Scams and phishing emails have become a fact of life in today’s digital world. The average person has to be a lot more vigilant than they used be to stay safe on the internet. Scams like the “Nigerian prince,” offering large sums of money to unsuspecting victims, never really stopped, but now the stakes have gotten higher, as the internet has gotten more integrated into the world around us. 

The ways in which any average person can get caught in a con are wide-ranging. Oftentimes, a con artist will reach out to an email address, which can be purchased from a package of addresses picked up by a data breach or could come from another scammer who has targeted the victim already. Other ways they can try to get in touch with a victim is through phone calls and even the mail. 

“Say you send some personal information to a scammer. They may take that and just sell it on the dark web,” said Mike Pisa, associate director of infrastructure for Oswego State’s Campus Technology Services. “Then, when someone is looking for lists of potential victims to other scams, they can buy your information and target you further.” 

It is not uncommon to answer the phone and hear an automated voice on the other end start pitching a new warranty on a car you do not own, or congratulating you on winning a vacation for two for staying at a hotel you have never heard of. Sometimes, the really crafty scams will have actual people call you, pretending to be the IRS, threatening to arrest you if you do not immediately pay “back taxes.” The goal is always the same: to get either money out of the victim or information that can be used to get money out of them.

Sometimes, information about a potential target, including email, name and phone number, can be purchased from companies and programs that store it, like an online store, a credit card company or a grocery store rewards program. Some security experts suggest keeping a separate, randomly named email address to give to companies that may sell your information and not tying your main email address to those services if possible. 

The messages that scammers send often have to do with money. Almost every attempted con is done with the goal of getting money, according to Pisa. 

Recently, some Oswego State students were targeted by a scam that offered them a well-paying job. Some students replied, giving their name, address and other information that could be used by other scammers. Even if the students then realized that the offer was not legitimate, their information has still been leaked and they could very well be the subject of future scam attempts. 

According to Pisa, the ultimate goal of the scam email sent to the students seemed to be that the con artist would send the students a check for a large sum of money, request that they purchase gift cards of a lower, but still significant, value and ask the victim to send those gift cards back. If the victim followed their directions, the check they had received would bounce after three to five days, and not only would the victim lose all the money from that check, they would also lose the value of the gift cards they sent to the scammer plus overdraft and bounced check fees if their bank charges them. 

Ursula Wilkinson is an information security analyst with CTS, and she has some tips for how the average person can keep their information safe from potential breaches. 

“Review privacy policies, and understand what that application, or organization, is allowed to do with your personal information,” Wilkinson said. “Try to use two-factor authentication, and review things like your credit report at least once a year. If you don’t expect to have to open a new account or loan for a while, freeze your credit report so nobody can try to open things up in your name.”

In recent months, national attention has turned to the security of large organizations that hold onto personal information for millions of Americans. Companies like Target and Yahoo have had credit card information and passwords for thousands of people stolen in data breaches. Equifax, one of the three main credit reporting agencies that stores financial information for every person with a loan or credit card in the country, had a massive amount of its information stolen in 2017.

“The most an individual can do is protect what they control,” Pisa said. “The average person should be watching their passwords, their accounts, their information, but they have to trust that the larger entities are doing their jobs and protecting their systems as well.”

Vigilance and monitoring your personal information is key, according to Wilkinson.

“Be aware of what is being collected about you, and why,” Wilkinson said. “It’s really important to watch your side of things as best as you can.”

Graphic by Patrick Higgins | The Oswegonian