Back to Resources >

Cybersecurity: How to Spot and Avoid Scams

The last year has changed how many of us live and work. Thanks to the COVID-19 pandemic, companies shifted a significant amount of their operations to remote work environments, while schools transitioned to virtual learning settings. As a result, we are spending significantly more time on our computers — which has opened the door for cybercriminals, especially those who operate via digital mediums like email and social media.

Cybersecurity has become a bigger issue, especially in light of the recent hacking/ransomware attack on the Colonial Pipeline Company that resulted in the company paying hackers $4.4 million in cryptocurrency to regain access to their system.[1] But large companies aren’t the only targets for cybercriminals: according to U.N. officials, cybercrime attempts rose 600% during the coronavirus pandemic,[2] and research from security firm Cybint found that 95% of cybersecurity breaches are caused by human error.[3]

In this article, we highlight some of the most popular scam attempts and share strategies for protecting yourself and your wealth from would-be cybercriminals and scammers.

 

Digital Scams

The tactics used by cybercriminals are constantly evolving, and if you don’t know what to look for, it can be difficult to spot and avoid scam attempts. Below you will find several common threats and simple steps you can take to protect yourself.

 

Phishing Scams

One of the most popular strategies used by cybercriminals is “phishing”: posing as an official organization or business and sending fraudulent messages designed to trick the recipient into revealing passwords, bank account details, or other sensitive information.

Even if an email looks official, if you don’t recognize or do business with the sender, don’t click on any links embedded in the email or open any attachments. Some phishing attempts even provide a contact number to make the email seem more official, so if you receive a suspicious email from a provider you recognize or work with, call the provider at the number listed on their website to verify whether the email they sent was legitimate.

If an email seems suspicious, try clicking on or hovering over the sender’s name in the email. This will reveal the sender’s actual email address, which can help you determine if the email is legitimate or not. If the email address doesn’t use the company’s website address, be wary of clicking any links or giving out any personal information.

 

Tech Support Scams

In this scam, scammers pose as “tech support” agents, telling their targets that there is a major security issue with their computer that needs to be fixed immediately.

In some cases, the scammer will request remote access to your computer; once they have it, they will effectively lock you out of your own computer until you pay them. In other scams,, the caller will ask the target to “verify” their Social Security Number, bank account information, or some other private data under the guise of confirming their identity.

To avoid this scam, remember that tech support is always initiated by the user, not by the manufacturer. If someone calls you, do not provide any personal information and do not allow them access to your computer.

 

Coronavirus Relief Scam

In recent months, scammers have been taking advantage of the confusion around stimulus payments to perpetrate fraud, and one popular approach is the “Coronavirus Relief” scam.

Cybercriminals have been posing as Federal Trade Commission representatives, emailing people and telling them they have qualified for “coronavirus relief” — but in order to claim their relief funds, the person receiving the email has to pay taxes on the funds first.

The FTC offers a full breakdown of this scam and how it works on their website[4], but all you need to remember is that the FTC is not involved with stimulus payments, and the government does not require prepayment of taxes in order to issue stimulus funds.

 

Cybersecurity Best Practices

It is always a good idea to keep track of the latest scams so you can more easily identify and avoid scam attempts, but there are also some general best practices that you can apply to protect your personal information.

For starters, a strong password is essential. Security experts estimate it takes a hacker 1 day to crack an 11-character, all-lowercase password (e.g., “thepassword”), while a password that combines uppercase and lowercase letters (“ThePassword”) will take 5 years to crack. Adding numbers (“ThePassw0rd”) extends that timeframe to 41 years, and adding symbols (“T#ePassw0rd”) means it would take 400 years to crack.[5]

Experts also recommend turning on two-factor authentication for any accounts containing sensitive data (including payment methods). Two-factor authentication requires users to confirm a security code sent to the phone or email address connected to the account when logging in, which means that even if a scammer guesses your password, they won’t be able to verify the security code and therefore can’t access your account.

For additional protection, you can also use security tokens: portable, physical devices that users plug into their computers to authenticate their identity. So even if you lose access to your computer, as long as you have the security token your data is safe.

Some experts suggest connecting to the internet via a VPN (Virtual Private Network), rather than through a public internet connection. VPNs protect your network connection and disguise your identity, making it more difficult for scammers to track your online activity and steal your data or personal information.

For additional digital privacy protection tips, you can visit the FTC’s website: https://www.consumer.ftc.gov/articles/how-protect-your-privacy-online

 

Phone Scams

Email scams have become ubiquitous, but phone scams are still very popular — especially for scammers targeting older individuals. Here are the biggest scams to watch out for.

“Car Accident” Scam

This scam involves calling an older family member and posing as a family member (usually a child or grandchild) who has just been in a car accident and needs money wired to them in order to pay for repairs or insurance costs. Another variation is the “lawyer” scam, where the scammer claims to be a lawyer representing a child or grandchild who was just arrested and needs money for bail or legal fees.

If you receive a call like this, your first step should be to call the family member in question and verify the information. As a general rule, however, avoid giving out your banking information via telephone or email.

IRS Scam

In this scam, criminals pretend to be from the IRS and tell their target they have an outstanding tax balance. They then inform the target that the police are on the way to arrest them for tax fraud — unless they make a payment immediately via wire transfer or by putting money into a prepaid debit card. Some scammers even relay part of their target’s Social Security Number to seem more authentic.

As a general rule, if someone you don’t know calls you and asks for money, it’s likely a scam.

How to Spot a Phone Scam

Phone scammers prey on their targets’ emotions. If the caller makes the situation sound like an emergency that has to be taken care of immediately, be wary — they’re likely trying to create a sense of urgency so you don’t question them.

Another red flag is if the caller asks for bank account information. No legitimate business will call you unprompted and demand your bank account information over the phone. And if the caller requests payment via gift card or cryptocurrency, it’s almost certainly a scam. Consider establishing a verbal passphrase that your loved ones can use to verify their identity when they call.

 

Closing Thoughts

At Sound View Wealth Advisors, we are mindful of the tactics detailed above and have taken several key steps to prevent cyberthreats from impacting clients. Most notably, two-factor authentication on all of our accounts and devices that can access our client’s personal information.

The digital age has emboldened criminals and scammers, and it is crucial that you secure your personal and financial data and protect yourself from fraud. We hope you found this information useful; if you have any questions about cybersecurity, we encourage you to connect with our team.

 

ABOUT THE AUTHOR: Eddie Ambrose 

Eddie co-founded Sound View Wealth Advisors with the goal of operating as a fiduciary, where he is able to put clients’ interests first and foremost. Eddie develops and implements tailored financial plans that encompass estate planning, investment management and overall risk mitigation for families.

Prior to Sound View Wealth Advisors, Eddie was a Senior Financial Advisor with the Bouchillon, Ham & Dekle Group at Merrill Lynch, which he joined in 2011. Previously, he served 10 years as a financial services policy advisor to members of the United States Congress, as well as several major investment banks, private equity groups and private investment funds. He earned an M.B.A. in finance from the Robert Smith School of Business at the University of Maryland.

Eddie serves on the board of directors for the Humane Society of Greater Savannah. In college, he was captain of the men’s varsity golf team and earned Academic All-American honors. His interest in golf continues today through his involvement with the Landings Men’s Golf Association (LMGA).  Eddie resides on Skidaway Island with his wife, Caroline.

 

 

Disclaimer: The information, analysis, and opinions expressed herein are for general and educational purposes only. Nothing contained in this commentary is intended to constitute legal, tax, accounting, securities, or investment advice, nor an opinion regarding the appropriateness of any investment, nor a solicitation of any type. All investments carry a certain risk, and there is no assurance that an investment will provide positive performance over any period of time. An investor may experience loss of principal. Investment decisions should always be made based on the investor’s specific financial needs and objectives, goals, time horizon, and risk tolerance. The asset classes and/or investment strategies described may not be suitable for all investors and investors should consult with an investment advisor to determine the appropriate investment strategy. Information obtained from third party sources are believed to be reliable but not guaranteed. Sound View Wealth Advisors Group, LLC makes no representation regarding the accuracy or completeness of information provided herein. All opinions and views constitute our judgments as of the date of writing and are subject to change at any time without notice.

[1] Vox, How a major oil pipeline got held for ransom. (Link)

[2] Business Insider, Cybercrime against healthcare groups ‘worldwide’ is on the rise during coronavirus pandemic. (Link)

[3] Cybint, 15 Alarming Cyber Security Facts and Stats. (Link)

[4] FTC, Coronavirus relief scam impersonates Joe Simons from the Federal Trade Commission. (Link)

[5] Hive Systems, Are Your Passwords In The Green? (Link)