News / National
Cyber scams on the rise in Zimbabwe
26 Sep 2022 at 00:56hrs | Views
CYBER scams are on the rise in Zimbabwe with experts saying people must be vigilant as hackers can steal identities so that they commit crimes.
Lately, hackers have been on the loose in Zimbabwe, causing havoc on social media.
Many people have reported to have been hacked and it has been very simple the way that they do it, especially on Facebook.
What the scammers use is trust, which is a process called Social Engineering. According to online definitions, this is a psychological manipulation where the hacker can pretend to be a friend or a co-worker.
One is then tricked into giving out personal information like a password to a service.
A "friend" or "relative" sends you a message offering something lucrative saying for example: "Hello send me your phone number so that I can connect you to the unlimited free data browser on Facebook, Twitter, Snapchat, Instagram."
Because this person is known to you as a friend or a relative, you will send the phone number to them on Facebook messenger.
Another scam is even using legitimate companies to swindle people.
"Hii!!! Congratulations you have been selected by Africom we're giving away 1 gig for free on Facebook due to the 20th Africom anniversary. . . Send the number you used for your Facebook so that you get verified then you receive 1 gig data stay at home and be safe enjoy your 1 gig . . . Sponsored by Africom."
When the phone number is sent, the hacker asks you to send the number on SMS to them.
Then an SMS will be received on your phone which reads: "53333333 is your Facebook password reset code."
Some subconsciously will send this code to the person on the Facebook page, but this is the fatal mistake.
Facebook, any email service provider, Instagram and Twitter, when one sets up an account they ask for a phone number, so that an activation code can be sent.
When one wants to reset the password, because one would have forgotten it, the application asks for the phone number so that it sends a reactivation code.
So, when one sends that code to the supposed relative, friend or spouse, offering free or unlimited data, they would have sent the hacker the reactivation code. With that, the account is taken away, the passwords reset and then the person starts posting lurid messages.
If you manage to sniff out that whatever is being sent is a scam, then the person turns to sending you spam messages on WhatsApp trying to lure you.
The methods are varied, but the theme is the same, there is nothing for free on the internet, no free data, no free SMS or free access to anything.
One victim, who declined to be named said they received a message on Facebook that there was free data.
"I got a message from my friend telling me that there was free data and I had to provide a code. What I didn't realise what I have realised now, is that I sent my Facebook reactivation code. I started getting WhatsApp messages from friends saying there was some lurid content on my account. That's when I knew I was hacked," said the victim.
The victim said when the friend whom purportedly sent the message was asked, they said they were also hacked.
Efforts to get the Facebook page back have been fruitless.
"I had to ask another friend to post on my wall that my account has been hacked. But I'm still getting messages from people saying that I'm offering link for free data. I then tell them not to click on any links or provide any details," said the victim.
Mr Percy Sibanda, the Computer Society of Zimbabwe, Bulawayo Chapter president said there is nothing for free in cyberspace.
"Any scam, they promise something that benefits you without working for it. If they are promising you something for free, then be very wary of it," said Mr Sibanda.
He said people must be wary when they receive such messages.
"Sometimes it's hardly people who you know or its organisations that are known that send these messages. They normally send the messages to your inbox, and with such, the best thing is to verify on the said company's official website," said Mr Sibanda.
He said hackers want to steal identities so that they commit crimes.
"These hackers can do many things with your account that they have stolen. Mostly identity theft, and they can start committing crimes, opening other accounts, emails and the like. Also, some want to see your private life," said Mr Sibanda.
Mr Robert Ndlovu another ICT expert who runs WozaTel warned people not to give away personal information.
"Phishing scams involve links that are shared on most social media platforms offering a too good to be true offer. When you click on that link you are asked some questions like age, employment status, level of education, gender and so on after you have completed the application then the website usually prompts you to provide say five names and Mobile numbers of your friends so as to increase your chances of landing that job. What you are doing in fact you are giving people whom you don't know other people's contact details," said Mr Ndlovu.
He said these fraudsters can contact those people on a first name basis via the contact information one has "donated to them".
"The average human being will smile when he is greeted by his full name via SMS. congratulations Mr. Themba Ndlovu you have been selected to receive a loan. For us to process it please confirm the numbers we just texted you. Bingo you are game.
"There is no such thing as free money or free laptops," said Mr Ndlovu.
Lately, hackers have been on the loose in Zimbabwe, causing havoc on social media.
Many people have reported to have been hacked and it has been very simple the way that they do it, especially on Facebook.
What the scammers use is trust, which is a process called Social Engineering. According to online definitions, this is a psychological manipulation where the hacker can pretend to be a friend or a co-worker.
One is then tricked into giving out personal information like a password to a service.
A "friend" or "relative" sends you a message offering something lucrative saying for example: "Hello send me your phone number so that I can connect you to the unlimited free data browser on Facebook, Twitter, Snapchat, Instagram."
Because this person is known to you as a friend or a relative, you will send the phone number to them on Facebook messenger.
Another scam is even using legitimate companies to swindle people.
"Hii!!! Congratulations you have been selected by Africom we're giving away 1 gig for free on Facebook due to the 20th Africom anniversary. . . Send the number you used for your Facebook so that you get verified then you receive 1 gig data stay at home and be safe enjoy your 1 gig . . . Sponsored by Africom."
When the phone number is sent, the hacker asks you to send the number on SMS to them.
Then an SMS will be received on your phone which reads: "53333333 is your Facebook password reset code."
Some subconsciously will send this code to the person on the Facebook page, but this is the fatal mistake.
Facebook, any email service provider, Instagram and Twitter, when one sets up an account they ask for a phone number, so that an activation code can be sent.
When one wants to reset the password, because one would have forgotten it, the application asks for the phone number so that it sends a reactivation code.
So, when one sends that code to the supposed relative, friend or spouse, offering free or unlimited data, they would have sent the hacker the reactivation code. With that, the account is taken away, the passwords reset and then the person starts posting lurid messages.
If you manage to sniff out that whatever is being sent is a scam, then the person turns to sending you spam messages on WhatsApp trying to lure you.
One victim, who declined to be named said they received a message on Facebook that there was free data.
"I got a message from my friend telling me that there was free data and I had to provide a code. What I didn't realise what I have realised now, is that I sent my Facebook reactivation code. I started getting WhatsApp messages from friends saying there was some lurid content on my account. That's when I knew I was hacked," said the victim.
The victim said when the friend whom purportedly sent the message was asked, they said they were also hacked.
Efforts to get the Facebook page back have been fruitless.
"I had to ask another friend to post on my wall that my account has been hacked. But I'm still getting messages from people saying that I'm offering link for free data. I then tell them not to click on any links or provide any details," said the victim.
Mr Percy Sibanda, the Computer Society of Zimbabwe, Bulawayo Chapter president said there is nothing for free in cyberspace.
"Any scam, they promise something that benefits you without working for it. If they are promising you something for free, then be very wary of it," said Mr Sibanda.
He said people must be wary when they receive such messages.
"Sometimes it's hardly people who you know or its organisations that are known that send these messages. They normally send the messages to your inbox, and with such, the best thing is to verify on the said company's official website," said Mr Sibanda.
He said hackers want to steal identities so that they commit crimes.
"These hackers can do many things with your account that they have stolen. Mostly identity theft, and they can start committing crimes, opening other accounts, emails and the like. Also, some want to see your private life," said Mr Sibanda.
Mr Robert Ndlovu another ICT expert who runs WozaTel warned people not to give away personal information.
"Phishing scams involve links that are shared on most social media platforms offering a too good to be true offer. When you click on that link you are asked some questions like age, employment status, level of education, gender and so on after you have completed the application then the website usually prompts you to provide say five names and Mobile numbers of your friends so as to increase your chances of landing that job. What you are doing in fact you are giving people whom you don't know other people's contact details," said Mr Ndlovu.
He said these fraudsters can contact those people on a first name basis via the contact information one has "donated to them".
"The average human being will smile when he is greeted by his full name via SMS. congratulations Mr. Themba Ndlovu you have been selected to receive a loan. For us to process it please confirm the numbers we just texted you. Bingo you are game.
"There is no such thing as free money or free laptops," said Mr Ndlovu.
Source - The Chronicle