Illustration John Ritter
IMAGINE YOU'VE JUST HAD your smartphone stolen and are desperate to get it returned, along with the data it contains. You track it with the Find My iPhone app and send messages offering to buy it back. In response, you get a link to click. That’s a trap designed to steal your username and password. Click it and enter your credentials, and you’ll join the ranks of those hacked by crooks playing on a weakness—your urgent need to get back your phone.
According to the Identity Theft Resource Center, data breaches hit an all-time high in 2016, up 40 percent over 2015. Over half of those hacks resulted in Social Security numbers and other critical data being stolen.
Watching out for these common scams will help keep your identity safe.
Right now, this is one of the most profitable scams out there. A hacker can infect your computer by covertly installing malicious software that will encrypt your files. If you don’t have a very recent backup, you can lose all your data and be faced with having to pay a fee of several hundred dollars to recover it. Don’t click on any link or attachment you are not expecting.
Remote PC-Repair Plans
Victims get a phone call from a scam artist claiming to be a representative of a fake computer firm. The caller warns that your computer has been infected with malware that will corrupt your files. The scam: tricking you into giving the impostor full access to your files. Eventually the crook infects your computer to get you to pay for unnecessary repairs. The scammer can also look around your computer and steal your identity.
This is an unsolicited email that may look like it has come from a legitimate source. That email is bait, designed to reel you in like a fish. It can look like an email from your bank asking you to update your password and other preferences, or it can resemble an email from a friend sharing “attached photos” that, when clicked, show nothing or an error message. At this point a hacker gains full control over your computer and can steal any information stored there.
This is a highly targeted phishing attempt. Spear phishing aims to defraud specific people rather than a larger group of potential targets. Prior to carrying out a spear phishing attack, the hacker digs up your personal information, such as your family history, where you live, your mother’s maiden name, your Social Security number and so on. In one such scam, the perpetrators pretend to be your mortgage company, notifying you by email that your mortgage has been sold to another company and instructing you to now send payments to “XYZ” company. A link in the email goes to a fake website, designed to look real. Only a very close look will reveal subtle differences that expose the fraud.