While scams can impact anyone at any point in their lives, younger people are more susceptible to some types of online fraud because of their social media behaviour, and the platforms that they use such as TikTok, Instagram and WhatsApp.
How many times have you shared your personal information online, through social media or by filling in your email address and phone number on various websites or pages?
While it’s not known exactly how many young people have fallen prey to these kinds of scams, here are some common scams targeted at youths in Brunei:
How many times have you shared your personal information online, through social media or by filling in your email address and phone number on various websites or pages?
While it’s not known exactly how many young people have fallen prey to these kinds of scams, here are some common scams targeted at youths in Brunei:
1. Identity theft
Privacy or specifically data privacy is so important now that everything can be shared almost instantaneously.
Typically, bad actors use your personal info to impersonate you to access your bank account or credit cards.
There are several ways to steal people's data, such as emails that include malware or links pointing to a malicious site, and even "dumpster diving" - where scammers look through discarded computer hardware for sensitive information or passwords.
Typically, bad actors use your personal info to impersonate you to access your bank account or credit cards.
There are several ways to steal people's data, such as emails that include malware or links pointing to a malicious site, and even "dumpster diving" - where scammers look through discarded computer hardware for sensitive information or passwords.
2. Dodgy sellers on social media
How many social media accounts have you come across offering the latest iPhone or must-have handbag at an "unbelievable" price? Well, if the offer is too good to be true, then it most likely is.
Look out for these red flags:
What you should do to make sure the seller isn’t a scammer:
If you suspect that you've been cheated, take screenshots of conversations with the seller or other relevant documents (such as a record of the credit card transaction or remittance slip if it’s an overseas seller) and report it to the police.
- The price is too good to be true.
- Comments are disabled to avoid negative reviews.
- They show "proof" or "feedback" of their product on IG Stories. However, if you do a reverse image search, the product's photo is taken from another website.
- When contacted, they give excuses or do not respond immediately.
- Read reviews or comments about the seller before deciding to make a purchase.
- Buy from established and trusted e-commerce websites.
- Never share your personal details!
3. Job scams
Some online job listings require you to provide personal information such as name, address and IC number when filling out an application form. You should ideally research the company you're applying to before sending your CV. If search results come back empty or vague, then you need to be cautious.
Red flags to look for:
- Poorly written job listings and correspondence
- Vague job description
- Suspicious URL
- The recruiter has a generic email
- Asking for an interview via a messaging service such as WhatsApp
4. Winning A Contest Or Game Online
Most of us love using our downtime to play Candy Crush or Wordle, but there are games or contests out there created with malicious intent.
Scammers can use these mediums to gather information about us and detect our security vulnerabilities - a process known as “social engineering”.
The con can take place over several days or weeks, luring the users in and gaining their trust over an extended period of time.
Then, the attacker moves to provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to your system or network. These mistakes can make it easier for attackers to hack into your accounts.
A good way to prevent this is to use multi-factor authentication for your online accounts so that access must be verified through a second medium like an SMS to your smartphone.
Scammers can use these mediums to gather information about us and detect our security vulnerabilities - a process known as “social engineering”.
The con can take place over several days or weeks, luring the users in and gaining their trust over an extended period of time.
Then, the attacker moves to provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to your system or network. These mistakes can make it easier for attackers to hack into your accounts.
A good way to prevent this is to use multi-factor authentication for your online accounts so that access must be verified through a second medium like an SMS to your smartphone.
5. The Instagram takeover
Since late 2021, there has been a sharp rise in Instagram takeover scams, where hackers break into your account and then change the associated email and password.
These individuals may try to sell your account on the dark web, or blackmail you for money so you can regain access to your account. According to Digital Shadows, a US-based company that specialises in digital risk protection, a hacked Instagram account on the dark web costs $45.
If an account is sold illegally, scammers often pose as the account owner to promote bitcoin or other cryptocurrency scams, or may DM followers malicious links to try and obtain their login information.
While it appears people are being targeted in multiple ways for their login information, your account information may also be accessed through data breaches, and you’re especially vulnerable if you rarely update or change your password.
Make sure your password is strong and always use two-factor authentication.
These individuals may try to sell your account on the dark web, or blackmail you for money so you can regain access to your account. According to Digital Shadows, a US-based company that specialises in digital risk protection, a hacked Instagram account on the dark web costs $45.
If an account is sold illegally, scammers often pose as the account owner to promote bitcoin or other cryptocurrency scams, or may DM followers malicious links to try and obtain their login information.
While it appears people are being targeted in multiple ways for their login information, your account information may also be accessed through data breaches, and you’re especially vulnerable if you rarely update or change your password.
Make sure your password is strong and always use two-factor authentication.
6. Romance scams
Other online scams also include romance scams where malicious parties adopt a fake online identity to gain your trust, then use the illusion of a romantic or close relationship to manipulate or steal from you.
These fraudsters often ask victims for compromising photos, which in turn can be used to blackmail individuals into handing over money.
These fraudsters often ask victims for compromising photos, which in turn can be used to blackmail individuals into handing over money.
Why do people keep quiet when they are scammed?
For many young people, they often feel ashamed that they've been duped or are afraid their parents will find out.
Scammers may even threaten them and convince them not to report it.
Scammers may even threaten them and convince them not to report it.
What to do if you're the victim of an online scam:
If you think you have been a victim of online scam, report the incident immediately to your nearest police station. You can expedite the process by preparing a draft statement beforehand in Malay or English.
Print out any screenshots of messages, conversations or documents shared between you and the scammer. Your report should also include the phone number, email address or URL used by the scammer.
If you suspect that your bank account or personal information has been compromised, let your bank know immediately!
If your social media accounts have been compromised, it is important to notify all your contacts and report the incident to the respective social media platform.
If in doubt, you can always reach out to CyberSecurity Brunei for advice, via their hotline at 2458001 (24 hours), WhatsApp at 7170766, or email at [email protected].
Print out any screenshots of messages, conversations or documents shared between you and the scammer. Your report should also include the phone number, email address or URL used by the scammer.
If you suspect that your bank account or personal information has been compromised, let your bank know immediately!
If your social media accounts have been compromised, it is important to notify all your contacts and report the incident to the respective social media platform.
If in doubt, you can always reach out to CyberSecurity Brunei for advice, via their hotline at 2458001 (24 hours), WhatsApp at 7170766, or email at [email protected].