The internet is a dangerous place. Let’s set aside for the moment all the ways you can be surveilled by governments, marketers, and network providers. Let’s also defer to another day any discussion of identity theft committed by foreign agents and domestic bad actors.
The important lesson for today is that we do not voluntarily hand over our money to crooks. It’s one thing to be robbed through brute force and another to be bunked like some rube at a circus sideshow. And just as important as safeguarding our accounts is safeguarding our data, which we often greatly undervalue as it helps others make lots of money.
It doesn’t take a brilliant data scientist to run a con on the internet. It just takes familiarity with human nature and unfamiliarity with human decency. As W.C. Fields titled his final work, Never Give a Sucker an Even Break.
Here are some tips for staying safe online.
Beyond the Nigerian prince
We wouldn’t be surprised if at some point you’ve received an email from a “Nigerian prince” asking you to pay a fee in advance for a share of the fortune this fee would unlock. Not only is this the oldest scam on the internet, it dates back to the 1700s. While there was no independent Nigeria then, there was this fortress in Spain, see, and this wealthy nobleman was imprisoned without cause, and if you could kindly contribute the funds we need to help him escape …
That particular fraud is really just for the unsophisticated, but smart people do fall for other online scams. According to the Federal Trade Commission, 1.1 million frauds were reported in the U.S. last year, posting a reported loss – repeating for emphasis, reported loss – of almost $905 million. That’s $63 million uptick from 2016.
These figures are for all frauds, not just online. But just as online banking and retail banking are converging, so are online crime and street crime. Most school cafeterias now run on digital wallets or debit cards. The day has arrived and the tables have turned – now the nerd is more likely to be stealing the bully’s lunch money! Even so, the FTC says that 70% of fraudulent contacts are still via phone, although most of the rest are via email or websites.
The statistic that jumped out at us, though, was who was losing that money, and how much. The FTC reports that twentysomethings are more than twice as likely as seventysomewheres to be “the suckers”. But while Millennials lose an average of $400, their Greatest Generation grandparents lose an average of $1,092.
Where these frauds were committed was more predictable, but not without surprises. The leading venue was Florida. Nevada came in third, which means second-place Georgia has some soul-searching to do.
Better business, Bureau?
The FBI is proud enough of its familiarity with internet fraud that it has a page all about it on its website. While the page focuses on malware, data breaches and other hacker attacks, it does have a few things to say about how you, as an individual, might get scammed. The art of the scam is referred to as “social engineering,” which occurs when you are talked out of confidential information, then used as a key to the accounts where you keep your money.
You might have heard of “spoofing,” a.k.a. “phishing”. It starts with a friend having their email hacked. Then an email goes out from that compromised account to everyone in its contacts list, including you. It links you to a website “you might be interested in – check it out!” Carrying the imprimatur of your best-est buddy, you figure it’s on the up-and-up. You establish an account, which involves setting a password – probably the same password you use everywhere, including your bank and your retirement fund.
Oh, by the way, you also need to supply answers to a few security questions. So now, even if you have multiple passwords for your various accounts, the fraudsters have all the information they need to call up your bank, pretend to be you, claim to have “forgot my passcode” and get the customer service desk to hand them a new one.
Already got your money?
Non-delivery of paid-for merchandise is a big issue online and getting bigger, especially on auction sites. eBay isn’t the main offender, by the way. It’s the automotive auction sites. The FBI suggests you always pay using a credit card rather than a debit card or a cash transfer. That way, if anything goes wrong, you can direct your card’s fraud department to stop payment. The Bureau also suggests checking the ratings and feedback on the seller to ensure you’re dealing with a reputable counterparty and advises caution when dealing with non-U.S. vendors who are beyond the reach of American law enforcement.
This goes beyond buying high-priced merchandise like cars. Money intended for event tickets, online gift cards, and even charitable contributions gets siphoned off regularly by fraudsters. So exercise caution when sending funds to anyone you don’t know in real life.
And does it need to be said? Nobody who’s selling you anything needs your Social Security number.