Thursday, April 22, 2021

Protection from hackers and scammers

Hackers and cybercriminals are getting smarter and more creative in how they write their e-mails and text messages, and in how they present themselves on phone calls. Follow these tips and strategies to better protect your personal and sensitive information online, and to guard against hacking attacks.

Lately, I've been noticing a sharp increase in e-mails from hackers looking to gain access to my personal information. Often, I'm finding that these e-mails are made to appear like they're coming from legitimate businesses and organizations, like PayPal, Square, Amazon, and various banks. I occasionally receive them "from" my e-mail provider, Yahoo, threatening me with immediate shutdown of my account unless I take action right away and verify my details.

I've also heard from others that there are many telephone scams going around. Again, as with the e-mail hackers, these phone calls appear to come from legitimate businesses, organizations, and even government agencies, but they are anything but legitimate. I've heard about callers pretending to be from the IRS and the local utility company. In these calls, the callers usually tell the would-be victim that s/he is in serious trouble (like facing fines and/or imprisonment, or about to have the electricity cut off), that numerous attempts to resolve the matter have already been made, and that immediate action must be taken in order to avoid any additional trouble.

Finally, I've also received text messages looking to gain access to my personal information. They are usually "from" the United States Postal Service (USPS) or UPS, wanting me to confirm my information due to changes in projected delivery dates of packages that I'm supposedly about to receive.

Here are some helpful tips and strategies to better protect your personal and sensitive information online, and to guard against hacking attacks. By no means is this an exhaustive list, and you should consult other sources to learn additional tips and take in other perspectives. If you have any advice, tips, and strategies of your own to share that can help minimize exposure to hackers and scammers and help better protect personal and sensitive information, we'd love to hear about them in the comments section below!

First, common sense and your intuition may be your best line of defense. If you know where you bank or don't bank; if you know that you don't have a Square account; if you know that you're not expecting any packages; if you know that you've been keeping up with your utility bill; etc., etc., then you can usually tell quite quickly and easily what's going to be a scam attempt.

Remember that the IRS and the Postal Service are not going to contact you by phone or text message. The IRS will communicate with you by postal mail for business matters, and the Postal Service will not call or text you regarding the delivery of packages or to ask you for any personally identifiable information for the purposes of delivery verification. The very rare exception to this general rule of thumb - it is possible that the IRS will contact you by phone for the purposes of resolving tax matters and arranging payment plans, but you will know about their attempts to reach you by phone ahead of time by postal mail. There will be no surprises.

Never pay for a product, service, or a supposed bill that you owe with gift cards. Sadly, this is becoming a very popular scam, and many people are easily falling for it. Someone calls you and wants you to buy something, or you're told that you owe a bill. The caller wants you to pay for the product, service, or bill with gift cards (either by purchasing them online or at a physical store and then either physically mailing the cards somewhere or giving the caller the codes on the gift cards over the phone or by e-mail). What just happened? You just paid for a product or service that you're not going to receive, or you paid off a bill that was fake all along. And you paid for it in gift cards, which are virtually untraceable and extremely difficult to impossible to have any recourse.

If you're ever unsure if an e-mail, call, or text is a scam, verify by contacting the business or organization directly. Don't reply to the e-mail or text. In the case of a live phone call, don't provide any information to the caller. Instead, independently contact the business or organization after researching contact information online. If you receive an e-mail or text appearing to come from someone you know and you're unsure about it, contact the person independently to verify.

If someone is calling you and you're not familiar with the phone number on your Caller ID, let the call go to your voicemail or answering machine. If it's an important call and the caller is really trying to reach you, the caller will leave a message. If there is no message, the call must not be important or even legitimate.

Follow these two general rules that I faithfully subscribe to: Coming back to the last point, I simply don't answer the phone if I don't recognize the number on the Caller ID. I'll let it go to voicemail, and I would estimate that, 99.5% of the time, there's never a message left for me. Must not be important or even simply legitimate. Additionally, if someone legitimate is really trying to contact me, like a creditor, bill collector, government agency, etc., I subscribe to the belief that they can always write me via postal mail. They should have my address on file if they're really looking to reach me. If they don't want to officially notify me by postal mail that there's an issue of sorts, then I don't know one exists.

Implement two-factor or multi-factor authentication for your important electronic accounts. In a nutshell, two-factor or multi-factor authentication means receiving one or more log-in codes or notifications delivered to your mobile device(s) or perhaps sent to another e-mail address when you try to log into your e-mail, bank, social media, or any other important online accounts you may have with your regular password. This way, the account you're trying to log into knows it's really you, and not someone who may happen to have your password.

When using public computers, like at your local public library or an Internet cafe (do Internet cafes still exist??), use private windows in your Internet browser. This way, you're not leaving behind your search history, cookies, any accounts left open by accident, etc.

What advice, tips, and strategies do you have to help minimize exposure to hackers and scammers and help better protect personal and sensitive information? Please feel free to share in the comments section below. We'd love to hear from you. Thank you!

No comments:

Post a Comment