Home Posts tagged Scams
Cybersecurity

Vulnerable Population

 

When people think about cybersecurity threats, Stephanie Helm said, they often think only about the technical side — the ways in which electronic devices can be compromised and data stolen.

They sometimes forget about the human side of the equation — but that’s where older adults are often especially at risk.

“There’s a technical vulnerability that can be exploited, whether it’s somebody’s password, exploiting a vulnerability because they failed to update the device to include a patch, or maybe they’re using an unsecured WiFi when they’re in a public location,” said Helm, director of the MassCyberCenter. “So there’s a technical component that everyone using the internet is facing today.”

Just as critical, however, is what she calls the “social engineering of the individual,” where a victim willingly divulges information based on the fact that somebody’s engaging them in a personal way.

Stephanie Helm

Stephanie Helm

“These are professional people who know how to hit those emotional buttons and continue that relationship with the hope that somebody is going to divulge information.”

“Older folks might not have the comfort level with the technology to secure their information,” she said, “and they may be more vulnerable to the social engineering.”

Helm shared these thoughts and others during a webinar presented last week by LeadingAge Massachusetts, titled “Cybersecurity: Helping Older Adults Stay Safer on the Internet.” She joined Rubesh Jacobs, managing director of 24/7 Techies USA, and Judy Miller, director of Technology and Accounting for Kendal at Oberlin in Ohio, to discuss the reasons seniors are increasingly falling prey to online and e-mail scams, and what can be done about it.

“The number of scams leading to financial loss has been dramatically increasing since 2019,” Jacobs said, citing a Federal Trade Commission (FTC) report that the number of online scams tripled between 2019 and 2020, outpacing phone-call scams — which actually declined slightly — for the first time. Meanwhile, e-mail scams more than doubled.

“The acuteness of that spike is shocking,” he added. “We’ve also noticed this trend in our own call centers; 28% of calls we get for help are somehow related to fraudulent activities online.”

According to the FTC, Americans age 60 and up are falling prey to tech-support scams — in which someone poses as a computer technician to gain remote access to the victim’s computer — about 475% more often than those ages 20 to 59. (By contrast, the younger group falls victim to online-shopping scams 60% more often than seniors.)

“Senior citizens are really in that nexus where a criminal can get at them through technical means, or they can get at them through social engineering” — and often a combination of both, Helm said. “The protections you put in place have to look at both of those aspects because you’re not quite sure which of those things a person might be most vulnerable for. I think that’s really troublesome.”

Judy Miller

Judy Miller

“Seniors lose an average of $500 or more when they’re scammed, sometimes due to the fact that they are often trusting and polite, they own their own home, and they have good credit, so they make a good target.”

Effective cybersecurity, she explained, considers people, processes, and technology working together to make someone more resilient and likely to recognize scams.

“The components of social engineering are worth thinking about,” she added, noting that a scam might begin with a realistic bot, either on the phone or online, that shifts over to a live scammer if the victim responds.

Those victims, Helm said, are often lonely and want to talk to someone, or they’re trusting and grateful that someone wants to help them solve a problem, which is why scammers try to establish trust.

One reason for the recent spike in cases is that many older adults were much more isolated starting early in 2020, with family members avoiding most visits until after COVID-19 vaccinations arrived, she noted. But families do need to engage with these topics. “Having an ability to ask questions or to talk about things they’ve been presented with in a safe manner is really important.”

But seniors are far from the only victims, Helm said. “If they continue the engagement, these are professional people who know how to hit those emotional buttons and continue that relationship with the hope that somebody is going to divulge information.”

 

It Takes a Village

Miller has worked for Kendal Corp. for 28 years, so she’s seen these threats evolve at her own facility, which offers units for independent and assisted living, memory care, and skilled nursing.

“Seniors lose an average of $500 or more when they’re scammed, sometimes due to the fact that they are often trusting and polite, they own their own home, and they have good credit, so they make a good target,” she explained. “They have also been falling prey to cyber incidents because of their increased use of the internet.”

Scams that have targeted her residents have taken many forms, from imposters posing as legitimate government agencies or companies requesting payments to fake but attractive offers for gift cards, and much more. Most originate from e-mail, she noted.

When Jacobs asked Miller how often she hears such things, she responded, “it’s almost more important how much we don’t hear about them.”

To make sure people stay educated, if she hears of a scam targeting a resident, all residents are alerted, and some tech-savvy residents will even spread the word themselves if they encounter a scam attempt. “It’s really engaging the entire community to help each other in preventing some of those things from happening.”

Once a scammer gains someone’s trust, Helm said, they often introduce an element of urgency — the idea that the victim has to act now to get a deal or avoid a penalty or legal trouble.

“We should talk about how these scams exist and give senior citizens the confidence that they can recognize when this doesn’t make sense and avoid that sense of urgency to act, because that’s where you make a mistake,” she explained. “It’s perfectly acceptable to say, ‘I do all my business by mail — put a letter in the mail to me, and I’ll respond to you.”

But it’s easier said than done, she admitted, especially at a time when many seniors — and younger people, for that matter — have been more isolated than usual.

“I think it’s difficult for anybody in society to be fully armed and resilient. I feel if people become isolated in their old age and are not as familiar with some of the technology, they can get intimidated. So this is an area where we’re trying to see if we can be more helpful to them.”

Family members can help educate their older loved ones by asking gentle but probing questions about what may be going on, the webinar participants noted, and encourage residents of senior-living communities to call an administrator if they encounter a suspicious e-mail or think their information may have been compromised. And, of course, they should emphasize the importance of protecting passwords and other sensitive information, not clicking suspicious links, and shopping only at reputable, well-known websites.

“If it sounds like it’s too good to be true, it probably isn’t true,” Helm said. “I like to talk with senior citizens about having confidence in the skeptical skills they had throughout life. These are scams that happen to be on a computer, but they’re scams we grew up with since we were kids — bait and switch, or acting like an imposter.”

She takes a broad view of threats, having served in the U.S. Navy for 29 years. After her retirement as a captain, she taught military operations, specifically on integrating cyberspace operations into wargames.

“That was an opportunity to talk about how cybersecurity or cyber operations can affect operations that you traditionally would not think they would impact,” she explained. Now, in her role with the Mass Cyber Center, she knows there are few areas cybersecurity doesn’t impact — and that older Americans are often especially at risk.

“Today,” she said, “we all know this has great consequences to our daily lives.”

 

Joseph Bednar can be reached at [email protected]

Daily News

SPRINGFIELD — With scam artists aggressively targeting utility customers, Eversource is warning people to be on the lookout for new tactics being used so they don’t fall victim. Scammers continue finetuning their techniques, including using phony caller IDs that display ‘Eversource’ and scripts that sound like a legitimate company representative threatening to disconnect their electric or gas service because of an unpaid bill.
“Unfortunately, these scammers sound legitimate and with a phony caller ID they’re even more convincing — so we all need to have our ‘guard up’ more than ever,” said Eversource Senior Vice President and Chief Customer Officer Penni Conner. “These scam artists sound sophisticated and are ruthless. That’s why we’re reminding customers to beware — if they get a call and the caller’s message doesn’t look or sound right, don’t panic and don’t pay. Remember, we will never threaten to disconnect service or demand instant payment over the phone.”
The energy company offers the following tips to help avoid becoming a victim:
• Eversource representatives never demand instant payment over the phone, require the use of pre-paid debit cards, or request customers meet at a “payment center” to make the payment;
• Never provide personal financial or account information to any unsolicited person on the phone, at the door or online, even if they seem legitimate;
• Beware — some sophisticated scammers can manipulate their caller ID to say the caller is with Eversource;
• Customers who are scheduled for disconnection due to nonpayment receive a written notice that includes information on how to maintain their service; and
• Customers can verify they are speaking with an Eversource representative by asking for some basic information about their account – like the name on the account, the account address, and the exact past due balance.

Eversource urges anyone who believes they are a target of improper solicitation to immediately contact their local law enforcement. Customers are also encouraged to contact the energy company at l-877-659-6326 if they receive a call, text, email or if someone shows up at your door to verify it’s Eversource.

For more information on how to protect personal information and avoid becoming a victim of utility scams, visit Eversource.com.

Estate Planning

Staying Ahead of the Scams

By Julie Quink

 

With the continued intensity created by the COVID-19 pandemic, business owners and individuals have continued to be victims of fraudulent activity as the scams and schemes are continually changing and increasing in number.

At a time of significant economic stress and uncertainty, the barrage of ever-changing fraudulent attempts and attacks becomes increasingly difficult to manage and prevent. Fraudsters have also become very creative in their methods of gathering sensitive information to commit fraud, so it becomes increasingly difficult to predict what might be coming next in the form of an attack.

Since the onset of the pandemic, these schemes have continued to include filing fraudulent unemployment claims. As practitioners, we have also noticed an increase in stolen identities, whether it be by the interception of documents containing personal information or through online access.

As professionals who work with clients to implement best practices and detection techniques, we fall victim to fraud attempts as well. The most recent fraud attempts include continued false unemployment claims and theft of identities through mail interception.

 

Fraudulent Unemployment Claims

The filing of fraudulent unemployment claims is not a new fraud scheme. However, the repeated attempts at compromising employee data and filing of fraudulent claims in other states has increased.

Fraudsters have taken to heart the saying, ‘if at first you don’t succeed, try, try again.’ Some businesses have seen repeat attempts at fraudulent claims filed against the business using the same employees but citing different reasons for filing for unemployment, such as break in service or lack of work.

Further, claims are being filed for employees in different states. The fraudster is using an employee’s information to file in a state in which the employee does not live or work to gain access to unemployment benefits in the state where they live. It has become a vicious cycle.

“The most recent fraud attempts include continued false unemployment claims and theft of identities through mail interception.”

States have tightened controls and verifications to try to manage these fraudulent claims, but the tightening of controls comes with a cost. Employees who have been victims of fraudulent claims in the past may have a more challenging time filing for unemployment as their account has now been flagged. The ease of filing online for these people has now become complicated and time-consuming as they try to navigate the unemployment system.

The continued monitoring of a business unemployment account to prevent and detect fraudulent activity and responding to fraudulent claims can be time-consuming. If fraudulent claims are paid against an employer account, it can impact the employer’s experience rate and unemployment account if not identified quickly.

This is not a new area of fraud, but the methods that fraudsters use to gain access and apply is ever-changing.

 

Identify Theft

Fraudulent unemployment claims are an example of identity theft. It is believed that some of the personal information used in filing fraudulent unemployment claims has come from data breaches. However, creative methods of accessing personal information have now encompassed intercepting hard documents.

Another area of data interception, with which we have had personal experience, is through the mail. If a fraudster is not able to access personal information through electronic means, why not try the good old-fashioned way, through the U.S. Postal Service or another carrier?

Intercepting mail is a scheme that seems to be on the rise. In one such case of which we are aware, information was intercepted prior to arrival at its intended location. Between the time it was initially mailed and the time it finally arrived at its location, the sender’s identity was stolen, and a loan was opened in their name, unbeknownst to them. The fraudster intercepted tax documents, which had personal identifying information, and secured a fraudulent loan. Ultimately, the fraudster, realizing that the mail was in a tracked envelope, secured the package with significant amounts of tape and forwarded it to the final destination.

The Office of the Inspector General for the U.S. Postal Service is diligent in investigating suspected mail theft, from both internal and external sources. Because of its commitment to finding and detecting mail fraud, the office has devoted the Office of Investigations to handle complaints and fraud.

The impacts of identity theft for a business owner or an individual can be far-reaching. Significant impacts can include compromising credit and financial hardship, compromising legal relationships and documents, and compromising tax filings.

Perhaps one of the most significant impacts may be the feeling of violation, distrust, betrayal, or even embarrassment created by the theft of identity. The unwinding and unpacking of identity theft can be a time-consuming and emotional process for business owners and individuals.

 

Takeaways

What we know is that fraud schemes are changing faster than business owners, individuals, and technology can keep up. Whether the fraud scheme is a recurring scheme or a new and improved scheme, the importance of diligence, communication, and monitoring should not be discounted.

Communication with employees about fraudulent schemes involving unemployment and mail, along with continued monitoring, are best practices in keeping information safe and secure.

 

Julie Quink is managing partner with West Springfield-based Burkhart Pizzanelli; (413) 734-9040.

buy ivermectin for humans buy ivermectin online buy generic cialis buy cialis