CEO Insider

5 Ways Fake News is Amplifying Phishing and Fraud

Stu Sjouwerman, founder and CEO of KnowBe4

The threat of phishing scams and online fraud is ever present. It can be challenging to identify common scams, while carefully planned and targeted spear-phishing attacks are growing more sophisticated every day. The prevalence of fake news and deliberate disinformation, the intentional spreading of false content, across social media is further muddying the waters, giving scammers ample cover to lay in wait and serving as bait for their prey.

With a 150% increase in organized social media manipulation between 2017 and 2019, according to Oxford University research, objective truth is growing more elusive. Fake news is often about pushing partisan politics, but disinformation can also be used simply to disrupt, sowing fear and confusion.

Enterprising criminals are learning from, exploiting, and piggybacking upon the fake news flooding social media. Here are five ways fake news is amplifying phishing and fraud.

  1. Increasing chaos and confusion
    When people are anxious and stressed, they are more prone to phishing scams. Being distracted and feeling under pressure can cause you to drop your usual logical reasoning and think less critically about incoming requests or demands. Fake news conjures false threats and often exaggerates the severity of existing threats. Many disinformation campaigns on social media are specifically designed to confuse people.
    Scammers exploit doubt, sending out offers, requests, or demands with a veneer of plausibility that’s often just enough to convince a victim they should click the link, open the attachment, or share some information. The more chaotic and confused the general environment is, the easier it is for criminals to operate undetected.
  2. Highlighting how to mislead people
    Cybercriminals have always misled people and tricked them into handing over details or bypassing security systems, but fake news takes things to a whole new level. If scammers want to learn how to craft plausible lies and back them up with layers of obfuscation, then some of the disinformation campaigns running rampant on social media offer a masterclass.
    Disinformation surrounding the current pandemic has been widespread enough for the World Health Organization (WHO) to create a MythBusters webpage to highlight some of the lies circulating on social media. These lies have been seized upon and shamelessly exploited by cybercriminals. Many have posed as government departments and health organizations with phishing scams that promise important information about local infections, relief funds, or even potential cures.
  3. Employing emotive Topics
    Because scammers want to shut down your ability to consider and think logically and critically about a particular message, they try to rile people up. Social media is a hotbed of angry debate and unreasoned argument, stirred up further by actors and automated bots working behind the scenes with specific agendas to push, but also by trolls looking simply to upset strangers.
    Inserting themselves into debates is an easy way for criminals to encourage people to click on links and respond to messages. This could be the promise of proof for a specific argument, or perhaps a related video clip or news article that exposes wrongdoing in a prominent political figure; any content that will get the victim clicking will be advertised. The scammer doesn’t care if they’re clicking in anger or excitement, provided they click, and when emotions run high people click without thinking.
  4. Using threats
    Always part of the scammer’s repertoire, threats are an effective way to persuade people to part with sensitive information. Common phishing scams frequently warn that an account will be blocked or shut down unless the owner clicks the link in the message and updates their details within a short time frame. Unfortunately, the link invariably leads to a fake front designed to steal those details.
    The pandemic has spawned a host of threatening phishing scams, often centered around supposed government initiatives. The threat of legal action or the threat of lost benefits is an effective way to persuade people to respond to a message or open an attachment. Scammers will always go to great lengths to create a sense of urgency, to try and fool people into acting without thinking.
  5. Exploiting worries
    With fears about various fake news stories already high, scammers have been able to use those stories for their own ends. By mixing genuine information with misinformation, it becomes tough for people to discern the difference. When people are already worried and hungry for useful information, scammers can exploit their fears with promises of help, or advice on how to protect themselves.
    This is also how fake news spreads so easily, but the danger in someone sharing something that they mistakenly feel is urgent and might help other people, is that they lend legitimacy to the lie. The original source becomes obscured and people are more likely to trust the sharer, assuming erroneously that they’ve done their due diligence on the news itself.

While fake news is certainly making life easier for scammers, potential victims can avoid falling prey by questioning sources, avoiding clicking on links or opening attachments, and being suspicious of urgency or emotive appeals.

Like many problems in life and business, education, cultivating security awareness, testing employees and encouraging a culture where cybersecurity hygiene is top of mind, is typically the best solution.


Have you read?
Luxury Superyacht charter in Greece and the Greek Islands.
World’s Best Destinations For Business Travelers.
Crewed MegaYacht charter in Greece and the Greek Islands.
The World’s Best Luxury Superyacht Charters And Builders.

Stu Sjouwerman
Stu Sjouwerman is founder and CEO of KnowBe4, developer of security awareness training and simulated phishing platforms, with over 30,000 customers and more than 20 million users. He was co-founder of Sunbelt Software, the anti-malware software company acquired in 2010. Stu is the author of four books, with his latest being “Cyberheist: The Biggest Financial Threat Facing American Businesses.” He can be reached at ssjouwerman@knowbe4.com. Stu Sjouwerman is an opinion columnist for the CEOWORLD magazine. Follow him on Twitter or connect on LinkedIn.
Share
Tweet
Share
Pin
WhatsApp
Email
More