Protect yourself
from online threats and phone scams.

Understand your rights and options on how to protect you and your family from online threats and phone scams designed to steal your identity and financial information.

Understand the scam: phishing

Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company asking you to provide sensitive information. This is usually done by including a link that supposedly takes you to the company’s website where you are asked to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam.

The term ’phishing’ is a pun on the word fishing because criminals are dangling a fake ’lure’ (the email that looks legitimate, as well as the website that looks legitimate) hoping users will ’bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, user names, and more.

How to protect yourself.

Apply these two actions consistently and you will be nearly 100% protected from online scams.

Drive, don’t be pulled.

Stay in the driver’s seat by finding the website yourself. This is the ONLY way to guarantee you land on the legitimate site. If you use the link (or phone number) in an email, IM, ad on a website/blog site/forum/social network/text message, etc., where you land (or who you talk to) is their choice, not yours. The website they take you to (or the ’bank manager’ on the phone) may be a very convincing copy, but if you enter your information it will be stolen and abused. 

Instead, use your own link. If you use the company, you may already have a bookmark for the website you can use, if not, use a search engine and type in the company’s name, then use the link from your search engine to go to the correct site. If the email is legitimate, you will see the same information when you log into your account on the legitimate site.

Install/activate protection.

Install or activate a web tool that identifies malicious sites for you so you know the website you find is legitimate. There are several tools that will do this for you. Every standard browser now has a tool you can turn on to alert you if a website you are about to click on, or just clicked on, is safe or malicious.

Protect yourself with internet security featuring real-time anti-phishing.

Understand the scam: ransomware

Ransomware can happen to anyone. Ransomware attacks — when cybercriminals hack a computer, encrypt the files and hold them hostage for a ransom payment— have been widely reported as a financial burden to consumers and businesses.

Unlike traditional computer viruses that can be removed after landing on your system, if ransomware gets on your system, the only way to get it off is to pay the ransom and hope you’re sent a key to unencrypt your version of ransomware.

Learn more about ransomware:

How to protect yourself.

Backup your data.

A good rule of thumb is to backup anything you would like to have on your computer after a total reboot. Unfortunately, ransomware can attack cloud storage services and network drives. Create a physical back up on a DVD or portable drive, and keep it in a secure location that is not connected to your computer.

Practice good cyber hygiene.

Hover before you click to make sure you know the end destination, change your passwords regularly and keep your operating systems up-to-date.

Use anti-virus software.

Make sure ransomware doesn’t get on your computer by using software that blocks malicious phishing sites. But, beware of free versions as they often do not offer the best protection.

Understand the scam: online identity theft

Identity theft is any kind of deception, scam, or crime that results in the loss of personal data, including the loss of user names, passwords, banking information, credit card numbers, Social Security Numbers and health ID’s, that is then used without your permission to commit fraud and other crimes.

Online identity theft occurs when users fall for tactics like phishing and confidence scams; or download malware onto their computers or smartphones that steals their information; use wireless networks that are insecure; take out money from an ATM that has been rigged with a skimming device that collections your information; share their passwords with untrustworthy people, or by having their information stolen when data records are breached on companies, government, and educational sites.

How to protect yourself.

Protect your computer and smartphone.

Protect your computer and smartphone with strong, up-to-date security software. If your computer or phone is infected with malicious software, other safeguards are of little help because you’ve given the criminals the key to all your online actions. Also be sure that any operating system updates are installed.

Learn to spot spam and scams.

Though some phishing scams are easy to identify, other phishing attempts in email, IM, on social networking sites, or websites can look very legitimate. The only way to never fall for phishing scam is to never click on a link that has been sent to you. For example, if the email says it’s from your bank and has all the right logos and knows your name, it may be from your bank - or it may not be. Instead of using the link provided, find the website yourself using a search engine. This way you will know you landed on the legitimate site and not some mocked up fake site.

Use strong passwords.

Weak passwords are an identity thief’s dream - especially if you use the same password everywhere. Once the thief knows your password, they can log you’re your financial accounts and wreak havoc. You need passwords that are long (over 10 characters), strong (use upper and lower case letters, numbers and symbols), and that have nothing to do with your personal information (like name, age, birthdate, pet).

Monitor your credit scores.

By law you have the right to three free credit reports per year; from Experian, Transunion, and Equifax.

Protect your online identity with top-rated internet and smartphone security.

Understand the scam: phone spoofing.

Phone spoofing is when a scammer makes another person’s or company’s phone number appear on the receiver’s caller ID in an attempt to impersonate that individual or organization. The end goal is to gain access to your personal information and/or get you to pay for a fake service.

Phone spoofing remains a thorn in the side of many consumers across America. According to an online survey conducted by Harris Poll for Truecaller, roughly 27 million Americans reported losing money to phone scams over the last 12 months, a 53 percent increase from 2014.

How to protect yourself.

As a consumer, you have rights and options.

Block the number.

If a number repeatedly calls and doesn’t leave a message, block it.

Hang up.

If you do pick up and it seems like a bogus call, hang up immediately. However, you may find yourself on the other end of a questionable conversation. In this case, place the caller on hold and call their incoming number. If someone picks up on the other end from the company, ask whether or not the person on hold is calling on their behalf. The key is not to share any personal information.

Educate others.

Finally, educate your community. Help others in your life understand what phone spoofing is and how to protect themselves. You wouldn’t use a third party to call if you were stuck in Nigeria and needed a loan! Discuss scams you’ve received and how you handled with friends, so they are aware of the scenario and the appropriate actions to take. You also can refer them to discussion groups like the Webroot community for safety tips.