How to protect your identity & information from cyber scammers: simple measures against online fraud

The internet, our smartphones and laptops are a lifeline during our travels to keep up with itineraries, transportation routes, new friends and to work remotely if you’re lucky enough to be a digital nomad.
 
We’ve come to depend on this lifeline more than ever during quarantine due to the COVID-19 pandemic. Mobile usage grew by more than 50% in March 2020, with gaming consoles up 48% and TVs up 37% according to Google. We’re spending more time online during quarantine to work from home, connect with family and friends and stay entertained. (Click here for tips on how to make the most of quarantine if you’re bored at home.)
 
As we’re spending more time online and becoming more dependent on this lifeline, cybercrime is on the riseAnd it makes sense; our smartphones and laptops know everything about us and remember everything for us. Nearly all our most valuable, sensitive and personal information is stored locally on our devices and / or in the cloud. So much information concentrated in one place is digital gold for hackers
 
Imagine someone gets a hold of your Gmail account. In a matter of minutes, they would have a diary on who you are and know everything you have done: your location history, where you’ve been, when and how long you were there, what you have been searching, all the apps you use, the music you listen to, the books you have purchased, the videos you watch, your photos, and the list goes on.

(You can see all the data Google has on you here and all the data Facebook has on you here. If you want to know more about what data these companies are storing on you, I recommend this article.)

 

To give you an order of magnitude, there were $16 billion in losses in 2016, close to $1 billion more than in 2015 and 2 million more identify fraud victims in 2016 than 2015, according to CNBC. Just three years later, in 2019, Accenture projected a total value at risk of $US 5.2 trillion globally over the next five years.

 
The point is, cybercrime is very lucrative and cyber scams aren’t going anywhere anytime soon. Our information is digital gold which means, it’s critical to implement a few key measures to protect your identity and personal information from cyber scammers when you use your mobile device or laptop. You don’t need to be a computer engineer to apply these simple preventive measures to minimize your risks of digital theft, digital extortion or digital invasion of privacy.

What is cybercrime?

Cybercrime is the illegal access, transmission or manipulation of data. Cyber attacks can be on cellphones, laptops, servers, databases and so on. While there is a wide variety of cyber crimes, the attacks that can most directly impact you are identify fraud or theft, leaking information and violation of privacy. Some of the most common methods of cybercrime you may be subject to are social engineering attacks (tricking you into giving away sensitive information, they may pretend to be a relative, government official, hospital representative etc), malware attacks (a malicious software performs activities on your device without you knowing), email phishing scams (tricking you into opening a scam email, chat or text to steal your data).

Protect yourself from cyber scammers by staying alert to scams.

  • Sign up for scam alerts at ftc.gov/scams.
  • Check that you haven’t been subject to a breach on Have I been pwned. If you appear in a leaked password list, change your password immediately.
  • When signing up to a website, use the following format to enter your email <username>+companyname@gmail.com. It will go to your email and if someone sells your data, you will be able to tell who. (I’m not sure if this works for other domain names).
  • Always confirm requests are legitimate before responding when receiving emails, texts or phone calls about suspicious products, charities, medical advice and treatments etc. 
  • Spot a phishing email by verifying the sender email address. Scammers will misspell, add characters to email addresses and domain names.

  • If you receive a code without having initiated one as part of a multi-factor identification, be wary of someone calling you to provide that number. That’s an indication someone is trying to login to your account. 
  • Run anti-malware software after going on a porn site. The majority of malware on people’s computers comes in through adult websites. Porn sites get more visitors each month than Netflix, Amazon and Twitter combined. Their popularity makes them a prime target for hackers. 
  • Install and regularly update your computer’s security programs, like anti-spyware
  • Make sure your contact information is up to date with your bank so that they can reach you quickly if they spot fraudulent activity on your account.
  • Stay up to date on your bank account activity by setting up email, text or push notification. Check your account activity and credit report regularly.

Protect yourself from cyber scammers with good password hygiene.

One of the key things you should be very vigilant about online is your password hygiene.
Password Hygiene DON’T’S
  • Do not use your birthday in your password. (You would be surprised as to how many people still do this. I promise it gets more interesting but I could not skip this very basic crucial first guideline)
  • Do not use your parents’ or siblings’ name or birthday in a password or for a security question, especially if you’re connected on Facebook on Instagram or other social networks. Choose a different password and security question or answer the security question with a random answer.
  • Do not use your pet’s name or birthday in a password or got security question if you post on social media about your pet. Choose a different password and security question or answer the security question with a random answer.
  • Do not use the same password for any two accounts
Password Hygiene DO’S

  • Change your password on a regular basissuch as monthly to err on the side of caution
  • Change your birthday online to a fake date especially on Facebook as that’s the number one place where you can find someone’s birthday. If you’re connected to your relatives on Facebook, they should change their birthday too of course. The best thing here is to not use your or your relatives’ birthday in your password.
  • Use multi-factor identification, two-factor identification (2FI) is usually enough. Multi-factor identification is when you’re only granted access after inputing two or more pieces of evidence to authenticate your login. For instance, if you’re ever had to input a code that was sent to your phone that was multi-factor identification. It might take a bit longer to sign in but it keeps you a lot safer. If you receive a code without having initiated one, be wary of someone calling you to provide that number.
  • Use passwords that are complex. Create random lengthy passwords (at least eight characters long) with a combination of numbers, letters and symbols. You can scramble something random across your keyboard or use a strong password generator.
  • Use a secure password for your Wifi that’s different from a password for your devices or website.
  • Use a password manager software to keep and remember your passwords securely – this is a must. You can find duplicate or weak passwords, get alerts, store credits cards etc. 1Password costs about $33/year per person or $55/year for family of 5. Last Pass is free. Use your better judgment on this, usually when a product is free, you and your data are the product eg. Instagram, Facebook, Google etc. so I would recommend 1Password.
 

Protect yourself from cyber scammers while online shopping.

  • Weed out illegitimate sites. Check a website’s ratings and reviews via the Better Business Bureau and TrustPilot. Still, most big e-stores have had security breaches so a website’s legitimacy is not enough to keep your information safe.
  • Shop online with a credit card, not a debit card. ATM or bank account cards can be totally wiped out. However, it you spot an authorized charge on your credit card, you can dispute it and get a refund.
  • Do not store your credit card info on any online shopping websites. While it is convenient and makes for a faster checkout next time around, it makes you more vulnerable if the store has a security breach.
  • Create a separate email account for your online shopping.
  

Protect yourself from cyber scammers while on social media.

Social media platform breaches contribute to 45%-50% of all illicit trading of personal information, including everything from stolen credit card into to usernames and passwords. “Social media-enabled cybercrime generate $3.25+ billion in global revenue per year. Social media contributes to the sale of stolen personal data in an underground economy that’s now worth about $630 million per year”.  
 
Here are a two key measures to minimize the risks of fraud via social media:
  • Socialize safely, meaning do not post personal information. That includes your address, phone number, email, birthday but also your sibling’s names, pet’s name, first car, first whatever that could be answers to your security questions. 
  • Check your privacy settings to allow only your friends and family to see your posts. Don’t accept friend requests from people you don’t know.

Protect yourself from cyber scammers while browsing the web.

Use the recommended private browsers, VPNs and search engines to keep your digital privacy safe. 

 
Private Browsers stop trackers, keep you anonymous and protected.
  • Brave Browser: blocks ads, trackers and software that follows you around
  • Tor Browser: uses onion routing meaning it “routes traffic through multiple servers and encrypts it each step of the way” to protect your privacy
  • Use private or incognito windows (they’re the same thing with different terminology). Just go to the menu in your browser, click on “file” and select private or incognito. This is especially helpful when you’re looking to buy something so that prices don’t go up when you revisit the page eg. looking for flights
VPNs hide your IP address and enable you to access content from countries you may otherwise not be able to
  • FlowVPN costs about $50/year
  • Express VPN costs about $100/year
  • Opera VPN is free but I have never used it so I cannot vouch for it
  • Add &near=tucson,+az to the end of the google search url and it shows you the results as if you were from that location, in this case Tucson, Arizona. (Keep in mind this is not exactly the same as a VPN, which hides your address, this solely affects your search results, but I think it’s a neat trick.)
Search Engines 
  • Duckduckgo is a search engine that doesn’t track you
Google Maps
  • Turn off your location history here
Wifi Networks
  • Don’t connect to public or unprotected networks that don’t require passwords
  • Remember to adjust your phone settings so that it doesn’t automatically search and connect to wifi networks when it can find one.
  • Use a secure password for your Wifi that’s different from a password for one of your devices or website login information.
Email
  • Do not share your personal information such as your date of birth or social security number, financial information such as your bank account, or your medical records via email – ever. Most companies won’t ask for this information in an email as it’s not secure. 
  • Avoid clicking on links or opening attachments in emails from anyone you don’t know. Scammers can easily make emails look official.
  • Be careful of offers for free gifts or prizes. If you don’t normally enter a sweepstakes or lottery, then you most likely haven’t won anything and should not open the email or click on any links contained in the email.
Medical Records
  • Watch this video from CNBC for useful tips of how to keep your medical records safe
Other Resources
If you have any more tips on how to be safe online and detect fraud, please comment and share! s
Share This

Share This Article