17 Ways You're Making Yourself a Target for Scammers
Avoid these internet scams and protect your personal information.
If you've received an email claiming that you're about to inherit some serious money from a relative you've never heard of, or clicked on a pop-up that says you've won a big prize, you're in the company of countless others targeted by internet scams. In fact, according to the Federal Trade Commission (FTC), approximately 1.7 million fraud reports were filed in 2019, and $1.9 billion was lost to imposter scams, identity theft, and similarly nefarious pursuits.
While it's true that scammers are getting more sophisticated, that doesn't mean you can't protect yourself from being a target. Herein, we've outlined how scammers work and the steps you can take to avoid becoming their next victim.
Not updating the software on your computer
Cyber criminals are constantly looking for ways to breach the security protocols on your computer. That's why it's important to always make sure that the software you use are always updated with the latest versions.
Online security company Norton says: "A software vulnerability is a security hole or weakness found in a software program or operating system. Hackers can take advantage of the weakness by writing code to target the vulnerability." In other words, a hacker can easily exploit your old software's security failings to take over your computer and steal your data.
Using the same password for every account
Scammers aren't just sitting around and guessing at your passwords until they get them right. Rather, they will hack the security systems of big brands like Target—and once they've successfully done that, they will attempt to use your password on all of your other accounts.
If you're worried that you won't be able to remember multiple passwords for different accounts, IT expert Liz Rodriguez suggests using a password manager site like LastPass, which will safely encrypt your data.
Or only using short passwords
"Using a longer password is much more important than anything else," says Rodriguez, noting that the longer it is, the harder it is to crack. "Say your password is babyblue, for instance; that's more likely to be in a dump of dictionary words that hackers use to run against the site. However, babybluebuggieismyfavoritethingintheworld isn't going to be in there," she says.
Accessing sensitive information while on public WiFi
Public WiFi networks are like all-you-can-eat buffets for hackers. That's because they are "often unencrypted and unsecured, leaving you vulnerable to a man-in-the-middle attack," warns Norton. In essence, everything you look at, every password you type in, and every purchase you make while using public WiFi can become easily accessible to a scammer with the right tools.
Opening or replying to suspicious emails
Scammers love to uncover information from their victims via a practice called phishing. Typically, this is done by sending you an email pretending to be from a business or social media site and asking you "to provide or confirm your personal details," the Australian Competition & Consumer Commission (ACCC) explains.
"Scammers can easily make an email look professional, so check the address of the sender to confirm that it's legitimate," suggests Sean Messier, an analyst at Credit Card Insider. "For further protection, just search for the company's email yourself, and send an email directly, rather than replying to anything that could be a scam."
Having online relationships with strangers
"By and large, the number one way people get targeted by scammers is looking for love online," says private investigator Daniel McBride. "It often begins with simple conversations on some platform and once the scammers see an opening they begin working their mark. Eventually, they might proposition a meet-up that requires travel expenses, share an elaborate and false tale that requires monetary assistance, and so on, to get their victim primed to allocate finances."
McBride says he has seen monetary losses up to $100,000, and that most victims have been females between the ages of 30-50 years old. If you want to date safely online, "verify you're engaging with the person or organization you believe you're interacting with," he says. "Cross-reference phone numbers, addresses, and any other pertinent information that's relevant for your budding relationship."
Taking online quizzes
Those online quizzes and Facebook questions that claim they can tell you your favorite breakfast food based on your mother's maiden name, or that ask you who your favorite teacher was in high school aren't quite as innocuous they seem. Rather, scammers "use this data to hack your accounts or open lines of credit in your name," the Sutton Police Department said on Facebook.
Oversharing on social media
Nowadays, it's commonplace for people to share their every thought on social media. However, less is more is a good rule of thumb to keep in mind before posting anything—at least from a cybersecurity perspective. Hackers are always scouring social platforms, just waiting for you to reveal information that might be part of your password. "
Revealing sensitive information over the phone
Identity thieves love to dupe individuals—particularly ones that are elderly and vulnerable—into revealing their information by pretending to be from their bank or insurance company. They will try to get information by offering fake deals, like credit card cash back offers or free trips—so if you ever get a phone call about a deal that sounds too good to be true, that's because it is.
When in doubt, call your credit card provider or bank directly to verify the offer is actually from them before revealing any information about yourself—or better yet, just don't pick up from unfamiliar numbers at all. Instead, wait until they've left a message and then Google the number to see if it's legit.
Using SMS for two-factor authentication
"Using SMS as two-factor authentication is not recommended," says Rodriguez. Why? Well, according to the tech expert, SMS—the technology used for text messages—is relatively easy to hack, and so it's always safer to use a more secure app like Google Authenticator or Authy, than simply having potentially-sensitive information sent via text.
Shopping on websites you're unfamiliar with
"Shopping on a fake website could result in your personal or financial information being stolen or your device becoming infected with a virus or malware," warns security site ASecureLife.
Before you make a purchase on a site you haven't used before Messier suggests you make sure " the site you're visiting is legitimate—look for https and a lock symbol in the address bar, so you know any information you're submitting is secure." As an additional step, look up the name of the site on Whois to make sure that it's registered to a legitimate business.
Saving your information on shared computers
There's a reason why web browsers and websites always warn you not to save your login information on shared computers. Even if you're only doing so on a work computer used exclusively by you during the workday, you never know who has access to that computer after you've gone home for the evening. Plus, you have no idea how secure the WiFi network at your workplace is; for all you know, it could require little to no effort to hack it!
Accepting friend requests from strangers
According to the ACCC, scammers will sometimes set up fake profiles on social media sites in order to get to their victims. So, how does this work? A con artist can use a social media site to their advantage by luring someone into a fake relationship and then convincing that person to send them money. Other criminals will simply collect information available on your profile and messaging with you until they have enough to either hack your accounts or steal your identity.
Not picking up your mail on a regularly basis
Opening someone else's mail might be a crime, but that's not stopping scammers from doing it anyway. Mail from your bank, credit card company, or the IRS could have everything from account numbers to your social security number on it, making it easy for scammers to steal your identity.
Responding to suspicious sweepstakes
That pop-up message claiming that you just won a free cruise to the Bahamas is almost certainly a ploy by a scammer to get money and information out of you. According to the FTC, you can usually tell whether a sweepstakes is a scam when you have to pay to enter or deposit the check you've won and then wire some of the money back.
Throwing private information in the trash
Scammers often obtain your personal information "through discarded personal documents such as utility bills, insurance renewals, or health care records," the ACCC warns. Before discarding sensitive documents, first run them through a shredder. If you don't have one, make sure to rip and destroy all of your papers until the information on them is no longer legible, or get a text-obscuring rolling stamp to cover it up.
Sending photos of your credit card via email or text
Never, ever send a picture of your credit card somewhere where hackers can access it. If you absolutely have to give someone your account information, then do so over the phone; otherwise, meet up in person so you can avoid the possibility of a scammer accessing your information.
Additional reporting by Allie Hogan.