We live in a time where most of our daily activities can be carried out online, from the comfort of our couch. Some of these activities include money transactions, shopping, house-hunting, bookings, etc. As much as service providers have taken different measures to protect their customers from online cons, we still have cases where customers have been conned. How do you stay safe from the online con artists who’re targeting you as a consumer?
Below are some mitigations that you can take to safeguard yourself from online con artists and what to do after.

Check the source details

Most organizations usually have a specific email domain name or an official phone number that they use to communicate with their customers. If the email has a public email domain (gmail.com or Hotmail.com) or the person is calling from a personal number other than the organization’s official phone number then they’re not whom they claim to be.

Check for errors, misspellings, and misinformation

Malicious people have perfected their act, especially on email. Some use domain names similar to the correct domain names but with a slight or unnoticeable difference. If an email address has an extra character or different words in the domain name then it’s not from the stated organization. Or, if the shared information is contrary to the information you have then someone is trying to take advantage of you. For example, if you receive an account update message with a balance of Ksh. 10,200.39 with instructions to send Ksh.10,000 erroneously sent to you while your current balance is Ksh. 200.57. Confirm with your service provider before doing anything.

Check on how you have been addressed by the sender.

A friend who always calls you by your nickname sends a message addressing you by your first name or surname with a request to send them money urgently, is a malicious person masquerading as your friend. They may have hacked into your friend’s account or stolen your friend’s device and they are using it to contact you. For example, if a friend sends me an email or text message addressing me as Red Cybersec 01 instead of Red and urgently needs me to send them money to a different account other than their account. Although this might be a genuine emergency case, it might also be someone masquerading as my friend. So before sending any cash, I will call my friend to confirm if it is genuine.

If the deal is too good and urgent, think twice

If someone gives you a non-resistible, sweet deal but wants you to take it up urgently without giving you time to think about it, they are trying are hiding something. For example, a landlord/agent that wants you to pay the deposit or rent for a cheaply priced, beautiful house that you have seen online, before doing a physical site visit with an excuse that someone else wants to take up the house and it will be unavailable for lease or purchase, is a con trying to take advantage of you. Don’t make any payment before ascertaining that the product you’re paying for exist and it’s in a good condition.

Attachments or links that need urgent action

If you receive an email, phone call, or text message telling you that your account is at risk and you need to take quick action by clicking on the attached link; don’t do it. The link might contain malicious code that will access your account to steal data or money. A common case in Kenya; you receive a phone call telling you your phone number is registered to someone else, to sort it out you’re required to share your pin and other personal details to confirm that the phone number belongs to you. They will also share a shortcode that is supposed to enter to rectify the issue. Once entered the shortcode deactivates all services on your line while the caller accesses your mobile money account, takes loans, and withdraws money from your account.

What next?

If you receive a request from your service provider telling you that your account is at risk and in need of urgent resolution with a link. To avoid clicking on a link masquerading to be from your provider. Do not use the shared link instead use a different tab or web browser to access your account, confirm the issue exists then resolve it.

If you don’t understand the stated problem or how to resolve it call your service provider to explain it to you before doing anything. This will help you confirm if it is a genuine problem and prevent you from clicking on a malicious link.

If you receive a phone call, email, or text that is from a malicious source do the following:

• Report to your service provider: if the source is masquerading as your bank or mobile money provider, report it to them so that they can investigate and take action. This will prevent the next person from being conned.
• Block the source address; If it is a phone call or message, block the source number on all platforms. If it is on email, block the email address and report it as spam.