(Photo courtesy of OnPoint Community Credit Union)
The Federal Trade Commission (FTC) received more than 2.4 million fraud reports from consumers in 2022. Consumers nearly lost $8.8 billion from fraud, an increase of 30 percent from the $6.1 billion lost the previous year.
This increase in fraud losses is a stark reminder of why consumers need to continue to be vigilant when it comes to their personal online security, says Damian Laviolette, chief information security officer for OnPoint Community Credit Union.
OnPoint today released its 2023 The OnPoint Guide to Personal Cybersecurity eBook to help consumers protect themselves in an ever-evolving cybercrime landscape. OnPoint updates the free eBook every October in observance of National Cybersecurity Awareness Month to keep the community informed of the latest online threats.
“Protecting yourself from fraud is crucial in today’s digital age,” Laviolette said. “As cybercriminals refine their attack methods, we remain committed to sharing best practices and resources to help the community stay ahead of emerging trends, and safeguard their identities and financial assets.”
The latest trends in online fraud include:
- Smishing remains a critical threat. In 2022, fraudsters sent a record-breaking 225.7 billion smishing texts. Smishing attacks often involve misleading messages designed to deceive recipients into clicking malicious links, downloading malware or revealing sensitive information. The Federal Communications Commission (FCC) announced new rules to mitigate spam texting, which will require mobile service providers to block text messages from suspicious sources.
- AI-driven cybercrime. Cybercriminals are increasingly exploiting artificial intelligence tools. They leverage Natural Language Processing (NLP) models like ChatGPT to create convincing messages that mimic human communication. AI can be employed to create and adapt malware to evade detection, with the ability to analyze target environments and deliver the most effective attacks. AI-driven tools also can automate cyberattacks by using bots to continuously scan the internet for vulnerable systems to target.
- Phishing-as-a-service. Phishing remains one of the most common forms of cybercrime, with an estimated 3.4 billion spam emails sent every day. Now, cybercriminals are using phishing-as-a-service platforms that offer ready-made kits with all the code, graphics, email templates, landing pages and other relevant information necessary to execute a phishing scam. These kits are readily available on dark web forums and make it easy for anyone to use.
Top Four Tips for Cybersecurity:
- Never trust, always verify. Imposter scams topped the list of fraud cases in 2022. These scams come in the form of emails, texts or phone calls, claiming to be a legitimate company or institution. They either want you to hand over personal information or click on a link containing hidden malware. If it’s email, always double-check the sender’s address and domain name and never rely on the display name. You can hover over a link to see if the URL looks legitimate or has common tricks like a zero in place of the letter “o” or an “s” added to the end of a word like onpoints.com. Watch out for any offer or notification that is unsolicited or is full of grammatical errors and typos. And if it sounds too good to be true, it probably is.
- Strengthen your passwords or consider using passphrases. It’s common to use the same username and password across sites. But if one account is breached, the rest could follow. Use a password manager to keep track of different passwords. Passphrases can be an even stronger way to protect your accounts. Passphrases are longer than a password, can contain spaces between words and should be easy to remember. Consider song lyrics, a quotation or anything memorable to you like “My 1st pet dog was F!d0,” mixing in symbols and numbers in place of some letters.
- Enable multi-factor authentication (MFA). Activate MFA wherever possible, especially for your email, financial and social media accounts. MFA adds an extra layer of security by requiring you to enter a one-time code or use a biometric method to access your account. This additional security helps protect your accounts from unauthorized access.
- Stay proactive and vigilant. Regularly review your bank and credit card statements for unauthorized transactions. Report any discrepancies immediately to your financial institution. You can also set up text or email alerts on your accounts to receive immediate notifications of abnormal activity. Consider using a credit monitoring service, which tracks internet traffic for personal information being shopped on the dark web. These services can’t prevent fraud once it’s happened, but they can alert you to take action.
Remember that fraudsters continually evolve their tactics, so it’s essential to stay vigilant and adapt to new threats. To explore additional ways to protect yourself and your family, download The OnPoint Guide to Cybersecurity eBook or consult with a staff member at your nearest OnPoint branch.
onpointcu.com • 503-228-7077 • 800-527-3932