The world may be focused on battling COVID-19, but there are other viruses out there threatening people’s wellbeing, all sent by a growing cadre of cyber hackers looking to steal money and data from unsuspecting individuals. According to one U.S.-based security firm, online crime has jumped by 600% since the pandemic began, while Cybercrime Magazine predicts attacks will cost the world US$10.5 trillion annually by 2025, up from about US$6 trillion today.
It’s not just clueless computer users who are getting targeted: Reports indicate Millennials and Gen-Zs are more likely than Baby Boomers to say they have experienced a cyber threat. Don’t blame yourself if you have been a victim of cyber fraud, though — with more people working from home, using internet-connected smart devices and generally spending more of their lives online, it’s becoming increasingly easy for hackers to attack. A good place to start, if you haven’t done this already: consider updating your password on your social handles and your investing accounts. Next steps? Be aware of the many new and often more sophisticated hacking methods that cyber fraudsters are using to steal financial information. Here are just a few scams to pay attention to.
Smart home hack
From digitally connected thermostats to voice-activated assistants and blinds that close with a press of button, almost everything in our homes can now be connected to the internet. While that makes it more convenient to turn your front hall lights off from bed, it also offers hackers new ways to break into your home network. Every device is a potential entry point — it only takes a few keystrokes for hackers to worm their way into a system — but that doesn’t mean you must forsake modern technology to keep yourself safe. A lot of these devices come with passwords that people never change and software upgrades that users don’t update.
What you can do: Create hard-to-crack passwords when setting up these devices and be sure to install any security updates issued by the device manufacturer. A combination of letters, numbers and other characters is ideal (and good advice for every password you create). There are also more smart home companies than ever before: You can do your research to see which ones come with the best protections.
Text message tricks
Everyone with an email address may have been the target of a phishing scam whether they know it or not. These are messages that include a link that, if clicked on, either downloads a virus to a computer or takes you to a website that asks for personal information. In many cases, these emails look like they are reputable, originating from a bank, postal service or your favourite online store.
While hackers continue to send billions of these messages every day, they’re also now targeting people’s texts. These messages often seem real, like they’re coming from a company you deal with or even a friend — and usually come with a link that takes you to a phishing scam site.
What you can do: Like with emails, only click on links and respond to messages sent by people you know and phone numbers you recognize. At no time will financial services companies ask you to reply to a message with account numbers, usernames, passwords, PINs, or other personal information.
TikTok imposter syndrome
Hackers are increasingly targeting people on their favourite social sites, and especially on TikTok, which has become a go-to social network for many. One of the more popular scams is the celebrity direct message, where a popular user asks you directly to donate to a charity or buy exclusive merch. While it’s obviously exciting to talk to a famous singer or major TikTok star, the person messaging you is probably a scammer (celebs have better things to do than message a random user). Some of these fakes may be talking to you for likes and attention, but most others are trying to scam fans out of money.
Imposter accounts are often indistinguishable from the real thing, especially because scammers will often lift videos and photos directly from the celebrity’s account. It’s also easy for fakers to mine an influencer’s follower lists and identify fans who will jump at a request from their favourite star.
What you can do: Protect yourself by looking for a visible blue checkmark, called a verification badge. (The blue verification badge is not the same as the yellow popular creator badge, which signals lots of followers and video views and likes but can be earned by anyone.) It’s also important to pay close attention to where that badge is displayed. Verified badges always appear directly below the username on a profile page. If the blue check appears in someone’s bio or anywhere else, it’s fake — and it’s a good idea to report the account and ignore any requests for cash.
Accepting fake apps
There’s another social media scam to pay attention to: the fake app hack. For years, bad actors have been trying to add malicious apps to Google Play and the Apple App Store — programs that include data-mining software or charge exorbitant hidden fees. One worldwide scam managed to charge users $40 a month for a fake premium SMS service. But as those app marketplaces have cracked down on this practice, more hackers are turning to social sites to entice people to install programs on their phones or computers.
What you can do: Protect yourself by downloading apps directly from official app stores, where you can check the reviews for scam warnings. And before you sign up for a trial, always read the fine print, especially if you need to provide a credit card to sign up. Some “free” offers aren’t free at all: They may charge hefty, non-refundable shipping fees or automatically enroll you in a paid subscription when the trial ends.
Given how easy it is to get caught in scam — and hackers are getting savvier all the time — it’s important that you pay careful attention to the messages you’re getting and the links you’re clicking on. If an email or text sounds off or unusual, then ignore or delete it. If you get a new device, create a password right away. Always install security patches and, if you do come across something nefarious, consider letting others know about the scam so they can protect themselves, too.