Protect & Connect: Understanding Scams and How to Avoid Them

Firmy

Hey Community Members,

Join us for a fun virtual event with Calvin Gan, where you’ll learn about online safety and scams from the comfort of your home.

🎈 Event Details:

• Title: Protect & Connect: Understanding Scams and How to Avoid Them
• Date: Monday, October 28, 2024
• Time: 5:00 AM - 6:00 AM UTC
• RSVP: Click Here

🌟 About Calvin Gan:

Calvin is a cybersecurity expert at F-Secure, dedicated to helping people stay safe online. With extensive knowledge and experience in the field, he offers valuable tips and insights into how scams operate and how you can avoid falling victim to them.

🌟 What to Expect:

In this engaging session, Calvin will share:

• The latest scams and how they’ve evolved with technology
• Tips for spotting fake deals and verifying messages
• Practical advice to enhance your online safety

❓ Have Questions?

Feel free to submit your questions in the comments of this post.

We can’t wait to see you there! Let’s make the internet safer together! 🚀

TVC15

Hi @Firmy

This sounds fantastic :) Will this be recorded and a link posted on this thread or on the F-Secure YouTube channel? With the time zone difference here in the US, it would be a bit hard for me to get up at 1:00AM my time to watch it for an hour ;) :)

Firmy

Hello @TVC15

Yes, the session will be recorded and we will share the recording in this thread.

We have another one that might suit your timing:

https://community.f-secure.com/en/discussion/128767/protect-connect-spotting-scams-and-protecting-yourself

Ukko

Hello,

Feel free to submit your questions in the comments of this post.

How will the process proceed? Via Microsoft Teams meeting? I don't think I've ever used it. Should there be any requirements for the device or device capabilities?

Will this be a 'solo' speech? In what form or when would it be possible (or is it possible) to ask questions about the topic of the speech? Before the start of the speech in this topic? In some comment section via meeting provider facilities? Via something else as a real-time 'videomeeting'?

Spoiler Warning

// in general, it would be interesting to know how common or how many known cases there are where scammers have deliberately planned a long-term hoax of creating a service or tool that would be very useful and in demand for many; and for some significant period of time would be flawless from a security or legality point of view (zero fraud). Considering the "long-term"-base - is it even interesting for scammers when there are so many possibilities for petty scenarios and other misery? Or will this simply transfer the scam to the category of fraud (and, so, there will be a need to rely on some kind of fraud squad to deal with this)?

for instance, create a password manager. make it flawless from all sides and actively promote it. maybe even to gain legal profit from it. to be flawless for five years (which could even be sufficient already for good reputation, see Brave Browser was already quite promoted in the first five years, and now it’s widely known) or ten years (still for the scammers sideproject is not so 'long'). And then implement the original scam trick (whatever it could be). Where there is also an excellent opportunity to frame all this as "oops. there was a security incident. we have carefully considered everything, we will tell all the mitigations, we will take into account all the points, and made right conclusions, etc." Which may not even reveal the "scam"-nature after all. That is, they won't even have to stop sideporject.

what is the probability (or how many cases are known) of such professional scam activity at the level of long-term directly undercover operations (rather than typical long-lived activities deliberately acting as scammers for a very short time of interaction with 'target')? Posing as something other than a scammer while still acting as scammer, hoping to find someone who is gullible and fool him - when the initial idea is to scam at the end - this is, I think, quite more dangerous type of scam because is not really 'clear' how to spot it or verify their intentions. And even more so, how to distinguish them from a not very successful company (organization, initiative) which simply failed.

For me, this would look like a vector similar to how malicious things (in computing) began to look at ways to use legal paths or simply "improvised" tools. So-called scripts, chain attacks and fileless threats. By using (for example, for Windows) Powershell and so on. As a drastic change from a "simple" quick approach to something more thorough (albeit with implementation costs).

Firmy

Hello @Ukko

How will the process proceed? Via Microsoft Teams meeting? I don't think I've ever used it. Should there be any requirements for the device or device capabilities?

The session will be hosted via Microsoft Teams, and you'll receive a link to join the meeting when you RSVP. For any device compatibility questions, you may refer to the Microsoft website.

Will this be a 'solo' speech? In what form or when would it be possible (or is it possible) to ask questions about the topic of the speech? Before the start of the speech in this topic? In some comment section via meeting provider facilities? Via something else as a real-time 'videomeeting'?

The session will be held in a discussion format, covering different types of scams, how they've evolved, and useful tips and tricks to stay safe online. If you have any questions you'd like us to address, feel free to add them to this thread. We'll do our best to cover them during the session. If time runs short, we'll make sure to respond to any unanswered questions here after the event.

You're also welcome to ask questions during the session in the chat, and we'll post responses in this thread afterward.