Key takeaways
Most cybercrime today is perpetrated by organized crime rings and nation states.
Online scams such as ransomware, phishing, account takeovers and “pig butchering” are a few examples of how cyber thieves work to drain their victims’ financial accounts.
There are ways to keep your finances safe, including never accessing your accounts on public Wi-Fi, ensuring links are legitimate before clicking on them, and using multifactor authentication.
Cybercrime is a growing threat to everyone, but the affluent may be especially attractive targets due to their wealth. As bank robber Willie Sutton said when asked why he stole from banks, “Because that’s where the money is.”
“Simply put, the affluent are often targets for cybercrime by nature of their wealth,” says Charles Banks, information security services at U.S. Bank. “However, they also tend to be more financially sophisticated, so they often better understand the tools and techniques available to protect themselves.”
According to Dave Pilot, enterprise fraud strategy at U.S. Bank, most cybercrime today is being perpetrated by organized crime rings and nation states. “Most people don’t realize the size and scale of these criminal enterprises,” he says. “We’re talking about a commoditized ecosystem of sophisticated actors who are dedicated to malicious cybertheft of both information and funds.”
Pilot believes that online fraud motivations are often about more than just stealing money. “There’s a level of malice in cybercrime today that we haven’t seen before,” he says, pointing to what’s called pig butchering as an example. In this online scam, cyber fraudsters lure victims into online relationships to build trust before convincing them to invest in cryptocurrency platforms that they control and use to steal money.
“These cyber thieves not only steal money from victims, but they also try to destroy their lives,” says Pilot. “The world of cybercrime today is vicious, and people need to be educated about the various threats and how to protect themselves.”
“Always be sure you know how your digital devices are connected to the internet, especially if they provide access to your financial accounts. You should never connect to your accounts using public Wi-Fi.”
Charles Banks, information security services at U.S. Bank
According to Banks, scammers often start with social engineering, scanning victims’ social media profiles for personal information they can use to gain their trust and lure them into online scams. “Sometimes they know you better than you know yourself,” he says. “The evolving landscape around generative AI and ‘Fraud as a Service’ has lowered the bar for entry by cyber thieves.”
Here are three of the more common digital fraud tactics to be aware of.
Malware is short for malicious software and refers to any type of software designed to steal data or destroy computers/computer systems. Types of malware include viruses, spyware, and ransomware, in which thieves will hold the victims’ devices and data “hostage” until a ransom is paid.
Spoofing happens when cyber thieves disguise their identity, often through a fake email address, to trick victims into thinking they’re engaging with a person or entity they know.
Phishing takes spoofing one step further by asking victims to verify or update personal or sensitive information by clicking a link. That link may lead to a spoofed website that closely resembles a verified site—such as a financial institution—where victims are asked to enter a credit card number, bank account number, password, etc.
Other forms of phishing include vishing (phone-related scams) and smishing (text-related scams).
Perhaps the most dangerous type of cybercrime from a financial perspective is an account takeover. In this type of online scam, thieves obtain access to and drain victims’ financial accounts.
These often start with a phishing email or smishing text that appears to come from a legitimate bank or financial institution asking for sensitive information such as passwords, account numbers or Social Security numbers.
Read about other new scams targeting your money.
The Financial Industry Regulatory Authority (FINRA) offers the following cybersecurity tips.
Phishing emails and texts remain one of cyber thieves’ favorite ways to gain access to financial accounts. The best protection against phishing attacks is to never click on links or open attachments from unsolicited emails or text messages. Instead, go to the institution’s website, call them using a number you’ve previously used, or use their app to determine if the message is real or fake.
Additionally, never open an email attachment from someone you don’t know and carefully review emails with attachments that have been forwarded to you.
Your passwords should contain a mix of numbers, letters (upper and lower case) and special characters to make them hard for thieves to steal. You should use different passwords for each account and change them regularly. A password manager can help you manage and protect all your passwords and suggest strong passwords for each account.
This provides additional account protection by requiring two or more different factors to log into a financial account. For example, your bank app might require a password and a one-time code sent via text to log into your financial accounts.
Make sure you’re on a secure website when accessing financial accounts online. A secure website address will start with “https” instead of “http” and include a closed padlock in the status bar. And protect yourself against “session stealing” by not multitasking on multiple webpages while logged into financial accounts.
Birthdays and other important dates, family members, pet names and other identifiable information can give cyber thieves potential details to guess your passwords or answer security questions.
Public wireless networks and hotspots in restaurants, hotels and airports are usually less secure than private Wi-Fi networks, which makes it easier for cyber thieves to steal sensitive information. Some hackers even create public networks with familiar-sounding names to lure in potential victims.
“Always be sure you know how your digital devices are connected to the internet, especially if they provide access to your financial accounts,” says Banks. “You should never connect to your accounts using public Wi-Fi. Wait until you have access to a trusted and secure wireless network.”
Review your financial account activity and statements at least monthly. If you see an expenditure that looks suspicious or unfamiliar, contact your financial institution as soon as possible.
U.S. Bank is committed to protecting customers’ accounts and finances from cybercrime. IT systems are regularly updated to keep your data safe and secure from ever-changing cyber threats.
“It’s a constantly evolving conversation,” says Pilot. “We are continually looking for ways to detect and disrupt the latest fraud schemes and strengthen account authentication methods to ensure the security of our customers’ financial transactions.”
Read more tips and advice to protect yourself and your family from financial cybercrime.
Building wealth is only half the battle. These strategies may help protect it against market volatility and other events.
There are plenty of reasons to feel anxious about money—but there are also plenty of ways to ease financial stress. Here are five ways you can take control of your money worries.
Equal Housing Lender. Deposit products are offered by U.S. Bank National Association. Member FDIC. Mortgage, Home Equity and Credit products are offered by U.S. Bank National Association. Loan approval is subject to credit approval and program guidelines. Not all loan programs are available in all states for all loan amounts. Interest rates and program terms are subject to change without notice.
