Digital Fraud

A few years ago, phishing meant mass emails that were poorly written and easy to spot at a glance. Today, however, we face attacks that are almost impossible to detect. At Panda Security, we have observed a remarkable evolution: digital scams have become a true work of social and technical engineering.

Most digital fraud follows a very clear strategic pattern divided into four critical stages:

1. The initial impact: An SMS warning that your bank account has been blocked, or a desperate message saying, “Mom, I’ve changed my number and I need money.” The goal is to create alarm so the victim acts impulsively.
2. The capture phase: By clicking on the fraudulent link, the user is redirected to a fake website and enters their login credentials.
3. The decisive moment: The fake site requests the one-time verification code that the user receives via SMS.
4. The final deception: The transaction is completed, and the money is gone before the victim has time to react.

Cybercrime has evolved from generic scams to highly targeted attacks thanks to more sophisticated and harder-to-detect tools. Criminals exploit our everyday communication channels in three main ways:

• Phishing (Emails): From poorly written mass emails to exact replicas. Criminals now use artificial intelligence to craft flawless messages, impersonate legitimate domains, and even use HTTPS certificates.
• Smishing (Text messages / SMS): Hackers send urgent alerts about blocked accounts or undelivered packages. When the victim clicks the link, they are taken to a fake website designed to steal credentials or impersonate their identity.
• Vishing (Phone calls): Calls in which scammers use persuasion techniques and deepfake technology to clone real voices and ask for sensitive information or immediate payment authorization.

The goal of a fake online store is twofold: to get you to pay for a product you will never receive, and to steal your credit card details. Scammers mainly rely on two strategies:

1. Fake stores with irresistible offers: Websites created from scratch that promote products with absurd discounts. The user places an order, receives a confirmation email, and then the website disappears without a trace.
2. Lookalike domains (Cloned websites): Criminals impersonate an existing store by subtly changing letters or introducing typos to capture your credentials and banking information.

Social isolation, trust, and lower awareness of digital environments create the perfect scenario for elder fraud, which is based on psychological manipulation:

• Building credibility: Scammers make contact through familiar channels while pretending to be the bank or technical support. The initial message aligns with the victim’s expectations or needs.
• Building trust: Criminals adapt their message, maintain contact, and create a false sense of closeness.
• Exploitation and urgency: They gradually introduce requests for money or sensitive data using emotional hooks such as a medical emergency or a delicate family situation.

Cybercriminals no longer target only individual users, but also the companies they work for, manipulating employees through a false sense of urgency:

• Fake technical support: Urgent alerts (by email, phone, or website) about a system issue, where scammers manipulate the victim into granting remote access to their device, providing credit card details, or disclosing confidential information.
• Fake updates (Scareware): Pop-up windows on websites that mimic operating system or browser alerts and pressure users into downloading patches or fake antivirus tools that actually install malware.
• Workplace impersonation: Fraudulent emails that imitate the identity of a colleague or executive in order to trick employees into making transfers, revealing credentials, or downloading infected files.

This refers to the unlawful use of a person’s personal data or a company’s brand image by cybercriminals. This type of fraud typically appears in three strategic ways:

• Brand and entity impersonation: Identical cloned websites designed to trick users into providing their login credentials or credit card details.
• Cloned social media profiles: Fake accounts created using the names and photos of real people to request urgent money transfers or redirect followers to scam websites.
• Account takeover: Criminals gain full control of an email account or social media profile in order to scam contacts or carry out unauthorized banking transactions.

Cryptocurrencies are anonymous, not regulated by any bank, and their transactions are irreversible. If a cybercriminal manages to deceive you, the funds are often impossible to recover.

• Manipulation scams: Scammers psychologically manipulate users by promising profits. This includes techniques such as rug pulls or fraudulent initial coin offerings.
• Access scams: Attackers use fake blackmail alerts or phishing links that imitate official platforms in order to capture your login credentials.

Dating apps and social media are the main settings for romance scams. Thanks to artificial intelligence, scammers have refined their methods:

• Romance automation: They use AI and deepfake tools to impersonate faces or clone voices in order to pressure victims into sending money.
• Blackmail: Victims are manipulated into sharing compromising images or videos, and if they do not make an immediate payment, the content is threatened with exposure.
• Pig Butchering: A fictitious relationship is built over time, and the victim is persuaded to invest together in fake cryptocurrency platforms.

The main driver of digital fraud is psychological manipulation through emotion and a sense of urgency. The goal is to force an impulsive and rushed decision:

1. The “child in trouble” scam: The criminal pretends to be your child in an emergency, contacting you from an unknown number and demanding urgent transfers by exploiting parental fear.
2. The “CEO fraud” scam: A senior executive is impersonated in order to pressure an employee with false and urgent instructions, forcing them to authorize high-value transfers.

Cybercriminals rely on haste and lack of attention to stop us from inspecting links carefully and falling into the trap. Learning how to examine a URL is one of the most effective ways to expose the scam:

• Typos or altered letters: Replacing the letter “l” with an “I”. At first glance they look identical, but they lead to fraudulent servers.
• Extra words added to the original domain: Artificial extensions designed to create a false sense of trust.
• Unusual domain extensions: Endings such as .xyz, .top, .biz, or .shop on websites that supposedly belong to official organizations.

Irresistible prices push us to buy impulsively before the offer disappears. If an item costs only a fraction of its real value, the chances are extremely high that you are dealing with a fake online store:

• Excessive discounts: Prices far lower than those offered by any other official retailer.
• Permanent fake “flash sales”: Countdown timers and urgency hooks designed to pressure you into buying immediately, even though the offer never really ends.
• Luxury items on clearance: Exclusive brands or cutting-edge technology sold at impossible discounts under the excuse of a supposed store closure.

Fraudulent platforms design their payment systems around methods that cannot be reversed or traced:

• Bank transfer only: The website does not allow card payments and forces you to make a direct bank transfer to process the order.
• Gift card demands: You are asked to provide prepaid gift card codes as a form of payment, a method that is completely anonymous and irreversible.
• Use of P2P apps: Pressure to send money through instant peer-to-peer payment apps instead of regulated commercial payment gateways.

Many fraudulent websites are created in haste and with the sole purpose of staying online long enough to capture data before being reported. As a result, content-related mistakes are often common:

• Spelling mistakes: Errors that an official brand would never allow in its communications.
• Awkward or inconsistent language: Text that feels rushed or automatically translated word for word from another language.
• Cloned descriptions: Identical product texts repeated across different sections of the website without providing specific technical details.

Consumers are protected by a number of rights in fraud cases thanks to the European PSD2 regulation, which requires banks to investigate transactions and refund your money if they cannot prove that the payment was securely authorized.

Discovering that you have fallen victim to a digital scam can be upsetting, but acting quickly is your best defence. The first thing you should do is contact your bank immediately to freeze your cards and try to stop or recover any transfer that is still in progress. Next, gather as much evidence as possible, including text messages, emails, screenshots, transaction details, and any phone numbers or links involved. You should then report the incident to your local police or the appropriate national fraud reporting service in your country.

The situation becomes more complex in social engineering scams, such as the “child in trouble” scam, because the victim is the one who sends the money after being deceived. However, you are not without protection: you can file a complaint with your bank if you believe its security systems failed to flag a suspicious transaction, and you can also contact your national data protection authority if your personal information was stolen.

It is essential to change your account passwords regularly to protect your personal and banking information, but we cannot rely entirely on never making a human mistake.

Panda Dome offers real-time protection that analyzes your device’s behavior and monitors the websites you visit, automatically blocking access to dangerous portals or phishing attempts before you click. It also includes essential tools such as a password manager and a VPN to encrypt your connection and protect your data.