| With so much of our lives happening online—whether for work, social connections, shopping or entertainment—cybercriminals have myriad ways to steal money and sensitive information. When you factor in the many devices we wear (smartwatches, anyone?) or that are in our homes linked to the internet, the opportunities grow. |
| How It Works• Unsolicited emails, text messages, posts on social media platforms, online ads, pop-up messages—these are all the domain of cybercriminals and their attempts to “socially engineer” us.•Whether it’s a “problem” with a financial or retail account, a way to tap into “free” money, or another emotion-arousing message, the goal is to get us to take quick action—click on the link, or call the number provided.•That quick action can lead us to logging into copycat sites to expose our credentials or payment details or downloading malicious software.•With the “internet of things,” our connected devices are at risk for cyberhacks given universal default password settings, unsecure communications between devices, and security updates from manufacturers that aren’t timely or just don’t occur. What You Should Know• The hallmark of most online social-engineering scams involves 1) an unexpected communication that 2) yields a highly emotional response and 3) involves urgency. When these three elements are seen together, don’t engage—or if you do and realize it, quickly cut off contact.•Recognize that connected devices typically do not come with secure defaults, which leaves them open to a third-party intercepting or exposing your sensitive data. What You Should Do• Create strong and unique passwords for all online accounts and devices. Where possible, use biometrics such as fingerprints or facial recognition.•Where available, turn on multi-factor authentication, which is a second way beyond your username and password to verify it’s you accessing your account or device.•Where available, set up your devices and software to update automatically; quite often the updates are to shut down known security vulnerabilities.•Avoid clicking on links from emails and texts and on online ads. Type web addresses into your browser to ensure you aren’t sent to a copycat site, and only visit sites you know and trust.•For any troubling communication from your financial institution, a retailer you do business with, or a family member or friend, don’t interact. Instead, cut off communication and reach the entity or the person using the way you typically interact with them. |
| Reprinted from AARP |