From OHIO DEPARTMENT OF COMMERCE
As people gear up for Halloween fun, the Ohio Department of Commerce’s Division of Financial Institutions reminds Ohioans that Cybersecurity Awareness Month is a good opportunity to sharpen digital defenses against the rising tide of online scams.
“Digital technology plays an important and, in many ways, irreplaceable role in our daily lives; however, that means it’s our responsibility to ensure we never let our guard down to potential threats,” said Division Superintendent Kevin Allard. “Understanding current threats and best practices, as well as ways we can enhance our safety and security in this space, go hand in hand. The threat landscape is always evolving, and awareness is the best defense against falling victim to these scams.”
The interconnectedness of today’s world is exposing consumers to new cyber threats like never before. According to the latest report from the FBI, there were nearly 860,000 complaints of suspected internet crime made in 2024, with losses exceeding $16 billion, which is a 33% increase from the previous year. Ohio ranked 7th in the country, with nearly 25,000 complaints made in 2024 alone.
In addition, according to the Federal Trade Commission (FTC), consumers reported losing $12.5 billion to fraud in 2024. Of that, bank transfers accounted for $2 billion in losses and cryptocurrency scams resulted in $1.4 billion in losses. The FTC also found that social media has become a primary channel for fraudsters. In 2024, the use of social media channels contributed to $1.9 billion in losses.
To help protect Ohioans, the division is highlighting common and emerging cyber threats consumers should be aware of:
- One-time passcode scams: This occurs when criminals intercept security codes sent via text and use those codes to gain unauthorized access to various accounts, including financial accounts.
- Investment scams: These often include cryptocurrency schemes like “pig butchering,” or romance scams, where fraudsters use elaborate and convincing storylines to build trust with victims before enticing them to make investments in fraudulent schemes. Additional scams may involve fraudulent gold bar deals and deceptive investment clubs promoted on social media.
- Financial institution impersonation: Scammers may pose as bank representatives or anti-fraud teams to trick individuals into transferring funds to an account belonging to them. By the time people find out, their money is often gone.
- Imposter scams: Fraudsters impersonate government agencies like the Social Security Administration, IRS, or USPS to trick people into sharing personal and financial information. Government agencies will never call, email, text, or message you on social media to ask for money or personal information.
- Artificial intelligence-fueled fraud: Criminals use AI for voice cloning, deepfake videos, and advanced romance scams to deceive their victims into sharing sensitive information with who they believe is a known and trusted individual, instead the person on the other end may be a complete stranger.
Four Tips for Staying Safe Online
The Cybersecurity and Infrastructure Security Agency (CISA) offers four actionable steps that individuals, businesses, and organizations can take to enhance their cybersecurity posture:
- Recognize and report phishing: Most successful online intrusions occur when recipients fall victim to phishing messages. Consumers can recognize phishing attempts by utilization of alarming language or inclusion of offers that seem too good to be true. People are encouraged to always report phishing messages, then delete them.
- Use strong and complex passwords: Simple passwords can be easy to guess. Create passwords that are at least 16 characters long, include random numbers, letters, and characters, and are unique for each account. Consider utilizing a password manager to maintain and generate secure passwords. While inconvenient, this is a critical step toward enhancing online safety and security.
- Turn on Multifactor Authentication (MFA): People are encouraged to use MFA on any site that offers it. MFA adds an extra layer of security beyond just a password, such as a face scan or a code sent to you through a text message.
- Update software often: People are encouraged to install updates for devices, apps, and software, especially antivirus programs, as soon as they become available. These updates address recently discovered security gaps and protect your data. People may consider turning on automatic updates to make the process more seamless and manageable.
For additional guidance on reporting various types of cybercrime, refer to CISA’s helpful resource here.
