Mastering Online Security: Your Ultimate Guide to Staying Safe in the Digital World
Welcome to Part II of last month’s article, “Local Mundsies Trust is Shattered as Scammers Make Off With Almost $30,000!” This heart-wrenching story depicted the struggles of two locals who fell victim to scammers.
While our previous story aimed to raise awareness, this article aims to equip you with the necessary tools to stay safe online. We extend our gratitude to local Mundsie Fred Lloyd, who contributed the following article to help locals not fall victim to scammers.
By Fred Lloyd
Understanding Social Engineering. The first term you must become familiar with is social engineering. Social engineering is a modern term for the classic con man or flim-flam artist. Social engineering means, in effect, making the other person feel normal while being manipulated. One form of social engineering is to blend in. It’s how party-crashers get away with attending a party where they know nobody. They stay and enjoy the party because they act as if they belong there. That is social engineering.
The concept of social engineering goes far and has many twists and turns to suit the attacker’s needs. The key to most scams is misrepresentation in one form or another. The scam might be misrepresenting a legitimate business or attempting to misappropriate an identity.
As I was writing this article, my phone rang. It was a strange area code. I answered, “Hello,” and there was an unusual silence. Then the voice said “hello” back and, in a calm, emotionless voice, identified themselves as the Police Officers Association. I hung up. It was a computer. There is no way on God’s green earth that this was a policeman or that the caller was even associated with the police.
This scammer was looking for honest, trusting people, the ones easiest to manipulate. By claiming to be with the police, the wheels are pre-lubricated for action. The victim is guaranteed to remain polite and cooperative on the phone. The victim might actually donate to the “Association” and never think twice about it.
Perhaps the most compelling scam strategy should be called “something for nothing” or, in other words, a bargain. The offer of a bargain is what keeps slot machines running, except that in the real world, people don’t expect there to be a payout. No, quite the contrary; they are expecting value for money. When I ask a user, “Why did you send $1500 to a P.O. Box in Brooklyn,” they often respond with, “Because it was a great deal!” Umm, a good deal for the P.O. Box, but not so much for you. In this sense, scammers rely on human greed as a motivator. It works extremely well. You need something expensive, and, being the sensible shopper you are, you search for the best price. During your search, you find one with a very attractive price, so you lay your money down... only to never see it again.
Tips for Avoiding Scams online security
So, what can you do? Believe it or not, quite a bit. Here are a few tips that may help you avoid a loss:
Never answer a text message from a business that claims urgency.
“Your Amazon account will be suspended; click here to respond” is a perfect example. Amazon doesn’t send messages like that. Moreover, no business does. Text messaging is not considered secure communication.
Never give any person a verification code.
If someone says, “I’ll send you a code to verify you,” hang up because it’s a scam. Authentication codes, such as two-factor authentication and those sent as text messages, must never be given verbally to another person. They are intended for “eyes only” and are never spoken. If a person asks you for a code sent by text, they want it to impersonate you.
Do not respond to emails that request you to log in to fix an issue.
Don’t do what they ask. For example, suppose you receive an email that looks like it’s from your bank, complete with the official logo. It asks you to log in for some plausible reason. You click the login link in the email and see your bank’s familiar login page. You enter your name and password, and nothing happens. You’ve just been Phished. Now, some crook has your username and password, and they will be logging into your bank momentarily. Scammers build fake websites that look like the real thing, so you will unwittingly input your legitimate username and password. That’s Phishing. Anytime a financial message comes to you by email or text, do not click on it. Instead, open a browser (or your App) and manually log in to your bank, as you typically do, to see if anything needs your attention.
Don’t trust sites like Craigslist, where sellers are not authenticated.
Never send money to a Craigslist seller that isn’t local, and never send money to a Craigslist seller that you haven’t spoken to on the phone. Most scammers won’t give you their phone number, which automatically disqualifies them. If they give you their number, call them and discuss the item in detail. Ensure that the seller knows as much about the item as you would if it were yours. It’s a tip-off if the seller is generally ignorant. If they’re selling it “for someone else,” run, don’t walk away from the deal. Never accept third-party deals. It doesn’t matter if the owner is on his deathbed and can’t speak, DON’T DO IT!
Don’t respond to compassionate pleas.
“I need the money for surgery” is the example here. The surgery is actually a “dollarectomy” from your wallet. Say NO. You’re not saying no to their problems—You’re saying no to being ripped off. Don’t be a softie. They’re hoping for that.
Pay attention to what’s on your screen.
It’s unsafe to disregard things you don’t understand on the screen. For example, the lock symbol on the browser shows that the connection is encrypted and that the website you’ve arrived at is registered to the name shown in the address bar. For heaven’s sake, folks, please get into the habit of looking at the address bar on your browsers. It tells you where you’ve actually landed on the internet. It is guaranteed accurate if the lock symbol is there. If the lock symbol shows missing or unlocked, it could be a phishing site. A phishing site might imperceptibly misspell the company’s name, and you might not notice it. Pay attention!
Don’t let your decisions be driven by price. Too many people have lost everything trying to save a buck. Things that have value are worth paying for. Low prices are the calling card of a scammer. Scammers will always offer the lowest price and claim urgency. Don’t believe it because nobody sells things of value at a loss for very long, if at all.
Be wary of unusual payment requests. Be extremely wary. Never pay someone other than the seller. An example is to ask for money to be sent to the seller’s wife or friend, who, coincidentally, has a different last name. Never use PayPal Friends & Family payments unless the person is actually Never accept a cashier’s check unless you’ve specifically arranged for one. Never accept a check for more than your asking price. Be wary of any payment that cannot be tracked. PayPal is your friend, despite the fee.
Don’t assume that any police or agency can help you with recovery. Not even the bank. I recently had a large, unauthorized withdrawal from my bank that was stopped due to my vigilance. The bank will not disclose what happened to me in any detail, even though my statement showed where the unauthorized withdrawal went. You’re on your own and probably lost at this point. The way to avoid this is not to get scammed!
Protecting Yourself on Social Media
Be cautious with your social media account, as it can inadvertently expose your personal information or location. Here are some tips to help safeguard your online presence:
Disable Location Services: Turning off location services on apps like Twitter, TikTok, Instagram, and Facebook prevents criminals from knowing your whereabouts. This reduces the risk of being targeted based on your location or having bad actors use your absence from home to their advantage.
Adjust Privacy Settings: Customize your privacy settings on social media apps to limit who can access your posts and profile details. Default settings on most apps can expose sensitive information about you, so limiting access is crucial. The most secure option is only to allow people you know in person to access your posts and profile.
Be Careful with Friend Requests: Ignore or delete friend requests from people you don’t know. Be cautious of requests from people you know if they seem suspicious. Bad actors may impersonate a friend to gain access to your information. If unsure, verify the request’s legitimacy by contacting your friend through a different channel.
Take A Moment Before You Post: Avoid sharing sensitive and personal information that could be used to harm you. Think carefully before posting and consider the potential consequences of sharing with the world. By being mindful of what you post, you reduce the risk of your personal information being misused by scammers or cybercriminals.
Handling Emergency Scam Calls & Messages
If someone calls or sends a message claiming to be a family member or a friend desperate for money, here’s what to do:
Resist the pressure to send money immediately. Hang up.
Call or message the family member or friend who (supposedly) contacted you. Call them at a phone number that you know is right, not the one someone just used to contact you. Check if they’re really in trouble.
Call someone else in your family or circle of friends, even if the caller said to keep it a secret. Do that especially if you can’t reach the friend or family member who’s supposed to be in trouble. A trusted person can help you figure out whether the story is true.
Additional Tips for Internet Safety
Use antivirus software and firewalls on all your devices to protect against malware and other threats.
Create strong, unique passwords and use a password manager to keep track of them. Enable two-factor authentication whenever available.
Following these tips and staying vigilant can protect you from scams and maintain a safer online presence. We must continually educate ourselves on new threats and stay up-to-date with best practices for internet safety.