#FactCheck - Deepfake Alert: Virat Kohli's Alleged Betting App Endorsement Exposed

Introduction

The Online Lottery Scam involves a scammer reaching out through email, phone or SMS to inform you that you have won a significant amount of money in a lottery, instructing you to contact an agent at a specific phone number or email address that actually belongs to the fraudster. Once the agent is reached out to, the recipient will need to cover processing charges in order to claim the lottery reward. Upfront Paying is required in order to receive your reward. However, actual rewards come at no cost. Additionally, such defective 'offers’ often contain phishing attacks, tricking users into clicking on malicious links.  

Modus Operandi

The common lottery fraud starts with a message stating that the receiver has won a large lottery prize. These messages are frequently crafted to imitate official correspondence from reputable institutions, sweepstakes, or foreign administrations. The scammers request the receiver to give personal information like name, address, and banking details, or to make a payment for taxes, processing fees, or legal procedures. After the victim sends the money or discloses their personal details, the scammers may vanish or persist in requesting more payments for different reasons.

Tactics and Psychological Manipulation

These fraudulent techniques mostly rely on psychological manipulation to work. Fraudsters by persuading the victims create the fake sense of emergency that they must act quickly in order to get the lottery prize. Additionally, they prey on people's hopes for a better life by convincing them that this unanticipated gain has the power to change their destiny. Many people fall prey to the scam because they are driven by the desire to get wealthy and fail to recognize the warning indications. Additionally, fraudsters frequently use convincing language and fictitious documentation that appears authentic, hence users need to be extra cautious and recognise the early signs of such online fraudulent activities.

Festive Season and Uptick in Deceptive Online Scams

As the festive season begins, there is a surge in deceptive online scams that aim at targeting innocent internet users. A few examples of such scams include, free Navratri garba passes, quiz participation opportunities, coupons offering freebies, fake offers of cheap jewellery, counterfeit product sales, festival lotteries, fake lucky draws and charity appeals. Most of these scams are targeted to lure the victims for financial gain.

In 2023, CyberPeace released a research report on the Navratri festivities scam where we highlighted the ‘Tanishq iPhone 15 Gift’ scam which involved fraudsters posing as Tanishq, a well-known jewellery brand, and offering fake iPhone 15 as Navratri gifts. Victims were lured into clicking on malicious links. CyberPeace issued a detailed advisory within the report, highlighting that the public must exercise vigilance, scrutinise the legitimacy of such offers, and take precautionary measures to shield themselves from falling prey to such deceptive cyber schemes.

Preventive Measures for Lottery Scams

To avoid lottery scams ,users should avoid responding to messages or calls about fake lottery wins, verify the source of the lottery, maintain confidentiality by not sharing sensitive personal details, approach unexpected windfalls with scepticism, avoid upfront payment requests, and recognize manipulative tactics by scammers. Ignoring messages or calls about fake lottery wins is a smart move. Verifying the source and asking probing questions is also crucial. Users are also advisednot to click on such unsolicited links of lottery prizes received in emails or messages as such links can be phishing attempts. These best practices can help protect the victims against scammers who pressurise victims to act quickly that led them to fall prey to such scams.

Must-Know Tips to Prevent Lottery Scams

●     It is advised to steer clear of any communication that offers lotteries or giveaways, as these are often perceived as too good to be true.

●     It is advised to refrain from transferring money to individuals/entities who are unknown without verifying their identity and credibility.

●     If you have already given the fraudsters your bank account details, it is crucial to alert your bank immediately.

●     Report any such incidents on the National Cyber Crime Reporting Portal at cybercrime.gov.in or Cyber Crime Helpline Number 1930.

‍

Introduction 

‍

In the past few decades, technology has rapidly advanced, significantly impacting various aspects of life. Today, we live in a world shaped by technology, which continues to influence human progress and culture. While technology offers many benefits, it also presents certain challenges. It has increased dependence on machines, reduced physical activity, and encouraged more sedentary lifestyles. The excessive use of gadgets has contributed to social isolation. Different age groups experience the negative aspects of the digital world in distinct ways. For example, older adults often face difficulties with digital literacy and accessing information. This makes them more vulnerable to cyber fraud. A major concern is that many older individuals may not be familiar with identifying authentic versus fraudulent online transactions. The consequences of such cybercrimes go beyond financial loss. Victims may also experience emotional distress, reputational harm, and a loss of trust in digital platforms.

‍

Why Senior Citizens Are A Vulnerable Target 

Digital exploitation involves a variety of influencing tactics, such as coercion, undue influence, manipulation, and frequently some sort of deception, which makes senior citizens easy targets for scammers. Senior citizens have been largely neglected in research on this burgeoning type of digital crime. Many of our parents and grandparents grew up in an era when politeness and trust were very common, making it difficult for them to say “no” or recognise when someone was attempting to scam them. Seniors who struggle with financial stability may be more likely to fall for scams promising financial relief or security. They might encounter obstacles in learning to use new technologies, mainly due to unfamiliarity. It is important to note that these factors do not make seniors weak or incapable. Rather, it is the responsibility of the community to recognise and address the unique vulnerabilities of our senior population and work to prevent them from falling victim to scams. 

‍

Senior citizens are the most susceptible to social engineering attacks. Scammers may impersonate people, such as family members in distress, government officials, and deceive seniors into sending money or sharing personal information. Some of them are: 

• The grandparent scam 
• Tech support scam
• Government impersonation scams
• Romance scams 
• Digital arrest

‍

Protecting Senior Citizens from Digital Scams 

As a society, we must focus on educating seniors about common cyber fraud techniques such as impersonation of family members or government officials, the use of fake emergencies, or offers that seem too good to be true. It is important to guide them on how to verify suspicious calls and emails, caution them against sharing personal information online, and use real-life examples to enhance their understanding.

Larger organisations and NGOs can play a key role in protecting senior citizens from digital scams by conducting fraud awareness training, engaging in one-on-one conversations, inviting seniors to share their experiences through podcasts, and organising seminars and workshops specifically for individuals aged 60 and above.

‍

Safety Tips 

‍

In today's digital age, safeguarding oneself from cyber threats is crucial for people of all ages. Here are some essential steps everyone should take at a personal level to remain cyber secure: 

1. Ensuring that software and operating systems are regularly updated allows users to benefit from the latest security fixes, reducing their vulnerability to cyber threats.
2. Avoiding the sharing of personal information online is also essential. Monitoring bank statements is equally important, as it helps in quickly identifying signs of potential cybercrime. Reviewing financial transactions and reporting any unusual activity to the bank can assist in detecting and preventing fraud.
3. If suspicious activity is suspected, it is advisable to contact the company directly using a different phone line. This is because cybercriminals can sometimes keep the original line open, leading individuals to believe they are speaking with a legitimate representative. In such cases, attackers may impersonate trusted organisations to deceive users and gain sensitive information.
4. If an individual becomes a victim of cybercrime, they should take immediate action to protect their personal information and seek professional guidance.
5. Stay calm and respond swiftly and wisely. Begin by collecting and preserving all evidence—this includes screenshots, suspicious messages, emails, or any unusual activity. Report the incident immediately to the police or through an official platform like www.cybercrime.gov.in and the helpline number 1930.
6. If financial information is compromised, the affected individual must alert their bank or financial institution without delay to secure their accounts. They should also update passwords and implement two-factor authentication as additional safeguards.

‍

Conclusion: Collective Action for Cyber Dignity and Inclusion

Elder abuse in the digital age is an invisible crisis. It’s time we bring it into the spotlight and confront it with education, empathy, and collective action. Safeguarding senior citizens from cybercrime necessitates a comprehensive approach that combines education, vigilance, and technological safeguards. By fostering awareness and providing the necessary tools and support, we can empower senior citizens to navigate the digital world safely and confidently. Let us stand together to support these initiatives, to be the guardians our elders deserve, and to ensure that the digital world remains a place of opportunity, not exploitation. 

‍

REFERENCES -

• https://portal.ct.gov/ag/consumer-issues/hot-scams/the-grandparents-scam
• https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/tech-support-scams
• https://consumer.ftc.gov/articles/how-avoid-government-impersonation-scam 
• https://www.jpmorgan.com/insights/fraud/fraud-mitigation/helping-your-elderly-and-vulnerable-loved-ones-avoid-the-scammers
• https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/romance-scams 
• https://www.jpmorgan.com/insights/fraud/fraud-mitigation/helping-your-elderly-and-vulnerable-loved-ones-avoid-the-scammers 

‍

Introduction

In today’s digital age, everyone is online, so is the healthcare sector worldwide. The latest victim of a data breach is Hong Kong healthcare provider OT&P Healthcare, which has recently suffered a data loss of 100,000 patients that exposed their medical history, and caused concern to the patients and their families. This breach has highlighted the vulnerability in the healthcare sector /industry and the importance of cybersecurity measures to protect sensitive information. This blog will explore the data breach, its impact on patients and families, and the best practices for safeguarding sensitive data.

Background: On 13 March 2023, an incident took place where the Cybercriminals deployed a variety of methods to breach the data, which included phishing attacks, malware, and exploiting software vulnerabilities. OT&P Health Care exploits the sensitive data of the patients. According to OT&P Healthcare, it is working together with law enforcement and has hired a cybersecurity firm to investigate the incident and tighten its security procedures. Like other data breaches, the inquiry will most certainly take some time to uncover the actual source and scope of the intrusion. Regardless of the cause of the breach, this event emphasises the significance of frequent cybersecurity assessments, vulnerability testing, and proactive data protection measures. Considering the dangers in the healthcare sector must be cautious in preserving the personal and medical records of the patients as they are sensitive in nature.

Is confidentiality at stake due to data breaches?

Medical data breaches represent a huge danger to patients, with serious ramifications for their privacy, financial security, and physical health. Some of the potential hazards and effects of medical data breaches are as follows:

• Compromise of patient data: Medical data breaches can expose patients’ sensitive information, such as their medical history, diagnoses, treatment, and medication regimens. If history is highly personal and reaches the wrong hands, it could harm someone’s reputation.
• Identity theft: the data stolen by the cybercriminals may be used by them to open credit accounts and apply for loans, Patients can suffer severe financial and psychological stress because of identity theft since they may spend years attempting to rebuild their credit and regain their good name.
• Medical Fraud: Medical data breaches can also result in medical fraud, which occurs when hackers use stolen medical information to charge insurance companies for services that were not performed or for bogus treatments or procedures. Medical fraud may result in financial losses for patients, insurance companies, and individuals obtaining ineffective or risky medical care.

Impact on patients

Data breach does not cause financial loss but may also profoundly impact their mental health and emotional well-being. let’s understand some psychological impacts:

• Anxiety and Stress: Patients whose medical data has been affected may experience feelings of stress and anxiety as they worry about the potential consequences of the data loss can be misused.
• Loss of faith: Patients may lose faith in their healthcare providers if they believe their personal and medical information needs to be properly As a result, patients may be reluctant to disclose sensitive information to their healthcare professionals, compromising the quality of their medical care.
• Sense of Embarrassment: Patients may feel disregarded or ashamed if their sensitive medical information is revealed, particularly if it relates to a sensitive or stigmatised This might lead to social isolation and a reluctance to seek further medical treatment.
• Post-Traumatic Stress Disorder (PTSD): Patients who have experienced a data breach may have PTSD symptoms such as nightmares, flashbacks, and avoidance behaviour. This can have long-term consequences for their mental health and quality of life.

Legal Implications of Data Breach

Patients have certain legal rights and compensations when a healthcare data breach occurs. Let’s have a look at them: –

• Legal Liability: Healthcare providers have a legal obligation to protect data under various privacy and security laws if they fail to take appropriate measures to protect patient data, they may be held legally liable for resulting harm.
• Legal recourse: Patients whose healthcare data leak has impacted them have the legal right to seek compensation and hold healthcare providers and organisations This could involve suing the healthcare practitioner or organisationresponsible for the breach.
• Right to seek compensation: the patients who have suffered from the data loss are liable to seek compensation.
• Notifications: As soon as a data breach takes place, it impacts the organisation and its customers. In this case, it is the responsibility of the OT&P to
• notify their patients about the data breach and inform them about the consequences.
• Take Away from OT &P Healthcare Data Breach: with the growing data breaches in the healthcare industry, here are some lessons that can be learned from the Hong Kong data breach.
• Cybersecurity: The OT&P Healthcare data breach points to the vital need to prioritisecybersecurity in healthcare. To secure themselves, hospitals and the healthcare sector must use the latest software to protect their data.
• Regular risk assessments: These assessments help find system vulnerabilities and security issues. This can assist healthcare providers and organisationsin taking the necessary actions to avoid data breaches and boost their cybersecurity defences.
• Staff Training: Healthcare workers should be taught cybersecurity best practices, such as detecting and responding to phishing attempts, handling sensitive data, and reporting suspected security breaches. This training should be continued to keep workers updated on the newest cybersecurity trends and threats.
• Incident Response Strategy: Healthcare providers and organisations should have an incident response policy in place to deal with data breaches and other security concerns. This strategy should include protocols for reporting instances, limiting the breach, and alerting patients and verified authorities.

Conclusion

The recent data breach in Hong Kong healthcare impact not only the patients but also their trust is shaken. As we continue to rely on digital technology for medical records and healthcare delivery, it is essential that healthcare providers and organisations take proactive steps to protect patient data from cyber-attacks and data breaches.

References

https://www.marketing-interactive.com/otp-healthcare-apologises-over-data-breach-patients-reportedly-impacted

https://www.scmp.com/news/hong-kong/health-environment/article/3219827/personal-data-medical-history-100000-patients-may-have-been-leaked-cyberattack-hong-kong-healthcare

https://www.teiss.co.uk/news/hong-kongs-otp-healthcare-exposes-the-medical-history-of-100000-patients-12170