facebook twitter instagram linkedin google youtube vimeo tumblr yelp rss email podcast phone blog search brokercheck brokercheck Play Pause
Common Cybersecurity Scams and How to Avoid Them Thumbnail

Common Cybersecurity Scams and How to Avoid Them

Most of us spend hours online every day, meaning we must be vigilant about protecting our sensitive data and avoiding cybercriminals. To help our clients stay safe, we’ve identified a few common cybersecurity scams below, as well as some easy, yet effective, ways to protect yourself from scammers online.

Top Cybersecurity Scams to Watch For

Scammers are becoming more sophisticated by the year, but social engineering scams have been around for decades—and they continue to be the source of most cybersecurity attacks today.

According to Carnegie Mellon University, social engineering is “the tactic of manipulating, influencing, or deceiving a victim in order to gain control over a computer system, or to steal personal and financial information.” In short, scammers use psychological manipulation to convince or trick their targets into giving away personal information.

Some common social engineering scams include phishing, malicious software, and spoofing: 


In a phishing scheme, scammers access an individual’s data by sending fake emails, texts, or social media messages while pretending to be a reputable company, organization, or individual.

Their goal is to pose as a sender that the individual recognizes and trusts (such as their bank) in order to coax out sensitive information—passwords, Social Security numbers, birth dates, credit card numbers, etc.

Malware or Ransomware

If you’ve ever been told not to click on “suspicious” links or attachments in texts and emails, it’s because the sender may be attempting to install malicious software on your device. Often referred to as malware, ransomware, spyware, or a virus, it enables scammers to access private information, gain control over your devices, or otherwise compromise your digital data.

Some hackers will use this software to hold individuals’ or businesses’ data for ransom—meaning they demand money (often in the form of cryptocurrency) in exchange for their personal information or client data back.

In other cases, hackers may pose as IT professionals from reputable companies and tell an individual that their computer has been compromised with a virus. They ask the individual to download software that will allow them to “analyze” the device, which instead enables them to gain control and steal data or funds.


Spoofing refers to when a scammer is able to disguise their email address, display name, phone number, or website address as a legitimate business or trusted source. Often, the scammer will change a small detail (such as replacing an “O” with a “0” in the company name), so it’s easily overlooked by unsuspecting individuals. The individual believes they’re interacting with a reputable company, which may prompt them to provide personal data (account info, credit card numbers, etc.).

3 Tips for Protecting Yourself Online

The good news is, there are simple, yet highly effective, steps you can take to protect yourself, your information, and your devices from cybercrime.

Tip #1: Secure Your Account Logins

Create unique and strong passwords for every website that stores sensitive information — your financial accounts, retirement accounts, email, social media, etc. Avoid common knowledge such as your birthday, pet’s name, anniversary date, or common phrases like “password” and “1234.”

In addition, incorporate a combination of:

  • Uppercase letters
  • Lowercase letters
  • Special characters
  • Numbers

While it may be tempting, avoid reusing the same password for multiple accounts. If a hacker gains access to one account’s password, this would put all accounts in jeopardy.

If you’re worried about trying to remember multiple unique passwords (as is the case with most people), consider using a password manager, such as LastPass or Dashlane. These platforms will encrypt and store your login information securely, requiring you to only remember one master password. Avoid saving your passwords directly in your web browser, since those browsers are more susceptible to malware attacks than an encrypted password manager would be.

Even just writing your passwords down on a piece of paper at your desk can be better than reusing the same password or opting for weak passwords.

Tip #2: Keep Software Up-to-Date

All personal and work computers, phones, and tablets should be updated regularly with the latest available software from their manufacturers. Not only does this ensure you’re enjoying the latest features and functions, but it means your security measures are up-to-date as well.

Hackers are constantly finding new ways to infiltrate your devices, but tech manufacturers are working just as hard to fight back with more sophisticated security measures.

If you have anti-virus software installed on your devices (if you don’t, now’s a good time to do so), it will only remain effective if you update it regularly as well. As your first line of defense against major attacks, this software needs to be able to withstand evolving threats as scammers try new tactics.

Tip #3: Don’t Disregard Your Phone or Tablet

Most people associate the term “cybersecurity” with computers. But considering 94.6% of Americans access the internet from a phone or tablet too, your cybersecurity measures should account for your other devices as well.

In fact, apps installed on your phone or tablet make it easier for scammers to access sensitive information, like your bank account, email, personal notes, etc.

Secure all mobile devices by requiring a PIN, password, or facial recognition anytime the phone is used. If your device has a remote data wipe or auto-lock function, make sure these features are activated in case the device is stolen or lost.

How Halpern Prioritizes Your Cybersecurity

At Halpern, implementing and following robust cybersecurity measures is a top priority for our team—and we want to ensure our clients follow safe practices when operating online too. That’s why we’re here to be a resource center for our clients, offering checklists, articles, and virtual events dedicated to your cyber safety.

If you’d like to learn more about our commitment to cybersecurity, don’t hesitate to reach out to our team.

Melissa Sotudeh

Managing Director