Skip to content
Search
Search
  1. Money
  2. Scams & Fraud
 

Who Has Your Data?

Hackers are getting bolder. Here’s how to fight back

by Kevin Mitnick, AARP Bulletin, March 30, 2017

ID theft

Illustration John Ritter

IMAGINE YOU'VE JUST HAD your smartphone stolen and are desperate to get it returned, along with the data it contains. You track it with the Find My iPhone app and send messages offering to buy it back. In response, you get a link to click. That’s a trap designed to steal your username and password. Click it and enter your credentials, and you’ll join the ranks of those hacked by crooks playing on a weakness—your urgent need to get back your phone

Web Security

Your identity is more vulnerable than ever. Here are the best ways to keep the odds in your favor while on the web:

1. Always use a password manager, which is software that stores and organizes your passwords. Just set up a master password — a favorite lyric or quote, say — with at least 25 characters.

2. Be careful with free Wi-Fi. When using an open wireless network, connect to a VPN service. You can subscribe to one for $5 a month.

3. Secure your web searches with HTTPS Everywhere, which encrypts all your internet communications. Download it for free online.

4. Be careful wiring money. Verify the institution’s credentials and the recipient’s identity. 

According to the Identity Theft Resource Center, data breaches hit an all-time high in 2016, up 40 percent over 2015. Over half of those hacks resulted in Social Security numbers and other critical data being stolen.
Watching out for these common scams will help keep your identity safe.

Ransomware

Right now, this is one of the most profitable scams out there. A hacker can infect your computer by covertly installing malicious software that will encrypt your files. If you don’t have a very recent backup, you can lose all your data and be faced with having to pay a fee of several hundred dollars to recover it. Don’t click on any link or attachment you are not expecting.  

Remote PC-Repair Plans

Victims get a phone call from a scam artist claiming to be a representative of a fake computer firm. The caller warns that your computer has been infected with malware that will corrupt your files. The scam: tricking you into giving the impostor full access to your files. Eventually the crook infects your computer to get you to pay for unnecessary repairs. The scammer can also look around your computer and steal your identity. 

Phishing

This is an unsolicited email that may look like it has come from a legitimate source. That email is bait, designed to reel you in like a fish. It can look like an email from your bank asking you to update your password and other preferences, or it can resemble an email from a friend sharing “attached photos” that, when clicked, show nothing or an error message. At this point a hacker gains full control over your computer and can steal any information stored there.

Spear Phishing

This is a highly targeted phishing attempt. Spear phishing aims to defraud specific people rather than a larger group of potential targets. Prior to carrying out a spear phishing attack, the hacker digs up your personal information, such as your family history, where you live, your mother’s maiden name, your Social Security number and so on. In one such scam, the perpetrators pretend to be your mortgage company, notifying you by email that your mortgage has been sold to another company and instructing you to now send payments to “XYZ” company. A link in the email goes to a fake website, designed to look real. Only a very close look will reveal subtle differences that expose the fraud.

How to Stop Fraud

Next: Home Hazards