Protect Yourself From Cyber Scams – Part 2

In our last post we looked at common web and phone based scams that I have seen personally, or have been targeted at a client.  Today we will examine other scams that are popular with cyber-criminals.

Some of these are targeted at specific industries or at people in positions of leadership or ownership of an organization or business.

  • Charity scams – This is usually a fake charity claiming to be collecting funds for a worthy cause or group.  Some common options:
    •  Wounded Veterans
    • Police, Sheriff, and Fire Departments
    • Natural Disaster Relief
    • Medical Research
    • Public Schools
  • Tax Prep – Usually targeted at accountants, tax attorneys, and tax preparers, the perpetrators are usually looking for access to tax filings and other client information.  Usually this happens by sending an email attachment containing a remote access Trojan horse, which provides remote access to their computer.
  • Secretary of State Scam – An email appearing to come from U.S. Secretary of State Rex Tillerson says you are owed a payment due to an FBI investigation.  You can receive this large payment if you send some personal information, bank account and routing number and an advance fee.  The government is going to send you money?  Really?
  • Cell Phone Porting Scam – Scammers collect enough information about you either directly or from online sources to convince your cell phone provider that your phone was stolen and your need the number ported to a new phone on a different carrier.  Then they can use your phone to access other accounts and personal information.
  • Payment Declined – Often associated with Netflix accounts, you will receive a fake email from a company saying your credit card was declined, and asking you to click a link, log in to your account, and re-enter your credit card information.  The perpetrator has your password and credit card information and can use it to male purchases on other websites.
  • Medicare Card Scams – Congress has instructed the SSA to replace Medicare cards with social security numbers with new cards using a different 11 digit number.  Scammers are calling and emailing to get these new numbers.

Remember – it is always about the money, so when you feel someone tugging on your wallet or pocketbook, this is your first clue this may be a scam.  I have a few rules that I follow to protect myself.

  • Be disagreeable – Never say yes, and be as skeptical and disagreeable as you can.  Often the caller will bail on the call before you do if you just provide a little resistance.
  • Give no information – They called or emailed you, after all, and you have no way to verify if their identity is authentic.  Do not confirm your name, it’s spelling, your street address, or anything else.
  • Do not click the link – Do not click on links in emails, or log in at web pages that the link takes you to.  Same goes for attachments.
  • No credit card purchase on unsolicited phone calls – I don’t care if it is a great deal for your local newspaper, a call from a charity, a tech support company.  The rule is:  if they called you, they DO NOT get your credit card number.  If they can’t send you a bill, too bad.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.