New Scams to Watch Out For in 2022 - YouTube

Well, it's a new year and there's  new scams. So just like every year,  

I'm going to make this video going over a  bunch of scams that are either brand new  

or maybe they're not even new, but  they're becoming more popular recently  

or they're new variation on an old  scam that you should watch out for

coming into 2022. But of course, the best way to  defend against them is to simply know about them.  

So you should be good by the end of the video for  these, at least. So starting out with number one,  

we have the Google Voice verification scam, and  this one's really tricky because you might not  

even realize that you were tricked by the  end of it. This one usually targets people  

who are selling things online, such as  on Facebook Marketplace or Craigslist,  

but really anywhere that people post  their phone number to be contacted.

And this even includes, sadly,  people who are looking for lost pets,  

for example. So how this scam works  is they'll first contact you and say  

they're a little bit hesitant. They  want to verify you're a real person, or  

verify that you're the real pet's owner, or verify  anything really. And then they'll say that they're  

going to send a verification text or may also be a  voice phone call, and it'll be from Google Voice.

It'll say Google Voice verification text,  and then a code, and they'll ask you to  

give that code to them. And if you do, even  if you don't have a Google Voice account,  

they've got you. So let me explain. Google Voice  is basically a service where you get assigned  

a virtual phone number that ties to your  main phone number, and then you can then  

receive calls on the virtual phone number  that gets forwarded to your main number.

Or you can also make calls from the Google Voice  number, the virtual number. And in this scam,  

what the scammer is trying to do is set up a new  Google Voice account with the Google Voice number,  

except it'll be associated  to you, the victim, not them.  

Because when they set it up, they enter in a  phone number that it will be associated with,

and then it sends that phone number, of course,  a verification text. And if you give that,  

then they can basically sign up for an account  under your number. And this is basically just a  

way for the scammers to get a nearly unlimited  supply of new phone numbers because normally,  

obviously, you need a specific phone  number to sign up for each account.

But if they're going from person to person online,  they can just trick everyone into signing up and  

get a whole bunch of numbers. And then those  numbers would be used to scam other people.  

So in this one, you might particularly  not lose any money or anything. But still,  

your number is going to now be associated  with some random Google Voice account.

And if you do get tricked, you basically have to  go through a process which is called reclaiming  

your number, which I believe involves just  signing up for your own Google Voice account  

and then re-verifying with your phone  number. But it'll now be switched  

on to your actual account that you  created, and take it off the other one.

So, yeah, just be aware of this one, because  you might not have realized that this was even  

possibly a scam. All right next up, we have these  Zelle payment scam, and this one's interesting  

because you might not even realize that a lot  of banks, possibly even your bank, uses Zelle  

and may have automatically signed you up so  you can receive payments or send payments

through Zelle, even though you never really  made an account for it. And that's what the  

scammers take advantage of. So how this  scam works, is scammers will send out mass  

text messages to a whole bunch of  people and it'll say something like,  

"fraud detected, if you did not make this  charge for whatever amount of dollars, reply  

no or yes". And no matter what you  respond, if you do respond at all,

they will then call you from a spoofed number to  look like the bank and pretend to be the bank's  

fraud department. Then they'll say something  like, "Oh, we need to verify your identity"  

and they'll ask for your bank username, not  your password, which some people might be  

thrown off by. And the reason for this is what  they're going to try and do is go through the  

password reset process with you on the phone,  but you don't realize that's what's happening.

So they basically go onto the bank's website, put  in the username you just gave them and say forgot  

password, which will then, with Zelle at least  apparently trigger a text message to be sent to  

the phone number associated with it. Which again,  is your number, but you might not realize that it  

is. And what they'll say is, "Oh, I'm going to  be sending you a SMS message with a verification  

code, and you'll have to read that back to  me to make sure you're legit" or whatever.

And unbeknownst to you, that's not a  verification text code, it's a code to  

reset your password. Anyway, so once they get  this number, they basically are able to get  

into your bank account and potentially  even change your password. And because  

Zelle is tied to your bank account usually,  they can use this to send money out of it.

Now, I believe in some scenarios when they  do go to try and transfer money out, it will  

also trigger another confirmation text message. So  what they'll probably do is keep you on the line,  

and they'll say that, "hey you're going to get a  text message and it's the refund confirmation. So  

you have to make sure that you  confirm it because I'm sending  

the money back into your account that  was stolen" or something like that.

Meanwhile no, it's actually a confirmation  for money coming out of your account to the  

scammer. So you have to be aware of that, that  they will say really anything to get you to put  

in these codes or confirm the text message. And  this one is actually part of a larger trend of  

scammers realizing they can get around two factor  authentication using SMS codes, because a lot of  

websites stupidly basically make it so a text  message turns into a one factor authentication,  

where you can reset your password with nothing  but the confirmation code on your phone,  

which then opens up the possibility of  scammers simply asking people for it.

And even though usually it says,  never share this code with anyone,  

people apparently do it anyway. And what's  actually apparently really bad about this one,  

is a lot of banks they say in their terms  of service that the Zelle transfer doesn't  

actually get covered under certain fraud terms.  So you kind of might just be out that money.

So definitely be aware of this one. All right onto  the next one, we have the cloud access job scam.  

And this one is another interesting  one because it doesn't always scam  

the person directly, but rather uses  them sort of like the Google Voice scam  

to scam other people. Although sometimes depending  on the situation, you can be scammed directly.

So how this scam works is the scammers  will post a fake job listing online,  

which people will respond to, and they may even do  

a mock interview where they don't really show  their face, of course. But maybe it's a text  

interview or over chat or something like that.  And then they'll offer you the job, of course.

And then afterwards they'll say something  like, "Oh, well we do have some requirements  

for you to actually be getting into this job  and we have to have you sign this tax form and  

an NDA". And first of all with the tax form,  that's not even the main part of the scam,  

but they might be kind of double dipping  by when you do fill that information out,  

like with your Social Security number, they  might take that and use that later against you.

But the main part of the scam is actually this  other document, which they may call an NDA,  

and it'll say things like, "Oh, to get this  job, you need to confirm that you're willing  

to go through our setup process within  24 hours or else you won't get the job".  

And this process basically involves you signing up  for a cloud computing account. Whether that's AWS,

Amazon Web Services or Google  Cloud, something like that.  

And the payoff for the scammers is they'll  ask you, all right, after you set it up,  

give us the username and password and we can  complete our setup process. And then once you do,  

of course, then they can use that Google  Cloud or AWS account for nefarious purposes.

A lot of times these accounts will have a starting  bonus credit or something like a trial credit,  

and those users now used your information that  you're now associated with for fraud, which  

obviously is not good. Or sometimes I believe they  may even get you to add your credit card number to  

the account and then say, "Oh, we'll reimburse  you and we'll give you a bonus if you do this".

And then of course, they can not only just charge  the trial credit, but then start using your credit  

card information for fraudulent purposes by  running, maybe a DDoS attack, or whatever  

they want to use these computing resources  from this account on other people. So if  

someone asks you to sign up for an account and  then you give them the username and password,  

that's really suspicious because why couldn't  they have just done that for you then?

So just be wary that these types of scams are  out there. Up next, we have post-disaster scams,  

which is a more general category. And these  are becoming more common simply because  

there is more things happening. For example,  in 2021, there is that huge "tornado outbreak",  

it's being called where a whole bunch of  homes across the United States were destroyed,  

and then scammers of course lined  up to take advantage of this.

For example, you may see an advertisement  or receive a text or phone call, whatever,  

and it'll say, "Hey, you're eligible for  FEMA relief funds. You can get some money  

and you just have to pay this fee and then  we'll get you the funds". And obviously,  

fees for FEMA relief are not a thing.  It's a scam to just take your money.

Some scammers may also pretend to be government  officials as part of the relief effort and  

say that, "oh, to help you out or get you whatever  resources, we need to first get your personal  

information and your banking information", or  maybe even transfer money directly. And of course,  

it's the same idea, that they might use it  to steal your identity, something like that.

So just be very suspicious and only sign up  for any kind of resources through official  

government websites. And an example of  one apparently that was more frequent  

was these scammy debris removal services, where  they were not qualified professionals or anything.  

But they would advertise these services to remove  debris from your home or wherever. And they would  

either demand outrageous prices way above market  rate that didn't even make sense to scammy levels,  

or they may demand money upfront and then  

have crappy work and then refuse to refund  you, or just crappy work in general.

So of course, just remember even if you go through  a disaster. Still try and take the time to vet  

some of these people that are claiming to be  who they are, they might not be. All right,  

moving on, we have the Geek Squad subscription  scam. And no, this is not saying that Geek  

Squad is the scam, but rather scammers  using that name as part of the scam.

Now this scam is actually really similar  to other scams, but usually the scammers  

use something like Amazon. So I'd never  seen it used before with Geek Squad,  

so I figured I'd bring it up. And how this  one works is they'll send you a text message  

or probably an email, that will be a  fake subscription renewal confirmation.

And then they'll say, "Oh, to contact  for information about this order,  

contact this phone number", of course, which is  going to contact the scammer. And then from there,  

it's the usual. They ask you, "Oh, what's your  credit card info? So we can confirm the order",  

or something like that. And of course, they  just use that to steal and take your money.

And the way to defend against these scams,  is to simply call the official phone number  

on the actual retailer's website. So in this  case, you go on Best Buy's actual website,  

check their actual phone number, don't  rely on the one there's in the email if  

you really want to check for it, or just kind  of be able to recognize that it is a scam.

And also just be aware that these types  of scams are not just happening for  

Apple, iTunes and Amazon anymore,  it's more obscure services. All right,  

onto the next scam is the Omicron  PCR testing scam. And apparently  

this one is happening mostly in the United  Kingdom, but really could happen anywhere.  

And basically, how it works is you'll get a  text message or an email, something like that.

Maybe even see an advertisement,  that claims to be a way to get a free  

COVID Omicron test. And in the United Kingdom,  at least the one that's mostly going around  

sends you to a website that looks like the NHS,  the National Health Service. And basically, you  

have to fill out all your personal information,  potentially even a credit card information,  

and then they'll just steal whatever you put  in. And then you don't get the test, obviously.

And I remember actually talking  about this scam I think last year,  

where it was obviously not Omicron, but it  was the same story, scammers pretending to be  

a government agency. And in that one, they  did ask for your credit card number for  

a fee. So just be aware, to always only go to the  official website and make sure you check that URL.

Now this next scam is definitely not new,  but it does show, I think, that scammers are  

becoming more bold in their scams, and that  is that some of them are using even prop,  

fake money to pay for things they are buying  from you online. And this actually did happen  

to someone on Reddit, they posted about  it, which is where I got this example.  

Where they sold their iPad in a public place  and the person handed them fake prop money,

where on it it literally says "for motion  picture use only". But they, I guess,  

didn't inspect it close enough. And you can  kind of see it looks different. And they also  

mention it was very, very cold out, which could  have been the reason maybe why he didn't notice  

that it felt different because your  hands are a little bit more numb.

Now in this example specifically, they were  given 100 dollar bills, but theoretically  

it could happen with any denomination. So if  you do receive large bills from anyone really,  

always be sure to maybe give it an extra glance  to make sure it is at least passably real. And I  

think if you are selling something to a stranger,  then check it no matter what the denomination is.

Even if it's very small, you want  to make sure they're not giving  

you anything fake that's smaller, because  people might not check smaller bills. Now,  

I was under the impression that prop money  was supposed to be either larger or smaller  

or have some other characteristics that  made it easy to spot up close as being fake,

but either the scammers modified it somehow or  the person really didn't look close at all. OK,  

coming near the end, we still have a couple more.  This next one is child tax credit scams. Now,  

last year in the United States, the federal  government did send out payments in the  

form of tax credits, depending on if  you had children and stuff like that.

But theoretically, this could happen anywhere  in the world for any government program  

that is involving sending money to  people. And what scammers have been doing  

is at the time these payments were going  out and still to this day continuing,  

saying that, "Oh well, you  qualify for this tax credit", or  

maybe by this point they'll say, "Oh, you're  qualifying to get another tax credit".

And how this one works is not really a new story.  

They contact you via text message or voicemail  or whatever email, and they'll say, "Hey,  

you qualify for this tax credit. You can get this  amount of money, but you have to do x y z first".  

And really the sky is the limit after you  contact them and believe it, they could ask  

for personal information, banking information  a fee or something for the bank transfer.

Whatever they say, they're probably going to try  and get as much as they can out of you. And if you  

do seem like a gullible person, they might not  stop at just asking for identity information,  

but maybe even try to get you to  directly pay with a credit card,  

stuff like that. OK, finally we have the  Emergency Broadband Program impersonators.

Now this one is actually a really run-of-the-mill  scam in terms of the technique, but I wanted  

to point this one out because the real  program, not the scam one, obviously,  

is actually something I think most  people should at least know about,  

so I wanted to mention it. It's just  another federal program here in the USA.

But basically, if you qualify, the  government apparently will give you  

a refund of, or a kind of a rebate of,  50 bucks a month for internet service,  

and like 100 for any laptop you purchase.  So that might be worth checking if you're  

struggling to pay for your internet bill,  especially in these times of remote work.

You might want to look into that, of course,  just on the official government website.  

Don't believe any of these scammers.  So let me get to that. The main notable  

thing I noticed about this game when I was  reading is that apparently scammers are using  

social media advertising to spread it, not  just spam texts and stuff like that. And a  

lot of people may fall for it because they  may expect to get spam on their text message  

or email , but maybe not see scams in social  media advertising like on Facebook or something.

And then what happens, is you click on  this advertisement or click on the link,  

maybe they do send an email.  And then it's the usual "Oh,  

take sign up for this. We need your identity  information. We need you to pay this fee",  

whatever. So just remember if you do see  advertisements for some government program,  

even if it is a real thing, definitely look it  up yourself on the actual government website.

Google the actual website, don't necessarily  take an advertisement at face value. So by now,  

you should be at least more aware of some of the  more popular scams, though don't think that these  

are the only ones going around. But if you are  aware of the general patterns of these scams,  

at the end of the day, they're kind of  similar so you can start to recognize them,  

even if it's not exactly the same.

Now, if you guys want to keep watching,  

the next video I'd recommend is one I made talking  about how scammers are using new automated bots  

to trick people into giving away two factor  authentication codes. Like I mentioned that's  

kind of a pattern, and it's a little bit  different than what I even mentioned here.

So definitely check that one out. So you're  aware of it. So thanks so much watch, guys,  

and I'll see in the next one.