Online scams: reporting problems and giving warnings

B2
60 min
Premium
1

Think about these questions before watching. Share your ideas with a partner.

  1. Think about the last suspicious email or text message you received. What made you think it wasn't legitimate, and what steps did you take?
  2. In your opinion, what makes some online scams so convincing, and which types of people do you think are most vulnerable?
  3. Beyond using strong passwords, what are some practical habits people should adopt to protect their personal and financial information online?
2

Watch the video carefully. Pay attention to the main ideas and key details.

Video script103 segments · click a timestamp to jump

- [Gary] There we go.

- It starts with a simple text.

Urgent message.

You have an unpaid toll.

It's important that you take care of this fine

over the next 12 hours,

or your vehicle will be impounded.

This is probably very similar to a text message

that you've received.

Americans received an-all time high

of over 330,000 toll scam messages

in a single day in September.

Federal investigators say that crime groups in China

are behind the scam,

and they've made more than $1 billion

over the past three years.

And it all links back to these toll road texts

that everybody's getting.

It's a major annoyance

and it's a major source of revenue

for Chinese organized crime.

I've been reporting on these scam messages for months

and have worked with a cyber threat researcher

to set up a fake phishing page

and show you exactly how it works.

- [Gary] So this is the fish that Bob's going to be getting

that we made.

- So it looks like I'm supposed to be paying a $6.69 fine,

but if I go any further here,

much worse things are gonna happen.

The phishing page is now asking me for my contact details,

my name, my address.

They're just basically trying to steal

all my credit card details,

which is the point of this scam.

- Bob is currently entering his data,

and here we just got the first piece of it

and we've got his credit card details here.

We'll put them in the wallet here,

and that's going to prompt an authorization code.

So that'll be the last piece

of getting the card on this phone.

It's sending an authorization code to Bob's email.

- Gary has all of my card details,

but my bank, like most banks,

has protections and needs to verify that it's actually me.

The scammers need the authorization code.

It tells your bank to trust the phone,

so they ask you for the code,

saying it will let your overdue toll payment go through.

The message is saying,

please follow these last steps for Google Pay.

Now, that would be a warning to some people,

but this scam is very effective.

Okay, I've entered my code and it's been accepted.

That means, according to this website,

that my toll has been paid, my record has been cleared,

a receipt will be sent to my email.

I'll look for that.

Once the scammers put your code in, you are cooked.

Your card is on their smartphone wallet.

- The last piece was we had to get that authorization code.

We've entered the authorization code,

and now it has our credit card loaded on the wallet.

We're ready to go. It's time to go shopping.

- When the scam happens in the real world,

the criminals in China, they don't wanna shop there

because it will raise red flags

with the credit card company.

So they've developed software

that lets them tap their phone in China

and transmit your authenticated credit card information

to a second phone.

That phone is used by a shopper they've recruited

in your area to make purchases.

We worked with a researcher in Amsterdam

who had recreated this remote tap-to-pay trick

and let us use it for our demo.

I tapped my smartphone wallet to a phone

with special software that sent my card information

from San Francisco to his phone in Amsterdam.

- The signal's being sent from the west coast of the US

over the Atlantic to a server

that we created to this phone,

and in real time, we're gonna do a payment

at a point of sale device in the cafe here.

- [Robert] In the demo, we bought an apple juice

just as a proof of concept,

but criminals are buying everything from iPhones

to luxury handbags to gift cards.

- They purchase it and then put it on sale on Alibaba

or eBay for a greatly discounted rate,

but some of it is just being shipped overseas.

- [Robert] On November 12th, Google sued one of the makers

of the fishing kits used in these scams,

saying they had duped over a million people

in at least 121 countries.

The best way to avoid being scammed, stay alert.

- If somebody says, I'm going to impound your vehicle

because you have a $6 fine,

that doesn't make sense.

Slow down and think it through,

and you'll save yourself from a lot of losses.

3

Answer these questions in your own words. Support your answers with evidence from the video.

01What tactics do the scammers use in their initial text message to create a sense of urgency?
Sample answerThey send a text claiming you have an unpaid toll. To make you act fast without thinking, they say it's an 'urgent message' and give you a short deadline, like 12 hours, before threatening a serious consequence like having your car impounded.
02What is the real purpose of the authorization code that the scammers ask for, and how do they trick the victim into providing it?
Sample answerThe code is actually a security measure from the bank to authorize adding the credit card to a new device. The scammers trick the person by pretending the code is needed to finalize the small toll payment, when in reality it gives them full control of the card on their own phone.
03Why don't the criminals in China use the stolen credit cards to shop where they are? What complex system have they developed instead?
Sample answerThey don't shop themselves because a purchase from China on a US credit card would immediately alert the bank to fraud. Instead, they use special software to send the card details to another phone held by a person they've hired in the victim's own country. This person then makes purchases locally, which looks much less suspicious.
04According to the video's conclusion, what is the most effective way for individuals to protect themselves from this type of scam?
Sample answerThe video suggests that the best protection is to be critical and think logically. You should question if the threat makes sense for the situation. For example, it's very unlikely your car would be impounded over a tiny $6 fine. Basically, you need to slow down and not let the urgent tone of the message rush you into making a mistake.
4

Vocabulary

Vocabulary
These expressions will help you communicate more naturally about this topic.
To fall for something — to be deceived or tricked by a lie or a scam.
Usage note: This is a common phrasal verb. We often use it with nouns like 'a scam', 'a trick', 'a lie', or 'a story'. For example: 'The email looked so official that many people fell for it.'
A red flag — a sign or signal that something might be wrong, dangerous, or fraudulent.
Usage note: This idiom is used to describe warning signs. You can say something 'raises a red flag' or that something 'is a red flag'. For example: 'A message creating a sense of urgency should be a huge red flag.'
To be vigilant — to be very careful to notice signs of danger or problems.
Usage note: This is a more formal way to say 'be watchful' or 'be careful'. It's often used in advice or warnings about security. It collocates with 'remain' or 'stay' (e.g., 'You need to remain vigilant when checking your emails').
Deceptive practices — actions intended to mislead or trick people, often for financial gain.
Usage note: This is a semi-formal phrase often used when reporting issues or in news articles about fraud. It sounds more official than just saying 'tricks'. For example: 'The company was fined for its deceptive marketing practices.'
To compromise your details/account — to expose your personal information or online account to risk, allowing it to be stolen or used without permission.
Usage note: In a cybersecurity context, 'compromise' means to make something vulnerable. You can say your account 'was compromised' or that an action could 'compromise your security'.
5

Decide if each statement is true or false. Correct the false ones.

01The video mentions that Google has taken legal action against one of the groups that create the software for these scams.
02In the demonstration, the researchers used the stolen card details to buy an expensive electronic device.
03The scam's main strategy involves criminals in China using the stolen cards to buy items directly from Chinese online stores.
04According to the video, the crime groups behind the scam have made over $1 billion in the last three years.
05The initial text message in the video warns about an unpaid parking ticket.
6

Discuss these questions with a partner. Try to use vocabulary from the lesson.

  1. To what extent should banks and tech companies be responsible for protecting customers from deceptive practices, versus the individual's responsibility to be vigilant and not fall for scams?
  2. Thinking about your own country, do you believe people are becoming more or less likely to fall for online scams? What societal or technological changes might be influencing this trend?
  3. The video shows how scammers create urgency. Besides this, what other psychological tricks do they use? If you had to explain the biggest red flags to a friend to help them avoid compromising their details, what would you focus on?