7 Top Anti-Scam Tips for Cyber Security Month

Cyber security campaign urges everyone to “do your part” for online safety: Internet Scambusters #931

October is annual Cyber Security Month, a timely event as Americans fall victim to billions of dollars of online fraud every year — with worse to come.

Campaign organizers, who include the Department of Homeland Security and the FBI, want us to practice caution and skepticism until online security becomes second nature, just like driving.

We’ll give you the details in this week’s issue including the FBI’s top tips for consumers and links to other elements of the campaign.

Let’s get started…


7 Top Anti-Scam Tips for Cyber Security Month


“Do your part. #BeCyberSmart.” That’s the theme of this year’s National Cyber Security Awareness Month (NCSAM), which runs throughout October, with a host of ideas and tips to help users avoid Internet scams and other malware.

Last year, the Internet Crime Complaints Center (IC3), reported almost half a million complaints about online fraud, estimated to have cost US citizens about $3.5 billion.

Taking account of unreported crime, that’s probably the tip of an iceberg. And it’s not difficult to guess that 2020 will be worse.

In fact, earlier this year, the FBI reported a four-fold increase in some types of cybercrime, which encompasses fake public networks, phishing, password theft, identity theft and malware.

The awareness campaign is a joint initiative from the US Department of Homeland Security and the National Cyber Security Alliance (NCSA), the nation’s leading nonprofit, public-private partnership promoting cyber security, privacy education, and awareness.

“Cyber security is no longer a buzzword,” says the NCSA. “It is now a concern for businesses, government entities, consumers — for anyone who relies on the internet in our increasingly digital world.”

And today’s need for increased online safety has never been greater, with more people than ever working from home and relying on their computers for everything from work to conferencing, and for all of us, from shopping to social media. In a new survey, 91% of security professionals reported an increase in overall cyberattacks as a result of employees working from home.

The campaign organizers want cybersecurity actions to become as second nature as our driving habits. We don’t think about the actions we have to take when driving in order to stay safe. We do them automatically. So, the organizers hope, should we behave when taking care of our safety online.

Each week of the campaign month is striking a different theme. Last week, it’s “If You Connect It, Protect It.” Among other things, this theme encourages us to remember that, these days, many devices apart from computers are often connected to networks and, potentially, the internet.

These might include security cameras, child alarms, smart TVs and so on — the so-called Internet of Things (IoT). The important element here is to ensure you know and understand the security and privacy provisions of each “thing” and not only to put those provisions in place but also keep them up to date.

Some of the subsequent weeks are targeted more toward businesses and health care, although this week highlights the importance of securing devices at home and work.

For consumers, the FBI, one of the alliance partners, will focus this week on spoofing, phishing, online safety for kids and an outline of the work of IC3, which celebrates 20 years of existence.

And then next week, the focus will switch to other online threats and scams, including those that have blown up with recent virus scares, notably PPE (Personal Protective Equipment) scams and online fraud.

You can find more details of these subjects, with links to individual topics, in this FBI article: National Cybersecurity Awareness Month.

The agency also lists 7 top cybersecurity tips for this year’s campaign, most of which should be familiar to regular Scambusters readers:

  1. Use a good anti-virus program and keep all your software (not just anti-virus) up to date.
  2. Examine the address of incoming emails carefully. (You can check a real address hidden behind a false one by hovering your mouse pointer over it.) Also check spellings of these addresses and URLs — addresses you type into your browser or that appear when you click on a link.
  3. Don’t click on or even retype links in unsolicited messages. Always use addresses or phone numbers you’ve verified independently.
  4. Don’t open attachments unless you’re expecting them and have checked the sender’s email address as above.
  5. Be wary of and check thoroughly all digital requests for a payment or transfer of funds. Do you really know where and why you’re sending them?
  6. Be especially suspicious of any message that tries to pressure you into taking urgent or immediate action.
  7. If you’re asked to transfer money by wire, which normally can’t be tracked or traced after you send it, confirm the request in person or over the phone — but don’t use a number listed in a message request. Look it up separately.

To that, the NCSA stresses the importance of using two-factor authentication, if available, when setting site log-on preferences, and of thinking carefully about what might happen to you and others when you share stuff online.

You can get more details on National Cyber Security Awareness Month and other tips on your online security from NCSA at StaySafeOnline.org.

Alert of the Week

Scammers are believed to have hacked or bought the customer records of mortgage companies so they can contact clients, posing as a representative of a company.

One tactic is to offer the client a supposed opportunity to modify their existing loan — for example by lowering interest rates — for a fee or telling a client that a loan payment is past due and must be paid immediately.

Tell the caller you’ll phone them back and hang up. Then contact the mortgage company at their usual number to check if they called. They probably didn’t.

Time to conclude for today — have a great week!