Preventing Online Fraud

With more of our lives being spent online, staying safe online requires extra effort. Researching the tools available for consumers helps protect your information. However, knowing how criminals attack is the best way to stay alert. Let's discuss how to protect yourself online by learning how to identify potential fraudsters.

What to Watch for Online

While there are many types of online scams, most rely on tricking a consumer into handing over credentials or money. The most popular way of deceiving consumers is through phishing scams, where victims are tricked into giving out personal information to fraudsters posing as a legitimate person or business.

If you own a smartphone, you've likely received a text from a number you didn't recognize promising to award you a prize from a drawing or to recover your account if you supply your personal information. Responding to these texts with more personal information, including passwords, date of birth, and social security numbers, will set you up for serious trouble.

Knowing your name and phone number could compromise your accounts in the event of a SIM swap, where a phone number is ported to a device with a different SIM. The fraudster can then intercept any messages that are set up for two-factor authentication, allowing them to hack into a victim’s account.

As a universal rule, if you receive a suspicious message, regardless of the sender,

do not reply or give away any information.

Phishing attempts can come in the form of text messages, but they can also come through email, phone calls, and physical mail. While some phishing scams may be obvious and easy to spot, others are quite sophisticated. Cybercriminals can mimic a company or a colleague's credentials and request information. Other times they may pose as a family member asking for information on social media apps from a spoofed or fake account.

As a universal rule, if you receive a suspicious message, regardless of the sender, do not reply or give away any information. Be especially wary if they claim that your response is time-sensitive and needed immediately to solve a problem. By inciting fear and anxiety, they put you into a vulnerable position to give them information. Rather than reply to the message, try reaching out directly to the business or financial institution through another channel, like a phone call, or through their online messaging system.

Safeguards for Preventing Fraud

Now that you know what to look for in online scams, there are specific action items you can take to improve your overall cyber hygiene.

To help keep your information safe, start with these tips:

1. Pay attention to reports of database breaches. Search to see if your email has been part of a data breach on haveibeenpwned.com. This site will show a list of websites that have reportedly been hacked.

2.  Don’t reuse passwords on multiple websites, and make sure to use longer passwords with a combination of upper- and lower-case letters, numbers, and special characters. If one account is breached, having a shared password for all accounts makes it easy for your other accounts to become compromised.

3.  Use a password manager like 1Password or LastPass. These tools can generate and remember complex passwords for you and are encrypted to provide extra protection.

4.  If available, use two-factor authentication (2FA). 2FA uses your password and mobile device to log in. Unless the attacker had access to your mobile device they would not be able to log in — even if they have your full password.

5.  If your web provider doesn’t support 2FA, ask them to support it. It’s that important.

6.  Don't grant anyone access to your accounts or devices.

7.  Protect your information when in public places. If you're connected to a public network, such as at the library or a coffee shop, your information may be at higher risk. Consider using a VPN.

8.  Do not click on email links. Simply clicking on a link can embed malware on your devices.

9.  Do not give any private information over email or text messages. This includes social security numbers, bank statements, or IDs. Email and text messages are not encrypted.

10. Install anti-malware protection to guard against your devices being compromised.

11.  Be sure to keep all your operating systems and software updated against recently discovered vulnerabilities. Running outdated programs may leave you at risk.

What to Ask Before Responding

Additionally, before falling into the trap of an online scam, ask yourself:

• Is this a legitimate employee at a verified business?
• Does the email address (not the email name) exactly match the company they claim to be representing?
• Are they asking for information out of the ordinary?
• Are they asking for personal details?
• Is there a supposed problem or reward to be addressed?
• Is the message coherent and typo-free?
• Are they forcing you to act immediately?
• Do they ask for money to solve a problem or to give you something?
• Are they asking you to pay in an odd way (gift cards, money transfers, by phone/text, etc.)?

Remember: If you're a member of Texell, we already have your information on file. We will never contact you to ask for your social security number, credit card number, account number, or Digital Banking credentials. Never give out personal information if you feel unsure, and call or text Texell's Member Services directly at 254.773.1604.

Where to Get More Information

The Federal Trade Commission (FTC) offers a comprehensive page on scam alerts to inform readers of new and popular scams. Another government site that lists current online scams is FBI.gov. Additionally, there are plenty of other places to check for scams, including local news, which reports problems and trends in your area.

If you wish to comment on this article or have an idea for a topic we should cover, we want to hear from you! Email us at editor@texell.org.