In our current digital world, cybercriminals continue to be on the rise, looking for opportunities to gain access to sensitive information and personal data. A cyberattack occurs every 39 seconds, affecting one in three Americans every year and costing individuals $4,476. Tyler Musser, Associate Vice President of IT Security, Sammons® Financial Group Member Companies, shares his insight into spotting common financial scams and how you can boost your protection against cyberattacks.
How you can spot a financial scam
Unfortunately, scammers continue to devise new ways to steal people’s personal information and money, but one of your best defenses against such crimes is learning how to recognize these scams immediately. Common types of cyber threats include:
- Spoofing attacks: Spoofing attacks use email addresses, sender names, phone numbers, or website URLs that are disguised as trusted sources. “Cybercriminals attempt to deceive users by changing one letter, symbol, or number within the name,” says Musser. “This tactic is used to convince users that these spoofed communications are real to lead you to download malicious software, send money, or disclose personal, financial, or other sensitive information.”
- Phishing emails: Phishing attacks use email or malicious websites to infect your machine with malware and viruses to collect personal and financial information. “Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerabilities for criminals to use to attack,” explains Musser. “Phishing emails may appear to come from a real financial institution, e-commerce site, government agency, or any other service, business, or individual.” If you click on the link or respond with personal information, attackers will use these details to access your accounts.
- Vishing scams: This type of fraud is a phishing email that looks like it has been sent from a legitimate business or bank that contains a phone number for you to call. If you do so, a person or automated response system will request your account information, password, or personal details.
How you can protect your financial information from cyber threats
While the idea of a potential cyber threat can be worrisome, you can protect yourself by being well-informed about today’s trends and knowing when to trust your gut if something looks suspicious. “Links in email and online posts are often the way cybercriminals compromise your computer,” says Musser. “If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email.” Follow these tips to help protect your financial information:
- Stop and think: Many criminals try to trigger a panicked reaction by sending communications that attempt to create a sense of urgency. “If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform,” recommends Musser. “If the email comes from an organization but still looks ‘phishy,’ reach out to them via customer service to verify the communication.”
- Avoid hyperlinks: It’s best to avoid clicking on any hyperlinks within an email and verify its authenticity by hovering over the link to see it would lead you. “Ensure that URLs begin with “https” because the “s” indicates encryption is enabled to protect users’ information.”
- Change passwords frequently: Your best defense is a good offense, so change your passwords frequently, even if a website or service does not require it. Consider using the longest number of characters possible, while including numbers and symbols. “Get creative and customize your standard password for different sites, which can prevent cybercriminals from gaining access to these accounts and protect you in the event of a breach.
- Bump up your login protection: Multi-factor authentication (MFA) can help ensure that you are the only person that can access your account. “If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a security token. Use this for email, banking, social media, and any other service that requires logging in.”
Steps you can take if your financial information is compromised
Hackers may be able to expose your passwords with only your phone numbers or email address. With this information, they can access your bank account or call the bank to “verify” their identity and gain access to additional personal and financial details.
How do you know if your bank account has been hacked?
Many financial institutions have fraud protection to alert bankers of suspicious activity and will let you know if they spot something that might be fraudulent, but it’s important to keep an eye out for warning signs too.
- Call from your “bank” – You may receive a call from someone posing as a bank employee who asks for your account or other personal information.
- Email alerts – Be aware of any email alerts from your bank about changes to your password, email address, or alert settings that you did not authorize.
- Unexplained transactions – Hackers often test your account with small, less detectable withdrawals before making larger purchases.
- Unfamiliar purchases – If you spot charges or purchases that don’t ring a bell, this may be a good clue that someone has hacked your account.
- Blocked login – If you trying to log in and your account is locked, an unauthorized person may have been trying numerous times to access your account and password.
Cyberattacks can happen, even when we try our best to protect ourselves from malicious activity. Finding out your financial information has been comprised can be a panicking situation, but there are actions you can take to help minimize the potential damage.
- Contact your bank: Most banks have a dedicated fraud department that will help you determine what steps to take following a breach or suspicious activity, submit a claim if needed, and give you tips that can improve security going forward. Call your bank immediately to report unauthorized charges and prevent any further transactions from occurring.
- Update all pins and passwords: Whether you keep your same account or open a new one, choose a fresh password that you have never used on any other site. Select a PIN that is not related to your Social Security number, birth date, or any dates tied to your spouse or children.
- Close your account: Depending on the severity of the breach, your bank may recommend putting a temporary freeze on your account or closing your account and opening a new one.
- Review your credit report: Oftentimes if someone has been able to access your bank information, they may open several credit cards in your name as well. Set up a fraud alert on your credit cards and review your account activity carefully in case you need to report any unauthorized activity.
With cyber-attacks becoming more frequent and expected to double by 2025, it’s important to be able to detect malicious activity quickly and prevent your information from being compromised. “Cybercriminals can use social engineering with your personal details to try to manipulate you into skipping normal security protocols,” says Musser. “It’s best to play hard to get with strangers by avoiding any engagement with unfamiliar emails and being diligent about regularly updating and protecting your information. Also make sure all of your computers, phones, and tablets are equipped with updated antivirus software, firewalls, email filters, and anti-spyware to give yourself another level of defense.” Following cybersecurity best practices and taking prompt action in the event of a breach can help minimize potential damage and help you better protect your information in the future.
Tyler Musser is an employee of Midland National® Life Insurance Company. The opinions and ideas expressed by him are his own and not necessarily those of Midland National or its affiliates. Midland National does not endorse these opinions and ideas.