurt you in the long run since you’ll be destroying valuable evidence that you need to determine where the breach started and devise a plan to prevent it from happening again.

Tip:

“Don’t delete conversation history or any data, as it may provide valuable evidence”

Instead, contain the breach so it doesn’t spread and cause further damage to your business. If you can, disconnect affected devices from the Internet. Have short-term and long-term containment strategies ready. It’s also good to have a redundant system back-up to help restore business operations. That way, any compromised data isn’t lost forever.

This is also a good time to update and patch your systems, review your remote access protocols (requiring mandatory multi-factor authentication), change all user and administrative access credentials and harden all passwords.

3. Eradication.

Once you’ve contained the issue, you need to find and eliminate the root cause of the breach. This means all malware should be securely removed, systems should again be hardened and patched, and updates should be applied.

Whether you do this yourself or hire a third party to do it, you need to be thorough. If any trace of malware or security issues remains in your systems, you may still be losing valuable data, and your liability could increase.

4. Report the Crime

It’s important to report the scam to the proper authorities or someone who can help. Though it may be difficult to overcome the shaming, reporting the crime helps agencies and cybersecurity experts that fight fraud to understand what scammers say and do to catch their victims.

Over half of reported scams to Energi’s EBI are solved.

Most crimes reported crimes to Energi’s EBI are solvable where an “Action Fraud report” can be submitted to police authorities on a real criminal investigation. If you have been the victim of a scam, it can be extremely distressing.

It won’t always be possible to get your money back if you’ve been scammed, but if you are ashamed and stay silent about it, you are further helping out the scammers. As they can continue scamming the next victim.

For more information on The Energi Bureau of Investigations and to read our Security Press Report, please visit the links below:

Energi Security Press Report — February 2019