Predators and prey
In the UK we currently have a daily TV show about scams etc. They employ a considerable number of ethical hackers to discover how actual people had been scammed out of their money. Their findings are alarming.
Firstly, we all order goods online and have to fill in our details on numerous companies forms. They often ask for a cell phone and a line line phone number "In case we need to phone you". They are just harvesting information. Many of these companies have had historical "data breaches" where their websites were hacked and enormous amounts of people's information stolen. However, those are just the ones that have been reported. These companies are under no legal obligation to inform anyone. Your personal details could have come into the public domain in this manner. This often included actual passwords that the volunteers were still using.
Social Media is the scammers treasure trove. It is jammed with information that users don't realise they are disclosing. Bots have been developed to "shave" all of them. When you consider the vast sums of money that these Social Media platforms change hands for you should be aware that YOU are the prey. "Elon Musk threatened Monday to terminate his $44 billion plan to buy Twitter, accusing management of failing to comply with his request to provide data he seeks, which includes the number of fake accounts, bots and spam". Digest that. 44 billion bucks that he is confident he can recoup and earn more money from. He and presumably Twitter know that it is infested. Facebook and presumably others think it's cute to wish you a happy birthday. Valuable info disclosed. Even people who don't use Social Media can have their data harvested because another member of their family has leaked info about them. After watching one show I decided to examine my own passwords etc and make them impossible for anyone to find. During that process I saw the full names and addresses of one deceased forum member and one still very much alive. An alternative address and details was also included for that person's sister. All have now been safely deleted. Perhaps the sister has Social Media accounts and divulges innocuous looking info like "It's my brother's birthday today" More pieces of the jigsaw. Perhaps her info had been disclosed in a data breach.
The following case alarmed me. It should alarm all of you.
A woman had a parcel delivered to her house from a well known company. She hadn't ordered it but it had been paid for in full. She was too busy to contact them at that time, but she'd just been scammed out of £3000 (minus the trifling price of the items in the box that had been delivered). All the scammer needed to open an account in her name was her full address, her date of birth, AN email address and A cell phone number. The company verified this new account by sending an email and phoning a burner phone. On the strength of that they granted the scammer a £3000 credit limit that could be used to buy goods from them. The crafty scammer then bought goods to the full value and had them delivered to a click and collect store instead of the home address they already successfully sent goods to.
Decent AV protection was of course advised, but it was surprising how many people used the same password for multiple accounts. Even minor variation of it could be readily worked out.