Could You Be Hacked?
[See our Disclaimers page about relying on this website’s contents.]
We hear news stories every year about banks, retail stores, and other merchants being “hacked” by cyber criminals that want to steal the merchants’ customers’ identity and credit card data. You might think that hackers only go after “big fish,” and that they do not mess with small businesses or individuals, but you would be wrong. This article describes some of the common hacking schemes, including the kind that appear in news stories.
Cyber criminals use software that functions like a superhero (or super villain) safe cracker on individual computers and computer networks. It may take a human hours to try different username and password combinations, but a computer can try millions of combinations from many locations in seconds. One computer may try to decipher your username and password unsuccessfully, but one of 1,000 other computers may find the combination and share with the other computers. From there, other programs designed to identify a sensitive data like Social Security numbers and account numbers can browse your computer without you knowing that it is happening. All of this may have to happen over a number of days if you use strong passwords (numbers, unusual upper and lowercase letter combinations, and various other characters), but passwords such as your name, 123, or ABC are open invitations for hackers to help themselves to your data.
Most hackers can access your computer much more simply than using safe cracking technology. They simply send email messages or post messages or photos in social media like Facebook with malware hyperlinks. Just like a fisherman dangles tantalizing bait for fish, these hackers show alluring photos or post eye-catching stories to get victims to click on the hyperlinks that load malware onto the victims’ computers. From there, rather than having to break open a victim’s security system, these hackers can virtually walk through the front door with a full invitation to steal whatever valuable information they can find. Even if they find no valuable financial information, they will infect the victims’ computers with self-replicating programs that spread from the victims to the victims’ contacts through email and social media like a virus.
Another old scam commonly known as the “Nigerian scam” plays out when a scammer offers a “too good to be true” opportunity to a potential victim by email or social media. Commonly, the scammer will ask the victim to help process a payment or a sweepstakes contest award. If the victim access the invitation, the scammer will send a check forged on a legitimate bank account and asked the victim to deposit the check in the victim’s bank account. The scammer also asked the victim to send a new check from the victim’s bank account to the scammer or a third-party (who is in on the scheme) for less than the deposited amount so that the victim can “keep some of the money.” If the victim complies with the entire scheme, the scammers will receive real money from the victim’s account and the owner of the account on which the forged check was written will stop payment on the forged check. The victim will then be deprived of the money promised by the scammer and the scammer will get the victim’s money and vanish without a trace.
Other highly effective schemes or even lower tech than the ones described above. A person will call a victim and pretend to be a representative of the IRS or other government agency and threaten the victim with criminal prosecution or other strong government action. The caller will give the victim an opportunity to “fix the problem” by making a payment with a credit card or check. Everyone should know that no legitimate government agency ever calls individuals with such demands. When a person receives such a call, the person should hang up immediately and not participate in the conversation at all.
In another common scam, a scammer will call a victim and say that the caller represents a computer security company that has detected that the victim’s computer is malfunctioning or in need of repair. The scammer will then try to persuade the victim to open a webpage to allow the scammer to access the victim’s computer. Once the scammer gains access to the victim’s computer, the scammer can have his way with the victim’s computer. Again, no legitimate computer company can monitor an individual computer’s health and know whether the computer require service, so a person should always hang up without engaging the scammer in such a conversation.
These are not all of the ways that scammers take advantage of trusting victims, but they are so common that we see them many times each year. Protecting computer accounts with a different complex username for every account can stymie the safe crackers. Avoiding clicking on unsolicited email attachments and hyperlinks or unusually alluring social media content can avoid most other computer hackers. With respect to the other crooks, healthy skepticism about things that seem unusual or too good to be true will keep most people safe most of the time. It may not be possible to avoid becoming a fraud victim, but simple common sense can go a long way to fend off criminals.
Jeff R. Hawkins and Jennifer J. Hawkins are Trust & Estate Specialty Board Certified Indiana Trust & Estate Lawyers and active members of the Indiana State Bar Association and National Academy of Elder Law Attorneys. Both lawyers are admitted to practice law in Indiana, and Jeff Hawkins is admitted to practice law in Illinois. Jeff is also a registered civil mediator, a Fellow of the American College of Trust and Estate Counsel and the Indiana Bar Foundation; a member of the Illinois State Bar Association and the Indiana Association of Mediators; and he was the 2014-15 President of the Indiana State Bar Association.
Find more information about these and other topics at www.HawkinsLaw.com, add us to your Google+ circles, like us on Facebook, follow us on Twitter @HawkinsLawPC or call us at 812-268-8777. © Copyright 2016 Hawkins Law PC. All rights reserved.