Scams Are on the Rise: How to Stay Safe
Your cell phone dings. It’s a text message from an unknown number. The message is from a service company saying your account has been hacked and to call them right away.
The landline rings. The person on the other side of the line tells you the electricity is going to be turned off unless you pay right now. You question whether you forgot to pay your bill. Isn’t it set up on auto payment?
You sign into your email and the first message is from your bank saying your account has been locked. Again, you need to call a certain number right away.
Last year, Americans received 376,032,773 spam text messages a day, an increase of 1,024 percent over 2021.1 In 2022, there were over 50 billion scam and spam phone calls in the United States with victims losing a total of $39.5 billion to the callers.2 Phishing emails increased 29 percent over last year.3
Text messages are especially effective as people tend to read them quickly. We are often on our phones and are excessively engaged with our technology. The scammers use highly emotional language filled with urgency and danger to trick us into acting without thinking.
With such a high number of daily attacks, how do we keep ourselves safe? Especially when many scam messages look like they are from big corporations such as Amazon, Fed Ex, UPS, Chase and Bank of America.
Scam messages have four main components:
- They usually claim to be from a well-known organization or company.
- There is a problem, or a prize involved. In addition to the examples above, you may also be told you earned a reward, are getting a tax rebate, or someone wants to give you a gift card.
- There is an urgency to the message with pressure to act immediately.
- Payment is required or requested in a very specific way.
The first recommendation is to avoid reacting to the urgency of the call or message. Take a deep breath. Did you pay the electric bill? Check your records and find out. To discover if an account is truly locked, go to the account and see if you can log in. To really make sure, call or visit the local branch of your bank or utility account and ask them.
If these steps don’t fit the situation, the next thing is to carefully look at the company’s logo. Are the colors correct? Is the name spelled correctly? Check the URL. Is it a ".com" or something else? For example, well-known organizations will not be a ".me." Scammers buy domain names with the letters mixed up, such as "eBya.com" or a name somewhat like a real company’s name to fool viewers, such as "Arnazon.com." These fake domain names will sometimes come with a fake website that may look legitimate.
Pay attention to where the domain name is in the URL. The portion of the address directly preceding the .com should be the website you are visiting.
Still unsure if it’s real or not? Never give any personal information. Don’t even text back to advise someone your number is the wrong number. Instead of clicking on a provided link or calling the number they suggest, go to your records and find the organization’s main number.
When you enter your name and password, you give complete access to that account. Gaining access to Netflix or Spotify may not lead to any direct consequence, but that log in may be one you use elsewhere, like your checking account. If you logged in to a fake website before you realized it was a scam, change all passwords immediately. Better yet, use different passwords for every account so if one password and account is compromised, your other accounts will not be.
General tips for online safety
- Make sure the website starts with "https" and not just "http." The s means it is secure. Some browsers will warn you the website is not secure. Pay attention to warnings. When purchasing anything online, make sure the sites are using the https and all transactions are secure and traceable.
- Don’t forget to clean and keep storage accounts like Dropbox or Google Drive up to date. Phishing attacks on these accounts usually don’t amount to much, but sometimes the scammer strikes gold because people tend to ignore these sites and forget exactly what information is stored there.
- Use a password manager. A password manager is a computer program that allows you to use and store passwords on your device. They can also generate passwords and fill out online forms. Every account can have a different and complex password you won’t need to remember, and the password manager won’t sign into a fake website.
- Block website pop-ups. Don’t open any suspicious links and only go to websites with trusted certificates.
- Use a VPN. A VPN is another layer of security. It hides your identity when you are on the Internet. Staying connected to a VPN and your virus protection software won’t keep you 100 percent safe but it will make it harder for the criminals to get through.
The proliferation of scams is mind-boggling, but by practicing caution, you can significantly reduce your risk of being the victim of a scammer.
[1] https://www.text-em-all.com/blog/spam-text-statistics#:~:text=Over%20the%20last%20year%2C%20on,376%2C032%2C773%20spam%20texts%20per%20day
[2] https://www.aura.com/learn/why-am-i-getting-so-many-spam-calls#:~:text=In%202022%20alone%2C%20Americans%20were,can%20take%20to%20stay%20safe.
[3] https://www.trendmicro.com/en_us/ciso/23/e/worldwide-email-phishing-stats-examples-2023.html#:~:text=According%20to%20a%20report%20by,of%20over%2021%20million%20attacks.
The information contained herein is for informational purposes only. While MMBB made every attempt to ensure that the information is accurate, MMBB is not responsible for any errors or omissions or the results obtained from the use of this information. MMBB is not liable for any success or failure that is directly or indirectly related to the use of the information contained herein. The information contained herein does not constitute any financial, insurance, investment, legal, or tax advice. In no event shall, MMBB and/or its fiduciaries, directors, officers, employees, or agents thereof be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in action of contract, negligence or tort, arising out of or in connection with the use of the information contained herein.