By now, most people know the basics of limiting their risk for cybercrime: unique and strong passwords, not opening email attachments from unknown sources, utilizing two-factor authentication, etc. These are extremely important safeguards, and I am not discounting their importance. However, I have two beliefs relating to cybercrime:
1. My personal information is probably available somewhere for sale.
The large data breaches over the last 10 years have exposed billions of people’s personal information. I have received multiple letters letting me know my information was exposed, along with offers for free identity protection services, which I took advantage of. These lists are sold to cybercriminals for whatever scheme they plan to deploy. I also type my personally identifiable information into “safe and encrypted” websites on a regular basis. Each time represents an exposure to a potential data breach.
2. Cyber criminals are constantly evolving their techniques.
The development of technology and AI is happening at a mind-blowing pace. As the saying goes, “The good guys have to get it right every single time. The bad guys have to get it right once.” I accept the fact that I could follow all current technology safeguards to protect myself from cybercrime and still have it happen to me.
So instead of writing about the laundry list of technology-based solutions to protect yourself, I thought I would share some “old school” recommendations on how not to fall victim to cybercrime.
Let your inner skeptic come out
We all have a healthy amount of skepticism towards anyone we don’t know. We also naturally trust people or entities we’ve built relationships with. Cybercrime is dependent on blurring the line between these two groups, so you confuse the criminal with a known trusted source. Understanding this basic principle is step one.
Pick up the phone or go to the physical location
Email and texting are convenient, and I am as guilty as anyone else of taking the fast and easy route to communicate. But these forms of communication are the easiest for criminals to use to get their work done. When it comes to sharing important financial or personal information, the safest option is to make a phone call or go to a physical location. The extra time it takes is well worth the added protection.
Decline unrecognized calls
It’s rare that I’ll answer a call from a number not saved in my phone. From my experience, the majority of calls are solicitors or scammers, and this is backed up by research. One survey, conducted in 2025, found that 68% of U.S. adults reported receiving spam or scam calls at least weekly. Yes, I miss some calls I wish I’d answered, but I don’t want to validate my name or voice with a phone number. More on that below.
Don’t give information to service providers who call you
I’ve seen this type of fraud happen multiple times. A person receives an incoming call from a service provider they use (utilities, credit card, phone company, etc.), and the caller on the other end of the line requests information to resolve some kind of issue. There is usually urgency behind the request, and they offer to fix the issue by gathering information from you. At that point, you need to stop and become skeptical. I recommend terminating the call, then finding the direct number to the service provider from another source, not your call log, and calling back.
Use a code word or question
The latest trend in cybercrime is probably the scariest, in my opinion. Imagine your close family members’ phone number and name popping up on your caller ID, but on the other end of the line is a stranger. This is already happening, and has been for years. Criminals can spoof phone numbers to make it appear as if someone you know is calling, but once you answer, you’d likely become skeptical almost immediately after not recognizing the voice.
Now imagine answering that call, appearing to come from a loved one’s phone number, only to hear what sounds like their voice on the other end. They are panicked, rushed, or asking for help, leaving you no time to slow down and question what feels slightly off. This is the latest cyber concern. With just a small audio sample, AI can impersonate someone’s voice, and when combined with phone number spoofing, criminals can sound like someone you know and appear to be calling from their actual number.
The solution to breaking the veil in this situation is having a pre agreed upon code word to validate the person. Another option is asking questions that likely could not be captured by a data breach. For example, where did we celebrate Christmas last year? What is the latest color of cousin Erin’s hair? Be careful not to use dates of birth or questions that are commonly used for password resets.
Hopefully this article hasn’t driven everyone to wish it were 1990 again. That’s not the intent. The reality is that the advantages of technology far outweigh the risks. It’s also important to know that cybercriminals typically look for the easy target and rely on the law of large numbers in their attempts to find the one person who has their guard down. If you can employ the recommendations above, stay vigilant, and keep current on your technology based safeguards, you’ll greatly reduce the chances of becoming a victim to cybercrime.
