By Sonya Sellmeyer, Consumer Advocacy Officer for the Iowa Insurance Division

October is Cybersecurity Awareness Month.  All consumers and businesses should practice cybersecurity to protect their computer systems and networks from scammers and hackers.  The FBI documented a record $7 billion lost to cybercrime in 2021.  The federal Cybersecurity and Infrastructure Security Agency suggests four behaviors we can all implement to protect ourselves online. 

  • Use multifactor authentication when logging into an online account.  Multifactor authentication requires a combination of two or more authenticators to verify your identity before the website grants you access.  For example, a personal identification number or password, and a confirmation text, fingerprint, or face recognition. 
  • Develop strong and unique passwords for all online accounts.  Strong passwords are long, containing a mix of upper and lower case letters, numbers, and symbols.  Passwords should be unique for each account.  Consider using a randomly-generated password set by the computer, and using a free or paid password manager.
  • Companies commonly issue updates to fix programming flaws.  Keep your software up to date on all your electronic devices, including tablets and cell phones.  Turn on automatic updates ensuring an upgrade isn’t missed leaving your electronics vulnerable.
  • Recognize phishing - the sending of emails, texts, or phone calls from what appears to be a reputable source such as Amazon, Federal Express, your bank, or a credit card company but is actually from a scammer.  Do not be fooled by logos.  Know how to block senders and report phishing on your email.  If the email was received at work, report phishing incidents to your IT Department.  

Phishing and other unsolicited offers often come with red flags to be aware of:

  • The organization is asking for information they should already have. 
  • The grammar sounds harsh, unusual, or broken with misspelled words.
  • The email address does not match the sending entity.
  • The solicitation contains an offer that is too good to be true, or an immediate response. 

Remember to never disclose bank account information, credit card numbers, and Medicare or Social Security numbers in response to an unsolicited offer. To confirm a legitimate offer, visit the business’ website instead of clicking on a link sent to you in an email or text. Hover over all hyperlinks with the cursor to confirm the website's validity.

Never click on pop-up boxes about a virus or a problem with your computer.  Close the browser and if the problem continues unplug the computer, and take it to a local repair shop. 

If you or someone you know has been the victim of an internet crime, report it to the Internet Crime Complaint Center (IC3)the Iowa Attorney General's Office, and local law enforcement.  Report investment-related scams to the Iowa Insurance Division.  

Follow good cybersecurity practices, and be skeptical before clicking on a link or providing information to a scammer posing as a reputable organization. The Iowa Fraud Fighters can help you shield your savings from scammers.

###