 (Alla Dreyvitser/The Washington Post) | Bold School Lesson 4: It's time to scam-proof yourselfTrue or false: We are scammed more often than younger adults. Believe it or not, the answer is false. Surprisingly, older adults are less susceptible to a bunch of fraud schemes, notes Post columnist Michelle Singletary. But here's the bad news: When we do get fooled, we lose more money. In 2018, people 60 and over reported losing a total of nearly $21 million to tech support scammers, according to a Federal Trade Commission survey. Those are the people who contact you by phone, email or pop-up and say your computer, which you thought was fine, needs an urgent fix. They are persistent yet patient and kind, and their scenario is both plausible and dire: Your whole system could fry, and you could lose everything, unless you pay to install this patch/upgrade/reboot/whatever. To foil these attacks, Geoffrey A. Fowler, The Post's technology columnist, has this simple but important suggestion: Think twice before clicking on anything in an email. "The weakest link in online security is us," he says. "We're far too trusting, and crooks take advantage of that." And about those robocalls you're getting: In September alone, Americans got more than 4.5 billion automated calls, nearly half of which were scams. "I think one key lesson on robocalls," says Fowler, "is that the number you see show up on your phone is NOT necessarily the person who is calling. These days, technology allows the bad guys to pretend to be whomever they want." That's called "spoofing." It should go without saying that you don't hand over your precious credit-card info to that cold caller. And if you want to make life more difficult for that robocall scammer, you can try the reverse-sting, like this 90-year-old man did. Threaten to report the possible fraud at ftc.gov/complaint — they'll hang up, usually after cursing you out — and then do it. That feels satisfying, especially after your heart skipped a beat because the number that flashed on your phone was your mother's. Next, you need to broaden your cybersecurity vocabulary. Learn what the next level of tech-savvy protection is through these terms — most of which were new to me — and implement them. Two-factor authentication, or 2FA, a subset of multifactor authentication, is an extra wall around your identity. You set up your account to allow access only with a password (something you know) AND something else from another category — a code you get via text or an authentication app, or a fingerprint or facial scan. An old-school example: You swipe your card at the gas pump and have to enter your zip code. You should enable 2FA on all your social media and online financial accounts. If you have lots of accounts and don't want the hassle of 2FA on all of them, there's Yubikey, a physical device that generates single-use passwords. Check to see if your email account has been involved in a security breach — and chances are it has, given the breadth of data compromises we've seen in the past few years — by going to haveibeenpwned.com and entering your email address. If it has been compromised, reset your password, and make sure it's one you've never used before so that the breach doesn't spread to other accounts that may use the same email address for access. From time to time, like changing the batteries in your smoke detector, you need digital scrubbing, or data scrubbing. That's the process of amending or removing data in a database that is incorrect, incomplete, improperly formatted or duplicated. Why is all your personal information so valuable? A data broker builds profiles using thousands of pieces of information, such as age, income, race, ethnicity and interests, and sells the profiles to marketers who use that data to send you targeted ads. Other smart tech habits from Post colleagues who keep up with this stuff for a living: - Periodically change your passwords and use different passwords for different accounts. You may want to use a password manager, such as 1Password or LastPass.
- Make sure your Internet-specific résumé does not include your home address.
- Use birthdays as a reminder to unfriend people who you're not actually friends with on Facebook. Rule of thumb is if you haven't talked to them in a year and they aren't an old friend, delete them.
- If you have a personal website, check what personal information is available in your account settings and verify what you made publicly available when you registered the domain.
- Delete accounts for apps you no longer use, then delete the app.
The sad-but-true fact is that to protect ourselves, we must learn to be vigilant and skeptical. We need to become our own cyber superheroes. Your assignmentDelete any social accounts that you haven't used in the past six months. Delete old email addresses that you don't use, such as Hotmail or Yahoo that are ripe for breaches. Learn how to freeze your credit. Set up two-factor authentication. Tell usWhat do you do to protect yourself online? What's the most outrageous scam story you know? Submit your response to be featured in Friday's newsletter here. Reading listNo, that's not the government calling threatening to 'suspend' your Social Security number Spam has taken over our phones. Will we ever want to answer them again? Password managers have a security flaw. But you should still use one. 8 simple tricks to keep hackers from ruining Christmas shopping Die, robocalls, die: A how-to guide to stop spammers and exact revenge And the best revenge of all: You have to hear this 90-year-old reverse scam a phone fraudster Erasing yourself from the Internet is nearly impossible. But here's how you can try. More from around the web How to beat the Grandparent Scam | AARP How to recognize and avoid phishing scams | ftc.gov Family emergency scams | ftc.gov | 
Email 
