The internet and social media have many benefits, including convenient banking and the ability to buy everything from groceries to hardware online. But it’s critical to be very vigilant when opening emails and doing something as seemingly innocent as clicking on an internet link, cautions Bryan Reynolds of Episcopal Retirement Services.
He and others who work to protect their organizations from cyber crime offer many tips for how everyone, including older adults, can protect themselves from this increasing crime.
We have many safety tips in here, so read on.
Be suspicious of emails and social-media messages
Reynolds, who is the ERS vice president of marketing and public relations – and also its security officer – emphasized he’s a big proponent of the benefits of being online, for older adults and others who want to buy things, make banking transactions and socialize with friends.
“But it does come with some caution, and some good tips to be aware of,” he recently told a group at ERS’ continuing care retirement community, Deupree House.
The Federal Bureau of Investigation recently announced that in 2021, amid the COVID-19 worldwide pandemic, cyber crime cost people and corporations in the United States more than $6.9 billion.
That amount of reported losses was about a 64 percent increase over the $4.2 billion a year earlier, the bureau said in its latest Internet Crime Report.
And the FBI’s Internet Crime Complaint Center (known as IC3) received more than 847,000 complaints, 7 percent higher than 2020.
How they steal from us
Many of the cyber criminals are in distant countries, and don’t have a strong grasp of English, which can make it a bit easier to identify some of their criminal attempts, because they use bad grammar or spelling, Reynolds said. Other times, they make such errors in attempts to get through our email spam filters. Other messages are more difficult to spot because they don’t have such errors and seem to be legitimate.
“The grand majority are these confidence crimes, the con- men and women of online," Reynolds said.
Other thefts happen through data breaches – where people’s personal information, such as credit-card information and Social Security numbers are stolen online.
One way criminals try to get money from us is by pretending to be a friend or relative of ours and asking us to send money or gift cards to help them out of a situation. In some recent cases, people have been urged to send money to get a grandson out of jail in Mexico. Sometimes they pretend to be a CEO or other leader of an employee’s company, asking them to send money or information. Sometimes the criminals pretend to be the Internal Revenue Service or other government agency, or your bank or credit-card company. In some recent situations, people have posed as Greater Cincinnati clergy who actually were ill, asking for financial help. Reynolds said he himself was approached online by someone pretending to be a relative of his who had died years earlier.
Here are ways to deal with this kind of scam: First, when you receive an email or text from someone saying they need help urgently, step back and think: If it is so urgent, wouldn’t they call instead? To ease your mind that this isn’t a real situation, it’s best to phone the person who supposedly sent the text and check on them. Or call your bank, the credit-card company or the government agency. But don’t use a phone number or click a link that may have been texted or emailed to you. That may be part of the scam. Instead, look up the phone number of the person, government agency or company yourself, and dial that number.
Also, keep in mind, if a government agency or bank has an important message for you, they’re unlikely to send it by email or text, unless you have made such arrangements with your bank to send you text alerts. Also remember, most government agencies, including the IRS. do not send such electronic messages. They’ll contact you in other ways.
One way we can avoid having somebody pose as us in such messages is to not share too much information on social media. If you announce, for example, that you’re going on vacation in Costa Rica, some criminal may send messages purporting to be from you, saying you’re stuck in Costa Rica and need help.
Another type of scam
Some cyber criminals have become very sophisticated with a similar scheme: They send a text message or email that asks us to click on a link, or open or download an attachment. This practice is called “phishing,” and it is used to extract financial data and other information from your computer to steal your identity.
Be very wary of clicking, opening or downloading anything, unless you know the person who sent it and verify with them in person or over the phone that it’s from them, and it is legitimate. Cyber criminals every day are sending messages through Facebook and other social media that resemble the accounts of friends. They also can be good at making emails look like legitimate ones from friends or relatives. Be wary.
Here's how clicking on a link, or opening an attachment, can cause you trouble: Doing so can allow the criminals to get into your computer through “mal-ware” – short for malicious software – that can allow them to take control of your machine and do things like search for your credit-card information, passwords to banks or other financial accounts, or use other means to steal from you. They also have ways of taking control of your computer and threatening to destroy all the information on it if you don’t send them money.
Here are tips to help avoid falling into these traps: Don’t click, open or download unless you’ve heard from the person’s own voice that their request is legitimate. One way to see how devious such criminals can be is to hover your cursor over a link they have sent you and see whether that link they sent is the actual agency it pretends to be. It may look very similar to the organization’s legitimate website address, such as irs.gov, or usbank.com, but may have additional characters that would lead you to the criminals’ site instead.
Another tip in seeing a scam: When you receive a message that begins, “Dear customer,” instead of your name, that’s probably a fake that a cyber criminal sent to many thousands of people simultaneously, hoping just a few would fall into their trap, Reynolds said.
Something else to avoid
People also can steal your information when you use public Wi-Fi to surf the web at restaurants, parks or other places where they can see what you’re doing online.
“It’s OK to browse the web for news, or watch videos or things like that, but don’t do your banking or shopping, or things like that when you’re on a public Wi-Fi,” Reynolds said.
He cautions: “Be leery about gaining access to your bank information, or putting in a user name and password while using public Wi-Fi, because there are some people who can gain access to those networks and gain access to your information.”
Key tips to protect yourself and others
Some tips to avoid being tricked by phishing emails, from Reynolds and others who recommend ways to avoid cyber crime:
- Never give out your password to anyone, even technical-support people. When the technical-support people are legitimate, it’s OK to tell them your username, but not your password.
- With passwords, don’t use predictable words like pets’ names or names of people in your family. Also, don’t use key dates, such as birthdays or anniversaries, because they’re easy for the criminals to guess.
- In fact, to be even safer, use unexpected phrases instead with numbers and symbols sprinkled in, such as Iwent3tothe+kitchen! Experts say using passwords that are 20 characters or longer are tougher to crack.
- The New York Times has recommended that “the most important thing people can do to protect their privacy and security today” is to use a password manager that can generate and remember different and complex passwords for every account you have, and synch the passwords between your computer and phone. Two such managers are LastPass and 1Password.
- Don’t send passwords or other sensitive information over emails or text messages. If you must share them with a spouse or family member, confirm you’re talking to the exact person you think you are, either by phone or in person.
- Change your user names and password frequently, such as every 3-6 months, because they can be stolen or leaked.
- Consider identity protection and credit monitoring. Banks often offer credit monitoring, which do things such as making sure nobody’s using your Social Security number to sign up for new accounts.
- An important tool to find out identity thieves have been stealing your information is through your credit reports. You are allowed to obtain a free credit report from each of the three main credit bureaus – TransUnion, Experian and Equifax – every 12 months through the website, com. To help monitor your report more regularly than once a year for free, experts recommend requesting one from each of the three bureaus every four months, for example, Equifax this month, Experian four months later, and TransUnion four months after that, before repeating the process. So mark your calendar for when to request each.
- Keep your computer systems and software updated. When Microsoft or Apple wants to update the system, that helps keep your machines secure because they are on the lookout for ways their systems can be exploited, and working to update the software regularly to defeat those exploitive attempts.
- Don’t click on any suspicious links. If you haven’t initiated a contact about something, and a link looks suspicious, “Don’t click on it,” Reynolds said.
- Use your email’s spam filters that pour suspicious emails into a junk file so you’re less likely to inadvertently click on dubious links that seem to be from legitimate companies.
- It’s important to shred documents so they’re not stolen from your trash. Among the things you should shred, believe it or not, are pieces of junk mail that list only your name and address, recommends McAfee, the cyber security company. Even more critical things to shred, they recommend, are credit card and bank statements; documents showing your financial account numbers, your Social Security number, and pay stubs. Also shred canceled checks and medical records or receipts.
- If you think your password may have been compromised, change it immediately, and check other websites you use for signs of misuse, beginning with your banking or credit-card sites.
- Sometimes websites use security questions to verify you are yourself. Questions like, “What was the name of your first pet?” Make sure your answers are as difficult to guess as your password. Also, don’t use the same answers on different sites.
- It’s important to use antivirus software, even though viruses may seem to be less common than they were a decade or two ago. Mal-ware can cause big problems on your computer, including theft achieved through searching for your personal and financial information. This is an especially important tip if you’re prone to clicking risky links OR if you share your computer with someone who is.
- David Balaban, a contributor to Forbes magazine, notes cyber criminals also can use old-school tools, such as telephones, to trick people: “You should always be skeptical about receiving calls out of the blue from your bank or utility company. Many scammers will attempt to contact you offline to validate information online. They can then use this information to infiltrate your accounts, move around cash, and get their hands on your social security number.”
Snuffing out such schemes
To help law enforcement deal with the cyber criminals, the FBI urges you to report such schemes: “We encourage everyone to use IC3 and reach out to their local FBI field office to report malicious activity,” Paul Abbate, deputy director of the FBI, said in recommending a key way ordinary citizens and companies can help foil cyber crime.
Victims of such crimes are asked to report them to www.ic3.gov.
Also, Click on the button below to get a copy of the ERS Decision Guide....