From annoying phone calls to fake texts that look legit to every mouse click you make -- the rise of online scams targeting your personal information has become big business for cybercriminals.
October is Cybersecurity Awareness Month, highlighting threats you should be aware of and actions you can take to protect yourself from becoming a target online.
The Identity Theft Resource Center shows the spike in data breaches could reach a record high by the end of 2021 if the pace continues.
"Wherever there was an opportunity and a vulnerability, cybercriminals were prepared to seize on that opportunity in a sophisticated way," said Matt DeSarno, Special Agent in Charge of the FBI office in Dallas.
Responding to every consumer complaint
Their Internet Crime Complaint Center, better known as IC3, is seeing a startling increase in cases.
In 2020, IC3 logged a record number of complaints from Americans reporting losses in excess of $4.1 billion and a 69% increase in total complaints from 2019.
“The phishing scams, what we're seeing is really better-quality scams through social engineering techniques. What that means is some of these scammers are spending a lot more time learning about their potential victims to enhance them to click on a link,” said DeSarno.
“It's a 24/7 - 365 problem,” said Lisa Plaggemier, interim executive director at the National Cybersecurity Alliance. “Unfortunately, cybercrime has been growing year after year.”
Plaggemier says many phishing scams look legit because cybercriminals are banking that victims won't pause and do their research.
“If something seems too good to be true or just doesn't feel right, picking up the phone and calling not the number that might be in the suspicious email, but calling the entity or the person and saying, is this really from you?” said Plaggemier.
Cyber experts say now is the time to step up efforts to raise awareness.
“There's really just a few simple steps that most people can take. If they took those few simple steps, we'd make a massive dent in cybercrime,” said Plaggemier.
How to Protect Yourself
Those simple steps start with you taking a close look at all your accounts including your email, bank, and social media apps.
Basically, any place where you’re required to enter a username and password.
Experts say you should set up MFA, multi-factor authentication, which is an extra step to verify it’s you.
If you have multiple accounts, you may consider using a password manager. It stores all your passwords in one secure place so you don’t have to worry about creating a new password for each account you have.
And no matter how busy you are, always take time to perform regular software updates.
“When you see those little pesky pop-ups telling you to update. Now, don't ignore those. Most people do ignore those. And the problem is that most of those updates are security updates,” said Plaggemier.
If you find yourself the victim of a cybercrime, you need to report it.
“One of the keys to stopping this is reporting it, reporting it to the email provider that the phish came from. Gmail has just added that. So, when you have the email open, you can see in a pull-down menu how to report it as a phish, not just reported a spam,” said Plaggemier.
And you could go a step further and report it to the FBI IC3.
“It's a really good place for the public to go if you've been a victim of any sort of fraud or cyber-attack,” said DeSarno. “Click that you want to file a complaint, then a form pops up that gives you the ability to talk about the victim information. Whatever it is you know about whoever perpetrated that fraud against you, the details of the incident, the loss amounts.”
Reporting also helps the FBI track trends.
“It also allows us to work with that large set of data to try to identify who, what organizations or if there are organizations behind some of these things to try to target those organizations and get to the root cause of the problem,” said DeSarno.