When drinking my first cup of tea in the morning, I usually browse through the local news, mainly to see how far down the tubes the country has gone. There’s not far to go and I’m sure we’ll get there sometime this year, or at least before the general elections in October, which should be one hell of a bunfight. Anyway, I spotted an article about a scam being used by criminals who profile people through their social media posts on Instagram, Facebook, Twitter, and others.
Then, by using WhatsApp, they persuade their victims to part with large sums of money. On reading the article, a very loud bell went off in my head because only a couple of weeks ago, this is exactly what happened to a friend of my wife and this is how it works.
The Criminal Takes Time To Profile The Target
The criminals study individual social media posts in great detail. For example, someone might post a picture of themselves in luxurious surroundings with a caption like, “Lounging by the pool in Vegas.” Or another with a picture of a smart airport lounge with them sipping a cocktail and a caption reading, “Hoping to go off-piste in Denver!” Posts like these say money and that’s why they are targeted.
In this particular case, the friend was sent a WhatsApp message from a ‘friend’ saying that they had changed their number with the message showing an avatar with a familiar background related to their work, so there was no cause for alarm. The friend simply continued to chat with the person on that new number for the next month or so without anything whatsoever arousing their suspicion because the name was correct, as was the picture and the messages were in line with what they would expect. But the thing is that both of the real friends, although not very close, were also in a WhatsApp chat group and it’s common practice in this country to buy and sell dollars between friends because they trust each other implicitly. You see where this is going?
Then, a few weeks ago, the ‘friend’ said they needed to sell a few thousand dollars to which our real friend agreed, mainly because they had done it before and so the scam artist sent bank details for the local currency to be transferred. The arrangement was that the ‘friend’ would hand over the dollars in cash when they next met. There’s nothing unusual about this practice because, as I’ve already mentioned, trust is the most important factor here. The real friend duly executed the transfer for a large amount of local currency and a day later the real/cloned friend got in touch to say that their WhatsApp account had been compromised. Furthermore, the friend’s son got in touch saying that he smelled a rat, but it was too late. The transfer had already been made. To say that our friend felt like a fool would be an understatement, but it’s a fact that this type of scam is all too common, with tricks saying their banking app has stopped working and could the victim please transfer funds which they would pay back at an agreed time, always in the believable guise of a real friend. Needless to say that our actual friends went to the police, who also referred them to a cybersecurity branch of the authorities, and if you’re wondering, this is how the criminals put together the mechanics of the scam – at least here in Argentina.
They approach poor neighbourhoods such as shanty towns with very low incomes, persuade feckless people to open a bank account in their own name, with the carrot of some ready cash and very likely some veiled threats. Once the money has been transferred by the victim to the newly opened account, the criminal accompanies the bank account holder to the bank, they withdraw the cash, and are then ordered to close the account forthwith. Furthermore, the criminals recruit dozens of people from poor neighbourhoods to acquire prepaid phone SIM cards from kiosks, presumably with a cash incentive being involved. Those cards are then used to perpetuate further multi-million peso frauds. Naturally, once the scam has been completed both the SIM card and the bank account disappear and all the authorities have to go on is a closed bank account, once being in the name of a feckless individual who will say that they were forced into opening the account, but they have no idea who the criminal was or what they looked like, etc, etc.
This is a difficult nut to crack since essentially the money has been handed over willingly. It wasn’t snatched at gunpoint, so all the police and other branches can do is create a pictured network, combined with old-fashioned detective work.
One can harp on about how foolish the victims are and suggest, “I would never do that!”, but the fact remains that the criminals are very clever at this game and know how to cover their tracks. Besides, trust is so golden and cherished that it can be, and is used as a weapon with maximum effect.
Be careful.
—
I remember back a few years when EVERYONE was bragging and saying how safe and UNHACKIBLE ‘Whatap’ was. The funny thing was the Black Hat Hackers Convention that year came out with the actual hack for it and a year later it was even MORE hackable.
Just wondering if they are hacking the other users Facebook as well as WhatsApp?
I think part of the issue is people share too much these days. The amount of people who will just add anyone and then post they are away, which is basically an invitation for criminals that the house is empty