Protecting Yourself Against Cyber Fraud

One of the most common scams is called a phishing scam. This scam is

characterized by its use of social manipulation to gain access to sensitive information, or to install a form of malware. One particularly effective type is the technology support scam. This scam works by convincing people that their device has been hacked and that they must call for help. Typically, a victim would see a popup on their screen saying, “Warning, Virus Detected! Call this number for Microsoft Support.” There is no actual threat. Malicious actors create a false sense of urgency to elicit irrational actions made in the heat of the moment. When a panicked senior calls the number, the scammer will request remote access to the senior’s computer under the guise of fixing the nonexistent issue. Once the scammer “fixes” it, he may request payment through credit card or other hard to trace methods such as gift cards. Over 18,000 tech support scams were reported in 2023, with $588 million being lost that year.  

Another common scam method is the family member phishing scam. A scammer will call a grandparent pretending to be a grandchild in distress. A typical call will begin with “Hi Grandma, do you know who this is?” Once the grandparent guesses a name, the scammer will assume the identity of that name. Next, the scammer will use fake story of trouble: a car

accident, an arrest needing bail money, a hospital emergency. Then, the grandparent will pay the money, through a wire transfer, gift cards, or other means. AI technology has made these scams even more convincing, allowing the criminals to very accurately recreate the grandchild’s voice. This can be done using an AI program, and a video of the grandchild, often taken from social media.  

Additionally, many scammers use the bank scam, another type of phishing scam in which the scammer alerts the victim, prompting them to confirm their account details or warning of suspicious activity. Scammers will use urgent messaging, such as, “Your account will be locked!” in addition they will use a fake link to pretend to be the victim’s real bank website. The scammer’s goal is to steal your login credentials, account numbers, or two factor authentication codes.  

New AI technology has the potential to enable cybercriminals to explore innovative and extra dangerous approaches. OpenAI’s CEO Sam Altman spoke about the dangers of voice authentication (which is still largely used in our nation’s banking systems) to secure accounts. This method has been compromised by AI, which allows criminals to impersonate someone’s voice. Altman expressed concerns of entering a “fraud crisis”. Right now, it can create a voice call indistinguishable from reality. In the future it could create a video call convincing enough to fool most people. AI will allow scammers to rapidly expand their malicious enterprise, possibly reaching thousands of victims per day. Recipients of scamming must deny every attempt while scammers only need one accepted to win.  

Best Practices for Avoiding Scams 

Verify URLs 

It is best practice to verify an URL link before clicking on it. An URL is a web address that can connect you to various resources: websites, downloads, etc. Always hover over an URL before clicking on it. This will display the web address and not immediately route you to the site, allowing you to check it safely. Check URLs for typos. These are common tricks used to disguise scam websites. For example, google.com may appear as g00gle.com. If you are unsure, Virus Total can be very helpful for evaluating the safety of an URL. Copy and paste the URL into the program, and it will tell you if it is safe. 

Enable Two Factor Authentication 

Two Factor Authentication (2FA) aids in the prevention of cyber fraud by requiring two forms of authentication to permit a sign in. Even if a malicious actor acquires your password, they still need a second factor to complete the sign in. Additional factors may be a phone authentication approval, security key, or biometric data (face scan or fingerprint).  

Keep Software Updated 

Updating your computer’s software is important to receive the latest fixes that will protect you from potential malware exploitation. These updates will fix known vulnerabilities, preventing hackers from stealing data, installing malware, or even taking over your devices. 

Strong and Different Passwords 

Strong passwords are important for maintaining online security. Use a variety of letters, numbers, and symbols to ensure a high level of security. Using different passwords for different platforms is even more important than using strong passwords. If one of your accounts becomes compromised, a hacker can access all your logins if you use the same password for each. 

Dealing with Phone Calls 

If you receive an unknown call, often it is best to decline the call. If the person is real, they can always leave a voice mail. Whenever on a phone call, remember that the IRS, Social Security, or banks will never ask for your sensitive information over the phone. If you do get asked, it is probably a scammer. In addition, always use official phone numbers. If someone calls you claiming to be from your bank, consider hanging up and calling back using the official number listed on your card or your bank’s website.  

Recognizing Pressure 

Also recognize when you are being pressured. Situations like “You owe money to the IRS!” or “You’ve won, but you must act now!” are examples of pressure. Scammers thrive on the poor choices made by victims under pressure.  

Caller IDs can be Faked 

Be aware that just because a phone call says that it is from someone, does not mean that it is them. Caller IDs can be faked through a process called spoofing in which the call appears to come from a legitimate or trusted source. Never trust Caller ID alone and consider hanging up and calling them back using the official number. 

Cryptocurrency

Be especially cautious if the person you are on a call with asks you to send money in the form of cryptocurrency. Often there are cryptocurrency terminals at local establishments such as malls and gas stations. If you are asked to convert your money into cryptocurrencies, be suspicious! Cryptocurrencies cannot easily be traced by law enforcement agencies, making it much easier for scammers to get away with it.  

Become familiar with the different types of scams so you can protect yourself and your family from this very real risk.