Data Destruction St Louis | Secure Document Destruction of St. Louis

  • Business Shredding
  • Residential Shredding
  • FAQs
    • Frequently Asked Questions – Business
    • Residential Document Destruction FAQs
  • Blog
  • Contact Us

by

The Growing Threat of ChatGPT Data Security Issues for Businesses and Consumers

The Growing Threat of ChatGPT Data Security Issues for Businesses and Consumers

If you keep up with technology even in the slightest, no doubt you’ve heard about the wonders of ChatGPT.  Developed by the artificial intelligence (AI) research laboratory OpenAI, Chat Generative Pre-Trained Transformer, ChatGPT for short, is an artificial intelligence-powered language model designed for conversational systems such as chatbots and virtual assistants.

But is has become much more than that, and that’s why a lot of red flags are being raised for consumers to understand both its pros and cons when it comes to privacy and security with the potential of significant data breaches.

ChatGPT doesn’t have any knowledge of its own. It generates responses and information based only on the data it was trained on such as information from the internet, books and much, much more.

Many hail it as a life-changing development in technology that is already starting to transform how we live. ChatGPT is already writing and debugging code, translating text, creating summaries of long documents, writing music, creating art and automating many other challenging tasks. And it is easy to use.

Let’s look at some of the things both businesses and consumers should be wary of.

What are the Security Risks of ChatGPT?

The first thing that new users take from their first experience with ChatGPT is its ability to almost instantly generate realistic responses to questions on just about any subject.

Like any new technology, criminals using cyberattacks are turning those AI capabilities upside down to develop a growing set of threats. Here are a few examples.

Phishing Attacks

These have become an almost daily occurrence in personal and business email inboxes. An email comes from a trusted source asking you to do something that surprises you. It could be from your bank or any other website you have visited. The purpose of these attacks is to get you to reveal sensitive information like credit card numbers, Social Security number or even your login credentials.

Business email compromise has become more sophisticated with ChatGPT as well. This attack uses email to trick someone in an organization into sharing confidential company data or sending money. Security software usually detects these types of attacks by identifying patterns, but an attack like this powered with ChatGPT can get past sophisticated security filters.

Social Engineering and Impersonation: Text and Voice

AI tools like ChatGPT are so advanced they can write text in a real person’s voice and style. This is especially troubling for people in the public’s eye or business leaders who want to convey important and timely information to a mass audience. Imagine the chaos if Elon Musk or Bill Gates fell victim to this type of activity. 

AI can also fake voices to scam people and businesses. AI-driven voice cloning technology can replicate an individual’s voice with only a small sample from sources like interviews, podcasts or social media videos. Scammers use these voices to impersonate someone the victim knows and trusts, like a family member, friend or colleague. The voice may claim to be in a crisis situation and/or request financial assistance. 

When in doubt, verify the caller’s identity by asking them something only the real person would know, or hang up and contact the real person for verification. And, it probably goes without saying, don’t give them any important information about you or your company.

Automated Customer Service Scams

Many companies are moving to automated customer support technology using AI chatbots that allow you to “chat” with an AI-driven program to solve many of the more simple issues customers typically call customer service for. Cyber criminals can replicate these capabilities and convince individuals to reveal sensitive personal or business information as part of the chat history and make payments to the criminals, not the company.

Malware and Spam

One of the major security concerns is how AI can be used to generate text that appears legitimate in emails and can evade even the most sophisticated website spam filters. Criminals use these emails to get individuals to click on links that distribute malware or ransomware to their devices. 

Spam. While many people have become more competent at spotting spam, there remains a large percentage of society that will be fooled into a dialog with simple offers. The bad thing about ChatGPT is that spam output can be generated exponentially in seconds, often with embedded malware that can lead users to malicious websites. The ability to generate professional-looking phishing emails that mimic outreach from legitimate sources such as banks or retailers is closely aligned with this. Users who click links to respond put themselves at significant risk of a bad experience and the potential exposure of personal data. 

Ransomware. One of the darker ways that ChatGPT is being used is to embed ransomware that hijacks computer systems. To unlock systems, victims must pay extortionists large sums of money to regain control. Attackers usually don’t write their code. Instead, they buy it from ransomware creators on dark web marketplaces, but that could change as ChatGPT becomes more adept at generating malicious ransomware code.

Fake Reviews and Ratings

Some criminals use AL-generated content to flood e-commerce platforms with fake product reviews, ratings and comments. These fake reviews can influence consumer decisions, leading them to purchase low-quality or counterfeit products. 

User Data Protection and Data Privacy from ChatGPT Incursions

To protect yourself from these scams never share confidential information such as name, address, login credentials and credit card information. Here are some other steps to protect yourself. 

Password Protection Strategies. This seems basic, but so many of us are guilty of choosing ease over effectiveness when assigning passwords. A strong password is one of the most effective defenses against data incursions. Mix it up and use biometric security and multi-factor authentication when possible. 

Monitor Accounts. Make it a habit to monitor your banking, credit card, emails and other sensitive data pages and accounts so you can quickly spot abnormal activities. Turn on page alerts for all accounts. The use of ChatGPT by hackers can generate compelling phishing attacks.  

Keep Software Current. Always install the latest updates, which may patch security breaches and vulnerabilities crooks could use to steal your data. 

Antivirus Protection. Advanced cybersecurity software has morphed into a fully comprehensive protection package to guard against ransomware and other potentially invasive ways to steal your data. 

Enable Operating System’s Firewall. This will create a barrier that monitors traffic and blocks potentially malicious attempts to harm your cyber presence. For added protection, you can also activate your router’s firewall or invest in a virtual private network (VPN) to encrypt your data. 

Multi-Factor Authentication.  MFA can secure your accounts with an added layer of protection.  When MFA is activated, you are sent a code to your phone or email address to authenticate a login attempt. 

Network Detection and Response (NDR) Technology.  Effective NDR solutions can detect threatening patterns and prevent unauthorized access, even if a hacker has stolen login credentials. 

ChatGPT is still in its infancy, and while it will continue to improve lives in countless ways, thieves will do everything they can to make your life miserable through all the ways we’ve documented above.  

You don’t need ChatGPT to tell you why an ounce of prevention is worth a pound of cure. The best thing you can do is take proactive steps before you become a victim. Be smart and understand the potential threats, then take steps to ensure ChatGPT works for you instead of against you.

Filed Under: Identity Theft, Security

by

Data Security Employee Training on a Budget for Small and Medium Businesses (SMB) 

Data Security Employee Training on a Budget for Small and Medium Businesses (SMB) 

Data security is not just a problem for large companies. Medium businesses are targeted more and more as data thieves expand their reach and small businesses are often an easy target for these sophisticated tricks.  

The excuse many SMBs give is they don’t have the resources for the technology to protect their companies. While technology is an important piece, an equally critical component is ensuring your employees understand the things they must do to keep your company outside of a hacker’s sights. 

What many companies overlook are simple and affordable ways to train employees to recognize trouble and to protect the critical company information they work with on a daily basis. Employees are your first line of defense and they need to be equipped with the basics of data security to protect your business.

A data breach is something we hear about every day, but it doesn’t have to be something that attacks your company. 

Make employees your first line of defense against cyber thieves. 

While we often give data thieves credit for targeting large company business data, the problems many SMBs face is often due to human error. Your employees interact with sensitive data daily, making them both your greatest asset and your biggest vulnerability. 

As you consider how to attack this opportunity with your employees, here are three ways you can start the process without breaking the bank:

  1. Simple and Easy Training. Focus on simple and easy-to-implement techniques that will raise awareness and teach them how to identify the situations that data thieves thrive on.
  2. Time-Friendly Approaches. Rather than creating large and complex programs, build training methods that can be included in their normal workflow, such as online modules they can complete as they have time.
  3. Build Awareness of Employees’ Roles in the Solution. It’s sad but true: Many employees at small and medium-sized businesses are simply not aware of the potential cybersecurity risks your company faces. This will be the place to start your new training program. 

Where should data security training for SMBs focus to reduce cyberattacks? 

Employee training in data security shouldn’t be a one-time event. To truly embed a culture based on information security, regular training sessions and updates are required (because we know for sure the cyber criminals are honing their craft on a daily basis).

These sessions can take various forms, including workshops, online modules and simulated phishing exercises. Here are six areas where SMBs should focus their training efforts:

1. Recognizing Sensitive Information

This is any data that, if exposed, could lead to financial loss, legal repercussions or damage to an individual’s or organization’s reputation.

  • Employees should be able to identify personal client data (e.g., names, addresses, and financial information), proprietary business plans and data subject to legal regulations. Provide examples of what constitutes sensitive information in your industry, making it clear what information should be handled with extra care. Malware and ransomware can target sensitive information, aiming to steal or encrypt it for extortion.
  • Training Approach. Host brief team meetings to discuss specific examples of sensitive information in your business. Encourage employees to share their thoughts and to ask questions (remember, there are no dumb questions).

2. Secure Data Handling

This involves using methods and tools to ensure that data is kept confidential, its integrity is maintained, and it’s accessible only to authorized individuals.

  • Provide high quality antivirus software and train employees on creating strong, unique passwords. Encourage them to use password management tools to prevent hackers from breaching your company’s firewall. Many tools have options for businesses. Multi-factor authentication is another tool that reduces cybersecurity threats. Explain the importance of data protection encryption when sharing sensitive files so that even if intercepted, the data remains unreadable.
  • For example, when sending confidential financial documents to a client, use a secure file-sharing platform that encrypts the data during transmission and requires the recipient to enter a password to access the file. Two of the most popular platforms are Dropbox and Google Workspace.
  • Training Approach. Share easy-to-follow guides through emails or on your company’s intranet. These guides can cover topics like password creation and the use of secure file-sharing tools.

3. Phishing Awareness

Phishing attacks are a fraudulent attempt to obtain sensitive information, often through deceptive emails, websites, social media such as LinkedIn or messages.

  • Teach employees how to recognize suspicious emails that often contain malware or ransomware, such as unexpected requests for sensitive data or urgent requests for money. Advise them not to click on links or download attachments from unknown sources.
  • For example, if an employee receives an email claiming to be from a bank requesting them to click a link to verify their account details, they should be very cautious and verify the request through official channels before taking action.
  • Training Approach. Send regular emails with tips on identifying phishing attempts. Share real-life examples to make the content relatable.

4. Physical Document Security.

This involves safeguarding physical copies of sensitive information from unauthorized access, loss or theft.

  • Instruct employees on proper document handling, storage and disposal. Explain the significance of shredding documents containing client names and addresses.
  • Employees should use a designated paper shredding device to render the information unreadable or utilize a bin provided by a document destruction company. Be sure to find a company that shreds your documents on site rather than taking it to a processing location off-site.
  • Training Approach. Organize a short workshop during a lunch break (and the company provides the lunch) that shows employees how to properly handle and dispose of important documents.

5. Mobile Device Management.

This refers to strategies and practices to secure mobile devices such as smartphones, tablets and laptops used for work purposes.

  • Educate employees on setting up device passcodes or biometric authentication, such as a fingerprint. Encourage them to enable remote tracking and data wiping features in case their device is lost or stolen.
  • For example, if an employee’s work laptop is stolen, they should be able to remotely erase all data on the device before a thief can steal the data.
  • Training Approach. Create a one-page guide with step-by-step instructions for setting up security features on mobile devices.

6. Social Engineering.

This involves manipulating individuals into divulging confidential information or performing actions that compromise network security.

  • Provide examples of common social engineering tactics, like impersonation, pretexting or baiting.  Teach employees to verify requests for sensitive information by contacting the requester through official channels.
  • For example, an employee should be cautious if they receive a phone call from someone claiming to be from IT support and asking for their password. The employee should call the IT department to verify the legitimacy of the request.
  • Training Approach. Share brief anecdotes about social engineering incidents and how they can happen to anyone. 

Artificial Intelligence (AI) is a two-way player in the world of cybercriminal activities.

AI is playing an increasing role in data security by both enhancing defense mechanisms against cyber threats and being utilized by bad actors trying to carry out attacks. Here is how AI impacts data security and what companies should be vigilant about:

AI as an enhancement for data security

  • Threat Detection. AI-powered tools can analyze vast amounts of data quickly that can help companies identify patterns indicative of cyber threats. AI can detect anomalies in user behavior, network traffic and system activities to help companies better identify malicious activities.
  • Fraud Prevention. AI algorithms can detect unusual transaction patterns to head off fraudulent activities. This is especially meaningful in financial services and e-commerce industries.
  • Phishing Detection. AL-driven email security solutions can analyze email content, sender behavior and metadata to head off phishing attempts.
  • Predictive Analysis. AI can predict potential vulnerabilities and weaknesses in a company’s systems to help IT teams prioritize security efforts.

AI as an enhancement to cyber threats

  • Advanced Attacks. Bad guys use AI to drive broad-based phishing attacks such as phishing emails that mimic human communication and behavior.
  • Automated Attacks. AI can automate many stages of malicious attacks allowing cybercriminals to scale their illegal operations very quickly.
  • Evasion Techniques. AI can develop malware that adapts its behavior to evade detection by traditional security systems.

In short, AI presents both opportunities and challenges for data security. SDD recently published an article titled “Data Security Threats to SMB from Artificial Intelligence.” The article goes into much more detail about the issues above.

Any size company can create a culture that protects its important data. 

You don’t need a big budget or large training organization to drastically improve your company’s data security. Midsize businesses can conduct simple and specific training throughout the year to help maintain overall awareness of the issues critical to avoiding security breaches that lead to your critical in-house data being stolen. And starting the process to develop cyber security best practices and cyber security policies is critical to ensuring consistency in your cybersecurity solutions throughout your company.

Medium and small business owners remember this: The goal is to implement security measures that safeguard your sensitive information and that of your clients. Successful companies make data security an important part of their culture and it doesn’t require great amounts of investment.

Filed Under: Security

by

Fighting off Keyless Car Hackers

Photo of a keyless car hacker

Does your car have a keyless entry system? If so, it may be an easy target for sophisticated car thieves who have figured out how to hack the technology designed to make your life easier.

Car makers, the insurance industry, and law enforcement are playing catch-up on fob-related car theft techniques that have become a growing problem with modern cars.

Here’s what you need to know to protect yourself from these criminals.

How Is Fob Hacking Possible?

A key fob is designed to be small, so it can be carried around inconspicuously, just like a key chain. The term fob and small key chains have been used interchangeably for many years.

Keyless cars use a fob to communicate low-power radio signals to car doors, ignition and start/stop buttons. They’re only effective when the fob is within three feet of these components. However, hackers have developed special equipment to amplify the communication signals between vehicles and smart fobs, greatly extending the system’s effective range. Signals can also be cloned using an RFID transmitter or by hacking into a smartphone app which is also used to start cars.

These are known as relay hacks and can trick the car into thinking the fob is next to the car door or ignition system when it is really somewhere else. Thieves use the relay hack to unlock and start the vehicle.

Some relay thieves use wireless transmitters held up to the front door or window of a house or the pocket of a car owner to capture the signal from a genuine digital key and relay it to a target vehicle. Another person standing close to the vehicle captures the signal, fooling the car into thinking the key is within range, allowing it to be unlocked. Once inside the vehicle, the process can be repeated to start the engine.

Typically, these attacks happen in residential areas where many people have their keys hanging by the door or in the kitchen, such as in a condo or apartment community where keys tend to be closer to where a car is parked.

Other thieves use signal jamming by transmitting on the same radio frequency as the fob. This blocks the signal that locks the door, allowing thieves to open the door when the owner walks away.

These methods are commonplace because they don’t require any special or expensive equipment. It’s also easy to find online videos on how to hack a key fob, which makes a crook’s job even easier.

Not all cars can be hacked by the methods above. For example, only vehicles manufactured during 2009-2017 can be hacked by key cloning, and the most vulnerable makes are Toyota, Hyundai, Kia, and Tesla. Also, encryption flaws are usually common among older cars sold outside the USA.

How Can I Prevent My Key Fob From Being Hacked?

You have several options to reduce or eliminate key fob hacks.

Block the fob signal. A Faraday bag is one of the most effective ways to do this. It’s made of flexible metallic fabric to stop any signal from getting out or in the bag. They’re already in common use and come in different sizes and price ranges so finding one that best suits your needs should be a relatively simple task. If you don’t want to use a Faraday bag, you can store your fob in a safe or another metal object.

Reprogram the fob from time to time. A locksmith can do this for you in just a few minutes, but it’s probably more of a hassle and will cost more money and time than using a Faraday bag.

Physically place your fob away from doors or windows in your home or office, effectively reducing or blocking a hacker’s signal-stealing technology.

Look for a fob flash. When you lock your car with a fob by touching the door handle or clicking the button on a remote, make sure the indicators flash and listen for the clunk of locks.

Keep up with software updates. As cars, phones, and other technology are more connected than ever, it’s crucial to keep thieves at bay by installing the latest software on your vehicle and phone.

Keep your key fob in a shielded wallet when you’re out and about. Some people think wrapping a fob in aluminum foil will provide enough protection, but that may not be true. Again, a Faraday bag is still your best bet when in public.

Attach a lock to your steering wheel. It’s old school, but metal bars that lock steering wheels are an effective and visible deterrent for thieves trying to steal your vehicle. You may go a little more extreme and get a lock for one of your car wheels. Just remember to remove it before you attempt to drive off!

Install a tracker. Unusual activity is monitored, and you are alerted if it appears a car is not where it should be. You can also trace the vehicle via GPS if it is stolen.

Switch off the fob when not in use or use a motion sensor fob. Some fobs can be turned off, which is what you should do when it’s not in use. Other fobs have motion sensors, meaning the fob stops transmitting a signal if it’s left idle for a certain amount of time. This negates the use of relays to steal your fob signal.

Install CCTV or a smart doorbell. This may not prevent your car from being stolen, but if thieves see active cameras on your property, that may be enough of a deterrent for them to move on. These devices also make it easier to find your car if it does get stolen. Good exterior lighting and an active Neighborhood Watch are also added deterrents that are easy to implement.

Filed Under: Security

by

What to do When a Hacker Comes After Your Accounts

What to do When a Hacker Comes After Your Accounts

Hacking and identity theft are as prevalent as ever. At some point, don’t be surprised if one or more bad guys come looking for your sensitive information to criminally exploit.

New scams pop up constantly. You know this if you’ve ever gotten one of those “potential data breaches” emails or letters which I suspect most people have by now. Nobody is 100% safe in a digital environment, but there are several things you can do to make it harder for hackers in advance of an attempted breach and actions you can take after an attempted hack.

What to do Before an Attempted Hack Occurs

If you haven’t done so already, the easiest and smartest thing to do is turn on two-factor authentication for your financial accounts. Hackers may try to get around this by going after password manager systems instead.

That means that you could be contacted by text or email that you’ve been targeted by a hacker trying to steal your information. However, don’t automatically assume security protocols have kicked in due to an attempted breach. Some people are contacted repeatedly by hackers who appear to be administrators. Before you give up sensitive password change information, it’s best to reach out to the institution supposedly requesting the change to verify they have actually done so.

After you verify, start the process of changing your potentially impacted passwords. While it’s unsettling that a hacker obtained at least one of your passwords, be thankful that virtually every financial institution now has red flags and warning systems to alert you to suspicious activity.

You should also know that there are multiple types of two-factor authentication. Biometric data is one of the more secure ways to protect your accounts. Two-factor authentication via text is secure, but it is susceptible to hacking. Criminal activity is why the industry is slowly moving away from passwords. Hackers long ago learned how to defeat almost any password system.

If you have the option, switching your two-factor authentication from SMS (text message) to an authenticator app is not a bad idea.

If you suspect a hack is taking place, another way to lock out criminals is to freeze your credit. Freezing your credit at the three major credit bureaus makes it difficult for anyone to open accounts in your name with your Social Security number. You can easily unfreeze your credit if you want to open a new account or other similar reasons.

You’ll need to go through Experian, Equifax, and TransUnion separately to freeze your records.

What to do After a Hack

Here’s the #1 rule you must follow after being hacked.

Act fast!

Do not let data breaches or hacks of any kind go into your “I’ll get to it eventually” stack of things to do. Treat the breach urgently to minimize damage to your accounts and online identity. Don’t be surprised if you start getting notifications after a breach from your banks, credit card providers, Google, online merchant accounts, and other places where your identity lives.

Not every hack is large or steals information from millions of accounts. Some hacks also take a while to uncover, meaning that your data may be compromised over a long period. Many hacks are small such as your credit card information being compromised by a crooked online merchant, a credit card skimmer at a local gas station, or just about anyone you hand your card to while shopping and dining.

You may not notice anything unusual until you get your next statement. Always read those bills and figure out what every line means, even the smallest of the charges that appear. Card thieves sometimes put through a few small purchases just to make sure the card is “live” before making a big purchase.

An identity thief can also use your personal information to open credit accounts without your knowledge. This could lead to months of charges until somebody spots the problem and notifies you. One way to limit the duration is to use AnnualCreditReport.com to request a free report from Equifax, Experian, and TransUnion once per year, spreading the requests out at four-month intervals.

Keep in mind that credit monitoring agencies are not immune from hackers either. A recent breach of Equifax went on for months and exposed sensitive data of millions of accounts. Equifax ended up paying $650 million in damages after the discovery.

Another way to monitor your credit is to use Credit Karma. This free service automatically pulls your credit from TransUnion and Equifax weekly to keep an eye on your credit. These are “soft” inquiries, not the “hard” inquiries that companies make when you apply for more credit. Soft inquiries have no impact on your credit score. Hard inquiries can degrade your score if there are too many in a short period.

There are several other credit monitoring services you should consider: 

  • Avast BreachGuard and IDX Privacy  regularly monitor the Dark Web to ensure your personal data hasn’t come up for sale. 
  • Norton 360 Deluxe includes a similar scan, powered partly by the company’s LifeLock identity theft technology.
  • Some monitoring services such as Keeper and LastPass also include password manager tools which make it easier to change potentially hacked passwords to a strong, unique password you don’t use for any other site.

Hacked credit cards used by someone else are easier to recover from because you’re not responsible for the fraudulent charges, and once the bank has issued a new card, the problem is solved.

Regaining control of a hacked email account is tougher. You must contact the email provider and prove that you’re the true account holder. This is problematic if the hacker changes your password and you can’t use your regular email to contact the provider. To minimize this, have more than one email address and make each the alternate contact address for the other.

Also, if you used the password from your hacked email account at any other sites, those accounts are compromised too. A hacker who gets hold of your login credentials for one site may try the same username and password pair on many other popular sites.

Resetting your passwords can be a challenge too. When you forget a website password, the first thing you do is hit that “Forgot Password?” link to get a password reset link sent to your email address. A smart hacker who has control of the email account will quickly seek your other accounts, social media, perhaps, or worse, shopping and banking accounts. After a simple password reset, the hacker owns those accounts, exponentially compounding your problems.

When you recover from an email hack, visit every site associated with that email address and change your password.

When you’re out and about, shop at merchants accepting chipped credit cards, which secure in-person transactions. However, they can’t help with online transactions where the chip does not come into play.

Mobile-based payment systems like Apple Pay and Google Pay are more secure than physical credit cards. Each transaction uses a unique number, so hackers gain nothing by stealing existing transaction data. You can use the mobile payment system for online purchases as well. Be sure to protect your mobile device with a fingerprint or a strong passcode, and always keep it with you.

After you’ve done all you can to shut down the breach, you’ll still need to monitor your accounts closely for at least a couple of weeks and maybe longer to make sure all your breach bases are covered.

Another smart action you can take is to visit IdentityTheft.gov to report the theft and get help developing a recovery plan. The information you provide can help authorities monitor the latest trends and develop proactive deterrents to minimize impacts on other potential victims.

Filed Under: Identity Theft, Security

by

Guarding Against Phone Scams

Guarding Against Phone Scams

Scammers are more sophisticated than ever, and they’re doing it by returning to one of the most basic forms of communication we have…our phones.

It seems almost impossible to avoid every oddball or unknown phone number that calls you. While some are harmless, others are more intentional about trying to separate you from your money, identity, and your sanity.

Types of Scams

There are several common types of calls that demonstrate red flags you should look out for.

The one-ring scam happens when scammers use robocall technology to place internet calls that ring only once on cell phones. If you pick up, the robocall drops the line. However, if you miss or ignore the call and later call back the number, you could be on the hook for international calling fees with area codes outside the U.S. Those fees can be as much as a whopping $15-$30 per minute!

The Federal Trade Commission (FTC) says you should never call back numbers in these area codes:

  • 268: Antigua and Barbuda
  • 284: British Virgin Islands
  • 473: Grenada, Carriacou and Petite Martinique
  • 664: Montserrat
  • 649: Turks and Caicos Islands
  • 767: Commonwealth of Dominica
  • 809, 829, 849: Dominican Republic
  • 876: Jamaica

When an unfamiliar number comes in, you’re better off waiting for a voicemail to determine if the call is legitimate before calling back. You can also Google the phone number on the chance that others have already posted about the number and whether it’s legitimate or not.

How prevalent are robocalls? It’s estimated more than 36 billion robocalls have been placed in 2022 according to the YouMail Robocall Index

With a prize-winner scam a caller will tell you that you’ve won a prize or a lottery. But then they’ll ask you for a fee to confirm the prize and shipping costs or for another reason related to unlocking your winnings.

Scammers also prey upon you with threats that you’ll get arrested or face fines if you don’t comply with law enforcement actions or those related to a federal agency. You may immediately be coerced into paying IRS penalties, taxes, or other debt.

Scammers may also call you with a limited time offer and force you to commit to something that sounds too good to be true. Here’s a hint. If it sounds too good to be true and the caller on the other end of the line wants a decision or money from you now, it is too good to be true. Hang up immediately.

Debt relief and credit repair scams are also common. Callers will offer you lower credit card rates, promise to fix your credit, or agree to help you get debt forgiven for an upfront fee.

Another quasi-government scam is someone calling purporting to be from a government agency and asking you to confirm sensitive information such as your Social Security number, bank accounts, or other similar private information. Government agencies never do this! Do not divulge anything if you get a call like this.

Charity scams always pop up, especially immediately following a large-scale natural disaster. Never feel pressured to give until you’re ready to help. Always check out a charity before you give or give only to well-known charities such as the Red Cross.

Someone you’re unfamiliar with may call you with a legitimate sounding deal but will ask you to pay with cash, a gift card, wiring money, or some other form of payment that gives you no recourse to get your money back if they take off with it. Only pay with negotiable instruments that protect you in case you’re victimized.

A recent scam making the rounds is a robocall that starts with the simple four-word phrase “Can you hear me?” in hopes of recording your response and using it to commit fraud.

The phrase is designed to trick the victim into responding “yes,” while the person or computer on the other end records the response. The scammer can use the recording to access important online accounts, make purchases and commit fraud like identity theft. All they must do is play the recording of your voice saying “yes” when asked to authorize a log-in or agree to a major purchase.

What You Can Do to Lessen Scam Calls

The first and most obvious thing you can do is never answer calls from numbers you don’t know. Let calls roll to voicemail.

All the major wireless carriers offer robocall blocking. There are also several free and paid third-party apps that you can also use to block scam phone numbers. A little online research should produce another added layer of protection.

If you’re on the National Do Not Call Registry, you shouldn’t get live sales calls from companies you haven’t done business with before. Those calls are illegal. If someone is already breaking the law calling you, there’s a good chance it’s a scam.

Also, don’t trust your caller ID. Scammers can spoof you and make any name or number show up on your caller ID. Even when a number looks like it’s a government agency or the call is from a local number, it could be a scammer calling from anywhere in the world.

What if You’ve Already Been Scammed

Scammers know which methods of payments make it challenging for you to get your money back. Sometimes that money is gone forever, but there are ways to protect yourself.

If you paid a scammer with a credit or debit card, you may be able to stop the transaction. Contact your credit card company or bank right away. Tell them what happened and ask for a “chargeback” to reverse the charges. The same action applies if you paid a scammer with a gift card, prepaid card, or cash reload card. Call and ask for a refund as quickly as possible, and you may be able to recover your money.

Contact the app company if you paid a scammer using a money transfer app like PayPal or Venmo. However, contact your credit card company or bank first if the app is linked to a credit card or debit card.

In instances where you gave your username, password, or other sensitive information to a scammer, change your information right away. If you use the same password for other accounts or sites, change it there, too.

If you gave a scammer your Social Security number (SSN), visit IdentityTheft.gov to learn how to monitor your credit report to see if your SSN is being misused.

You should report scams as well.

When you’ve lost money to a phone scam or have information about the company or scammer who called you, report it at ReportFraud.ftc.gov. If you didn’t lose money but want to report a call, you can use the reporting form at DoNotCall.gov.

Filed Under: Security

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next Page »

Other posts you might like...

  • Guarding Against IRS and Social Security Scams
  • What Type of Scams Should You Guard Against? Part 1: Business Case Studies
  • What to do if You’re a Small or Medium Business and You’ve Been Scammed

Free Quote

Secure Document Destruction

We specialize in secure onsite document and data destruction across the St. Louis Metro area!

Testimonials

"Thanks, John. Your company is first rate and I have already recommended it to several friends and relatives. Keep up the good work!"
Mike W.
"Thank you John. The service provided by SDD was outstanding. You provided everything that was promised and at the designated time arranged and I might add that your man that handled the job couldn't have been nicer or accommodating.. It is rare to find businesses that follow through with their promises. We appreciated doing business with you and would recommend SDD to anyone needing this service. Thank You!"
Joe B.
Distribution Sales, Leviton Manufacturing
"John did a great job! Friendly, answered all my questions, very helpful. Thanks for providing good service!"
Lana E.
Alton, IL
"We had a problem when our previous shredding company raised their prices sky-high. When we called SDD; John gave me a quote over the phone and came out the next day. They performed the same size job in about half the time, … at a lower price! We would recommend them highly to anyone who needs shredding."
Chris K.
Missouri Insurance Exchange
"It gives our company "peace of mind" to depend on the professional & personable, fast & efficient shredding services of Secure Document Destruction of St. Louis. I would highly recommend SDD STL. The service and price is exceptional!"
Laura K.
La De Da Entertainment
"Secure Document Destruction is AWESOME!! John always takes great care of us, the service is fast and reliable; John, our service/driver is great too. Looking back, I wish I would have switched to SDD sooner! 5 out of 5 stars!"
Tracy T.
Central Bank of St Louis
"Thank you! Everything went very well. Great customer service from beginning to end!! I am sure we will be in touch for future clean up projects."
Amy F.
Oasis Institute
"THANKS!!!! My house feels better with ALL that paper gone! The service was excellent!!! Thanks again!"
Kathy Ames
Desoto, MO
"SSD provided the shredding services for my business when I closed in 2013 and again in 2024 when I called on them to shred the last of the documents that had been held in storage. They were friendly, honest and very helpful throughout the difficult process which was made easy with their professionalism over the years I dealt with them and I highly recommend them."
Bob L.
Rock Hill, MO
"You and John are wonderful people and I thank you so much for working with me. God Bless you both."
Laura E
"Your service/driver guy, JP just came and did our pickup. He is such a nice, friendly person and so are you. It is great doing business with you guys."
Berry Silberberg Stokes PC

Contact Us

Secure Document Destruction of St. Louis
2517 Adie Rd.
Maryland Heights, MO 63043
(Appointments only at this location. Please call 314-795-0004)

314-795-0004
Fax: 618-281-7153
In Illinois: 618-281-3245

Email Us

About Us

  • Email
  • Facebook
  • LinkedIn

Services

Onsite Shredding Service
Business Shredding Service
Residential Shredding Services
Hard Drive Destruction
Data Destruction
Routine Service
One-time or Purge Service
Document Shredding Services
Mobile Shredding Services
Document Destruction Services
Residential Shredding Services
Medical Records Shredding

Categories

STLCHAMBERLOGONAID AAA LogoOFallon-Chamber-Logo

Review Us

  • Business Shredding
  • Residential Shredding
  • FAQs
  • Blog
  • Contact Us

Copyright © 2025 · Secure Document Destruction