Every day, cyber criminals from across the world are scheming about ways to steal your data. According to the FBI’s 2017 Internet Crime Report,[1] a total of 301,580 complaints were reported by victims with losses in excess of $1.4 billion that year. They seem to be using increasingly sophisticated methods, which means consumers need to stay on high alert to protect their personal information.

“Consumers’ security should be a top priority, and we urge them to remain vigilant so they don’t unwittingly hand over sensitive personal and financial information to cyber fraudsters,” said Debbie Guild, chief security officer at PNC.

  • Cybercrime is expected to cost the world $6 trillion each year by 2021, according to Cybersecurity Ventures.[2]
  • Phishing/Vishing/SMiShing/Pharming was one of the top three internet crimes reported by victims in 2017, according to the FBI’s Internet Crime Complaint Center's (IC3) 2017 Internet Crime Report. A total of 25,344 complaints were reported with losses in excess of $29,703,421. Suspected criminal internet activity may be reported at ic3.gov. (Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent.)

According to Guild, here are the top three cyber threats that consumers should be on alert for in 2019 and beyond.

1. Phishing, SMiShing and Vishing

Phising is an attempt by fraudsters to steal your personal and financial information. They use unsolicited email, mobile text messages (called SMiShing) and phone calls (called vishing) pretending to be from a legitimate company and requesting personal or financial information and/or login credentials.

Text messages and emails containing certain red flags should alert users to a possible phishing or SMiShing attack, including:

  • Misspellings
  • Grammatical errors
  • Creating a sense of urgency
  • Requesting user IDs and passwords
  • Making demands

If you receive a suspicious message, take caution to avoid a phish:

  • Do not respond; first confirm it is from a trusted source using a known, valid phone number or email address.
  • Do not click the links.
  • Do not respond to a text or email message requesting personal information like credit card numbers, Social Security numbers or other banking information (user ID or passwords).

Do not call phone numbers contained in the phish. Go directly to a known source of information for contact information, such as the company’s legitimate website.

2. Weak Passwords

It’s common knowledge that the first line of defense against cybercrimes is a strong password, but fraudsters are becoming more sophisticated in deciphering people’s passwords and hacking into their accounts. 

It’s important to use different passwords for each of your accounts, and to make each one difficult to decipher. And most importantly, use a unique password for accounts related to your money, including each bank account, credit card account, retirement accounts, etc.

Guild recommends using a phrase in addition to numbers and letters, as cyber criminals have more trouble decoding passwords that include a series of words.

3. Smart Home Devices

Chances are you or someone you know has a smart home device that is capable of any number of tasks, such as reading the news, playing your favorite music, changing the temperature or even purchasing groceries.

Cyber criminals have noticed the popularity of these devices and are dreaming up ways to infiltrate the device to steal your information or even spy on you in your own home.

Be careful what Wi-Fi network you connect your device to, as an unsecured network could be easier for a fraudster to hack. Additionally, when available, set up a two-factor authentication. If the device is password protected, immediately change the default password before beginning to use it.

Lastly, don’t ignore those security update prompts. If you aren’t completing a software update, you could expose your device to dangerous malware and other security holes.

Learn what to do if you think your personal information may have been compromised »