Just as recent advancements in technology have made our lives easier, they’ve also made our sensitive data more vulnerable to cybercriminals than ever. In 2023 alone, individuals lost $12.5 billion to cybercrime, according to the FBI.¹
As you continue to enjoy the ease and convenience of accessing your information online, what can you do to stay protected? Below we’ve identified a few common scams to watch for, as well as our IT team’s top four tips for protecting yourself from cybercrime and scammers.
Online Scams to Watch For
Scammers are getting smarter and they’re adapting to how we operate online. Some of this year’s most common scams include:
AI-Enabled Attacks
In recent years, the government has seen a rising number of AI-enabled cyberattacks targeting both individuals and large corporations. Namely, cybercriminals are utilizing “deep fake” technology to create convincing impersonations. These can include voices, videos, and text messages that sound like real people—your loved ones, government agents, customer representatives, and other individuals.
Scammers will use this technology on the phone or over email to gather sensitive information, solicit money, or make threats.
Spoofing Scams
Lately, our team has noticed a rising trend in suspicious texts that appear to come from legitimate sources, like financial institutions and banks. These texts will typically have a sense of urgency and request that the person receiving them click a link or call a certain phone number. These are called spoofing scams since the scammer is forging information from another business or individual.
Unfortunately, spoofing scams have the potential to look realistic, which can make them difficult for some people to identify. If you ever receive a text that asks you to click a link or otherwise take action, consider deleting it and using the company’s verified customer service line to ask for more information.
Tech Support Scams
In 2023, financial losses resulting from tech support scams were up 40% year-over-year, and the FBI anticipates these scammers will continue targeting older Americans in 2024 and beyond.²
In a tech support scam, a hacker poses as a tech support or customer service representative from a well-known company. They will typically send an email or text message to an individual, indicating a problem with their computer. To resolve this “issue,” the individual is asked to download a program that allows the hacker to remotely access their device.
From there, the scam may go a few different ways. The hacker may proceed to access sensitive data or account information. They may also have an accomplice pose as a representative from the individual’s financial institution and coax the individual to transfer funds to a new account (under the false assumption that their original accounts were compromised).
Sweepstakes or Lottery Scams
With sweepstakes or lottery scams, an individual is notified that they’ve won a grand prize—a cruise, cash, a new car, etc. To claim their prize, however, they must send in money first to cover “taxes and processing fees.” There is, of course, no prize. In some cases, the scammer may continue asking for more money over the coming months, always promising that the prize is coming.
Emotional Pleas
Scammers will sometimes pose as relatives or friends of their victims, even photoshopping images or altering their voices to sound like someone recognizable. They’ll call, text, or email with an emotional plea for money or gift cards, claiming the individual is in distress—they were in a car accident, lost all their money, arrested, etc.
Pin Requests
As more people implement two-factor authentication (which we’ll get into more below), we’ve seen a rise in cybercriminals trying to “beat the system.” Typically, the criminal will claim that they’ll send you a PIN number for their own protection, and then they’ll ask you to confirm the PIN. In reality, that number is the two-factor authentication code they need to access your accounts.
SIM Swapping
A SIM swap fraud happens when a scammer successfully transfers your phone number and account to a different device, essentially hijacking your phone. This is considered a form of identity theft and it enables the hacker to bypass two-factor authentication, access messages, and ultimately infiltrate accounts.
Scammers will typically attempt a SIM swap by posing as a legitimate business or organization, gaining your trust, and sending you a PIN request—essentially utilizing the PIN request scam discussed above.
How to Implement Cybersecurity Measures at Home
While cyber scammers are becoming more prevalent, there are a few simple measures you can take to protect yourself and your financial well-being from becoming victims of cybercrime.
#1: Use Strong and Unique Passwords
Creating strong, secure, and unique passwords for online accounts is crucial for protecting your personal information online.
To create strong passwords, we recommend:
- Aiming for at least 12 characters
- Using a combination of letters, numbers, and special characters
- Avoiding easily guessable information (names, birthdays, and common phrases)
- Giving every account a unique password
In addition, consider using a reputable password manager software, such as LastPass, Dashlane, or 1Password. These programs will encrypt and store your login information for all accounts, as well as credit card numbers and other sensitive data.
If your account offers two-factor authentication, we highly recommend enabling this feature. Two-factor authentication requires you to not only input your username and password when accessing a site but provide a second form of verification as well. Typically, you’ll need to download an authentication app on your smartphone, which will provide you with a unique code. Two-factor authentication offers another layer of protection in the event your password becomes compromised.
#2: Stay Vigilant Against Suspicious Emails or Messages
If you receive a message that feels too good to be true, alarming, or otherwise out of character from the sender, trust your instincts and delete it.
Exercise extreme caution when opening any links or attachments, even if they’re from people in your contact list. If you receive an unusual email from a friend and suspect their account has been hacked, try calling them first to verify.
Similarly, if you receive links or attachments from unknown sources (and you weren’t expecting them), avoid taking any action until you can verify with the company or organization that they are legitimate.
#3: Update Software Regularly
The software on all of your devices should be updated regularly. This includes not only your desktop’s anti-virus software but your phone and tablet operating systems.
As new threats and vulnerabilities are detected, software companies will implement more security measures to protect your devices from attacks—but you’ll only receive those additional protections if you update your software when prompted.
#4: Think Twice Before Giving Personal Information Over the Phone
No matter who’s on the other end of the line, always think twice before sharing sensitive information like your birth date, Social Security number, credit card number, or account information.
If you receive a call from someone who sounds like a family member or friend, ask some additional questions (how do we know each other, what’s my address, or anything else that individual should know) to ensure the call is legitimate.
If you receive a call from someone claiming to represent a company, financial institution, or government agency, hang up and dial that company or agency’s customer service line (you can usually find this number on their website). This will allow you to verify that you were (or were not) speaking with an actual representative.
What to Do if You Experience a Cybercrime
If you believe you’ve been targeted by a cybercrime, contact your financial institutions immediately and change all your account passwords. You may also want to contact the three credit bureaus (Experian, Equifax, and TransUnion) to freeze your credit, in case the scammer attempts to open a line of credit in your name.
Report the incident to your local police department and file a report with the Federal Trade Commission.
In addition, you can contact your financial advisor and let them know what’s going on. They can help you take any additional steps needed to protect your accounts and assets.
How Does Wingate Protect Against Cybercrime?
As part of our commitment to being our clients’ trusted financial partner, our IT department develops and implements robust cybersecurity measures to safeguard sensitive client data. These measures include cutting-edge malware protection, multiple layers of email security, and regular assessments for threats and vulnerabilities, both internally and externally.
In addition, our team is regularly informed about the latest changes to cybercrime and trained to combat phishing and malware attacks effectively.
As cyber-attacks grow more prevalent in our industry, our firm stays committed to addressing potential security gaps, rigorously testing third-party provider systems, and maintaining high standards of data security.
If you have questions about protecting your financial information online, we’re here to help. Feel free to contact us today to speak with our team.
Sources:
2“Phantom Hacker” Scams Target Senior Citizens and Result in Victims Losing their Life Savings
