Cybercrime and security have taken on new forms in recent years and the effort to protect information is no longer just an effort about security online but across devices, financial systems, and more.
KIRO 7 spoke to several experts as well as a fraud victim to take a deeper look at this issue.
The answers in some cases proved to be a surprise especially when it comes to what you can do to protect yourself online or protect yourself in general.
Emily McLeod of Des Moines says that she was victimized in a scam that nearly emptied her accounts at Chase Bank.
We met McLeod at her Des Moines home to talk over her situation which happened only within the last two months. She said the experience of trying to fix the issue has been a huge hassle with no real results.
“I’m still feeling pretty discouraged just disappointed,” she said.
McLeod now says she knows just how elaborate and deceitful these efforts are.
“I received a text message that my account was being compromised,” McLeod said.
Mcleod says after receiving a text that her accounts had been compromised she called customer service at Chase in the hopes of fixing her issue. While she was making that call, she says that she received a bogus incoming call from that exact number, which she figured to be Chase reps contacting her.
“They told me they were helping me protect my account so they were walking me through signing me onto my online bank,” McLeod said.
She says people got into her accounts and took thousands of dollars.
Criminals often don’t need to hack critical systems. If they can simply hack into information and find a phone number they can use that to fool people. It’s part of a multi-billion dollar industry where info is for sale online.
KIRO 7 spoke to Seattle-based cyber security firm Critical Insight, and one of their product managers Fred Langston says one simple thing can help people avoid cyber criminals: “Use multifactor authentication.”
Langston says the key to stopping cybercrime is now centered on your physical personal hardware. If your password is stolen, multi-factor authentication can guard accounts.
“Google provides one. Microsoft… those are both free. There are other ones that are maybe provided by the service manager, maybe the bank — they say use our tool,” Langston said.
He characterizes multi-factor authentication as the last gate to access your accounts.
“We call it the third factor, something you have, I have this in my hand (shows cell phone) and the bad guy can’t have this phone in their hand,” Langston said.
Langston admits a phone call or text to your own phone may not seem like cutting-edge tech or protection measures, but he says it has worked for many.
University of Washington professor Michael Stiber has a background in cyber security and artificial intelligence. He says the landscape for cybercrime has changed so much that criminals have quite actually set up shops online to try to get information and kits to execute cybercrime.
He also says the efforts and targets are often too lucrative to pass up.
“There’s very low cost for the attacker to fail — the defender needs to be right 100% of the time which of course is not possible,” Stiber said.
Stiber says that relying on your phone can also be a double-edged sword and that privacy these days means leaving the virtual space altogether and going physical.
That means people should meet someone and not rely on phones, texts, or chats since scammers can pretend to be those platforms.
“They are very good at hacking humans and convincing people to do things that they might not do,” Stiber said.
He said hackers can go to sites on the dark web that are almost like Amazon selling private info or methods to execute cybercrimes. He also admits that when it comes to protecting children, safety is going to rely on parents keeping an eye on what their kids can access.
The irony of trying to protect children from cyber criminals is when sites try to verify someone’s age it usually means that children have to hand over private information.
“The solution there may be worse than the problem,” Stiber said. “I think it’s best for each of us to work with our children. We know our children we can decide what to allow them access to… what we won’t allow them access to… control when they can access it.”
The low-tech solution of talking to your children and maybe even learning from them on how to operate social media sites or others may be the key to protecting them.
Attorney Tim Emery with Emery-Reddy law firm admits that protecting yourself or your children can be a moot point since most of our private info is already compromised.
“It’s an arms race between cyber criminals and companies,” Emery said.
Emery says he’s sued over data breaches that lead to compromised accounts and he suggests an extreme but simple safety measure.
“The best way anyone can protect themselves is lock up your credit — just freeze it,” Emery said.
The Federal Trade Commission website has info on freezing credit. Emery says to also pay for basic credit alerts.
The attorney knows cyber criminals are in it for the money, but he believes companies should spend more on cyber security. He also says a nationwide cyber security standard is needed, whether it’s state or federal law.
“The evidence is there are a lot of companies that just won’t invest in the protections against cyber criminals,” Emery said.
Emily McLeod says that since KIRO 7 sat down with her she has been contacted by a rep for Chase Bank who has offered to help her with her situation.
“My concern is after someone has been scammed how are they going to help?” McLeod said.
McLeod – like Emery – believes companies should do more to help consumers retrieve stolen money.
In response, Chase Bank said, “These types of scams are heartbreaking. We urge all consumers to ignore phone, text, or internet requests for money or access to their computer or bank accounts. Legitimate companies won’t make these requests, but scammers will.”
Safeguarding yourself probably means sometimes confirming things in person.
“If there’s ever any question about your account’s security to either contact your bank directly or to go into a branch,” McLeod said.