2020 was a banner year for identity thieves. According to the Federal Trade Commission (FTC), identity theft reports more than doubled last year to nearly 1.4 million cases. New government programs in response to the coronavirus pandemic fueled much of this recent activity as fraudsters rushed to apply for expanded unemployment compensation and other benefits.
While resourceful thieves can access other people’s personal information in several ways, they’re increasingly turning to online scams like phishing and malvertising. With more and more of our daily activities moving online, the risk of falling victim to these crimes increases. With Consumer Protection Week underway (Feb. 28-March 6), we’re offering a few essential tips you can use to safeguard your online life.
What are Phishing and Malvertising?
Criminals are very good at adapting to new opportunities. Not that long ago, online fraud attempts were a lot easier to spot. But as people became more adept at using the internet, these bad actors became more sophisticated. That’s why it’s more important than ever to understand how these scams work.
Both phishing and malvertising are methods criminals use to obtain personal and financial information from unwitting people. Phishing scams typically attempt to mimic reputable communications like emails, invoices, or coupons. These communications will often say there’s a problem with your account and ask you to confirm some personal information. When consumers fall victim to these scams, they often provide data like social security numbers, credit card information and driver’s license numbers directly to criminals without even realizing it. Thieves then use that information to apply for credit, sign in to your accounts, or sell it to a third party for other criminal purposes.
Malvertising uses pop-up ads on legitimate websites to redirect you to strange landing pages or install spyware or viruses on your computer. The goal here is also to obtain personal information. While Google has become very effective at spotting these malevolent ads, some still slip through. And when users fall victim to malvertising, they may be less likely to realize something is amiss until it’s too late.
Possible Scam Indicators
It’s important to approach every unsolicited online communication with a degree of skepticism. Many phishing attempts begin with a generic greeting and say something alarming like your account is on hold in the hopes of motivating the recipient to take action by clicking on an included link. These are all serious red flags. The fact is, most legitimate companies don’t reach out directly over email. But these scammers typically prey on less sophisticated users who don’t understand the online ecosystem. Unfortunately, many of these victims are older. According to the American Association of Retired People (AARP), the median loss by fraud victims in their 70’s is $800.00 — nearly double the loss of people in their 30’s. For people in their 80’s, median losses jump to $1,600.00. It seems that scammers have no problem exploiting the most vulnerable among us.
How Do I Avoid Falling Victim to Online Scams?
Fortunately, we can all take steps to help protect our online activity, starting with the devices we use every day.
Update Your Software
Several different consumer-level antivirus programs are available, which can protect your computer from phishing attacks and malvertising. However, you must regularly update these programs to protect against emerging threats. Your phone also likely includes security software that developers update periodically, so turn on your auto-update features to help ensure you have as much protection in place as possible.
Use Two-Factor Authentication
Two-factor authentication (or 2FA) requires users to take another step before allowing online account access. Typically, a website will send a text message or email containing a code which the user must enter before completing their login. With 2FA in place, scammers would need access to your phone or email account before they could enter your account, even if they’ve already obtained your login credentials. This feature is widely available, and you should activate it on any sensitive accounts.
Think Before You Click
If you do receive an alarming email that claims there’s a problem with your account, take a moment to think. Before clicking on the link, look at the account in question for any suspicious activity. If you need more information, it’s always smart to contact the company directly about the issue. However, you shouldn’t use the phone number provided in the email. Instead, find that information yourself and do a little digging.
Turn On Your Browser’s Click-to-Play Feature
Most browsers include a click-to-play setting in the privacy menu. When this feature is activated, it prevents plugins from loading and won’t allow automatic downloads until you click. This extra protection can keep malvertising pop-up ads from installing viruses or spyware on your device.
Understand Where You’re Buying From
Before making an online purchase, verify that the website you’re using is secure. If the address begins with an HTTPS, it means the site uses more advanced security measures to protect your personal information from hackers and scammers. Most browsers will also display a padlock icon in the search bar for websites that have their security measures in order. If the site you’d like to purchase from doesn’t include these security features, it’s best to make your purchases somewhere else.
Read Website Privacy and Cookie Policies
Most legitimate websites make their privacy and cookie policies available for their users to read. While these documents may appear intimidating, they should explain how a company plans to use and share the information you provide. If these policies aren’t crystal clear, it’s a red flag, and you should proceed with caution.
When All Else Fails, Follow These Two Rules
Online scams will probably always exist. The best way to protect yourself is to learn about the platforms you use most often so you can more easily identify something that’s out of place. However, scam attempts can still reach you, even when you’ve done everything right. When all else fails, you should always follow two simple rules to avoid falling victim to online scams. First, never give your personal information out over email. Second, don’t click on links that look suspicious. Hopefully, with a lot of healthy skepticism and a little bit of luck, you can avoid joining the growing ranks of online fraud victims.