Member-only story
The New New
If You’re Online, You’re Getting Scammed
The five latest swindles — and how to avoid them
You’re not paranoid, you’re careful. At least that’s what you tell yourself. You run the most robust antivirus software, dropping $40 each year for the latest version. You use two-factor identification (2FA) on any website that offers it. You read Krebs on Security. And while most people use passwords, you use passphrases; they’re all more than 20 characters and include capital letters, lowercase letters, numbers, and the odd special character. Not only are your passphrases more secure than complex passwords, but you can also remember “2$hy2$hyhu$hu$heye2eye” much better than “s7Y%2b#&sg.”
Not that you need to. You use a password locker and change the master passphrase on your account every month. Your phone has a six-digit passcode that you change each day. You set the tightest privacy settings on your social media accounts months ago, then, in a moment of clarity, you deleted the accounts altogether. You never communicate personal information via email, picking up the phone anytime you need to share so much as your date of birth. And when you do make calls or send texts, you use an encrypted service.
You are, without doubt, much better protected than nearly everyone else on the planet. But you’re still not safe. Scammers are constantly evolving their techniques and exploiting vulnerabilities both technological and psychological. As soon as the security industry puts the clamps on one method of conning people, the scammers find a new one, leaving even the most tech-savvy susceptible to attack.
“Anyone who thinks they’re above it is really fooling themselves,” says Steve Weisman, who covers the latest in tech frauds on Scamicide.com. “The person who thinks they can’t be scammed is the best target,” he adds. Here are five ways they could be taken.
1. The CEO Scam
Despite decades of warnings and millions of victims, people are still falling for email scams “because scammers are becoming more and more creative,” says Ana Dascalescu of Heimdal Security, a global security firm based in Denmark.
Last year, a sophisticated Google Docs phishing attack duped millions into…
