You might not consider it often, but scores of fraudsters are ripping off innocent people every day. In the recent article from the January/February 2017 issue of the Post, The Art of the Con, Maria Konnikova gives a history lesson on the confidence artist. The methods have changed, but plenty of schemers, sometimes from across the globe, still prey on unsuspecting victims.
Steven Weisman, a scam expert and professor at Bentley University, offers advice regularly on how to protect yourself from new scams at his website Scamicide. According to Weisman, “There are very few new scam ideas.” They evolve from old tactics to trick new victims. “So many of these scammers have a knowledge of psychology,” Weisman says. “They prey on our weaknesses, and one of those is greed. Another is fear of authority. The best advice is to practice skepticism.”
Here is a list of the most common scams and points of vulnerability:
- The Spanish prisoner scam. This is an old ploy that involves a claim that someone of royalty has been imprisoned, and their release depends upon funds provided by a third party that will be greatly rewarded afterwards. This swindle has been reincarnated as the advance-fee scam and the Nigerian money transfer. Typically, an e-mail will state a request for secrecy and promise of immense compensation: just desposit a large sum of money in a bank account, and you will be rewarded with 100 times the amount. The e-mail is riddled with poor grammar, and — while it may seem counterproductive for the scammer to misspell common words — these mistakes act as a screening process to weed out the less gullible. You’ll want to fall into this group.
- Affinity fraud. This type of scam can appear particularly convincing, because people tend to trust others of similar social or ethnic groups. These scammers take advantage of people who seem to share a common identity like faith and fraternal organizations. Weisman warns these types of con artists “may join a particular church, synagogue or mosque and gain the trust and confidence of the congregation by making a significant contribution to the religious organization,” but, Weisman cautions, “you should never trust anyone who asks you to trust him.”
- Spear-phishing. Phishing involves e-mails or text messages that lure people to click on a link or provide information. Spear-phishing takes deception to the next level by appearing to be an email from someone you know, making it more likely that you will let your guard down and share personal information or passwords. The Secretary of Homeland Security, Jeh Johnson, identified “spear-phishing” as a top concern in cybersecurity. This is the tactic that tricked John Podesta and caused e-mail leaks from Hillary Clinton’s presidential campaign.
Weisman recommends using only trusted methods for interacting with your accounts and never clicking e-mail links unless you are positive they can be trusted. A phone call or text message to an e-mail contact to confirm your safety is much less trouble than possibly compromising your data.
- Cramming. T-Mobile is just one of the latest phone providers to be implicated in “cramming,” a practice where third-party vendors add bogus services and charges to bills without a customer’s consent. It works because these bills are long and complex, so small, recurring charges go unnoticed. Unfortunately, many companies have been and will be involved in cramming, not because of criminal intent, but rather due to their failure to take necessary precautions to protect their customers.
- Ransomware is a scam where a computer or network is taken “hostage” with malware by a party that demands a ransom, usually in bitcoin. The same precautions to avoid phishing can be applied, but too often people are victimized by old strains of malware for which there is already security software. Weisman recommends protecting all of your devices, computers, phones and tablets with security software and keeping it updated.
- Weak security questions. Security questions, while seeming to add a layer of protection, actually present issues all their own. Answers to common security questions such as “What is your mother’s maiden name?” and “What street did you grow up on?” are not be difficult for a sophisticated criminal to find out, but you don’t have to be truthful in your answers. When setting up accounts with security questions Weisman recommends using an answer like “fire truck.” The phrase is silly enough to remember, but impossible for others to guess.
- Repeating passwords. You are only as safe as the databases with the weakest security that have your information, so you want to use unique passwords for each account you have. To make it easier to maintain complex passwords for each account, take a phrase like “IDon’[email protected],” with capital letters, lowercase letters and symbols, and personalize it by adding “ama” to the end for your Amazon account or “fb” for your Facebook account. That way you can have a memorable, complex password that is adaptable for your various accounts.
Also consider getting a password manager application such as Dashlane or Sticky Password. These managers safely remember your unique, strong passwords for each website you use. It’s not only more secure, but also helps you avoid the annoying “forget password?” button.
Weisman recalls the adage, “Eternal vigilance is the price of liberty.” In the case of protecting oneself from scams, perhaps vigilance is the price of a convenient, all-encompassing technological presence. Vigilance is key when crooks constantly invent newer and better ways to make a buck at the misfortune of others.
“Scam artists are the only criminals we call ‘artists,’” Weisman says, “and there is good reason for that.”