AG Carr Encourages Georgians to Protect their Data & Devices During Cybersecurity Awareness Month

Staff Report

Friday, October 21st, 2022

Attorney General Chris Carr is sharing important tips and resources to help Georgia consumers, businesses, and organizations protect their data and devices from cyber threats during Cybersecurity Awareness Month. As a member of the Georgia Cyber Fraud Task Force, Carr is also highlighting the office’s continued efforts to combat the criminal movement of cyber fraud proceeds.

“Phishing scams, data breaches and malicious websites pose very real threats to Georgia consumers and businesses,” said Carr. “Our office is here to help by providing Georgians with important information about how to protect their network, data and devices from cyber fraud schemes. We also continue working with our partners on the Cyber Fraud Task Force to hold bad actors accountable and disrupt this type of criminal enterprise in our state.”

Georgia Cyber Fraud Task Force

As a member of the Georgia Cyber Fraud Task Force, the Attorney General’s Office works to combat the laundering of cyber-enabled fraud proceeds through banks in the Atlanta area. This includes working to disrupt the financial structure that makes these schemes so lucrative for criminals.

Comprised of local, state and federal law enforcement partners, the Cyber Fraud Task Force recently marked one year of progress. During this time, the Attorney General’s Public Integrity and White Collar Crime Unit has brought charges in a number of cases identified by the Task Force. A few of those cases are listed below.

In August 2022, Carr announced the conviction of Borin Khoun for multiple counts of Theft by Taking relating to his involvement in cyber fraud scams targeting older adults. As part of his sentence, Khoun was ordered to pay $234,479.48 in restitution to his victims. This case was investigated by the Federal Bureau of Investigation (FBI) and the Georgia Attorney General’s Office.
In March 2022, Carr announced the indictment of Mark L. Jones on one count of Theft by Taking. The charge relates to Jones' alleged involvement in a Business Email Compromise scam. This case was investigated by the Georgia Attorney General's Office and the Cobb County Sherriff's Office.
In the event that a fraudster has tricked you into sending money, file a report with local law enforcement and submit a complaint to the FBI’s Internet Crime Complaint Center (IC3) at ic3.gov.

Tips and Resources

To help small businesses, non-profits, and places of worship safeguard their data and devices, the Attorney General’s Consumer Protection Division created Cybersecurity in Georgia. This comprehensive guide includes critical tips and information about the different types of cyber threats, protecting your data and network, training employees about cybersecurity, planning for and responding to a security breach, cyber insurance and more. Download your copy here.

The Consumer Protection Division also offers the following tips to everyone who uses technology.

Be wary of emails and text messages asking you to take action. Don't click on links, open file attachments or provide sensitive information in response to texts, emails or social media messages, particularly if you don't recognize the sender, as it could download malware onto your device or place your sensitive information in the hands of a scammer. Be especially wary if the sender asks you to send money. Even if the message appears to come from a person or business you know, refrain from interacting with the message and instead contact the entity through a verified phone number, email address or website.
Be careful when shopping online. Use only well-known, reputable online sites. You can check the reputation of a business by visiting bbb.org. Using a credit card rather than a debit card offers more protections in the event of fraud.
Use strong passwords. The longer the password, the tougher it is to crack. Mix letters, numbers and special characters. Don’t use your name, birthdate or pet’s name in your password. Use a different password for each of your accounts so that if one account is hacked, the perpetrator cannot take over all of your accounts.
Enable multi-factor authentication. Multi-factor or two-factor authentication increases the security of your online accounts by requiring an additional means of verifying your identity beyond your username and password. This could come in the form of a PIN number, security question, facial recognition, fingerprint, or requiring you to enter a code that is texted or emailed to you. Always opt-in if given the choice to set-up multi-factor authentication, particularly for sensitive accounts, such as online banking or retail accounts that store your payment information.
Update your system and software frequently. Computer and software companies frequently update their programs to include protection against new security threats. Simply updating your operating system and software whenever new versions become available gives you an added measure of security.
Install reputable security software on your computer. Make sure your computer has anti-virus and anti-spyware software, a pop-up blocker, and that the firewall is enabled. For lists of security tools from legitimate security vendors, visit staysafeonline.org.
Lock your phone. Use at least a six-digit passcode on your device, or use the pattern lock or fingerprint scanner. Set the device to lock when it’s not in use.
Protect yourself in the event that you lose your mobile device:
Enable Find My iPhone (iOS) or Find My Device (Android). These apps could help you locate your device if you lose it. If your phone is stolen, these apps also let you remotely issue a command to erase your device – even if an identity thief turns it off.
Alert your wireless provider as soon as you know your device is missing. They can permanently or temporarily disable the SIM card to stop someone from using the device for calls or the internet.
Change passwords for your accounts if your device is compromised. Many of us set our devices to remember passwords, which means that if your device ends up in the wrong hands, someone could gain access to your accounts and personal information. If you lose your device, immediately change the passwords to your online accounts.
Backup important data. No system is completely secure. Copy files onto a removable disc, external hard drive, or to the Cloud so that if your device is compromised, you will still have access to your files.