The Art of Avoiding Scams

THE ART OF AVOIDING SCAMS


Avoiding online scams internet safety for artists 


  A Reminder for My Artist Friends and Everyone Else!


I recently wrote an article around Big Data which you can read here: http://www.beechhousemedia.co.uk/2017/03/the-world-of-big-data-and-how-artists.html


And I have previously written about how artists can help protect their digital work and their online life which you can read here: http://www.beechhousemedia.co.uk/2017/01/online-safety-and-protecting-your-art.html


Thanks to extraordinary variety of internet-connected gadgets we’re putting in our homes and into our pockets, and the interconnectedness of our digital lives more generally it seemed like an ideal opportunity to write a follow up piece on how to protect yourself from scams and other nasty surprises too.


It’s as useful to all of my artist friends as it is to everyone else, in fact probably more so. Many of us rely on the internet to run our art businesses, process payments, and store our art, so think of this as a way of protecting our art business. We only thrive when we get ourselves and our art exposed and we do this all of the time online.  


Apparently we visual and performing artists are not the only type of artists who need exposure, there are con-artists too.


I expect all or at least a large majority of you will already be taking the necessary precautions but I always believe that just occasionally we all need a reminder that we need to be actively preventing not just the attempts but the misery experienced by victims when such things happen.


If you take the right steps you will be able to minimise the risk, but I will be frank here, nothing you do to minimise risk will completely take it away, that’s just how the game is played. It's the same offline too. 


Unfortunately scammers are getting a little smarter and the scams are getting more complex. Often though the basic principles of the scams are rooted deeply with previous methods, and if you are not overly familiar with those methods you can get sucked into the new methods.


It’s a game of being a hundred steps ahead with each side trying to predict the other side’s next move, and it is a completely fluid landscape. Constantly changing, ever evolving, and always growing.


So this week I am offering what I hope is a little insight into just how the scammers try to pull things off so that you know what to do to stay safe.


Point to note here, scammers are usually looking to ultimately achieve one of two things or both. One is to steal your money, and second is to steal your identity. Occasionally they might just want to wreak havoc with your social media accounts, or hijack your PC to use it within a network of bots, but usually the end result often comes down to quick money and identities or an opportunity to mess with corporations. For corporate networks it is usually data, but you can bet there is a fair chance that money and or identity is still involved down the line.


The costs to the public, individual countries, and legitimate organisations is extremely high, and not just financially. Reputational damage can bring organisations down and the amount of work needed to resolve an attack and put in additional preventative measures is often unnoticed by consumers. Attempting to prevent cyber-crime is high, but the cost of not doing it is even higher. 


The real problem is that it’s now on the rise and the scammers are getting desperate.

A vast majority of websites are doing what they can to fight and combat this rise so it is not all doom and gloom. But there are still many sites across the rest of the internet that are well within the boundaries of the darker side of the web.


It’s not just websites, many of the scams are originating in other ways where there’s no need to visit a website at all.


Whether you call it cyber-crime, online fraud, consumer cyber-crime, internet fraud, online crime, or e-crime, it all pretty much means the same thing and it causes considerable distress to everyone who falls victim to it. With some victims having serious ongoing financial issues as a result, the stakes are high.


MAKE BELIEVE


Scammers like to play a game of make believe and whenever I have had the misfortune to speak to one of them (and me knowing full well that they were carrying out a scam on my friend) I have come to this conclusion, they often actually believe themselves.


As soon as you let them know you are on to them their scripts go out of the window. I call this confirmation and it is usually followed up with some vulgar rant and a few threats from them, and me sitting there with a coffee usually holding the phone a good three or four feet away whilst they get annoyed, there is no point joining in.


They will still try the convincer, a tactic used when all else fails and they will attempt (if they haven’t already), a method called social engineering.


Another word for social engineering is manipulation and these crooks are masters of this particular art. So before we begin, first thing’s first we need to identify the particular types of scam so we can identify them.


THE COMMON SCAMS


keep your personal information safe 


I mentioned earlier that the scammers are evolving and their methods are evolving too, but they are generally based on previous scams and they refine them over time. The scam might seem a little different but the principles are the essentially always the same.


Everyone has heard of the Nigerian Scam, it is actually one of the oldest tricks in the book and comes in an assortment of flavours. A UK based charity organisation ‘Citizens Advice’ found that fraud offences in England and Wales, rose by 25% in 2013 and that up to four million people could be scammed each year.


Which? Is a consumer rights organisation in the UK and they suggest that ‘fraud is now at record levels, with more than five million scams costing Brits a mind-boggling £9bn each year’.


Victims often hate to admit they've been conned, so research is difficult. Even so, experts estimate that $40 billion to $50 billion a year is lost to consumer fraud, says a study by the Financial Fraud Research Center at Stanford University's Center on Longevity.


Last year (2016) a Nigerian who was behind thousands of online scams around the world was arrested in the southern oil city of Port Harcourt according to Interpol. The man is alleged to have headed a network of 40-individuals behind global scams worth more than $60 million (£45 million), and his operations involved using Malware to take over computers and compromise emails, and romance scams.


The Nigerian scams are not just coming from Nigeria, it is a global trade. Wherever fraudsters see an opportunity to make money they will take it.


It’s impossible to say for sure just how much is lost as many victims never report the crime out of embarrassment, it all seems so obvious once you have been scammed and generally people get annoyed with themselves for letting it happen. If it happens to you, report it.


In short, the Nigerian or 419 scam is money laundering. Usually starting with an emotional message (social engineering in play already here), and it usually goes on to say that they want you to provide help in retrieving large sums of money. Occasionally it can start with smaller sums, it depends how they run a particular scam. In exchange for your help they will provide you with a large cash deposit.


It will often involve cash transfers from you first, wiring through Western Union or other money wiring services and a promise that as soon as you send a certain amount they will send you a cheque in return for a higher value.


They will add in transaction costs, maybe even send you official looking documents, but think of it this way. Would you film a blockbuster movie without first creating a few props?


Here is the top advice for avoiding this type of scam. If it sounds too good to be true, it is. No matter how convincing these people are remember that they have had lots of practice and will be running this scam concurrently with a number of potential targets or ‘marks’ as they call them. The only thing you need to give them is ‘a raised middle finger’.


Unfortunately these scams will come through the post, in person, or via email, so you always have to be on your ‘A’ game.


THE PC PHONE SCAM


If you have ever come across someone who is saying that they work for Microsoft and that your computer is infected you are not alone. Even though we are all aware of the scam it’s actually on the rise.


There is a problem with your PC the scammer will say and then they will request access to your computer so that they can fix it for a small fee.


Rule one. Microsoft will never directly contact an individual user to tell them that their computers are not performing, running well, or have a viral motherlode, or any number of the millions of excuses that the scammers concoct for the purpose of getting your attention. I will repeat myself here: MICROSOFT WILL NOT CALL AN INDIVIDUAL USER! And neither will Apple, or Google.


Microsoft will let their community of partners know if there is a particular threat, and the community will respond, a technical fix will be created, and it will download as an update within Windows. 


Viruses are dealt with by reputable anti-virus companies, and these work usually in the same way.

Once you allow the scammer access to your computer they essentially now have everything that they need, your role will be just to confirm passwords and hand out your savings.


They will install a virus which is often sent via an email, and it is at this point they will need you to pay up to have it removed. I have seen costs vary from between $60 - $200 and in some cases even more.


The scammer may phone you usually after you have allowed access or they have your phone number, and if you challenge them it usually turns into them making threats. Report these threats and every attempt to con you.


There are other ways in which scammers operate too and not just cold calling or emailing, sometimes they will actually know your IP address. How they do this is or how they did this (fixes have been put in place) is that the big advertising networks allow those wanting to run adverts on websites to bid at a certain price to place the advert.


Criminals take advantage of this and place adverts which are infected with a single bad pixel and it is this pixel which can redirect users and infect them in the background and users don’t need to necessarily click on the advert.


The malware inserted into the advert redirects users to another website in the background and this is invisible to the user, this website will check the IP address and from the IP address they can find out the internet service provider (ISP) owns the address.


Victims are then served a pop-up notification which shows their IP address and tells the victim that their computer is infected. The pop-up often looks like a legitimate notification from your ISP telling you your IP address and asking you to call for a number for assistance.


You also need to be cautious when it comes to phoning these people using the provided numbers. Often these numbers are for premium rate lines and you will ultimately be paying even more to be scammed. If you own a website with ads, make sure you constantly review ads. Google makes it easy for website owners using the AdSense platform, you literally just go into the account and take a look through the ads currently running.


Google have been proactive with AdSense and they now even publish a bad ads report. Google have strict policies in place to keep Google’s content and search networks safe and clean for their advertisers, users, and publishers. When a publisher violates their policies, they may stop showing ads on their site, or even terminate their account.


There are scams that can lock your computer (ransomware) and these usually end up with you having to pay a fee to regain control, but as soon as these call centres are found, another one opens up.


If you think you have been a victim of the scam or you are concerned, here are a few quick tips which you should use to remain safe, and you will be able to read my top 30 tips a little later on in this post.

  • Never give anyone access to your PC, laptop, tablet, or phone
  • Never give anyone access to your personal details
  • Never pay a fee for unsolicited technical help
  • If you think you have been scammed, change all of your passwords and usernames including logins for banks and credit cards
  • Make sure you are using up to date anti-virus scanners and make sure you are getting these from the reputable anti-virus companies.

Fake anti-virus software has been around for years and they are usually downloaded when you see a notification on screen which says that you have been infected, download X here. When you download the product it might look like an anti-virus scanner, but in fact there is likely to be a Trojan, virus, or malware hiding in plain sight.


online Safety always lock your phone with a passcode or password 


THE GUARANTEED ACCEPTANCE


You might get an email or find a website that guarantees acceptance for a credit card or loan and it tells you that you have been pre-approved. Why this scam is so successful is because credit card companies and those offering legitimate loans will often get in touch with you too.


One of the methods they use will be to ask you to pay a fee upfront so that you can immediately expedite your application and get spending the thousands of pounds or dollars they have offered you. If this seems familiar then it is. It’s another Nigerian style scam.


The most vulnerable are usually the victims of these types of scams. Those in debt or who have lost their jobs are more eager to get things under control and scam artists prey on people looking for a way out of financially messy situations.


Often the sites and materials used will have testimonials from people but the only testimonials you should believe should be from those people you know and trust.


Reading the fine print is something that none of us like to do, it’s usually written in 6-point font and is unreadable and the legal jargon makes it an unbearable read. By reading it you might find out that in a few years or a few months your interest rate might rise by 300%. If the 0% was the sizzle, the fine print was the steak.


Making a quick decision is something that they usually want you to do. Remember I said that if it sounds too good to be true it is, well this is a ploy that again relies on social engineering and emotion, and this time also adds in a sense of urgency.


The only time you should make a snap decision is when you are an expert in what you are buying and you know exactly what you are doing. If in doubt, wait for the next train folks.


HEY YOU JUST WON!


No I didn’t because I didn’t enter. I play an official lottery every week with a hope of just winning enough so that I can give up the day job and concentrate on my art and blog. OK, a shiny newish (but not brand new) car would be appreciated as would the next iteration of the iPad Pro and a new Apple Pencil. I have played the UK lottery for years and have had minor success. I have in twelve years won a total of £70 ($86.61 U.S) so what are my chances of winning any more on a fake lottery I didn’t even enter?


The opportunity presented in about three hundred emails I get each week in my spam folder is tempting. Just this week I have won more than 200-cash prizes and all just need me to pay a processing fee in order to claim my winnings. It’s an update to you guessed it, the Nigerian or 419 scam.


Have you won vouchers for your local supermarket? Usually offering £80 ($100 US) off your shopping when you print off the voucher or enter a code online, but these are scams too. Sometimes just to make you look a fool at the checkout, other times to hook you into a wider scam.


I have seen these across social-media for years and mostly they are filled with spelling mistakes. If a supermarket was going to give everyone who printed off the coupon £80 of free groceries they would go bump overnight. I would also get rid of their marketing departments because they clearly have no grasp of spelling and grammar.


SOCIAL MEDIA SCAMS


Wow, I have seen more than enough of these. The hijacked profile scam is the one which stands out. Before you read the next part, go and set up multiple authentication on your accounts, you will find it in the settings. Do it right now, because one day you will thank me for pushing you to do this.


Hijacking user accounts by copying and pasting your profile and photos is something that is also on the rise. Just to be clear, if you get a second request from me, it’s not from me.


The other scam to watch out for is related to dating and love. This is interesting in that it plays on very different emotions and exposes a different set of vulnerabilities.  


Scammers create fake online profiles (also known as cat fishing) and they will tug at your heart strings with stories of how they need money, how much they love you and they do this very quickly. You are one of possibly hundreds they are allegedly falling in love with.


Women and men are equally susceptible to this type of scam. For women it can be an approach from someone in the military who hit on hard times, but not always. Uniforms are frequently used though.


If they are asking you to talk outside of the social-media site, or are asking you for personal email addresses, phone numbers, or asking you to text them, these are all warning signs.


If they ever ask for money before you have actually met them and trust them, then it is probably a scam.


Go to their profile, copy and save their profile image and upload it into a reverse image search engine such as the one provided by Google and see what results come back.


If they send you photographs do the same thing and upload their photographs to a reverse image search. Also check for the tiniest of giveaway details such as looking in the background at the location, does it tie into where they say they are, or a clock, or a calendar, or something that will give the game away.


You can also check the exif data of the photo too using apps or software which will tell you about dates, where it was taken and what with. Of course there are apps which will help you remove exif data just as easily as they will show you. So take this as a red flag too if it happens.


Dating and romance is fertile territory for scammers to take advantage of and they are doing it more and more. You can find out more from the Federal Bureau of Investigation here. https://www.fbi.gov/contact-us/field-offices/sandiego/news/press-releases/fbi-warns-of-online-dating-scams and you can report any suspicious activity here: https://www.ic3.gov/default.aspx


Perhaps one of the most important things to remember is that you should never send money through a wire transfer service to someone you met online. One of the biggest red flags with any of these schemes is that the address they want you to send it to is often not where they say they are from and you will be asked to say on any paperwork that the wire transfer amount is a gift. Honestly it should just say Red Flag.


PHISHING


It’s not just cat fishers who fish and phish, but phishing is generally bad news. Phishing is a common scam and is a method used to access personal details and information.


You could be redirected to a legitimate looking website and recently a few Google users fell victim to this too. They were asked to login to what appeared to be a Google login page but many savvy users identified that the web address was slightly different. It had a series of characters before the start of the address.


Check that the site contains a padlock and is over an SSL connection. You can reach the https version of this website at https://beechhousemedia.blogspot.com if you are ever in doubt, and all of my transactions are fulfilled by an https link to Fine Art America and Pixels. Eventually I am hoping that https becomes available within custom domains through Google, and when it does I will only serve content over https.


Phishing scams can also be based on using platforms such as social-media or email when criminals send you messages which try to trick you into handing over personal details.


Often emails can appear to come from a specific and authentic looking source. Banks, government agencies, even letters through your letterbox asking you to call a number or log into a site that looks and acts like the real thing.


Clinking on links and attachments in emails is one of the easiest ways for them to launch an attack, but what you are doing when you do this is hacking yourself. The information that they steal is then theirs for the taking.


What makes this worse is that many people will be using the same email, username, and password across multiple sites. Once they have the username and password for one site, they can figure out the logins for other sites and services too.


Phishing is broken into categories, although none of them are really less dangerous than any of the others. Spear Phishing is an email directed at specific individuals or companies, and they do this after carrying out research beforehand on their intended mark.


Essentially this is similar to classic spy craft, they will have researched you in advance and will know a great deal about you. They might mention friends, recent purchases, and once they do this your guard can drop.


It takes effort to carry out this type of attack, and that’s why it is more successful than many other types of phishing attack. Whaling Phishing is similar to Spear Phishing except this time they will be going after high profile targets usually within an organisation.


Clone Phishing is when an attacker uses legitimate emails and documents to create a cloned document or almost identical version. The key difference might be the web address or within an attachment, and it often looks like it has originated from the original sender.


Cloud Phishing attacks have also been increasing. Usually in the form of an invitation sent from compromised friend’s accounts inviting users to download a document or photograph from one of the popular cloud based storage services.


Once downloaded the attachment is opened and malicious software is downloaded to the users end device.


Government Phishing is all about communications that appear to originate from the IRS in the USA, or law enforcement agencies. The important thing to remember is that no government organisation will initiate such things as filing a tax return via email.


Social Media Phishing is when the scammer recreates a page which looks identical to Facebook or other social media sites login pages in order to steal login credentials.


Usually you will need to change your password and will be redirected to a page where you will need to type in your original password and then a new one. The new one will have no effect, they just wanted you to confirm the password you are using at the time.


Information is usually sold or can in some cases be used to blackmail victims. If you get notifications or emails appearing to be from Facebook, here’s a little advice, for the most part Facebook's officially employed staff have a grasp of language and spelling. You can read what Facebook have to say here


When checking any emails, check that the reply address is from a legitimate company. Often an email coming from Amazon or Facebook will appear to have been generated by them. When you send a response back, the email is sent to a totally different address and is often a Yahoo or Gmail or other email address.


Personal information should never be sent via email, so if the sender is requesting it and you know they already have it, raise the red flag, ring the alarm, but never send it.


Other red flags include the scammer writing words and sentences that create a sense of urgency. You must do this within two days, urgent request, exciting news, offers, gift cards, vouchers, claim here, and also look for non-alpha-numeric characters.


They write non-alpha-numeric characters because they are switched on to users setting up rules within their email accounts such as block anything with the word free prize draw. If they use non-alpha-numeric characters the combinations of rules that you need to apply would be greater and eventually some will slip through.


They may claim that there is a problem with funding or a recent purchase and ask you to log on to confirm your personal details, usually you will be logging on to a phishing site.


Law enforcement agencies will never ask you to confirm personal details, but sometimes the scammers get super crafty and use JavaScript to make a URL appear to be the real URL when actually the real URL is to somewhere different. It’s essentially JavaScript providing a picture over the top of the legitimate URL.


At one time and to meet the 140-character link on Twitter I would use a service called bit.ly to shorten the URL. I stopped doing this because I want you to know that you are coming to my site, short URLs give no real indication of where they are sending you, so I have stopped using them and have also stopped clicking them, and you should do the same.


Lack of details about how to contact the organisation is also a giveaway. If you look on my site you will see a contact me form. Once this is filled in it goes through a series of checks before I even see the email, but if there is any ever doubt you can use the email link on my contact page and send me an email directly. Anyone or any business will have valid contact details online.


MORE SCAMS


Like I said earlier the tell-tale signs are obvious if you know what to look for. They generally revolve around a couple of basic scam types, but there are other scams too.


Overpayment scams will often involve expensive items and if for example you are selling a car, the buyer might offer to pay you more than you are asking because they need it delivered overseas.

They will send you a real money-order and you will deposit it, by which time the car has been shipped. You might even give them change, but the problem here is that many of them will be using stolen money orders. By the time the bank lets you know the goods and excess money are usually out of your hands.


AUCTION SCAMS


We all buy over the internet because more often than not we will pay less for a particular item than we would if we went to a physical store. Places like eBay and Amazon have some remarkable bargains but some sites are also a hiding place for scammers.


Always buy within the rules of Facebook and Amazon because they will offer you protection. The moment you contact someone outside of the service and start doing things offline or things that are not allowed within the site or service, you are on your own.


Not delivering the item is one way that the scammers will scam, and if you provide credit card details in an email because the seller wants to avoid selling fees, your protection is suddenly watered down considerably.


Occasionally things are posted online that are not what you will end up buying. Misrepresentation of goods and services is also on the rise, and usually involves the seller listing false information or posting a picture of a superior or genuine product when the product if you actually receive it could be fake.


Shill bidding happens online too. Essentially the seller will increase the number of bids an item gets using either fake accounts or a number of other people to bid on the product falsely. It raises the overall price and the highest bidder will often pull out just before the bids close.


Multiple bidding is when they place a range of high and low bids and retract the highest bids at the last minute. It’s a little like spread bidding, spreading out the bids but knowing that the lower bid will be the one that takes home the prize.


Art is an obvious target for auction scams, so if you are thinking of buying art in any auction, do as much research as you can beforehand. Services such as eBay will offer a level of protection, but occasionally I have seen stories of shill bidding for art in offline auctions, but the major auction houses will be keeping a very close eye on such activity. 


NEW SCAMS ON THE BLOCK


Premium rate number scams are increasing and attempt to snare people who search online for telephone numbers usually for government departments. Adverts will appear giving you a number to call but the real sting in the tail here is that you will be charged a premium rate (£20-£30 UK $24.87 - $37.31 US) to make the call.


You will be put through to the correct advice line but you will be paying a high price. Using the correct phone number is often a very low cost and most of the time can be free.


Go to the official government website where you will find the numbers. It might take a little longer but it won’t cost you anywhere near what you will pay by going through a scam service.


Premium rate text messages are also on the rise, so whenever you sign up for anything read the small print and make sure you are not agreeing to receive updates and messages via text if there is a cost involved.


PROTECTING CHILDREN ONLINE


There is no real profile of a potential mark. Anyone online seems to be fair game and this often includes children and teenagers too.


Sexual predators will immediately spring to mind when we think about children becoming victims of online crime. This is a very serious problem and one of the biggest concerns for parents, but there are other ways in which the young can become vulnerable online too. 


If you give your child access to the internet make sure that they know what not to do. Asking them to never download anything before you check it is obvious, as is never giving out any personal details even to friends on social media.


There is a train of thought when it comes to allowing children to use the internet safely. Some will say that everything needs to be controlled, supervised, and monitored, and others will say that the kids will know more than they do so just go ahead.


Ultimately if they are using your IP address and you’re paying the bills you are responsible so ask yourself if you can really trust a five year old with the keys to your online door. You also need to ask yourself what would happen if they become a victim.


No one can ever be certain of a person’s identity online, even if it appears that you know them. Here’s one piece of advice that not too many people use.


If your child knows or goes to school with another child and they are friends at school, devise a question that both will know the answer too, but which other people will not.


So when little Johnny speaks to little Billy they agree a word to use at the start of the conversation and if the other child cannot answer the question such as what is the safe word, they should shut the conversation down. Get them to change the word every day if possible and tell them to never write it down. Make it fun, they’ll think they are playing at being spy’s but this is essential trade-craft in the internet age.


If the news is on and there is a report about online crime, use this as an opportunity to speak to your children. Get their thoughts about what happened and ask them how they would make sure it never happened to them. If they can’t, then use the opportunity to teach them, or for them to teach you, make it a two-way thing.


Tell them to never disclose information such as where they like to hang out on social media. Their friends will know this already and often scammers and predators will hang out silently online and will monitor social media accounts and harvest information.


Make a point of checking their internet usage, what they get up to, and who they are chatting with. As they get older this becomes more challenging and they will want some privacy. Just explain that these are the rules and the alternative is no internet access.


You can set safe filters in the settings of most devices, or you could install software which will only allow access to specific sites and web based services you agree to. However, if you never check the logs and only ever install the software there’s really not much point. If you install it, make sure you use it.


I have heard of a fair few stories when group messages are created and sent to everyone at the same time. These can be a foothold for some to start online bullying in front of an audience. You need to be especially aware in these situations, it’s not just scammers at this point but supposed friends and peer pressure can make life more difficult.


THE THINGS YOU SHOULD DO


always change your password 


Knowing that online scams are real is the first step to protecting yourself. Reading this feature today will probably make you want to throw your technology away and go and live off-grid forever more. But it shouldn’t, there are many things you can do to protect yourself, your business and your art online without giving up entirely.


There is no single group of people a scammer will target, everyone can be vulnerable it is a case of making sure that you have enough information to make you less vulnerable. So here’s a top 30 things you can do to at least mitigate the element of risk.


1. Never open anything in an email or on a website that looks suspicious. Trust your gut on this one and if you are unsure, just don’t open it at all. There are other ways a company, individual, or organisation can contact you without email.

 

2. If you have only met someone online or you are unsure of the legitimacy of a business, carry out some research using sites like Google and Bing.

 

3. Be careful what you post online. Anything too personal isn’t just available to your friends, it is available to the public too unless you change your privacy settings.

 

4. Take mail out of the mail or letterbox when it has been delivered so that cannot be intercepted or retrieved by others.

 

5. If you plan on having a clean out, make sure that everything of a personal nature and especially bank statements and personal documents are shredded. You can also buy rubber stamps which roll over addresses and personal information, but shredding is the better way of destroying documents.

 

6. Always upgrade to the latest operating system and make sure any updates to the operating system are installed. Many scammers exploit older technology so make sure everything is at the latest version.

 

7. When it comes to passwords, passwords can actually be the problem. Choose them carefully. Passwords are usually created so that you remember them. Choose a different password for each website and service, and vary your email addresses used for logging in. They shouldn’t be easy to guess, so consider using a reliable Password Manager that will hold encrypted information and randomly generate new passwords whenever you need them.

 

8. Review your privacy settings on social-media. Consider making things not quite so public, and be careful who you connect with. Carry out a few checks, visit the groups that those requesting your friendship belong too and if you have mutual friends ask them about the person making the request.

 

9. Never send money or personal details to anyone you don’t know or trust, and even if you know and trust someone doesn’t mean they haven’t been compromised.

 

10. Set up multi-factor-authentication. Receiving a text message direct to your mobile when someone tries logging into your account will allow you to change passwords if you suspect someone is attempting to get into your account.

 

Look for words such as two stage authentication, two factor authentication, and make sure you can access the messages or codes sent to you when you login, on another device to the one you are using. Otherwise if your phone or tablet is stolen, the thief will have everything they need to hand.

 

11. Premium rate phone number scams are increasing, you might receive a missed call and the number might look a little out of context, if it is legitimate and important they will call you back. If you call back you could be stung with a big bill. Check official websites and not sites which collect numbers as many of these could be rerouting your call and charging you.

 

12. If you are out and about, never trust public Wi-Fi to enter your personal information. Use a Virtual Private Network (VPN) which acts as a middleman and offers protection. Services such as those like Freedome come as an app and it is literally just one click to reroute your connection over the VPN.

 

13. Set fake answers to security questions. A little genealogy research can uncover your mother’s maiden name, so just create a different security answer for each site that needs one.

 

14. Wedding List websites. Often couple’s planning on getting married will create online wedding lists and some of these services will offer a space to write your life story. Keep this minimal if the site is publicly available.

 

15. Use a reputable anti-virus package to protect yourself and keep it up to date. Many will also come with a firewall so ensure that this part of the program is switched on.

 

16. If you have a new router make sure that you change the default password immediately when you set it up. This goes for many other devices too.

 

17. If you plug a USB memory stick into your device or an SD Memory Card, scan them with anti-virus software. Be careful of receiving free memory sticks when they are given out at events, some could contain additional data.

 

18. Make regular backups of everything. Sounds obvious but it is a task that many of us put off. There are so many great ways to back up these days including automated hard discs which connect over Wi-Fi. Just make sure your Wi-Fi is protected with a strong password.

 

19. Make sure you set auto-update for software and apps. This way you will always be running the latest version. Older versions may be able to be exploited.

 

20. If you are not using the webcam on your laptop, cover it up. Some scammers have been known to exploit vulnerabilities in webcams and record the user. The best way to prevent this is to keep everything up to date.

 

21. Add recovery email addresses when you sign up to services. If one address is compromised the company will at least have an alternative email address to contact you.

 

22. Visit official websites for the latest security update information. There are many websites which offer to provide fixes and some of these are unfortunately ways to get you to download tools to fix things, except they don’t fix anything other than installing malware on to your device.

 

23. Never download apps for tablets and other devices unless they come through official stores such as Apple’s App Store, Windows Market Place, and the Google Play Store. If you download directly from a website, the device will usually give you a warning which the website has said to click on OK or ignore. This warning should be a red flag.

 

24. If you find that you do become a victim don’t get upset. You are not the first. Law enforcement agencies, banks, and organisations are familiar with how scammers work and they see this all of the time. If you get upset on a call to a scammer, they will exploit this and try to find a weakness.

 

25. Make a point of checking and reviewing your privacy settings on social media frequently. Sometimes things can change if there have been updates, and new privacy features are often released in newer versions which you might not have seen before but might be useful to set. 

 

26. Use a dedicated password manager. Many people are reluctant to use a single app to store and manage passwords but the most reputable ones will be as secure as they can be. They will encrypt the information stored and will be able to generate new passwords which are more secure than the ones you could come up with. It's so much better than a Post-It note. 

 

27. If you participate in online dating sites and you meet someone, make sure it is in a public place. Keep a note in your pocket which gives out a contact number and says something like, please can you help me. I am meeting someone I met online but the date is going wrong. Please telephone this number. If the date has gone wrong you can discreetly pass this on to a member of staff working at the location and hopefully they will call a friend for you.

 

28. Make sure other people know that you are meeting people in person who you have chatted with online. Tell them where and when, and give them a time when they can expect to hear from you.

 

29. Try to make the first date during the day. That way if it all goes wrong you can make your excuses and say that you need to be somewhere else or meet up with a friend for lunch.

 

30. Make sure that your phone is password protected. If you have social-media apps running on your phone, as long as the scammer can get into the phone, they will have access to everything including any auto-fill passwords and usernames. They could post something on your timeline too.


AND FINALLY!


There is a lot of information here and much of it might make you think that being connected online is simply not worth it with all of the risk. There’s no need to think like that though. Many people around the world are using the internet every day without any problems at all.


You simply need to know what to look out for and remain vigilant. The internet is a wonderful place and just like any other place it has areas where you wouldn’t necessarily want to visit.


Many of the methods for staying safe I have gone through today are things that are so simple to do and you probably already do, do them. Once you get into the habit of protecting yourself online it becomes second nature. But the only real way that we can avoid being scammed is if we smarten up to the scammers tricks.


Scamming has been a thing since probably the dawn of human evolution. All we can do is think more about our online safety and not let it overly consume us.


Hopefully you will already be following some of the advice and I apologise if it seems like I am preaching to the converted and telling you things that you already know. But I think it is really important that we all get reminded from time to time, it’s easy to become complacent when we are not being scammed.


ABOUT M.A


Mark A. Taylor is a UK visual artist and blogger who specialises in abstracts and landscape art. You can see his entire range of current artwork here: http://10-mark-taylor.pixels.com


You can follow him on Facebook at https://facebook.com/beechhousemedia and on Twitter @beechhouseart

 

 

 

Comments

Popular posts