These online habits increase your risk of fraud. Are you making these mistakes?
A new report reveals that everyday online habits may be putting people at an increased risk of fraud. The AARP Fraud Watch Network examined how many Americans may not know the common digital behaviors that leave them vulnerable.
It comes on the heels of newly released FBI data showing scammers and cybercriminals stole a record $16.6 billion in 2024.
The good news? A few easy changes can go a long way to reducing your potential risk.
Bad habits
AARP found that one of the most common mistakes people make is reusing passwords. Most Americans — 64% — reported using the same password across multiple accounts. That means a hack on one account can put all of your accounts at risk, warns Kathy Stokes, AARP's director of fraud prevention. Using social media logins to access other websites poses similar security risks, she said.
About half of those surveyed said they've downloaded unverified apps or tapped on an unknown link to take an online quiz on social media, which can expose you to malicious software. More than a third say they accept calls, texts and friend requests from people whom they do not know. AARP warns criminals seize any opportunity to manipulate their target's emotions, so not engaging can reduce the risk of victimization.
The survey's most significant finding, according to Stokes, is that 90% now agree anyone can be a scam victim, signaling a major cultural shift.
"We used to believe it just happened to a certain segment of our society and with the AARP, I can tell you, the focus has been on older adults, but we've really sort of blown that out of the water and help people understand that, yes, it can happen to anybody," Stokes said. "It doesn't have to do with age or tech savvy."
Protecting yourself
Stokes says one of the easiest things people can do is update their passwords.
"It's hard to make a behavior change, especially when it's going to slow you down," Stokes said. "But there are tools to help us do that."
Cybersecurity experts recommend using a password manager, a program designed to help you create and manage multiple passwords in a single encrypted database.
Enabling multifactor authentication (MFA) when available on accounts is another way to reduce your risk. MFA adds an extra layer of protection beyond just passwords by typically requiring a verification code that is sent via text or email.
While findings show most now believe fraud can happen to anyone, AARP found most people still don't report when they've been a victim of fraud and a majority don't warn others about their fraud experience.
If you think you've been a victim of fraud or a scam, you can report it to the FBI's Internet Crime Complaint Center (IC3) by visiting ic3.gov, the Federal Trade Commission (FTC) and your local law enforcement agency.
You can read the full report on AARP's website.
Do you have a money question, a consumer issue, or a scam story you want to share? Email InYourCorner@cbs.com.
