How to protect your wealth from cybercrime and online fraud

Cybercrime is a growing threat to everyone, but the affluent may be especially attractive targets due to their wealth. As bank robber Willie Sutton said when asked why he stole from banks, “Because that’s where the money is.”

“Simply put, the affluent are often targets for cybercrime by nature of their wealth,” says Charles Banks, information security services at U.S. Bank. “However, they also tend to be more financially sophisticated, so they often better understand the tools and techniques available to protect themselves.”

Where cybercrime originates

According to Dave Pilot, enterprise fraud strategy at U.S. Bank, most cybercrime today is being perpetrated by organized crime rings and nation states. “Most people don’t realize the size and scale of these criminal enterprises,” he says. “We’re talking about a commoditized ecosystem of sophisticated actors who are dedicated to malicious cybertheft of both information and funds.”

Pilot believes that online fraud motivations are often about more than just stealing money. “There’s a level of malice in cybercrime today that we haven’t seen before,” he says, pointing to what’s called pig butchering as an example. In this online scam, cyber fraudsters lure victims into online relationships to build trust before convincing them to invest in cryptocurrency platforms that they control and use to steal money.

“These cyber thieves not only steal money from victims, but they also try to destroy their lives,” says Pilot. “The world of cybercrime today is vicious, and people need to be educated about the various threats and how to protect themselves.”

According to Banks, scammers often start with social engineering, scanning victims’ social media profiles for personal information they can use to gain their trust and lure them into online scams. “Sometimes they know you better than you know yourself,” he says. “The evolving landscape around generative AI and ‘Fraud as a Service’ has lowered the bar for entry by cyber thieves.”

Cybercrime tactics: Account takeovers and phishing

Perhaps the most dangerous type of cybercrime from a financial perspective is an account takeover. In this type of online scam, thieves obtain access to and drain victims’ financial accounts. These often start with a phishing email or text that appears to come from a legitimate bank or financial institution asking for sensitive information such as passwords, account numbers or Social Security numbers.

Cyber thieves also use freeware infected with malicious software (or malware) that can capture keystrokes to steal usernames and passwords. Some thieves even rely on old-fashioned “dumpster diving” to recover discarded financial statements containing sensitive information, notes Pilot. “That’s why shredding paper statements is so important before throwing them in the trash,” he says.

Unsecure Wi-Fi networks are another target-rich environment for cyber thieves.

“Always be sure you know how your digital devices are connected to the internet, especially if they provide access to your financial accounts,” says Banks. “You should never connect to your accounts using public Wi-Fi.”

Five cybersecurity tips to protect your money

The Financial Industry Regulatory Authority (FINRA) offers the following cybersecurity tips:

1. Be careful what you click. Phishing emails and texts remain one of cyber thieves’ favorite ways to gain access to financial accounts. The best protection against phishing attacks is to never click on links or open attachments from unsolicited emails or text messages. Instead, go to the institution’s website, call them using a number you’ve previously used, or use their app to determine if the message is real or fake.
2. Use strong passwords. Your passwords should contain a mix of numbers, letters (upper and lower case) and special characters to make them hard for thieves to steal. You should use different passwords for each account and change them regularly. A password manager can help you manage and protect all your passwords and suggest strong passwords for each account.
3. Enable multifactor authentication (MFA). This provides additional account protection by requiring two or more different factors to log into a financial account. For example, your bank app might require a password and a one-time code sent via text to log into your financial accounts.
4. Browse safely. Make sure you’re on a secure website when accessing financial accounts online. A secure website address will start with “https” instead of “http” and include a closed padlock in the status bar. And protect yourself against “session stealing” by not multitasking on multiple webpages while logged into financial accounts.
5. Avoid cybercrime on public Wi-Fi. As noted earlier, public wireless networks and hotspots in restaurants, hotels and airports are usually less secure than private Wi-Fi networks, which makes it easier for thieves to steal sensitive information. Some hackers even create public networks with familiar-sounding names to lure in potential victims. Wait until you have access to a trusted and secure wireless network before logging into financial accounts.

U.S. Bank strategies against cybercrime threats

U.S. Bank is committed to protecting customers’ accounts and finances from cybercrime. IT systems are regularly updated to keep your data safe and secure from ever-changing cyber threats.

“It’s a constantly evolving conversation,” says Pilot. “We are continually looking for ways to detect and disrupt the latest fraud schemes and strengthen account authentication methods to ensure the security of our customers’ financial transactions.”

Read more tips and advice to protect yourself and your family from financial cybercrime.