In a world where so much of daily life is driven by the internet, online scams can do real damage. Sensitive information falling into the wrong hands can impact everything from personal bank accounts, to corporate credit cards, human resources data and beyond. Of course, there are ways to stand protected against such fraud.

October is Cybersecurity Awareness Month, and Central Bank wanted to take the opportunity to educate our friends and neighbors about common cybersecurity scams making the rounds today, safeguards every business and individual should have in place — and what to do if you believe you’re the target of potential fraud. Read on to remain informed.

What Are Some Common Online Scams Today’s Consumers Should Watch for?
One of the more difficult aspects of online scams is the fact that, just as technology itself is always evolving, so are the ways fraudsters use it. Here are a few common methods scammers are using today:

• Social Engineering Attacks: The most common of cybersecurity scams, social engineering involves manipulating an individual to gain access to sensitive information. Although these scams can take place via phone call or text message, phishing emails tend to be the go-to. 
  
  In these instances, the scammer often masquerades as a well-known company or coworker, reaching out to ask for help with a company project, alerting them of a past due payment or communicating some similar message. If the target clicks a questionable link or opens an unsafe attachment, it can download malware to their computer and open them up to theft of information.

• Ransomware: A form of cyberattack that has made many headlines in recent years, ransomware attacks occur when fraudsters load a computer with software that then encrypts or cuts off access to files. With systems locked out and computers rendered temporarily useless, the fraudsters demand a ransom before agreeing to release the files.
  
  Companies can fall victim to such attacks if their firewalls and antivirus systems aren’t kept up to date, or if an employee falls victim to a phishing email. Similar risks come into play when a vendor company with access to your system finds itself the victim of a ransomware attack.

• Cryptocurrency Payment Scams: Cryptocurrency walks a dangerous balance of being something most everyone has heard of — but which few people truly understand. With cryptocurrency scams, fraudsters will often pose as government officials, contest promotors and the like, directing targets to visit a nearby cryptocurrency ATM to pay for bills or fees that don’t truly exist. And once a payment has been made, it’s virtually impossible to get that money back.

• Peer-to-Peer Payment Scams: People today use app-based programs to send money for everything from babysitting services, to business lunches. And although such systems are generally secure, scammers have found ways to infiltrate them. With peer-to-peer payment scams, fraudsters often disguise themselves as your bank or another legitimate business concerned about potential fraudulent activity. They might request account information or ask you to make a transfer through your app, all in an attempt to get their hands on your funds.

How Can I Avoid Falling Victim to Online Scams?
As we’ve mentioned above, scammers are constantly finding new ways to infiltrate systems and trick people into turning over important data or hard-earned money. Here are a few ways individuals and businesses alike can help keep information better protected:

• Go to the (Legitimate) Source with Any Request that Sounds Suspicious: Has someone who says they’re from your bank texted, asking for your account information? Has an individual claiming to be a grandchild (but not giving their name) called asking you to transfer money? Is your boss allegedly asking you to buy gift cards for a company project you’ve never heard about? Check it out. Cease communication immediately with whomever is making the request, then contact the institution or individual through a means you know is accurate. A simple phone call can help you determine whether it’s on the up and up — and can save you tremendous heartache down the line.

• Know How to Spot and Sidestep Potential Threats: Make an active effort to understand the warning signs that might point to a potential scam — and ensure your employees are in the know, too. Regular training sessions and periodic reminders to update passwords to something secure can go a long way toward keeping your data out of harm’s way. And if you’re not sure where to start, our Safeguarding Against Online Threats video offers all sorts of useful information. The American Bankers Association’s Banks Never Ask That webpage also offers insight into questions your financial institution will — and won’t — request.

• Keep Computer Systems Up to Date: Software companies regularly release security patches aimed at keeping your systems protected against the latest online threats. On the business front, talk with your company’s IT professional to make sure you’ve got the latest and greatest firewalls and other security protections in place — and that they’re updated as needed. At home, set your computer to allow for automatic updates, but go in periodically to make sure those updates are taking place as they should.

• Stay on Top of Current Trends: When it comes to online scams, knowledge really is power. Having a general understanding of the latest tactics the “bad guys” are using can help you stay a step ahead. The good news is, you don’t have to dig that information up yourself. The following pages offer a wealth of information surrounding current trends and ways to stand protected against them.

  • Central Bank Security Page

  • FBI Common Scams & Crimes Center

  • U.S. Cybersecurity & Infrastructure Security Agency

What Should I Do if I Suspect I’m Being Targeted for an Online Scam?
If your bank account has been compromised, contact your financial institution immediately. Your bank will often recommend closing the account and opening a new one — and will carefully evaluate items that come in for payment. In addition, if you’re the victim of credit card fraud, your credit card bank will place holds on the card and investigate unauthorized purchases.

On a different note, if you suspect fraudulent activity might place your company’s computer systems are at risk, alert your IT professional so he or she can start digging in on the issue.

There are also a number of agencies at the government level that can help you report fraudulent activity and get your information back on track. Those include:

• The Federal Bureau of Investigations Internet Crime Complaint Center (IC3)

• The U.S. Cybersecurity & Infrastructure Security Agency

• The U.S. Federal Trade Commission’s IdentityTheft.gov

• The U.S. Social Security Administration Office of the Inspector General

During Cybersecurity Awareness Month — and all year long — Central Bank is here to help keep you in the know, and to keep your data and funds protected. If you have questions about any of the above, or if you’re interested in learning more about our local bank’s products or services, feel free to reach out. We look forward to hearing from you!