Since a couple of weeks, I had been getting suspicious posts from my friend’s social media account. I knew that her account had been hacked. The fraudster was using her identity and her account to convince people that she was winning lotteries and giveaway money and dupe their targets of money and also taking control of their social media handles. Today, the fraudster tried to make me their target.

They sent me the infamous “Guess the number and win” 40K photo. (Money giveaway fraud)

So I decided to play along. I guessed the number and asked the person on the other side to pay up. The fraudster congratulated me and said that I had won giveway money and asked me how I wanted to intiate the transfer. I told them that they could transfer via UPI. The fraudster ask me to do something first, which was quite expected. They asked me to change the email address associated with the social media account. For those who don’t know, doing this can give complete ownership of your social media account to the unethical hacker/fraudster. They asked me to do it and share a screenshot.

So, of course I didn’t do it. But, I did share a fake screenshot using simple free pre-installed tools on a computer/laptop. The conversation went like so, although the hacker deleted many of their messages once the conversation was over.

They had also provided me fake screenshot messages showing that people had received the money, which they deleted. It was time to end the conversation.

The hacker has committed identity theft and financial fraud and probably continues to do so. I knew they wouldn’t pay by regular channels because if they did, it would disclose information about the hacker. I confirmed with my friend over the phone if her account was really hacked over the phone and reported the account. Later, the hacker blocked me.

Anyone can be a victim of Cyberfraud, no matter the education. Even doctors and layers have been victims of cyberfraud. Here are a few things you can do to keep yourself and your friends safe:

1. Stay alert.
2. Change passwords regularly and keep them strong.
3. Read/Watch updates on cybersecurity from time to time, to know about the new methods the fraudsters use.
4. If it is an email, always check the email address.
5. Do not click on any suspicious links or pop-ups on emails or the web.
6. Always use Two-Factor aunthentication for your accounts.
7. Never share OTP or PIN numbers.
8. Help a friend out. Report accounts that are hacked and do so in large numbers with attachements/screenshots if you have any.
9. Reach out to the Support team of the social media app or website.
10. File a report to the Cybercrime Cell of your country.

Happy browsing! Stay alert. Stay safe.