Just over a fifth (22%) of 18 to 34-year-olds said they had been the victim of financial fraud at least once, compared with 12% of people aged 35 to 54 and around one in 10 over-55s. The survey of 4,000 people across the UK in September was carried out for online bank Marcus by Goldman Sachs. Despite the findings, more than half (55%) of 18 to 34-year-olds would consider themselves too technologically savvy to be scammed. However, one in five (21%) 18 to 34-year-olds said they struggle to think clearly when put under pressure during a cold call and nearly half (48%) would act on impulse if they see something that appears to be a good deal. Across the survey, nearly two-thirds (64%) of people said they have regretted a decision they have made when under strain.
More information: https://www.standard.co.uk/business/money/fifth-of-18-to-34yearolds-have-fallen-victim-to-financial-scams-survey-b1038580.html
Serial bank robber Willie Sutton, was once asked by the FBI, why he robbed banks, Sutton famously replied, “because that’s where the money is.” Nothing has changed, the motivation for criminals is to make money, extorting money from holding data hostage is the fundamental driver behind ransomware attacks. You only have to be connected to the internet in order to be an opportunistic target for criminals, and even more so when ordinary people in their thousands or millions rely on these organisations for their services. Take the healthcare industry for example; if leaders of these organisations don’t understand that cybersecurity is becoming a critical part of patient care and start adjusting their security practices accordingly to boost security posture – it puts them at enormous risk to continuously be attacked by ransomware gangs.
Regardless of the results of this particular survey, the key message that we should be sharing is that everyone can be scammed. Everyone is susceptible to scams when it is sent with the right message and arrives in someone’s inbox at the right time. Maybe they just ordered something from Amazon when an Amazon-phishing email or SMS text message arrives. Or they are worried about the latest COVID variant when a COVID scam email arrives. Perhaps, a phone call comes through from someone pretending to be from Microsoft offering to help with a supposed computer virus just as the potential victim’s computer was being unreasonably slow and buggy.
Phishing victims run the gambit from everyday workers, grandparents, kids, doctors, lawyers, and even Quantum Physics Nobel prize winners. Any survey asking people to rate their own susceptibility is missing the point that we are all vulnerable to scam attacks at some point in our lives. What we need to do is create a healthy level of scepticism about any message, no matter how it arrives; be it email, text message, social media, phone call, or in person. This is especially true if that message arrives unexpectedly and is asking us to do something we’ve never done before for that requestor (even if we think we recognise them).
Any message with those traits – arriving unexpectedly and asking us to do something new, especially if done with a plea for urgency (i.e. “You need to do this now or else…”) – is going to be a high-risk message. It could be a legitimate message with a legitimate request, but those types of messages are simply far higher risk than those that do not have those traits, and must be confirmed using some alternative and trusted method, before acting upon them. Security awareness training is needed for all ages, not just for the people who think they are susceptible.