While New Mexico lands solidly at the bottom when it comes to state rankings of such things as education and child poverty, here’s one where we’re nearly at the top: how much money we lose to online romance scams.
A new report from HighSpeedInternet.com that relies on FBI and Census data found that online romance scam victims in New Mexico lost $3 million in 2016, the most recent year for which figures were available. That breaks down to an average of $33,867 per victim, second-highest in the nation behind Arkansas.
People living in Vermont lost the least amount of money per person at an average $626.
The good news (sort of) is that New Mexico is lower on the list in sheer numbers of this type of scam (called “catfishing”) that happen in our state. We’re No. 13. The No. 1 state is Alaska, according to the report.
Here are some tips to avoid getting duped (besides moving to North Dakota, the state with the fewest number of catfishing victims):
• Don’t send money to someone you don’t know well – even if you’ve been communicating for some time. “Some of these scams can last for years, so even if you’ve been chatting with someone for a long time, that doesn’t mean their intentions are good,” says HighSpeedInternet.com.
• Be cautious about someone who immediately wants to leave a dating site in favor of communicating by personal email or text.
• Raise an eyebrow to someone who “claims love in a heartbeat” or who “plans to visit, but is prevented by a traumatic event or a business deal gone sour,” according to the Federal Trade Commission.
• Question someone who claims to be from the U.S., but is traveling or working overseas.
◊ ◊ ◊
Reddit, one of the nation’s most popular websites, has been hit by hackers, and the breach is raising some wider caution about a much-touted consumer security measure: two-factor authentication.
A little background: In case you’re not familiar with the site known as the “front page of the internet,” Reddit is like a giant bulletin board with message boards and discussion threads. It’s controversial because users remain confidential and content can be explicit or questionable.
The website disclosed recently that hackers in June gained access to login credentials for everyone who signed up for an account before May 2007. A separate compromise at the same time also accessed all of the daily digest emails Reddit sent out to users between June 3 and June 17 of this year.
The thing about this breach that’s raising concern is that the hacker was able to gain access through employees’ accounts, which were supposed to be protected by two-factor authentication.
The two-factor system provides an extra layer of security by requiring two steps to log in. So, for example, beyond just having a username and password, you might get a one-time PIN number sent by text message that you must submit to get access to an account. In the Reddit case, the hackers breached text message authentication.
What that shows is that using two entry points to access sensitive accounts is just “a starting point. It does remind us that nothing is impenetrable and things can be hacked,” Eva Velasquez, head of the Identity Theft Resource Center, said in an interview.
A better system would require mandatory multiple factors, such as facial recognition, an ear print or even a system that could identify you by the way your fingers push the buttons on your phone, she said.
In the meantime, Velasquez said consumers should continue to sign up for the two-factor security whenever possible.
“At the moment, our position is if two-factor authentication is offered, opt in,” she said. “Go ahead and embrace it. That has not changed.”
Ellen Marks is assistant business editor at the Albuquerque Journal.