Don’t Let Spooky Scams Haunt Your Finances This Cybersecurity Month

COLUMBUS, Ohio - While ghosts and goblins may be lurking this October, so are cyber criminals. As we gear up for Halloween fun, the Ohio Department of Commerce's Division of Financial Institutions reminds Ohioans that Cybersecurity Awareness Month is the perfect time to sharpen your digital defenses against the rising tide of sophisticated online scams.

"Digital technology plays an important and, in many ways, irreplaceable role in our daily lives; however, that means it's our responsibility to ensure we never let our guard down to potential threats," said Division Superintendent Kevin Allard. "Understanding current threats and best practices, as well as ways we can enhance our safety and security in this space, go hand in hand. The threat landscape is always evolving, and awareness is the best defense against falling victim to these scams."

The interconnectedness of today's world is exposing consumers to new cyber threats like never before. According to the latest report from the FBI, there were nearly 860,000 complaints of suspected internet crime made in 2024 with losses exceeding $16 billion, which is a 33% increase from the previous year. Ohio ranked 7^th in the country with nearly 25,000 complaints made last year alone.

In addition, according to the Federal Trade Commission (FTC), consumers reported losing an unprecedented $12.5 billion to fraud in 2024. Of that, bank transfers accounted for $2 billion in losses and cryptocurrency scams resulted in $1.4 billion in losses. The FTC also found that social media has become a primary channel for fraudsters. Last year, the use of social media channels contributed to $1.9 billion in losses.

To help protect Ohioans, the Division is highlighting several common and emerging cyber threats consumers should be aware of:

• One-Time Passcode Scams: This occurs when criminals intercept security codes sent via text and use those codes to gain unauthorized access to various accounts, including financial accounts.
• Investment Scams: These often include cryptocurrency schemes like "pig butchering," or romance scams, where fraudsters use elaborate and convincing storylines to build trust with - or "fatten up" - victims before enticing them to make investments in fraudulent schemes. Additional scams may involve fraudulent gold bar deals and deceptive investment clubs promoted on social media.
• Financial Institution Impersonation: Scammers may pose as bank representatives or anti-fraud teams to trick individuals into transferring funds to an account belonging to them. By the time you find out, your money is often long gone.
• Imposter Scams: Fraudsters impersonate government agencies like the Social Security Administration, IRS, or USPS to trick you into sharing personal and financial information. Remember, government agencies will never call, email, text, or message you on social media to ask for money or personal information.
• Artificial Intelligence-Fueled Fraud: Criminals use AI for voice cloning, deepfake videos, and advanced romance scams to deceive their victims into sharing sensitive information with who they believe is a known and trusted individual, instead the person on the other end may be a complete stranger.

Four Tips for Staying Safe Online

The Cybersecurity and Infrastructure Security Agency (CISA) offers four actionable steps that individuals, businesses and organizations can take to enhance their cybersecurity posture:

1. Recognize and Report Phishing: Most successful online intrusions occur when recipients fall victim to phishing messages. Consumers can recognize phishing attempts by the utilization of alarming language or inclusion of offers that seem too good to be true. Be sure to always report phishing messages, then delete them.
2. Use Strong and Complex Passwords: Simple passwords can be easy to guess. Create passwords that are at least 16 characters long, include random numbers, letters and characters, and are unique for each account. Consider utilizing a password manager to maintain and generate secure passwords. While inconvenient, this is a critical step toward enhancing your online safety and security.
3. Turn on Multifactor Authentication (MFA): Use MFA on any site that offers it. MFA adds an extra layer of security beyond just a password, such as a face scan or a code sent to you through a text message.
4. Update Software Often: Install updates for devices, apps, and software, especially antivirus programs, as soon as they become available. These updates address recently discovered security gaps and protect your data. Consider turning on automatic updates to make the process more seamless and manageable.

For additional guidance on reporting various types of cybercrime, refer to CISA's helpful resource here.

By staying informed and following these basic, yet essential cybersecurity practices, we can collectively reduce our vulnerability to digital threats so we can enjoy a safer and more secure online experience.

###

About the Ohio Division of Financial Institutions
The Division of Financial Institutions is part of the Ohio Department of Commerce. The department is Ohio's chief regulatory agency, focused on promoting prosperity and protecting what matters most to Ohioans. We ensure businesses follow the laws that help them create jobs and keep Ohioans safe. To learn more about what we do, visit our website at https://www.com.ohio.gov.