In 2023, Americans lost around $12.5 billion to cybercrimes, a $2.2 billion increase from the previous year.1 While cybercrime is a general term used to describe a variety of fraudulent schemes and practices, there are a few particular crime categories scammers often use to gain access to someone’s bank accounts or other sensitive information.
Let’s take a look at the most prevalent scams targeting individuals today, and what steps you can take to prevent a cyber attack and protect your financial accounts.
4 Common Cybercrimes to Watch For
Phishing is a type of scam that attempts to trick the receiver into performing a certain action, typically sharing personal information, credit card numbers, or passwords. Usually in the form of an email or direct message, the phishing attempt will include a link or attachment for the person to click on, which takes them to a website that collects their data or downloads malware onto their computer.
Spoofing is a bit like phishing 2.0, as it attempts to imitate a legitimate source or company by coming across as a believable email, text, or direct message. Spoofing scammers may change the appearance of their email address, IP address, or caller ID to make it look even more real.
There’s a live-action version of spoofing in which, in addition to spoofing a phone number you know, bad actors use AI (artificial intelligence) to mimic the sound of a loved one’s voice, calling with a supposed emergency that requires you to send money right away.
Ransomware is malicious software (also called a virus) that will hold your accounts or devices hostage until you give the hacker money (often in the form of cryptocurrency). Once the ransom is paid, they promise to restore access to your accounts. Ransomware is commonly spread to different computers through links or downloads attached to phishing emails.
Tech support scams are becoming increasingly prevalent, as they attempt to target older adults who may not feel comfortable using technology. While there are a few variations of tech support scams, they generally begin with an individual posing as an IT professional (such as a member of Best Buy’s Geek Squad) and reaching out to let the victim know that a virus has been detected on their computer. In order to “assess the damage and remove the virus,” the “professional” requests remote access to the victim’s desktop.
From there, they may have a second accomplice pose as a representative from a financial institution who insists on moving funds to a new account. Or, they may install ransomware and access account data and sensitive information.
Who’s Most at Risk of a Cybercrime?
In 2023, adults 60 and older reported the most cyber crimes out of any age group.2 There are a few likely reasons why seniors tend to be targeted specifically by cyber attacks, including their lack of familiarity with technology, higher risk of cognitive impairment, and tendency to feel isolated or lonely.3
In addition, adults between 65 and 75 have the highest average net worth, which can make them especially attractive to financial cybercriminals.4
How to Protect Your Accounts Online
Scammers are becoming increasingly sophisticated in how they approach individuals online, through email, and over the phone. Here are a few simple, yet effective, steps you can take to protect yourself, your accounts, and your assets when spending time online.
Enable Multi-Factor Authentication
You may have noticed certain accounts, usually your email, online bank, or credit cards, require you to input your username and password, as well as a unique code that’s texted, emailed, or found in an authenticator app. This is called multi-factor authentication, and it adds an extra layer of security to your accounts (especially those containing sensitive information) in the event your username and password are compromised.
If you haven’t already, enable multi-factor authentication (also called two-factor authentication) on any account that offers it.
Use a Password Manager
Passwords are your account’s first line of defense, yet so many of us tend to take the easy route when creating them. Every account should have a unique password with a combination of capital and lowercase letters, numbers, and special characters.
If you’re worried about remembering unique passwords for every account, you may find it helpful to use a password manager. These programs will encrypt and safely store all of your login information from multiple accounts, requiring you to only remember one master password. Password managers can usually store other sensitive information as well, like credit card numbers or answers to security questions.
Opt Into Security Alerts
Most financial accounts will allow you to set up security alerts, which notify you anytime someone logs into your account (or if a login occurs from an unknown device). You can likely also enable security alerts for purchases on credit or debit cards, or other specific activities that may indicate your information has been compromised.
Install Anti-Virus Software
Every device, including your computer, phone, and tablet, should have antivirus software installed on it. This software is updated regularly to protect your devices from ever-evolving cyberattacks.
If you have anti-virus software but don’t install updates regularly, set the program to update automatically. Otherwise, it may not be effective in protecting against the latest threats.
Safeguard Your Personal Information
Anytime you’re interacting with someone over the phone or online, evaluate requests for personal information carefully — no matter how innocuous or personal the request may seem.
For example, if you receive a call from someone claiming to represent a company (like your bank) or a government agency (like the IRS), hang up and call back using a verified customer service number. They should be able to reconnect you with the representative if the call was legitimate. Otherwise, alert them to the scam, so they can let their other customers know.
Similarly, if a family member calls with an emergency that needs you to send money immediately, it’s a good idea to text them, call them back, or check in with other family members to make sure it’s a legitimate call.
In general, it’s good practice to err on the side of caution anytime someone:
- Threatens or bullies you
- Creates an unusual sense of urgency
- Claims you won something (especially if you didn’t enter a competition or sweepstakes)
- Makes statements using outdated information (referencing an old car that used to be registered in your name, a former address or job, etc.)
Along with these tips, don’t underestimate the importance of trusting your gut. If you feel uncomfortable, or if there’s any doubt in your mind, you’re better off deleting the email, hanging up the phone, or otherwise walking away from the conversation.
How to Handle a Cybersecurity Breach
If you believe you’ve been targeted by a cybercrime and your accounts or personal information are compromised, contact your financial institutions immediately, as well as your financial advisor. Depending on the situation, your advisor may be able to help stop wire transfers en route, or otherwise give you guidance on the best course of action.
Change all passwords on your financial accounts, emails, social media accounts, and any other compromised account.
The hacker may have gained access to your actual devices, depending on whether a virus was downloaded or not. If you believe that’s the case, disconnect the device from the internet and shut it down completely. You may want to reach out to a reputable IT professional for further assistance.
If your personal information (date of birth, Social Security number, etc.) was compromised:
- Freeze your credit with Equifax, Transunion, and Experian and let them know your identity may have been stolen.
- File a police report with your local police department.
- Make a report through IdentityTheft.gov.
- Contact the Social Security Administration and IRS.
Just as you enjoy the ease and convenience of the internet, cybercriminals are constantly finding new ways to exploit it for personal gain. But by being a little extra cautious and implementing some additional cybersecurity measures, you can better protect yourself and your assets from potential threats or attacks.
7 min read
