this post was submitted on 02 Oct 2024
765 points (98.5% liked)
Bikini Bottom Twitter
3567 readers
214 users here now
Are ya ready kids?!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This isn't even cyber security IMO. It's just social engineering and doesn't require any kind of technical knowledge to understand or avoid.
Unless you're dealing with mafia loansharks or something, there isn't often immediate urgency on any kind of payments. And even if it is a loanshark, you'll likely have an idea of the debt before being approached about it.
And government services take payments in the form of legal currency through direct means. Cash, cheques sent to a specific address (inside the country), bank transfers. Not gift card codes sent over the phone or chat.
If it's legit, they'll also know your name and other information. Though just because they do know information doesn't mean it's legit because they might have gotten your phone number with a name and other information attached. So use this as a way to rule out those who don't know (in my experience they tend to just give up if they ask your name and you point out they should already have that information if there's a warrant or whatever bullshit they are trying to tell you).
There's scams that will call you and tell you that need to go to this specific website or allow them access to your bank account. One is phishing, the other is brute force. Both very popular scam tactics
Yeah, though I'd still say that those are scams that use technology rather than scams that require technical knowledge to avoid. Don't just trust anyone that cold calls you or sends a message. If they make a claim that you owe them anything, don't just take their word for it.
They have a legal obligation (both in the US and in many other jurisdictions) to provide a written notice within 5 days or validation of the debt within 30. If they say they don't have your address to send either of those to, that's another red flag. It might also limit their ability to legally pursue the debt even if it is valid because they have an obligation to provide that written notice and debt validation. The debt doesn't disappear in that case, but it could end up in limbo until the statute of limitations passes (though could also affect your credit rating in the meantime).
Just knowing this non-technical information can turn these scams from panic-inducing events that cause a sense of urgency to mild annoyances or even sources of entertainment if you have the patience to fuck with the scammers and waste their time getting their hopes up that they've got another pay day coming. Some real masters of reverse scamming have even managed to get money from the scammers.
My point is that these things shouldn't just be taught in technical contexts because they involve websites or cell phones, but should be a part of the mainstream education process because websites and cell phones are mainstream.