1. News
  2. Cybersecurity News

FBI says phishing scams are more sophisticated than ever

Scammers are targeting open-source people lookup services to obtain personal data

Phishing scam concept
Photo (c) sarayut Thaneerat - Getty Images
The FBI’s recently published Internet Crime Report shows that phishing was the top scam that people fell victim to in 2021, with victims losing the most money to business email compromise scams. Scammers didn’t take any personal time off during the pandemic. In fact, their handiwork is more sophisticated than ever. 

The agency says the latest phishing wrinkle involves scammers posing as technical or customer support representatives to trick unsuspecting consumers. The criminals falsely claim that they represent big-name tech companies like Microsoft, WhatsApp, Google, Amazon, and LinkedIn, and they may offer their help to fix issues like a compromised email or bank account, a virus on a computer, or a software license renewal.

Once a scammer convinces a victim that they’re there to help out, they then make wire transfers to accounts overseas or purchase large amounts of prepaid cards. With cryptocurrency gaining acceptance, some scammers are using cryptocurrency ATMs as a method of payment.

Phishing is a growing problem

ConsumerAffairs asked Paul Laudanksi, the Head of Threat Intelligence at email security company Tessian, to give us his take on the FBI’s findings. He says phishing is becoming an even bigger problem for consumers and companies.

“Looking at the top three internet complaints from 2021, phishing was exponentially more pervasive, receiving four times as many complaints as the next-highest one,” Laudanski said.

“Attackers are leveraging video meetings to carry out Business Email Compromise scams, using deep fake technology to socially engineer employees to move money. This is an advanced attack technique that we wouldn’t have seen as often two years ago, especially before the era of video meetings."

How to protect yourself 

The FBI offers these two warnings that consumers should keep in mind when dealing with a would-be scammer:

  • Real customer, security, or tech support companies will not initiate unsolicited contact with individuals. If someone claims they’re from Microsoft and you didn’t call them first, you’d be smart to hang up before they lay their hands on your computer.

  • Scammers are impersonating customer support of car rental agencies, airline, and hotel sites with offers of great deals or taking fake reservations. Payment is usually requested by prepaid cards. Unsuspecting victims report to a reservation counter, only to find no car, hotel, or flight reservation exists.

The FBI – and Laudanski – say consumers need to get over their fear of shame when reporting these instances.

“When people are phished and successfully scammed, there is often shame that follows it,” Laudanski said. “But more education and awareness have been crucial in helping people accept that scams unfortunately do happen more commonly than we might think, impacting both businesses and individuals, and the right thing to do is report it.”

If someone falls prey to a phishing scam, the FBI asks them to file a complaint with the IC3. If possible, include the following:

  • Identifying information of the criminal and company, including websites, phone numbers, e-mail addresses, and any numbers you may have called.

  • Account names, phone numbers, and financial institutions receiving any funds (e.g., bank accounts, wire transfers, prepaid card payments, cryptocurrency wallets), even if the funds were not actually lost.

  • Description of interaction with the criminal.

  • The e-mail, website, or link that caused a pop-up or locked screen.

  • All original documentation, e-mails, faxes, and logs of all communications.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.