Protection from Scams; Part 2

Cyber Self-Defense

Thirteen tips to keep cyberthieves away from what’s yours.

1 – PROTECT YOUR PASSWORDS. Most of us keep a list of all of our User Names and passwords on some digital device, like a phone. Doing this means easy pickin’s for scammers.

Create unique passwords for every account and change them often. The basic rule of thumb is that a strong password contains 12 characters, upper- and lower-case characters (meaning capital and small letters), numbers, and symbols. Also, consider creating a complex pass-“phrase” versus a password. It’s tempting to simply create one password you can easily remember, and just use that one everywhere, but this habit makes it easy for hackers to hack you. And if you’ve got too many passwords to possibly memorize, create a Password Manager, which is a securely encrypted digital filing method. These programs are not free but are priceless. Read here: https://www.consumerreports.org/password-managers/how-to-use-a-password-manager-a7687059222/

2 – ADD FURTHER SECURITY WITH MULTI-FACTOR AUTHENTICATION. These days, scammers are smart and hungry, so a pass phrase isn’t enough. Many security experts advise multi-factor authentication, which is essentially putting a second, third, and fourth lock on your door. These extra locks consist of a digital fingerprint, face recognition, or voice recognition, or all three.

3 – STAY CURRENT. When you receive an alert on your device to update, do it. Also, ask your software manufacturer about “patches,” which are added security measures you can take to keep your data safe.

4 – BEWARE OF “SOCIAL ENGINEERING.” Social engineering means psychological manipulation. Marketing and advertising are based on this. It’s nothing more than what analysts call an “error-prone mindset” that makes you vulnerable, even gullible. One common ploy is for the scammer to come on strong, in the form of an authority figure. You may receive a text, email, phone call, or even an old school letter via snail-mail, informing you that “Your account will be closed,” “Your store credit expires at midnight!”, or “This invoice is past due and will be turned over to collections.” These threats strike fear into the hearts of many, and can easily lead to a “panic click” where you’re flustered by the threat, open the email, and begin supplying your crucial information. Fake invoices, claims for unneeded tech services, and shipping notices are common ruse. Ironically, sending you a fake alert that your computer has been hacked (!) is a common technique used by scammers to persuade you to share sensitive information.

Calm yourself. Real authorities like the IRS, the courts, the justice system, utility companies, and the U.S. Marshall don’t send random emails or phone calls. They may address you in writing, but the correspondence will be on official letterhead.

But back to that Nigerian Prince Charming, or should we say Prince “Harming.” Sis, he could be a 67-year-old white dude: https://theshaderoom.com/alleged-nigerian-prince-email-scammer-arrested-turns-out-to-be-a-67-year-old-white-man/!

Another common phishing technique is romantic. While it may be flattering to be “courted” by a stranger who is so simply smitten by your online photos, beware. Romantic overtures online often are a way of softening a normally prudent woman’s defenses — in this case not against forward sexual advances, but against “mining”, digging, for valuable personal data. And not even a kiss on the cheek. 

Ditto for alluring promises of low-interest loans which make anyone’s mouth water. And scammers may even pose as delivery agents for UPS, DHL, FedEx, or USPS, promising that they’ve got an awesome parcel for you (and of course it’s C.O.D.).

5 – SET PRIVACY AND SECURITY SETTINGS ON ALL NEW ACCOUNTS. Don’t be embarrassed if you’re not familiar. Just talk to whoever sells you your device, and seek out authorized advice (not just a rando youtube tutorial, although can be helpful, too).

6 – LEARN ABOUT THE “DO NOT CALL” REGISTRY AND “CALL BLOCKER” FEATURES. Depending upon your device and carrier, you have access to many filtering apps which block unknown senders and keep potential scammers off your digital landscape.

8 – TOO GOOD TO BE TRUE? Free vacation! Not so fast, Queen. Offers of fake vacation rentals, listing properties that don’t exist, is an especially nasty scam. Often, these are “warm” scams vs. cold, meaning that you’re already in touch with an airline or hotel that has legitimately obtained your credit card number and other critically sensitive information, like your passport, home address, and planned departure and arrival dates. Yikes.

In this type of scam, the scammer will impersonate a concierge or other front-desk contact person at your resort or hotel. The call or email might go something like, “Hello, Mrs. Covington, we’re sorry to trouble you, but our guest registry system was knocked down by tropical storm Camille here in Grand Cayman and we’ve lost your reservation. We’re calling to get back on track for your visit.” Check your original records and receipts, then call the place that’s being scammed pronto and report the scam.

Before making a reservation using your credit card, and before putting down a deposit, make it a habit when booking travel to carefully research all third-party booking sites, especially those based overseas. In advance, request a copy of the contract, and the cancellation policy. If there’s even a flicker of hesitation regarding supplying you with these, end the conversation and seek out a more reputable travel source.

9 – HAVE YOURSELF A MERRY LITTLE CHRISTMAS…by avoiding common holiday scams. These scams often involve the  “hot” toy of the season (remember the “Tickle Me, Elmo” craze?), or other items that are blowing up online. It’s fine to snap up these treasures, just be sure that you’re buying from a reputable source like a verified dealer, probably in the USA. Not to say there aren’t home-grown scammers here; of course, there are! But making an online purchase with an unknown-to-you company in Ukraine, India, or China, for example, leaves you no recourse should things go wrong. No shade, just fact.

Also, beware of the pitches for fake charities that will flood your inbox with photos of sad-eyed children and puppies in cages. If you feel a pang and want to donate, fine. Copy down the URL, then delete the potentially dubious pitch. Type the URL into your browser and see what happens. If the result seems shady, bail instantly.

10 – AVOID FREE PUBLIC WIFI. Yeah, it seemed like such a fun, freewheeling idea a decade or so ago — just take your laptop and plug in wherever. Security consultants compare using free coffeeshop WIFI to having unprotected sex: it’s easy and carefree, until it’s not, according to the Harvard Business Review (see tips below). If for no other reason, consider that using public WIFI puts all of your online photos and videos — including precious images of your grand-babies — in the hands of strangers who may potentially use them to extort, blackmail, or otherwise scare the bejeepers out of you for money. 

Here’s what Harvard Business Review says about it:

• Don’t use public WIFI to shop online, log in to your financial institution, or access other sensitive sites — ever

• Use a Virtual Private Network, or VPN, to create a network-within-a-network, keeping everything you do encrypted

• Implement two-factor authentication when logging into sensitive sites, so even if malicious individuals have the passwords to your bank, social media, or email, they won’t be able to log in

• Only visit websites with HTTPS encryption when in public places, as opposed to lesser-protected HTTP addresses

• Turn off the automatic WIFI connectivity feature on your phone, so it won’t automatically seek out hotspots

• Monitor your Bluetooth connection when in public places to ensure others are not intercepting your transfer of data

• Buy an unlimited data plan for your device and stop using public WIFI altogether

11 – PUT AN AMOUNT-CEILING or THRESHOLD FREEZE ON YOUR CREDIT CARDS. They’re your cards, and it’s your money, so let’s keep it that way. Set a threshold for transactions, based on what you typically charge on your cards in a month. Inform the bank or card-issuing institution, and this way you’re sure to get an alert if an unusually high charge is attempted by a scammer. You can arrange to have any attempted transaction over your set limit declined. And when you, yourself, anticipate a big spend — a vacation, for example — simply call the card-issuing institution and inform them. You’ll need to answer security questions and meet other safety protocols to release the funds.

12 – DON’T OVERSHARE ONLINE. Keep details about travel off your devices until you return. And resist the temptation to crow about big purchases. These nuggets of personal data are like raw meat to lurking scammers.

13 – WATCH OUT FOR REQUESTS FOR GIFT-CARDS. Sketchy people online will often ask for gift cards. This even occurs when job-hunting: you may get an enthusiastic “bite” from what seems like an excited potential employer. This individual will usually not share a phone number, but will conduct the scam via email and text. You may be told that you’re a perfect fit, and have the job!! You’ll need a company-issued laptop and camera to perform the job functions, and gee, the Purchasing Department is a little backed up right now, so to speed up the onboarding process, you can just buy the equipment you need, and the company will reimburse you in the first pay cycle. Your substantial “loan” may be requested in the form of Apple gift cards. You may be shaking your head, but even smart people fall for this one. The takeaway: only purchase and give gift cards to friends and family. Periodt!

We also have to say that Artificial Intelligence is making the game more dangerous than ever before. Emerging technology can create “deep fakes,” and can mimic familiar voices so well that in May, 2023 even Frank Ocean, who knows a thing or two about audio, fell for a scam which used AI to generate tracks using snippets of his voice to create bogus music files presented as studio leaks of the artist’s unreleased material.

Keeping your wealth, which includes your valuable personal identity, begins with remembering “Stranger Danger.” We’re all about living fearlessly, but always keep a firm hand on your personal info.

#