Cybercrime Unveiled: The Recovery Mirage, Rental Cons, Sextortion, and ask Dr. Lacey

Recovery Mirage: The Illusion of Fund Recovery Scams

Imagine losing $100,000 to an investment scam, only to face another hit from a scammer promising to recover your losses for $10,000. This was the harsh reality for one of IDCARE’s clients in January 2024. Glen* sought help from IDCARE after discovering his bank account was frozen. He had transferred over AU$100,000 to his supposed ‘investment broker’ over the course of a month. He provided details of the website where he engaged with these brokers, which IDCARE analysts found to be sophisticated, featuring detailed information and photos of the ‘brokers’. Despite a warning banner about impersonation, urging victims to call a listed number, Glen continued to communicate with the scammers who claimed his funds were tied up in an escrow service and unreachable. Desperate for a solution, Glen found a ‘fund recovery service’ promising to help. However, after falling victim to both scams, he lost a total of $110,000, leaving only $1,000 in his bank account, with no funds recovered to date.

Fund recovery scams target victims of previous scams, offering to assist in recovering lost funds. These scams take various forms: targeted scams re-target individuals who lost significant money and may not realise that their ‘investment’ was a scam; victim-initiated scams where desperate victims seek recovery services online and fall for fraudulent companies; and wide-net phishing, where scammers use mass messages to persuade recipients, they were victims of a scam they were unaware of and can retrieve their money. Scammers may have links to the original scam or obtain victim details from the dark web. In the past 12 months, a third of people who reported recovery scams to IDCARE lost additional money, totalling an extra AU$7 million on top of their initial losses.

In the last 12 months, 60% of recovery scam victims were male, a pattern similar to the high percentage of male investment scam victims at 82%. People over 65 made up 34% of recovery scam victims. These older individuals mostly used the telephone (56%) and experienced remote access (46%). The average time between investment and recovery scams was 130 days, with 40% targeted within a month. Notably, 47% were trying to recover cryptocurrency investments.?

Victims of fund recovery scams are often contacted unexpectedly by scammers posing as legitimate recovery companies or trusted organisations like law firms and banks. These scammers operate through sophisticated websites with fake positive feedback to appear genuine, requesting upfront payments and personal documents that can lead to identity theft. Recovery scams are particularly convincing because they use victims' personal information to enhance credibility.?

82% of recovery scam victims were initially victims of investment scams.

Most recovery scam victims (82%) were initially targeted by investment scams, which share similar tactics of building trust through personal engagement and fake authentication methods. Cryptocurrency recovery is a common pretext used by scammers, convincing victims their funds are irretrievable without their assistance due to the complexities of cryptocurrency regulation and tracing.?

Telephones are the primary contact method for 56% of recovery scam victims

Telephones are the primary contact method for 56% of recovery scam victims, significantly higher than in investment scams (13%), often due to scammers obtaining victims' contact details from previous scams or online sources. Remote access is another tactic used, with 43% of victims enabling scammers to gain access to their online banking, resulting in substantial financial losses.?

Older age, rural residence, and lower socio-economic categories are significant vulnerability markers for becoming victims of recovery scams, mirroring trends observed in investment scam victims. Men are predominantly affected (60%), especially those over 65. Location-wise, recovery scam victims are more likely to reside in rural or remote areas and lower socio-economic areas, indicating heightened risk in these communities.?

Are there genuine fund recovery services out there?

It’s challenging to verify their legitimacy as they often operate with limited transparency. While they claim to identify key individuals and gather intelligence for asset recovery or court evidence, they don't directly facilitate fund recovery, especially since many scammers operate overseas and are difficult to prosecute. Review sites typically rate these companies poorly, citing concerns over upfront payments and the risk of impersonation by scammers. Some recovery websites use tactics like testimonials from cybersecurity experts or logos of trusted organisations, which may create a false sense of credibility.

Behind the Mask - a guide to new and trending scams

Rental Scams Now Involving Fake Booking.com Listings

A new wave of rental scams is targeting unsuspecting renters, involving fake Booking.com links. One victim, searching for a short-term rental in Sydney, found a listing on Facebook Marketplace for a 1 Bed, 1 Bath apartment in Sydney for A$370/month. The scammer, "Kate," assured them the transaction would be securely handled via Booking.com. After transferring $3200 ($1600 rent + $1600 deposit), the victim realised it was a scam. The Booking.com link and listing were fake, mimicking real details from an actual apartment.

OUR TIPS

If you come across a rental listing and are directed to Booking.com for payment, be cautious! While Booking.com does offer long-term stays in apartments and hotels, their main business is short-term hotel stays. Prices for long-term stays on Booking.com are typically much higher than average residential rental prices. Always verify the legitimacy of the listing and the platform. Avoid sending money or providing personal information without thorough verification. Contact the rental platform directly using verified contact information, cease all communication with the scammer, block their number, and report the incident to authorities.

Sextortion Scam Spikes

IDCARE analysts have detected a significant rise in bulk sextortion phishing emails where scammers claim to have caught victims in "private moments." Reports to our national case management centre more than doubled in May compared to previous months.

These emails may appear to come from your own address, alleging that a "professional hacker" has accessed your account and filmed you in compromising situations. The scammer then threatens to share an intimate video with your contacts unless you pay a ransom.

Typically, these emails pose no real threat. They often use spoofed email addresses and may include an old password from previous data breaches (you can check previously breached accounts by visiting www.haveibeenpwned.com).

OUR TIPS

If you receive such an email, delete and ignore it. Change your passwords and avoid using the same password across multiple accounts. Stay informed and protect yourself from scams.

Have a scam, identity or cyber-related question? Ask Dr David Lacey!

Having dealt with countless cases of scams, identity theft, and cybercrime, Dr. David Lacey is one of Australia’s most respected experts in the field. He is highly sought after by both government and industry for his unique insights into the online criminal environment. In this edition of Cyber Sushi, Dr. Lacey is inviting you to submit your questions – and we will answer them. Send your questions to [email protected].

Our question today comes from Melissa in Launceston, Tasmania:

Dear Dr. Lacey,

I hope you can help me. I had a pretty scary experience recently that made me realise I might not know as much about online safety as I thought. Last week, I got an email that looked like it was from my bank. It had their logo and everything, and it said I needed to update my account details for security reasons. There was a link to what I thought was their official site, and I remember checking for 'https://' and the padlock symbol in the browser address bar. They were there, so I figured it was safe and entered my information.?

A few days later, I found out my bank account had been hacked. When I called the bank, they said the email and website were part of a phishing scam. Now I'm really worried and not sure what to look for to make sure a website is actually safe.

Is 'https://' and the padlock symbol enough to know a website is safe? If not, what else should I be looking for to avoid scams?

Thanks,

Melissa?

Answer:

Dear Melissa,?

Thank you for reaching out. I'm sorry to hear about your recent experience, and I appreciate your vigilance in seeking to understand how to stay safe online.

While 'https://' and a padlock symbol indicate that the connection between your browser and the website is encrypted, they don't guarantee that the website itself is safe or legitimate. Scammers can easily obtain security certificates, making their fraudulent websites appear secure.

To avoid scams, look for additional signs of legitimacy:?

• Check independent reviews.?

• Look for recommendations from trusted sources.?
• Ensure the website belongs to a known, reputable organisation.

Remember, the padlock alone isn't a safeguard against scams. Always exercise caution online. I hope this information helps you feel more secure in your online interactions.

Best regards,

Dr. Lacey

In the News: Recent Cybersecurity Insights

Stay updated with recent cybersecurity mentions in various Australian news articles:

9News Australia: This article discusses the latest scams targeting Australians during tax season, highlighting prevalent threats and precautions. Read more

ABC News Australia: Explore insights into Coles and Telstra loyalty points scams, shedding light on tactics used by scammers to exploit loyalty programs. Read more

SBS News: Learn about the targeted attacks on Facebook profiles, featuring firsthand accounts and expert advice on staying safe from online predators. Read more

These articles highlight the pervasive nature of cyber threats and underscore the importance of vigilance in online interactions. Stay informed and protected with insights into the evolving landscape of scams and cybercrime.