Scammers and AI

 

Scammers are getting more and more creative and harder to detect with the advent of Artificial Intelligence.  AI can be a fantastic tool for finding information, helping with documents, doing science.  AI can also be used to nefarious purposes; creating voices of people you know, text in their style of writing, in addition to the usual spoofing of email addresses, presenting as a company you deal with, and more.

Here’s what my credit union, Coast Hills, sent out today about scams.  I thought I’d share with you all.

 

 

Most of us have clicked the little “I’m not a robot” box without giving it a second thought. It’s a normal part of browsing online, whether you’re signing in, filling out a form, or making a purchase. Because it feels familiar, it’s easy to trust. However, scammers are now using fake CAPTCHA pages to take advantage of that trust.

 

These scam pages look like normal security checks, but instead of verifying that you’re human, they’re designed to trick you into infecting your own computer. After clicking the box, you may be told to complete a few “verification steps,” often involving a series of keyboard commands. While it may seem like part of the process, those commands can actually download malware onto your device.

 

Once installed, that malware can give scammers access to sensitive information like saved passwords, online banking credentials and personal data.

 

How CAPTCHA Scams Work 

1.  A Familiar-Looking CAPTCHA Page Appears: You may land on a fake website or click a link that brings up what looks like a standard “I’m not a robot” verification box. Because the page looks legitimate, many people don’t think twice before clicking it.  

2.  You’re Asked to Follow Keyboard Instructions: After clicking the box, the fake CAPTCHA may display step-by-step instructions telling you to press certain keys on your keyboard. For example, it may ask you to open the Run command on your computer, paste in a line of text, and press Enter to “complete verification.” These steps may look like part of the security process, but they are actually designed to run malicious code and install malware on your device.   

3.  The Commands Install Malware: What you are actually doing is running malicious code on your own device. This can install malware that steals information, tracks activity, or gives scammers remote access to your computer.

4.  Your Information Is Put at Risk: Once malware is installed, scammers may be able to capture usernames, passwords and other sensitive personal or financial information without you realizing it.

How to Protect Yourself

1.  Be Suspicious of Extra Steps: A real CAPTCHA test will never ask you to press keyboard shortcuts, copy and paste commands, or open programs on your device. If you see instructions like that, it’s a scam.   

2.  Stop Immediately if Something Feels Off: If a website asks you to complete unusual steps after clicking a CAPTCHA box, close the page right away. Do not continue entering information or following prompts.   

3.  Use Trusted Security Software: Antivirus and browser security tools can help detect malicious websites and block harmful downloads before they can do damage.   

4.  Verify Before You Act: If the CAPTCHA appeared while trying to access an account, go directly to the company’s official website instead of following prompts on a suspicious page.

Scammers are getting creative by making fake security checks look convincing, but the warning signs are there. If a CAPTCHA asks you to do anything beyond checking a box or selecting images, stop immediately. Knowing what to watch for can help protect your personal information and your finances.

If you think you’ve been the target or victim of a scam, please call your financial institution(s) right away and have them check for fraudulent activity on your accounts.  You can also have them activate alerts.  Run your anti-virus and anti-malware programs right away.  Windows has built-in anti-virus, called Windows Defender, which you can run by going to:

 

Settings > Privacy and security > Windows security > Virus and threat protection and then clicking the <Scan Now> button.

 

Windows Defender will also offer to quarantine or remove items it finds that are harmful.

For an additional layer of protection, you might have a program like Malwarebytes Anti-Malware (MBAM) installed.  Its icon is a big blue “M” shape.  Double-click that and then click the <Scan> button.  I’d recommend doing this about twice a month, more often you tend to be online for long periods of time.  If MBAM finds any threats, you can quarantine those items where they will be harmless.

Also, run Windows Update occasionally and install those.  Microsoft has been making a few changes; some are even welcome, to Windows to improve the experience.  Such as once again allowing users to move the Taskbar to places other than the bottom of the screen, and other under the hood improvements for performance and security.

And a friendly reminder to make your backups.  Copy and paste your important files to a USB flash drive, a USB hard drive or solid state drive, or create a DVD with your data on it.  Then keep those in a safe place.  Something that I offer is having a dedicated 2TB (terabyte) USB hard drive just for client data, and I have a Network Attached Storage device.  You can pick up a USB flash drive at Office Depot, WalMart, or order it online from Newegg or the previously mentioned companies.  Good manufacturers are Lexar and Sandisk.  I’d recommend 128GB capacity for a USB flash drive, and 1TB for a USB hard drive, though capacity depends on budget.  Buy what you can afford.  You can find Lexar USB flash drives here.  Or Sandisk drives here.  This is a link to USB hard drives.

            Network Attached Storage is a computer that has a bunch of hard drives in the case.  I found one last year at an estate sale that can hold 12 drives!  Right now, mine has nine drives installed: one that runs the operating system (OS), and eight for data including photos, documents, music and audio, and programs.

            If you already have a spare hard drive, Orico makes excellent cases for both 2.5” laptop style drives, and 3.5” desktop style drives.  They are even tool-less, just slide the cover off, slip the drive in, and close.  There are a variety of connections: USB-A and –C, USB-A is the older rectangular style plug, while USB-C is the smaller oval shape, like on most modern smartphones and tablets.

            In other computer news, prices for parts are still astronomical.  Some tech people are saying that prices should be coming down in a few weeks to months.  Pre-built computers seem to be holding their pricing still, even laptops haven’t affected too much by the increases in memory and SSD (solid state drive) pricing.  Other than grabbing old computers at garage and estate sales, I’m not planning any parts purchasing this year, unless it’s an emergency.

            Even with the pricing being the wrong side of sane, I’d still recommend 16GB (gigabytes) of memory and at least a 512GB SSD, along with a good processor, like an Intel Core i3 or AMD Ryzen 3.  As always, bigger numbers usually mean better performance, and higher cost.  If you are okay with used computers (I know I am normally), you might check out Dell’s refurbished center.  They usually have some good deals and even offer coupon codes with up to 50% off at times.

 

            If you found this useful, and know someone that could benefit from the info, please feel free to forward this document on.  This one is a bit longer than my usual email, but I thought the content from Coast Hills was important to share.

            Any questions, please let me know.