Carolina Pines warns seniors of scams at ‘Lunch & Learn’
By Stephan Drew, Editor
Approximately 60 seniors and other concerned citizens gathered at Carolina Pines Regional Medical Center (CPRMC) on Thursday, March 9, 2023, for lunch and a seminar titled “Phishing: Don’t take the bait”, presented by Kinsey Hodge, BSN, RN, Clinical Systems Analyst and IT Specialist at CPRMC. Abundant information, numerous warnings and helpful tips were given in order to prevent against being the victim of these types of cyber fraud.
Hodge explained that most of those who do these things are trying to get your personal information – ID numbers, location and contact details, credit card/bank account numbers, as well as information about your online purchases. They are also collecting your friends addresses, phone numbers and other information you may have stored on your phone, laptop or computer. Using fake emails, social media accounts, telephone calls, text messages and computer viruses, they can seize your information and impersonate you in an attempt to steal your money or other assets.
An email could ask for your birthdate, request payment information, social security number or other personal information. “Most people don’t even realize it’s not legitimate,” Hodge said. She issued warnings and helpful information to combat these crimes. “If you’re not expecting an email and don’t know the sender,” Hodge stated, “don’t click on the link or open the attachment.” Just by clicking on one of these emails (or a link within the email) you allow them into your device, where they can access all of your passwords and get into any account you possess. She advised everyone to use great caution and listed the following ways you can spot a ”Phisher” and avoid becoming a fraud victim:
• Spelling mistakes – this is the most common sign that the email or message is not legitimate. Check the wording/spelling and grammar very carefully.
• Unexpected emails – This is an immediate red flag. If you get an email about something that hasn’t really happened.
• Suspicious sense of urgency – Emails which try to trick you into acting immediately in case something bad has happened.
• Generic salutations – Legitimate companies often refer to you directly by name, rather than “Dear Customer” or “Greetings, Madam”, etc.
• Requesting personal information – NEVER give out ANY personal information via email. Reputable companies will never ask for this so, it is likely to be a phishing email.
Hodge advised everyone who receives a suspicious text message to forward it to SPAM (7726 on your phone). “No one should ask for your password, PIN (Personal Identification Number) or any personal information over the phone,” Hodge stated, “and if they are using threats or trying to frighten you, it’s not real. Don’t fall for it.” Sometimes, “ghosting” will occur. This is when a scam artist uses a local number (perhaps even one you know) to try and fool you. “If the phone number is local,” Hodge said, “but they say they are from a corporation such as Amazon, don’t give them any information. Hang up the phone.”
Hodge reported that, in 2020, there were over 791,790 complaints of internet scam crimes which resulted in $4.1 billion in reported losses. Advising listeners to empower themselves, Hodge stated, “You have control over your accounts and information. Don’t ever let anyone make you feel that you have to give them what they’re asking for.” She also counseled the crowd to make themselves aware of what a phishing scam looks like. She also alerted the group to change their passwords regularly. “Every 3 months or so should be okay,” she said. Other tips she gave were:
• Don’t give your information to an unsecured site. IF the website does not start with “https” or have a lock symbol next to the URL then, it is not secure.
• Don’t ignore browser software updates. “They’re there for a reason,” she stated.
• Install firewalls. They shield potentially harmful attacks.
• Don’t be tempted by pop-ups (windows which spontaneously appear on your screen). Always look for the “X” In the top corner of the pop-up and close them.
Hodge shocked the crowd when she discussed the largest, and one of the most famous, successful phishing schemes. It occurred in May 2021 and involved the Colonial Pipeline, a large fuel supplier for the United States. After gaining just one Colonial employee’s password, the attackers were able to plant malicious software (malware) in the company’s computer system. Colonial Pipeline Company supplies almost half of the oil to the East Coast. This breach of security caused a week-long shutdown and resulted in non-delivery of nearly 20 billion gallons of oil, worth approximately $3.4 billion at the time, and caused petroleum prices to rice dramatically. More than 10,000 gas stations were left without oil even a week after the pipeline’s function had returned to normal. The CEO agreed to pay the ransomware, costing millions of dollars, to decrypt the attack on the systems. This was the only way the organization could find to get out of the attack. The combined damage to Colonial Pipeline and the U.S. economy made this the most expensive phishing attack ever seen.
Not only is general “phishing” a problem, there is also something called “Spear Phishing”, which focuses on specific targets and involves prior research on the part of the attacker. The goal is to acquire sensitive information such as usernames and passwords, or other personal information.
Hodge advised everyone to use a free and easy software at www.malwarebytes.com. “Run it on your computer to scan for any potential harmful software,” Hodge said, “it’s free and it’s easy to use.” In closing, Hodge advised all those gathered, “Protect yourself and all of your personal information. Don’t fall for their tricks.”