As scammers continue to evolve, so must our defenses against them. Here’s what you should know!

You’ll know a scam when you see one, right? Well, we’d all like to believe so. We want to think we’re way too smart to be scammed, and it would never happen to us. The truth is: responses to scams aren’t a measure of intelligence or technological savvy, and anyone can fall victim, no matter their age or how familiar they are with their device and the people who are supposed to be on the other side of it.

In the age of AI, scams have also evolved. They’re more deceptive than ever, and even those who remain on their toes constantly can be tricked by something that appears innocuous. In the latest trend, scammers are using what’s called search engine optimization, or SEO, to fool users into entering their real data and login credentials into phony websites.

Essentially, these fraudulent sites are built to look identical to the real thing. By imitating companies like Fidelity, Charles Schwab or Vanguard, they prey on users who believe they’re visiting the actual investment sites and enter their account credentials. Even worse, the fake sites are built by developers with a complex understanding of SEO, helping them push their site to the top of search engine results by using language most often used to find the real version of the investing company sites.

In the latest trend, clients visit the fake websites and attempt to log in with their credentials. Once they submit their information, they receive an error message stating there’s been an issue with their login credentials, and they must immediately contact a support number to retrieve their information. Then, on the other end of that support number is a scammer posing as a member of the company’s IT or customer service team. They typically inform the client of a security breach and tell them someone is attempting to steal money from their account.

Of course, no one wants their money stolen, and the scammer creates urgency backed by the fear of financial loss as well as the trust that pushed the client to call the support number in the first place. The scammer then tries to persuade the client to download software to their phone or computer which gives complete access to the device, ultimately leading to further attacks including the potential of ID theft and monetary loss.

This type of scam is most commonly known as a phishing scam. It gained traction as an email scam, imitating legitimate senders and calling for recipients to visit a website and enter their private information. Then, that information is either leveraged against the recipient or used to extract more personal data, such as other bank accounts, personal accounts, credit cards or identifying documents. While it’s still crucial to be on the lookout for emails that don’t appear quite right, you should now be wary of internet search results, too.

Here are a few ways you can protect yourself from these types of scams:

1. Trust Your Instincts

If something looks wrong, it probably is. Take a step back, analyze the website, check the web address, and make 100% sure you’re giving your information to someone reputable.

2. Arm Yourself with Knowledge

Simply knowing these types of scams exist is half the battle. Oftentimes the biggest problem is bad actors who are a couple steps ahead of those with good intentions. Be aware of these types of scams and protect your information from anyone you don’t fervently trust.

3. Save Legitimate Sites

Simply searching for these sites opens you to the possibility of falling for an SEO phishing scam. Once you find the legitimate site, save it, and continue to use that exact link. You can also type trusted links directly into the search bar to immediately be taken to the site.

4. Report Scammers

Though scams will likely never end, and scammers will always find new methods, reporting scammers can help prevent others falling victim to the same malicious practices.

5. Use Complex, Unique Login Credentials

When you create passwords, you may notice a site telling you how strong your password is. More complex passwords are less likely to be guessed or stolen from publicly available data. Additionally, using one password can be dangerous, as only one site needs to leak your data for everything to be compromised. Using unique passwords for each site can help you prevent that possibility.

6. Keep Your Software Up to Date

Older software is more susceptible to scams and hacks because it’s likely no longer being maintained by the developer. Additionally, updates are often released for security purposes. Be sure to update your software for the latest patches and protective factors.

If you have any questions about scams or the legitimacy of investment websites, give us a call today! You can reach Giesting Financial in Batesville, Indiana, at 812.933.1791 or in Columbus, Indiana, at 812.565.2726.

This article is not to be construed as financial advice. It is provided for informational purposes only and it should not be relied upon. It is recommended that you check with your financial advisor, tax professional and legal professionals when making any investment decisions, or any changes to your retirement or estate plans. Your investments, insurance and savings vehicles should match your risk tolerance and be suitable as well as what’s best for your personal financial situation.

Advisory products and services offered by Investment Adviser Representatives through Prime Capital Investment Advisors, LLC (“PCIA”), a federally registered investment adviser. PCIA: 6201 College Blvd., Suite #150, Overland Park, KS 66211. PCIA doing business as Prime Capital Wealth Management (“PCWM”) and Qualified Plan Advisors (“QPA”). Securities are offered by Registered Representatives through Private Client Services, Member FINRA/SIPC. PCIA and Private Client Services are separate entities and are not affiliated.

03052024-PM-27391 JG