All the action-packed adventure movies I watched as a kid convinced me that I’d encounter a lot more quicksand and booby traps in my adult life. Instead, today’s quicksand comes in the form of phishing-filled text messages and emails, or scams on dating sites and social media.
As these scams grow, fending off scammers becomes increasingly difficult. That’s why it’s not surprising that the most recent Bankrate Financial Fraud survey shows that 37% of respondents lost money to an online scam last year.
When a scam happens, act immediately. “You really have to stop the bleeding,” said Gina Tran, director of product for Bitwarden. “I’m a big proponent of doing everything that you can do to really feel like your bases are covered.”
Remember that, for scammers, crime is a career that they’re always getting better at. Thanks to customer data sales, generative AI tools, and invasive app data collection, their jobs are getting even easier. If given enough time, a determined scammer can find plenty of information online to use to target you.
“I’m a big proponent of doing everything that you can do to really feel like your bases are covered.”
For example, romance scammers can use AI-generated photos or videos to make it seem like they are an old friend who is trying to reconnect. Plenty of information on data broker websites is available to aid them in luring you to financial doom. Scam artists could use facts from a resume you posted online to chat you up and steal your money while you search for a job. In either scenario, the end result is the same: The scammer accesses your financial accounts and tries to make off with your money.
If you are a victim of those scams or others, Tran suggests the following steps to regain control:
1. Change Your Passwords and Turn on Multi-Factor Authentication (MFA)
If a scammer compromises one of your financial accounts, change the password immediately. “You need to have a strong, unique password for your critical accounts,” said Tran.
I recommend adding another layer of protection by enabling MFA using an authenticator app or a hardware security key.
The Best Authenticator Apps and Security Keys We’ve Tested
2. Download a Password Manager
If your other accounts share a password with the compromised account, change those credentials, too. In fact, don’t use the same password anywhere. If a scammer has one password, they can get into all your other accounts, and trust me, they’ll try.
Get Our Best Stories!
Like What You’re Reading?
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Download a password manager and use it to create and store unique passwords for your accounts.
Our Favorite Password Managers
3. Monitor Activity on Your Other Online Accounts
Keep an eye on the login attempts for your other accounts. Most financial services allow you to view the IP address, browser, and location of all of your logins. If you see a login attempt you don’t recognize, remove access for that IP address and device and then report the incident to the financial institution.
I recommend monitoring your accounts closely for at least a few months after a scam incident, especially if those accounts shared a compromised password.
Recommended by Our Editors
After securing your accounts, contact the affected institution’s fraud resolution department. Visit your bank’s website and call the phone number listed there. Some banks allow you to start fraud reports via a web form or chatbot, but I recommend speaking with an actual human whenever possible.
The bank might be able to recover some or all of the money a scammer stole from your accounts, but that depends on what they stole. If you sent cash or gave them debit card access, you might never see that money again. The same goes for other forms of payment, such as cryptocurrency. Credit cards usually have different associated protections, so you’re more likely to get those charges dropped.
Consider using a virtual credit card number online in the future, especially with unknown parties.
It’s Surprisingly Easy to Be More Secure Online
5. Report the Scam
Who do you tell when you are a victim of a scam? Try local or state law enforcement first. They might not be able to recover your money or apprehend the scammer, but they can file a report. It doesn’t sound like much, but your report is one of many scam incidents that happen every day. The data from these reports could eventually result in increased scam detection and prevention resources.
Next, visit the Internet Crime Complaint Center and the Identity Theft Resource Center to report the incident. Those sites compile scam reports from around the country and provide recovery tips. I also recommend checking out the Federal Trade Commission’s scam resources, which outline different scenarios, such as sending money to a scammer or giving a stranger access to your devices. They also provide step-by-step instructions to recover from each type of incident.
Finally, I suggest you head over to my article on how and why to report scams.
About Kim Key
Senior Security Analyst
