Unauthorised bank transfers. Identity theft. Fooled by deep fakes. No one is too old, too young or too poor to escape being targeted by thieves.

“Cybercrime affects everyone, and the threats are constantly changing,” says cybersecurity expert Greg Schaffer. “Criminals know that accessing lots of smaller accounts can add up quickly.”

Schaffer is the owner and founder of vCISO Services, LLC and the author of the book Information Security for Small and Midsized Businesses.

Schaffer observes how many cyber-scams rely on exploiting human nature. “Many information security issues cross over between business and personal life. Criminals can take advantage of our natural instincts. Understanding that makes it easier to stay a few steps ahead of them.”

Schaffer is confident there’s a better way to secure personal information and digital assets. He explains how to Digital Journal how avoid becoming a victim of five common cybersecurity crimes.

Risk #1: Deep fakes

“It’s become easy to fake who is seen on video calls. One businessman, thinking he was on a video call with colleagues, complied with their request to send millions of dollars to what the businessman thought was a valid recipient”, explains Schaffer.

“But those weren’t his colleagues. They and the recipient were criminals. If something doesn’t feel right, text the other person’s cell phone. If they don’t respond, they may not be who they say they are.”

Risk #2: Phishing

According to Schaffer: “This often involves bad guys preying on another’s trust. For example, someone is preparing to close on a house. The criminals hack into emails between the buyer and their banker. Then they wait. At the right moment, they may send the buyer an email, seemingly from their banker, changing the wire instructions. It could result in the buyer wiring thousands of dollars somewhere else.”

He adds: “Other times, criminals rely on immediacy and urgency. For example, if they claim to be law enforcement or the IRS, don’t be rushed into taking action. Always take the time to double-check if a request or situation is legitimate.”

Risk #3: Generative AI

Here Schaffer warns: “One of the biggest risks is entering confidential information. Generative AI can share what is uploaded with the rest of the world. A technology engineer tried to solve a problem by uploading the information into ChatGPT. The engineer got the answer, but in the process, they exposed their company’s sensitive information. It’s also common for people to use ChatGPT to help fix resumes. Never enter any identifying information such as a photo, address or educational background.”

Risk #4: Multifactor identification fatigue

With this area, Schaffer cautions: “Bad guys try to wear people down. They may bombard someone with requests to confirm log-in attempts they didn’t initiate. It’s annoying! It can be tempting to confirm, just to get notifications to stop. Only now, that’s given the bad guys access to their username and password. Maybe a bank account is about to be siphoned. Never accept uninitiated requests.”

Risk #5: Home Wi-Fi network

Even with doors and windows locked, bad guys can enter homes through devices, Schaffer notes: “Usually, the place they enter a personal network is not what they’re targeting. They may enter through something as simple as a smart TV. Once they’ve breached the TV, they could jump to a laptop where someone has been working on their taxes. There, they may find social security numbers and other sensitive financial information. That’s a big problem! To reduce this risk, keep firewalls and laptops updated. Segment home networks: entertainment, children, home business, appliances, etc. That way, if one gets compromised, the others won’t. And never share passwords across platforms.”