• Buddahriffic@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    2 months ago

    This isn’t even cyber security IMO. It’s just social engineering and doesn’t require any kind of technical knowledge to understand or avoid.

    Unless you’re dealing with mafia loansharks or something, there isn’t often immediate urgency on any kind of payments. And even if it is a loanshark, you’ll likely have an idea of the debt before being approached about it.

    And government services take payments in the form of legal currency through direct means. Cash, cheques sent to a specific address (inside the country), bank transfers. Not gift card codes sent over the phone or chat.

    If it’s legit, they’ll also know your name and other information. Though just because they do know information doesn’t mean it’s legit because they might have gotten your phone number with a name and other information attached. So use this as a way to rule out those who don’t know (in my experience they tend to just give up if they ask your name and you point out they should already have that information if there’s a warrant or whatever bullshit they are trying to tell you).

    • EABOD25@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 months ago

      There’s scams that will call you and tell you that need to go to this specific website or allow them access to your bank account. One is phishing, the other is brute force. Both very popular scam tactics

      • Buddahriffic@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        Yeah, though I’d still say that those are scams that use technology rather than scams that require technical knowledge to avoid. Don’t just trust anyone that cold calls you or sends a message. If they make a claim that you owe them anything, don’t just take their word for it.

        They have a legal obligation (both in the US and in many other jurisdictions) to provide a written notice within 5 days or validation of the debt within 30. If they say they don’t have your address to send either of those to, that’s another red flag. It might also limit their ability to legally pursue the debt even if it is valid because they have an obligation to provide that written notice and debt validation. The debt doesn’t disappear in that case, but it could end up in limbo until the statute of limitations passes (though could also affect your credit rating in the meantime).

        Just knowing this non-technical information can turn these scams from panic-inducing events that cause a sense of urgency to mild annoyances or even sources of entertainment if you have the patience to fuck with the scammers and waste their time getting their hopes up that they’ve got another pay day coming. Some real masters of reverse scamming have even managed to get money from the scammers.

        My point is that these things shouldn’t just be taught in technical contexts because they involve websites or cell phones, but should be a part of the mainstream education process because websites and cell phones are mainstream.