What to Do If You Fall for a Cyber Scam
Imagine ordering something from a big name e-commerce website when, a few minutes later, a fraudulent email hits your inbox asking you to confirm your order or update incorrect credentials. Maybe you’ve been scared by a false IRS pitch over the phone or by an “urgent notice” email. Or maybe you’ve received an urgent offer that “won’t last long, so apply now!” All of these are potential ways scammers can access your sensitive information.
Cyber crimes and cyber scams come in all different forms but have one thing in common: they cause problems. Here’s how to respond to five of the most common scams that might strike you or someone you know.
If you gave your Social Security number away:
- One of the most important things you can do is set up credit monitoring. Whether you willingly gave away your information or it was stolen from a company like Equifax, monitoring your credit will give you an advantage over scammers. Typically, your bank or the company that was breached will be able to provide this service to you for free. There are many other free, high-quality products on the market, as well.
- Set up alerts so you instantly know when your credit changes. Again, this might be a free service offered by your bank. Other banks will offer free services, such as CreditWise by Capital One, even if you aren’t a customer or account holder.
- If you believe a scammer already has your Social Security number or you gave it to them directly, you can place a credit freeze on your account to avoid further damage. Luckily, there are three credit agencies who can do this for you: Experian, Equifax, and TransUnion. Credit freezes will stay in place until you say otherwise. You can also temporarily unfreeze your credit as needed.
- You can place a fraud alert on your credit report which will require companies to contact you should anyone try to take out credit in your name. Experian, Equifax, and TransUnion can implement a fraud alert for you over the phone, and it’s a lot less intrusive than a credit freeze.
If your computer is locked with ransomware:
- One of the first things to consider is paying the ransom—but be aware of the risks. The FBI does not recommend paying scammers what they want. However, if the files are valuable enough, payment is a viable option. The issue with payment is that it notifies scammers that you are willing to pay, which could lead to more attacks in the future. The ransom demand itself could also be fake and once you send the money, scammers either don’t send you an encryption key or send one that doesn’t work.
- The best defense against ransomware is to simply back your files up. There are many cloud-based programs on the market that are free or low-cost, such as Apple’s iCloud, Microsoft’s OneDrive, or Google One. All have different plans ranging in price and storage.
If you wire money to a scammer:
- In a wire fraud scam, typically a scammer will break into the email of someone you know professionally. The individual will watch how you interact with that person and will send you a message, usually urgent, saying they need a large sum of money transferred to an account that is typically offshore. If this happens to you, call your bank immediately. If you are able to contact the wire department of your bank and stop the wire transfer before it happens, it will save you a tremendous headache.
- If you are unable to stop the transfer, file a report with local law enforcement and a fraud report with the FBI.
- If you receive an email from someone you know asking for a wire transfer, the best way to avoid a scam is to call and confirm what they are reportedly asking for.
If you put your account number and/or card information into a fraudulent website:
- The best thing you can do in this situation is to call your bank. If fraudulent charges have been made on your card, they will typically have you fill out a form to be reimbursed. The bank will also issue a new card and may contact you with follow-up questions.
- If you’ve given away account numbers, your bank will be able to freeze or suspend the account that may have been compromised by scammers.
If you receive a “sextortion” email:
- First and foremost, do not believe it. No one has secretly recorded you and no one will be contacting your spouse or significant other if you don’t pay them.
- Even if your email address and password or login credentials from another website are in the subject line, it’s a scam. The dark web has fire sales of personal information that really can’t be used for much, but scammers would like you to think otherwise.
- If you have fallen for a scam like this, the best thing you can do is to call your bank and try to reverse the transaction.