A cybersecurity expert's insight into the biggest online threat now

The internet has revolutionised the way we communicate, shop, and handle everyday tasks. However, while these advancements benefit us in many ways, they also come with their downfalls – online scams. 

From phishing emails and fake websites to sophisticated social engineering tactics, cyber criminals are increasingly skilled at deceiving unsuspecting victims.   

Currently, scams are a trillion-dollar business. According to a 2024 F-Secure survey, 34% of people experienced a cyber scam in 2023 while a shocking 85% reported receiving a digital scam attempt. To help you protect yourself from this growing threat, we sat down with Laura Kankaala, a renowned cybersecurity expert and Head of Threat Intelligence at F-Secure.

What does the current scam landscape look like?   

“In 2024, we face a contradiction. Our technology and security measures have improved significantly but, because our lives are so deeply integrated with the digital world, the impact of scams has become more severe than ever.  

When someone falls victim to a cyberattack today, it's almost always due to some form of manipulation. Scammers use scare tactics, false promises, and emotional manipulation, among other tricks, to get what they want. They also try to get our attention by directly contacting us, convincing us to click on fake ads, or positioning their scam site at the top of Google search results. Almost every deceitful tactic you can think of is part of their arsenal.  

We've already seen how AI can be used for malicious purposes, like creating fake voices and images. In 2024, we'll witness in real-time how AI and other tools can enhance the sophistication and effectiveness of cyber scams. Unfortunately, this means scams are likely to become the primary method of cyberattacks targeting consumers.”  

What kind of scams are people most likely to face online?  

“It really depends on the activities people engage in. There are "generic" scams that are for example, spammed to our emails or our phones as text messages. But today, the threat landscape is very broad and fragmented. Phishing, malware, fake ads, fake websites and fake profiles are merely a means to an end leveraged by scammers.  

If you use social media, online dating apps, buy things online, or play online games, all these experiences have scammers waiting to benefit from them, as they use these modes to contact us, lure us to malicious websites, and trick us into sharing our personal data or sending money.  

No matter what you're doing online, there's a scammer out there looking to exploit that activity.”  

What are scammers after?  

“Our data is extremely valuable to scammers. Credentials for social media accounts, streaming services and payment platforms are frequently traded on illegal marketplaces and through instant messaging apps.  

However, it doesn't end there. Credit card details, social security numbers, utility bills, home addresses, email addresses, and phone numbers are also at risk. For the right price, almost any piece of personal data can be sold on the dark web to scammers eager to exploit our most sensitive information for their gain.  

Then, of course, there’s our money. Many scammers want to trick us into giving this up, whether  by getting us to pay for something that never arrives, granting access to our bank accounts, or otherwise.”  

What should everyone understand about scams and how to protect themselves from them?  

“Everyone should know how easy scams are to carry out, thanks to modern technology and the widespread availability of the internet. In fact, in many parts of the world, you're more likely to be scammed online than in the real world.  

Generative AI only throws fuel to the fire by making it possible to generate text in multiple languages as well as realistic audio, video, and images. This technology helps scammers deceive us into believing things that aren’t real, making their schemes more convincing and harder to detect.”  

Essential tips for avoiding scams  

• Don’t open links: Instead go to the official site directly through your browser.  

• Check the URL: Scam web addresses often include small mistakes that give them away.  

• Protect your devices: Scammers may trick you into installing malware – block it with antivirus.  

• Use scam protection: Stay safe by automatically blocking scam sites, fake shops, and malicious links.  

• Protect your online accounts: Use strong and unique passwords across all online services and two-factor authentication where available.  

• Don’t send money to strangers: If you haven’t met them, don’t send them money, regardless of who they claim to be.  

What are the red flags of modern scams?  

“Scammers use all manner of techniques and tactics to get what they want from us, no matter how immoral. Whether they’re pretending to be relatives or trusted colleagures or convincing us that they’re ‘the one’– there’s no limit to have far they’ll go.   

Generally, scammers have an end game, and want you to do something, whether that’s click on a link, download a file, or provide them with sensitive information. So always consider these signs ‘red flags’ – especially if you’re not familiar with the person requesting them.  

What tips can you give for identifying and avoiding scams?  

1. Check the website URL (i.e. the web address). Is it what you're expecting it to be? For example, if you know your bank's URL is yourbank.com, it should be exactly that and nothing else. Scammers obtain fake domains which might look similar, but upon closer inspection are not what they should be.  

2. Remember that anyone can pretend to be anything online. Plus, the measures we trust to prove authenticity can easily be faked. For example, it's easy to purchase reviews for products or apps, buy likes or subscriptions to make social media accounts look more trustworthy. So, take these measures with a grain of salt.  

3. It's not easy to spot fake things online, but trust your gut. If something puts you off, put it on hold. Ask for a second opinion. Get more information: try to figure out if the person you're talking to is real and if someone has had a negative experience with a product or a site online.  

Ultimately, it's up to us to reclaim our power and protect ourselves against scams by combining education, best practices, vigilance, expertise, and technology. As we are deeply connected to the devices that enable our online experiences, it's crucial we take the necessary steps to safeguard them.”  

If you're looking to provide complete protection against online scams for your customers, why not talk to us to discover how we can support you and your customers.

Find out more about F-Secure here.