How to Avoid Cyber Scams
It wasn’t easy to research Jeff Petrower ’11 (BUS, MS) in preparation for our interview. Virtually no information about him came up online — which is exactly how the IRS Criminal Investigation special agent who specializes in cyber scams likes it.
On the phone, he did share a few personal details — like how he met his wife on campus.
The Stamford, Connecticut, native whose mother, Kathy Petrower ’80 (BUS), also graduated from UConn, was introduced to Laura Vargo ’11 (CLAS) through mutual friends at on-campus bar the Thirsty Dog. After discovering they both lived in Charter Oak Apartments, Vargo slipped a note under his door, inviting him over for dinner she’d cook and providing three menu options: penne alla vodka, chicken cordon bleu, or “Manwiches.”
Petrower, who readily admits being “unsophisticated” at the time, selected the third option. Eight years later, they hung a UConn banner at their wedding and now live in New York City with their 1-year-old daughter, Alice.
After working for a decade as an auditor, financial risk consultant, and forensic accountant with KPMG and later Deloitte, two of the so-called Big Four accounting firms, Petrower joined IRS Criminal Investigation as a special agent in 2022, a dozen years after first discovering the division at an outreach event on campus his senior year.
We asked him to share his top five ways to avoid becoming a cybercrime victim.
#1: Keep more of your personal information, well, personal.
“Threat actors are skilled at piecing together different parts of your identity. You might have your birthday, your pet’s name, your email address, your location, all on different social media,” Petrower explains. “When paired with compromised usernames and passwords on the dark web, this information can allow bad actors to re-create a digital version of you to commit identity theft and a host of other scams.”
#2: Don’t allow your emotions to overcome rational thought.
Scammers manipulate two main emotions to extract money out of victims — fear and love, Petrower says. Fear can come in the form of pretending to be a financial institution or law enforcement, even the IRS itself, warning you about fraudulent activity on your account or that you’ve been the victim of identity theft. Then they ask you to follow their instructions to correct it … and that’s when you actually become the victim of identity theft.
“Most of the time, the scammer will also urge you not to talk to anybody about the situation. This is a major red flag,” Petrower warns. “Whenever they tell you not to talk to someone, stop what you’re doing and do talk to someone you trust.”
The ostensible love component comes in the form of dating apps or websites, two of the most common modern methods for scams. “If you get involved in a chat on a dating app and the conversation turns to something like crypto investments, pick up the phone and call them. Or better yet, suggest a video call. Hear what they sound like, see what they look like,” Petrower advises. “If your love interest refuses, you’re probably chatting with a scammer.”
#3: Don’t invest in anything that you don’t understand.
“That’s classic investment advice,” in general, Petrower acknowledges. “But it’s more pertinent now than ever, with virtual assets in play. Shady promoters will pitch things with buzzwords like ‘bitcoin,’ ‘crypto,’ ‘NFTs,’ or ‘DeFi’ [decentralized finance] tokens.”
If it sounds cool or innovative, but you don’t really get it, stay away.
#4: Be wary of unregulated investments.
“These digital tokens can be created by anyone,” Petrower reminds us. “They’re traded as investments but not registered as securities, nor regulated as such. That creates a risk to the investor of total loss,” since there’s no financial backstop. If your bank goes under, the FDIC guarantees up to $250,000 from your savings or checking account. Here, there’s no such guarantee.
#5: Protect your data and connections.
“Be careful when connecting to public Wi-Fi. Don’t conduct any sensitive transactions when on a public network, especially purchases — whether you’re at a hotel, airport, shopping center,” Petrower warns. “Bad actors have figured out ways to use public USB ports to install malware and monitoring software onto devices that plug into those ports. So use your own charger and USB cable, and plug into an electrical outlet instead.”
Indeed. Russian operatives recently made international headlines after tapping into a top-secret German military meeting when a German officer dialed in using an unsecured phone line at a Singapore hotel.
By Jesse Rifkin ’14 (CLAS)
Illustration by Grundini
Leave a Reply