A Guide to Your Cybersecurity

Learn to Spot Scams & Save Yourself from Investment Fraud

Business and Investment Fraud 
Investment or business fraud schemes will try to lure you in with the promise of low- or no-risk investments.

Scammers often ask for upfront cash in exchange for guaranteed future returns—but there is no such thing as a guaranteed return on investment. It's a scam.

Cryptocurrency Investment Fraud
Cryptocurrency investment fraud is one of the most prevalent and damaging fraud schemes today.

Scammers, through various means of manipulation, convince victims to deposit more and more money into financial “investments” using cryptocurrency. In truth, these investments are fake; all victim money is under the control of—and ultimately stolen by—criminal actors, usually overseas. As a result, victims typically lose all money they invested.

Social Media-Based Investment Scams
Be aware of “buy this stock – get rich quick” schemes via social media. Scammers may send you a link containing malware that allows them to get enough information so they can access your account or open a new account in your name. The scammer may place multiple trades in an investment account to “pump” up the price of a thinly traded stock. Then, they “dump” shares of the stock by selling their own shares at the inflated price before selling the stock at a loss in the ID theft/ATO account.

Red Flag: If someone on social media unexpectedly contacts you about a “get rich quick” scheme that sounds too good to be true, it probably is.

Tips for Avoiding Investment Scams  

• If an unknown individual contacts you, do not release any financial or personal identifying information (PII) and do not send any money.
• Do not invest per the advice of someone you meet solely online. 
• Verify the validity of any investment opportunity from strangers or long-lost contacts on social media websites.
• Be on the lookout for domain names that impersonate legitimate financial institutions, especially cryptocurrency exchanges. 
• Misspelled URLs, often with a slight deviation from the actual financial institutions' website, may be fake.
• Do not download or use suspicious looking apps as a tool for investing unless you can verify the legitimacy of the app.
• If an investment opportunity sounds too good to be true, it likely is. Be cautious of get rich quick schemes.
• Confirm the validity of any investment opportunity or cryptocurrency investment website or app.
• Do not pay for services that claim to be able to recover lost funds.
• If you already invested funds and believe you are a victim of a scheme, do not pay any additional fees or taxes to withdraw your money.
  • If you believe you or someone you know may be a victim of a cryptocurrency investment scam, immediately submit a report to ic3.gov or contact your local FBI field office and provide as much transaction information as possible.
  • Please do not notify the suspected criminals of the FBI’s involvement, which may compromise law enforcement's ability to investigate.

Share what you know:  By talking about potential scams with your friends and neighbors you may be protecting them from making a devastating mistake.

The internet offers access to a world of products and services, entertainment, and information. At the same time, it creates opportunities for scammers, hackers, and identity thieves. Learn how to protect your computer, your information, and your online files.

Protect Your Personal Information. In an effort to steal your information, scammers will do everything they can to appear trustworthy. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. So every time you are asked for your personal information – whether in a web form, an email, a text, or a phone message – think about why someone needs it and whether you can really trust the request. 

Protect Your Passwords. Here are a few ideas for creating strong passwords and keeping them safe:

• Use at least 10 characters; 12 is ideal for most home users.
• Try to be unpredictable – don’t use names, dates, or common words. Mix numbers, symbols, and capital letters into the middle of your password, not at the beginning or end.
• Don’t use the same password for many accounts. If it’s stolen from you – or from one of the companies where you do business – thieves can use it to take over all your accounts.
• Don’t share passwords on the phone, in texts or by email. Legitimate companies will not ask you for your password.
•  If you write down a password, keep it locked up, out of plain sight.
• Change your passwords every 90 days.

Consider Turning On Two-Factor Authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone or a random number generated by an app or a token. This protects your account even if your password is compromised.

Give Personal Information Over Encrypted Websites Only. If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for https at the beginning of the web address. That means the site is more secure.

Back Up Your Files. No system is completely secure. Copy your files to an external hard drive or cloud storage. If your computer is attacked by malware, you’ll still have access to your files. 

• Equifax:  800-525-6285 
• Experian:  888-397-3742
• TransUnion:  800-680-7289