Directive Blogs
How Good is Consumer Reports’ Scam Prevention Advice?
Scams are everywhere in our highly digitized world, which makes it especially important that everyone is prepared to deal with them—both personally and professionally. The publication Consumer Reports’ cover feature for its August 2023 edition is dedicated to exactly this goal: helping its readers avoid the various scams and threats out there. Let’s look at some of the advice shared in the article, and compare it to the best practices we recommend.
Spoiler alert: Janet Siroto, the writer responsible for the article, did an excellent job.
What Does CR’s Scam Protection Guide Cover?
Siroto begins with a story about how a New York City-based business owner was easily fooled by a scam attempt on a particularly busy and stressful day, and while this business owner’s bank was able to prevent any lasting ill effects, some stats from the Federal Trade Commission show that many are not nearly so lucky. These stats depict the median losses to fraud by different age groups:
- Those in their 70s lost $1000 to fraud
- Those in their 60s lost $666 to fraud
- Those in their 50s lost $552 to fraud
- Those in their 40s lost $600 to fraud
- Those in their 30s lost $590 to fraud
Having established the importance of avoiding fraud attempts, Siroto continues her article with a summary of common scams today, along with some of the defensive measures that a person can take against them.
“New Text Scams,” as they are called in the article, describe the text-based phishing (or smishing) efforts that are rising in popularity today. By sending out automated messages with embedded links and somewhat believable premises, an attacker can use these scams to accomplish a variety of goals—extracting personal information and/or financial details along with introducing malware to a device.
Consumer Reports recommends that any text that comes in out of the blue—particularly one offering a free gift or reporting fraudulent activity—should be seen as risky, and the supposed sender should be contacted through more official channels. If the text proves to be fake, it should then be forwarded to 7726 to help your wireless carrier better identify scams. Avoid opening the text, never mind responding to it. If you do accidentally click through a link, exit immediately and delete your browsing history before disconnecting from Wi-Fi and running a malware scan.
Under “Latest Phone Scams,” Siroto describes the spam calls that so many of us receive claiming that we owe money to some government agency—efforts that cost a median of $1400 for 68.4 million Americans back in 2022. Using today’s technology to make their scams more effective, scammers can now more accurately mimic someone’s voice or spoof phone numbers so the calls appear to be coming from elsewhere.
The article goes on to recommend that calls be allowed to go to voicemail, where they can be screened and responded to via an independently verified contact number. If one of these calls is answered, you shouldn’t use voice commands or press buttons to opt out of future calls, as this simply confirms you are an active target.
Next, Siroto breaks down “Suspicious Emails,” which she quickly specifies as phishing emails by delving into common ruses. She hits on all the same best practices we do—checking for misspelled senders, requests for payment or updated information via an embedded link, and tight deadlines and urgency in the message. The advice given for these events is to leave the email unopened, label it as spam, and then block the sender.
If the email is opened, close it, and still label it as spam and block the sender.
“Facebook Frauds” is the umbrella term given to scams that are perpetuated via social media—a full 11% of reported fraud where a contact method was identified in 2022, with a median loss of $528 per incident. Ads offering amazing deals, opportunities to invest in cryptocurrencies, and other too-good-to-be-true promises now fill these networks in the hopes of enticing another victim.
Like many of the other scams reviewed in the article, the preeminent advice was to not interact with the message, verifying its authenticity through other means if possible, and blocking the sender.
Siroto also touches on the inherent risks that ATMs and QR codes can also pose. Some attackers will apparently block an ATM’s card slot reader so a user has no choice but to use the tap function to access the device. However, this requires the user to log out once they are finished, something many might neglect to do. This means that a scammer could simply walk up after you left to access your account. Fraudulent QR codes can easily be distributed via a variety of means so that a victim will scan it and make themselves vulnerable to assorted threats.
So far, we can affirm everything that Consumer Reports has shared. The article continues with a list of options that people have to block scammers, as well as some security best practices to help minimize the risk of a scam. Unknown numbers can be blocked via certain settings on both Android and iPhone from calling or sending text messages, email platforms feature robust filtering options, and social media accounts should be restricted to the least visibility available.
What Best Practices Does Consumer Reports Highlight?
To close out her article, Siroto outlines seven steps to generally help protect a user’s security overall. These steps are briefly summarized as follows:
- Slow down and take your time when dealing with what could be a scam. Scammers will try to inject urgency so you act rashly and play into their hands. Stop and think about what you’re seeing.
- Minimize the personal information you share. Much of the information that various online platforms allow you to publicize really shouldn’t be publicized. This kind of information can help give a cybercriminal the data they need. The same goes for online quizzes—they can easily be used to extract potential answers to security questions.
- Delete unused accounts. This boils down to minimizing your threat surface…the more accounts you have, the higher the chance one can be breached and abused.
- Enable automatic updates. Security patches are always being released for various software, helping minimize the risk of assorted threats.
- Enable multifactor authentication. Multifactor authentication adds an additional requirement to the typical username/password login standard, making an account significantly more secure. Be sure that you never share the codes that your MFA solution provides.
- Use safe payment options. Many people are turning more and more often to peer-to-peer payments apps, and scammers have long turned to gift cards and cryptocurrency as a means of stealing money from their victims. Credit cards and PayPal both offer protections against scams that will help you recoup your money if a scam is successful.
- Have antivirus in place. While just one part of a comprehensive security strategy, a reliable antivirus is an important piece of the puzzle that helps prevent malware and similar threats.
It’s Official… We Agree with Consumer Reports
The advice that was shared in CR’s Spam Protection Guide is undeniably good, outlining many of the same points we so frequently touch on to create a very respectable foundation for scam awareness and prevention. However, while it may be extremely useful for private users, it is important that we acknowledge that a business will need to do more to protect itself and its data.
That’s where we come in. In addition to ensuring that the businesses of Upstate New York have reliable technology through our managed IT services, we also help these organizations remain secure and protected against issues that would create a negative impact via stringent security solutions and strategies. If you’re interested in learning how we can reinforce your business’ security and protect its future, give us a call at 607.433.2200.