With a rapidly evolving digital world and heightened dependence on the internet, technology advocates note that most Americans ought to be prioritizing cybersecurity.
Amid concerns of personal data breaches, phishing scams and extortion, plus the likes of artificial intelligence (AI), studies show the nationwide surge in cybercrime is neither beyond the average consumer nor unavoidable with the right precautions.
Here in the nation’s capital, Chief Technology Officer Stephen N. Miller says there’s no better time to take the first step in building safer digital experiences, and it can start with individual responsibility.
“[It’s] all about personal awareness and personal action. Regardless of who you are, you are a target for bad actors,” Miller told The Informer. “Taking the time to monitor your financial accounts, recognize a phishing attempt through your email or text messages, it’s pretty important…. If someone adopts the practices we’re going to talk about, they’ll be able to protect themselves, and potentially enjoy the holiday season a little more.”
Among a myriad of initiatives, D.C.’s Office of the Chief Technology Officer (OCTO) offers Tech 101 Workshops that aim to show residents the basics of building technological skills, with a pulse on common areas like device usage and protection, and promoting safe online practices.
Held in various locations throughout all eight wards, the weekly sessions are designed to minimize barriers for people of all ages — from recognizing the ins and outs of cyber scams to helping folks situate major life changes and necessities in a tech-driven climate.
“They’re going to talk through things like monitoring your accounts…why it’s important to treat a public WiFi network differently than you would a private, trusted network…. how to recognize these issues, but also how to be a little more proactive,” Miller explained. “These are hands-on sessions that are going to teach you secure online shopping practices…teach you about how to serve yourself better.”
While end-of-year holiday shopping is a keen time for internet scams, Miller said the risks and exposure know no boundaries, making the workshops a year-round benefit for residents.
Tech 101 participant Teresa Bonham initially took the class to learn how to navigate her new technological devices, but quickly became the victim of a scam.
“It was a false Groupon advertising a lifetime subscription [for Microsoft Office]. And a lifetime subscription is just misleading,” said OCTO Digital Inclusion Coordinator Adrian Sutton, who helped Bonham discover the scam earlier this year. “[A] one-time fee for like $250, which is a great deal, but too good to be true, right?”
While she was able to call her bank and recover the money, Bonham said the experience showed the cruciality of having access to resources like Tech 101, especially in a world where “everything is digital.”
“We retire from the government, we still have to go online to do everything. Can’t even get our 1099 in the mail,” the 66-year-old told The Informer, emphasizing other digitized essentials. “Someone can’t pay your bills, knowledge, everything. There’s a lot of stuff that we have to have, or you’re going to be behind.”
Strengthening Communities One Red Flag at a Time
While there’s a limit to fully avoiding cyber attacks, Sutton told The Informer some of the key red flags are visible to the average person.
For instance, tips like knowing bogus websites don’t have “HTTPS” in the URL and, as both OCTO representatives pointed out, the inclusion of the “s” adds an extra layer of encryption that protects personal and payment information while it’s in transit online.
Additionally, they said switching all digital payment methods to a credit card, versus a bank-linked debit card, can better support financial security, fraud detection, and recovery in the case thereof.
“If you enable [live, automatic] alerts with your bank, credit cards and other financial institutions, you’ll be able to collect and catch that suspicious activity earlier,” Miller added, “and help your financial institution with protection against that mode of fraud moving forward, and make your community a little bit stronger.”
Take D.C. resident Marcia Lee, who sang the praises of Sutton’s guidance during a Feb. 3 workshop.
Referencing a recent scam attempt that presented as a subscription renewal, Lee, 78, pointed to learned red flags, such as the company requesting payment via email, along with the fact that she wasn’t subscribed to any service of that business in the first place.
“Sometimes the scam is so close to reality, to the real things that I don’t always recognize them,” Lee admitted. “It’s good to have somebody to recognize them right away. I don’t have that knowledge — yet.”
Sutton presented the likelihood that the scam was a result of consistency, noting how algorithms within data breaches can often predict human engagement based on general data or previous attempts. In this case, given that Lee is usually prompt in paying her bills, a scammer could leverage that to assume a fake notice for a “past due bill” would grab her attention, and potentially trick her into being hacked.
“[Scammers] don’t know who they’re scamming, how they’re going to, but they do have enough data points to say this is how you normally would scam a person of this demographic,” Sutton told The Informer. “There’s a lot of research that goes [into] human interactions on the internet. Whenever you add a human engagement or interaction, the scammer is kind of progressing you to a different level. If you answer your phone, it’s different; if you reply to an email, it’s different.”
Then comes the added layer of what he calls a lifetime bucket, “if you ever paid.”
“Say you get a scam call, you might press the red button or block the call. According to our friends at the FCC, what’s happening on the other end is the scammer saying, ‘Oh, that’s a human, let’s put them in the human bucket. We’re just gonna call from different numbers,” he continued.
That’s why, sometimes, it’s simply about knowing how to recognize inconsistencies.
If a Netflix user receives an email that reads “Dear Customer,” rather than being addressed by name, that could be a visual indicator of a scam. Additionally, from streaming service subscribers to Apple connoisseurs, the OCTO coordinator emphasizes engaging with caution, especially for those who don’t usually opt to email their clients.
In that same token, something as simple as hovering over the link to a deal promotion from a common retailer — such as Walmart, per Miller’s example — will show where the link is going and can prevent an attempt to harvest information through “a deal that doesn’t actually exist.”
Thus, investing in additional precautions, such as two-factor authentication when applicable, and unique passwords and password managers, is also encouraged.
“If they harvest your information, your email address, and they have a password that they think you’re reusing, they’re going to try to get into all those other sites with that email address and that password,” said Miller.
Tips for the Road: From Safe Online Shopping to Voice Call Scams
According to Sutton, shoppers aren’t the only folks at risk.
A retail company might disclose knowledge of a data breach that could result in open season on valued customer info, such as the type of card used and demographic, as well as the products that make for an easy target.
In addition to using credit cards for digital transactions, he encourages people to tap into alternative payment methods — be it prepaid cards, like Visa Gift Cards, PayPal, or a debit card that’s not associated with direct deposit.
“If that main checking account has a debit card, that card should not be on the internet,” Sutton stressed. “If these scammers are crafty enough to learn your card information, date of birth and address, they could figure out when you get money, when your payday is.”
He also highlighted the value of investing in mobile apps, along with one particularly useful tip in a time of heightening deepfakes and voice scams: “If you’re concerned your voice is being scammed, copied or manipulated, the answer is Marvin Gaye and Taylor Swift.”
The OCTO coordinator said past copyright cases for the late Motown star set a standard that deters companies from misusing his music, sound, and likeness, and pop icon Swift holds a similar reputation.
“So if I made a YouTube video and I played ‘Shake it Off’ [without approval from] Swift, the copyright infringement is going to knock it down. These technology companies are kind of aware, ‘Hey, let’s not play with Marvin Gaye, let’s not play with Taylor Swift,’” Sutton told The Informer. “If you were to ever have those recordings in the background — a little much — but if you had [them] … software’s will automatically stop that from recording.”
As for mobile marketplace shoppers, including those looking to stock up on gifts for Mother’s and Father’s Day, the Metropolitan Police Department’s (MPD) Safe Exchange Zones provide residents and visitors eight designated areas at every district station — plus the Special Operations Division’s Harbor Patrol — to exchange and complete online transactions with strangers.
In an effort to reduce package theft, MPD also worked with Amazon to become the first police department in the country to install Amazon Lockers at each police district station, offering residents an external secure route for delivering items.
“It’s definitely something that can benefit every resident in the District when they’re purchasing items,” Miller said.
On the cusp of a holiday run, D.C.’s chief technology officer also emphasized the importance of engaging all Washingtonians in progressing their digital futures, particularly with OCTO’s support.
More than a stance to close the generational gap, he celebrates the value of challenging a tech ecosystem where all communities can thrive without threat or limitation.
“They’re gonna go after folks when they’re most vulnerable, and this is a time when people are most vulnerable,” Miller told The Informer. “We want to make sure our residents, your readers, are protecting themselves.”
To register for a free cybersecurity workshop, go to Tech 101 | techtogether.dc.gov.
