Fight fraud: Scams, identity theft, ransomware attacks

In an increasingly technology-oriented world, cybercrime has become all too common for both consumers and businesses. Internet crime takes many forms and includes everything from large-scale data breaches to consumer issues like identity theft and cyberstalking to widespread scams and ransomware.

In the third week of National Cyber Security Awareness Month (NCSAM), the National Cyber Security Alliance (NCSA), the U.S. Department of Homeland Security (DHS) and their industry, government and nonprofit partners are highlighting the different types of online crime and how people and businesses can better protect themselves.

“As cybercriminals sharpen their hacking skills, we must take stronger precautions to protect our information and all of our connected devices,” said Michael Kaiser, executive director of NCSA. “There are simple things everyone can do to better safeguard their key accounts, devices and apps, like keeping software up to date, turning on strong authentication and exercising extreme caution when reading messages containing links or requests for information.”

Tech support scams

Tech support scams make up one of the most common forms of cybercrime, and many companies providing technology products and services find themselves targeted by cybercriminals. A new Microsoft new survey offers the following findings:

• One in five consumers surveyed admitted to continuing a potential fraudulent interaction when experiencing a tech support scam.
• Nearly 1 in 10 have lost money to a tech support scam.
• Of those who had continued with a fraudulent interaction, 17 percent were older than 55 and 34 percent were between the ages of 36 and 54.
• Fifty percent of those who continued the interaction were millennials (ages 18-34).

“Tech support scams are on the rise around the world and demand urgent attention from law enforcement, private industry and individual consumers,” said Courtney Gregoire, senior attorney at Microsoft’s Digital Crimes Unit. “According to a recent survey from Microsoft, two out three people have experienced a tech support scam in the past year, with many falling victim and placing their computers and personal information at risk.”

Identity theft

In addition to the rise in tech support-related and other scams, identity theft is a key concern for many – in fact, a 2016 NCSA survey revealed that preventing identity theft was the top online safety topic both teens and parents of teens would like to learn more about. The Identity Theft Resource Center’s (ITRC’s) 2016 Identity Theft: The Aftermath study, which surveyed victims of identity theft in 2015, revealed the following:

• The accounts most commonly taken over by thieves included email (11%), payment services (10%), social media (9%) and online banking (8%). Additional compromised account types include online medical portals (5%), health trackers (2%) and gaming (2%).
• Nearly a fifth of survey respondents reported significant repercussions when their online accounts were taken over, including job loss (24%) and reputational damage among friends (61%) and colleagues (31%).
• Of the respondents who identified experiencing criminal identity theft issues, 30 percent found themselves in need of state government assistance programs to overcome the financial impact of identity theft.

“Identity thieves can use a variety of platforms to commit their crimes, including many online platforms. This crime creates not only short-term effects for victims during the time they are remediating their cases – it creates long-term effects as well,” said ITRC President/CEO Eva Velasquez. “When we look at the sheer volume of identity theft it is easy to get lost in the number; we must not forget that behind each percentage and incident we count, there is a person whose life is being affected. This in turn affects families, communities, regions and our country as a whole.”

Ransomware attacks

In recent months, ransomware attacks – the “digital kidnapping” of valuable data in which malware accesses victims’ files, locks and encrypts them, and then forces victims to pay ransom to get the files back – have grown more sophisticated and prevalent.

The FBI has warned that these attacks are on the rise, and according to Kaspersky Lab, the number of individuals attacked by crypto-ransomware increased 5.5 times from 2014/2015 (131,000) to 2015/2016 (718,000). These threats can be especially damaging to businesses, which may store critical organizational data, intellectual property and consumer information.

“Having a backup that can restore the impacted system is a key defense that can help organizations restore normal operations quickly after being impacted by ransomware,” said Kaiser.

Fight fraud: Prevention and recovery tips

NCSA recommends that both consumer and business audiences take the following steps to prevent and recover from cybercrime such as scams, identity theft and ransomware attacks:

• Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
• Keep all machines clean: Having the latest security software, web browser and operating system is the best defense against viruses, malware and other threats. If you have experienced cybercrime, immediately update all software on every internet-connected device. All critical software, including PCs and mobile operating systems, security software and other frequently used programs and apps, should be running the most current versions. Use security software to scan any USBs or external devices.
• Back it up: Make sure you have a recent and securely stored backup of all critical data.
• Make better passwords: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember.
• When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
• Help the authorities fight cybercrime: Report stolen finances or identities and other cybercrime to the FBI Internet Crime Complaint Center (IC3), the ITRC, the Federal Trade Commission (FTC) and/or your local law enforcement or state attorney general as appropriate.