The world is a dangerous place, and villains are constantly trying to get hold of your money, your bank details, and your passwords. Often they don't need to employ any complicated plan or advanced tech. All they need to do is gain your trust and ask. Don't fall for it.

Cybersecurity is a process, not a one-off solution. It's not something you can set up, activate and forget all about. Keeping your data (and your money) safe requires constant vigilance, along with extensive processes, checks, authentication, and other systems. Most of this goes on behind the scenes. You generally don't see the calculations which happen before you're even presented with the annoying Captcha which blocks access to your bank's login page or your PayPal account.

Despite this, you'll see constant news stories about victims having their accounts drained, or their identity stolen, and the reason is simple.

In an interview with UK-based tech news outlet The Register, a senior security adviser for infosec company Sophos named John Shier revealed that people are generally quite willing to disregard all sensible security advice and hand over confidential information to whoever asks for it.

"People will give up info if you just ask nicely," he said.

At MakeUseOf, we regularly cover scams in which the victim of a phishing expedition ends up handing over their bank details, their passwords, and more, because they trust the person or organization asking for it.

This trust is almost always misplaced, especially with romance scams. And in October 2022, we saw a wild case where a 65-year-old Japanese woman sent tens of thousands of dollars to a supposed Russian cosmonaut who needed the cash to return to earth.

Astronaut sitting on a moon

It's easy to laugh at such stories, but scammers are great at targeting their victims, and they're good at building up trust and relationships. They're experts, and while you're sure you'd never fall for their tricks, you've probably never been targeted by an expert.

There Are Unlimited Ways to Target a Victim—Don't Let It Be You

The cosmonaut scam sounds silly, but it worked, and as Shier stated, the easiest way of getting someone's info is to ask for it.

You can inadvertently give out your bank details by replying to a scam which asks you to confirm that an account is yours. You can disclose your password when contacting your bank to complain about it. You can query a legitimately issued fake invoice from PayPal, and end up on the hook. In many cases, all the other party needs to do is ask for what they need.

Fraudsters are also becoming increasingly adept at creating deepfakes. These can be of someone you trust, although perhaps not someone you know personally. Voices can be faked, and video can be faked, too.

Fortunately, there are a bunch of tools to help you detect fakes online, and we recommend you use them. Additionally, Microsoft has created a deepfake detection tool to help you work out whether the person you're talking to actually exists.

Repeat After Us: Don't Give Out Your Personal Information or Passwords

Your bank is probably pretty hot at making sure that you know what you're entering into when sending money. You'll probably need a password, a PIN, and two-factor authentication. But that counts for nothing if you're willingly handing either cash or the details needed to get the cash over to a criminal. Take care to make sure that people online (or in person) are who they say they are, and never give your passwords to anyone—even if they ask nicely. Remember, the less a scammer knows about you, the harder you are to target.