The #1 Cybersecurity Risk? It’s YOU.
When most people think about hackers, they picture someone in a hoodie, sitting in a dark room, furiously typing away to break into secure systems. But here’s the truth:
Most hackers don’t “break in.” They log in.
How? Because people unknowingly hand over their own security information.
Cybercriminals don’t need to use high-tech hacking software if they can just trick you into giving up your passwords, account access, or personal information.
In this episode, I’ll break down:
- Three of the most common online scams you need to watch for
- How to spot the red flags before falling for them
- Simple steps to protect yourself online
And if you want to go even deeper into cybersecurity tips that actually make sense, check out my growing Tech+ course, where I walk you through basic IT, even how to stay safe online—without all the confusing tech jargon.
Now, let’s dive in!
How Hackers REALLY Get Your Information
Most cyber attacks don’t happen through fancy hacking techniques. Instead, they happen through a trick called social engineering.
Social engineering is just a fancy way of saying hackers manipulate people into giving up their own information.
And unfortunately, it works really well.
Let's look at three common scams that fool even smart, tech-savvy people:
The “Fake Account Lock” Email
How it works: You get an email that looks like it’s from PayPal, Amazon, or your bank. It might say something like:
“Your account has been locked due to suspicious activity. Click here to restore access.”
You panic. Maybe you did buy something yesterday—what if your account is locked?
So you click the link, log in… and just like that, you’ve handed over your password to a hacker.
What really happened?
That email was fake. The link didn’t take you to PayPal—it took you to a lookalike phishing site controlled by scammers. Now, they have your login information, and they can access your real account.
So, how can you protect yourself? Here are a couple of things to consider.
- Never click login links in emails. If you get a security alert, go to the company’s official website by typing the URL yourself. You could even call them directly if you'd prefer to act over the phone.
- Look for red flags in emails: spelling errors, urgent language, and email addresses that look slightly “off” (e.g., support@paypa1.com instead of support@paypal.com).
The Fake “Amazon Fraud Alert” Call
How it works: Your phone rings, and the caller says:
“This is Amazon fraud prevention. Someone just charged $499 to your account. If this wasn’t you, press 1 to talk to a representative.”
Your heart skips a beat. You know you didn’t buy anything for $499. So, you press 1, and the “Amazon representative” asks for your login details and credit card information to “verify your account.”
What really happened?
That wasn’t Amazon. Scammers can fake caller ID numbers to make it look like they’re calling from a real company.
How to protect yourself:
- Amazon, banks, and major companies don’t call you out of the blue asking for login details.
- If you ever get a call like this, hang up. Then, go to Amazon’s official website and contact customer service yourself.
The Suspicious Link from a “Friend”
How it works: You get a Facebook message from a friend that says:
“Hey, is this you in this video?” (with a strange-looking link).
You click, and instead of a video, you see a Facebook login page. It looks normal, so you enter your password…
What really happened?
Your friend was already hacked. The scammer is now using their account to send phishing messages. When you enter your password, you just gave the hacker access to your account, too.
How to protect yourself:
- If a message seems suspicious, don’t click the link. Contact your friend and ask if they actually sent it.
- Use two-factor authentication (2FA) so even if someone steals your password, they still can’t log in without an extra security code.
How to Protect Yourself from These Scams
Now that you know how hackers trick people, let’s talk about how to fight back and protect yourself.
The best part? You don’t need to be a cybersecurity expert to stay safe. Just follow these simple rules:
#1 - Slow Down and Think
If an email, text, or call makes you feel panicked or rushed, that’s a red flag. Hackers rely on urgency to make people act before thinking.
Golden rule: If something makes you panic, assume it’s a scam and verify it first.
#2 - Never Click Suspicious Links
If you receive an email saying your account has been locked, don’t click the link in the email. Instead, go directly to the company’s website by typing the URL yourself.
Real companies don’t send login links through email. If they do, double-check the sender’s address carefully.
#3 - Verify Before You Trust
If you get a phone call from a company, don’t trust it immediately. Hang up and call the company yourself using their official website’s contact number.
If a friend sends you a weird link, ask them first. Their account might have been hacked.
Final Thoughts: Stay Skeptical, Stay Safe
The truth is, hackers don’t need to be geniuses if we make it easy for them.
That’s why the best way to protect yourself online isn’t just having strong passwords—it’s having a strong sense of skepticism.
If something seems weird, slow down and think before you act.
And if you want to go even deeper into cybersecurity tips that actually make sense, check out my Tech+ course. I break down everything you need to know about staying safe online, without the confusing tech jargon.
Stay safe out there, and remember: When in doubt, take a time out! Don’t click.
Are you a creator? Want to be?
As an IT hobbyist, I’ve been having fun making videos, including shorts and reels, for this site – krichardlabbe.com. I use VEED to edit them. It’s super easy for a non-pro like me—trimming, captions, all that jazz. If you’re into creating too, you can try it with my referral link and save 50% for three months. Full disclosure—I get a small reward if you sign up, something that helps me keep producing this content! Thank you!