This Conversation Could Save You Thousands of Dollars

The cybercrime economy is the world's third-largest, generating more revenue than the economies of Germany and Japan combined. This scale means cyber scams are not a matter of 'if' but 'when' for individuals. People often feel shame after being scammed, which prevents open discussion and proactive protection.

Caitlyn Sarian states, 'cyber scams are massive right now. And actually, that economy is the third largest economy in the world.' She adds, 'It's more than I think Germany and Japan's economy combined. So, it's not a matter of if it happens to people, it's a matter of when.'

Your 'digital footprint' encompasses every online action, including apps, games, websites, and accounts. All this data is recorded. Contrary to popular belief, incognito mode only prevents your browser from saving cookies and tags locally; websites still track your activity.

Sarian defines cyber security as 'protecting your digital footprint. And your digital footprint is pretty much every single thing you do online.' She clarifies incognito mode: 'That is incognito for your browser... that website is still able to see that you went on that website.'

Free Wi-Fi is not truly 'free'; you are the product, with your data being collected and sold. Open public Wi-Fi is often unencrypted, meaning data transmitted (like banking information or private messages) can be intercepted by skilled individuals. Websites with 'HTTP' instead of 'HTTPS' (the 's' stands for secure) are particularly vulnerable.

Sarian states, 'If there's any free product or app, you are the product.' She explains that on open Wi-Fi, messages are 'flying through cyerspace' unencrypted, allowing anyone 'to go in and out of that tunnel and see what you're doing.' She highlights 'HTTPS' as the indicator for a secure website.

Many software updates are not just for new features but are critical security patches. They fix 'holes' or vulnerabilities that hackers have discovered and exploited. Enabling automatic updates ensures these flaws are quickly addressed, strengthening your digital defenses.

Sarian explains, 'The way that software updates work is usually the software has a hole in it, like a flaw, a vulnerability... The reason why a lot of software updates happen is to patch that hole.' She estimates '90% of software updates are to to fix some type of bug or vulnerability.'

Plugging your phone into public USB charging ports (e.g., in hotels or airports) can expose you to 'juice jacking.' When you 'trust this device' to charge, it can also send and receive data, potentially allowing malicious actors to download information or install malware onto your phone. Charging directly from a wall outlet avoids this risk.

Sarian describes 'juice jacking' where public USB plugs, when 'trusted,' can 'send and receive things from that port.' She advises, 'Just plug it into a wall. That can't happen in a wall.'

Reusing passwords or using slight variations of a 'base password' (e.g., 'password1', 'password123') makes accounts highly vulnerable. Hackers use algorithms to generate thousands of variations in seconds. Scammers also exploit human psychology, creating urgent, fear-based scenarios (e.g., impersonating law enforcement) to pressure victims into making rash decisions, often involving crypto payments.

Sarian explains hackers can 'run 10 algorithm that runs 10,000 variations of that base password that was leaked' to access accounts. She details scam calls where impersonators 'know exactly like the psychology behind getting you to react,' using threats of arrest and demanding crypto.

In the event of a data breach, identity theft is a primary concern. Freezing your credit with the three major credit bureaus (Experian, Equifax, TransUnion) prevents new accounts from being opened in your name. This is a simple, free, 'one-and-done' action that can be temporarily unfrozen when needed for loans or new credit cards.

Sarian advises, 'The main thing I tell people freeze your credit because the issue with those like breaches is identity theft.' She notes, 'they can't commit identity theft if they can't open any accounts in your name and they won't be able to open accounts in your name if you freeze your credit.'

Sophisticated voice cloning scams use publicly available audio (podcasts, social media) to impersonate individuals and trick loved ones into sending money. Implementing a family 'safe word' provides a crucial verification mechanism to confirm a caller's identity during suspicious interactions.

Sarian describes scammers 'using our voice from public podcast episodes, TV shows, whatever... to stitch together a few words and try to scam your loved ones.' She suggests a 'safe word' so a family member can ask, 'Can you please tell me your family safe word?'

A prevalent Venmo scam involves fraudsters sending money from stolen credit cards to a victim, then claiming it was a mistake and requesting the money back. When the original stolen card transaction is reversed, the victim is left out of pocket because they willingly sent their own money to the scammer.

Sarian details how scammers 'send you money on Venmo... from stolen cards' and then ask, 'Can you please send the money back?' She explains, 'because it's a stolen card, those charges get reversed, but you don't get reversed because you willingly sent them the money.'

Cameras on laptops, doorbells, and baby monitors are vulnerable to hacking, especially if passwords are reused or if they're connected to open, unsecured Wi-Fi networks. Hackers can gain access to view or even speak through these cameras. A simple, inexpensive camera cover for laptops is a basic physical defense.

Sarian warns that if 'you're reusing passwords... they just mess with you and they can like talk through the camera. They can watch the camera.' She recounts a story of an old boss whose laptop camera was hacked, and advises, 'I just put on a camera cover.'

Privacy policies are intentionally complex and legalistic, making it difficult for users to understand what data is being collected and shared. Utilizing AI tools like ChatGPT, Gemini, or Perplexity to summarize these policies can quickly reveal red flags regarding sensitive data collection (e.g., biometric, health) and third-party sharing.

Sarian suggests, 'I take that privacy policy, I actually throw it into chat GBT or Gemini or Perplexity... and I say, 'Hey, can you please tell me like the highlevel issues that like might come about like what are they collecting?'' She notes policies are 'meant to confuse you.'

Many apps automatically gain extensive permissions upon installation, including access to your camera, microphone, and precise location. These permissions allow apps like Instagram, Facebook, and TikTok to scan your camera roll for content ideas, even unposted photos. Regularly reviewing and limiting these permissions ('only while using the app' or 'limit access to one photo') is crucial.

Sarian advises checking if an app 'has access to your camera? Does it have access to your microphone? And does it have access to your location? All three of those things. If it doesn't need it, turn it off.' She cites social media apps 'scanning the camera roll that you have not posted to give you ideas.'