Virtual kidnappings have increased in North America over the last two quarters. As technology advances, new opportunities arise for criminals to authenticate their scams. In addition, information gleaned from public social media profiles presents an opportune source of details about potential victims, writes Tash Glazer.
While traditional kidnapping continues to occur, the frequency of virtual kidnappings in particular has risen significantly over the past year. FBI offices in Texas, Illinois and Oklahoma have all registered an increase in virtual kidnapping cases in the first quarter of 2022. Yet virtual kidnappings are not new to the scamming scene; in fact, they have been used to elicit money from unassuming victims for over two decades. However, as technology evolves so does the crime. New digital programs and platforms give rise to new opportunities for criminals. The most recent twist: spoofing. Spoofing is way of disguising communication from an unknown source as being from a source that is known and trusted by the recipient, and can be used to replicate and exploit the identity of your online contacts.
Virtual kidnappers will use spoofing technology to make it look as if an incoming call to your cell phone is from a loved one, making the ‘abduction’ more believable. In January this year, a woman in San Diego fell victim to a virtual kidnapping spoofing attack. A call came through on her phone from her ‘mother’. She reported hearing sounds of a woman in distress before a man came on the phone. The man who was calm at first, became quickly angered, aggressive and threatening. He warned the woman that if she were to contact the police, he would kill her mother. He then demanded a wire transfer of USD 900, through a digital payments network. Panicked, the woman sent the money. After the money had been received, the man put down the phone. When the woman called her mother back, on her real number this time, she found that her mother was safe. In total, the scam took eight minutes.
A family in Aurora, Colorado, fell victim to a similar attack on 17 January, that lasted all of 15 minutes. The virtual kidnapper also demanded USD 900 through a digital payment application. Most banks in the US have 24-hour wire transfer limits of USD 1,000. However, these limits may not apply to foreign travellers. For example, a foreign guest staying at a hotel in El Paso, Texas, paid USD 8,000 for the ‘release’ of a loved one in February 2022.
METHODS AND TARGETS
After requesting a payment via wire transfer, scammers will push victims to send money quickly, making increasingly violent threats. Scammers are quick and versed in what to say cause panic. They will often pose as drug cartel members or corrupt law enforcement. Most calls will also begin with a pre-recorded track of a woman or man sounding as if they are in distress to make the scam seem authentic. In addition, victims are made to believe they are being watched so that they do not reach out to authorities.
Due to technological advances and public social media profiles, perpetrators do not even need to be in the same country as the victim. Virtual kidnappers are often based in countries where the tracking and prosecution of virtual crimes are not prioritised. In addition, wiring money out of a country means it is more difficult to trace.
"Virtual kidnappers will use spoofing technology to make it look as if an incoming call to your cell phone is from a loved one, making the ‘abduction’ more believable."
Virtual kidnappers will search the internet and various social media sites for information about targets, especially those that are travelling abroad. They will use this information to solidify the legitimacy of the abduction in the mind of the victim. Additionally, due to the availability of personal information on social media, the victim pool for virtual kidnappings is broad, and no one demographic has been specifically targeted. However, travellers do make for easier targets as they are less likely to be with their families, and their families are less likely to know exactly where they are at the moment the scam takes place.
new technologies, growing threats
Virtual kidnappings rely on the perpetrator’s ability to convince the victim of the severity of the situation and the need to pay secure the family member’s safety. Spoofing significantly increases this ability, increasing the likelihood of further successful virtual kidnappings. With 3-D mapping, digital face and voice reconstruction technology fast progressing, it will only make virtual kidnapping more convincing and easier to execute in the future. Common sense measures such as limiting the amount of personal or location information on public social media profiles will help reduce vulnerability to being targeted, but with increasingly sophisticated tools available to criminals, both in the US and elsewhere the threat of virtual kidnapping is likely to persist.