Skip to main content


    5 Cybersecurity Tricks and Treats to Help You Unmask Scammers This Halloween

    By Laura Lewis

    5 cybersecurity tricks and treats to help you unmask scammers this halloween

    From personal credit card theft to data breaches affecting millions of people, horror stories of cyberattacks can be found across the internet. According to the Federal Trade Commission (FTC), there were 1.4 million cases of identity theft in 2020, double that of the year before.

    While cybersecurity professionals across the globe are working to defend organizations from cybercrime, there are many steps you can take to keep your information safe.

    Here are some tips on how you can avoid being tricked by cybercriminals this Halloween and throughout the year!

    1. Secure Your Accounts with A Password Manager Tool

    Repeating the same password over and over only works if you’re trying to summon Beetlejuice. Instead, you can use a password manager tool to keep track of a range of passwords across your accounts.


    Hackers and their bots can “guess” an overused password through credential stuffing–which tests breached username/password data across multiple services to hack user accounts.


    Manage all your account passwords with a password manager. These can only be accessed via a master password or a secondary form of authentication.

    2. Utilize Strong Passwords

    The anatomy of a strong password includes unique symbols, uppercase and lowercase letters, and numbers–but that’s not all! Be sure to avoid using sequential letters or numbers, or a pattern that is more easily deciphered.


    A password like “123MonsterMash!” technically meets these requirements, but still contains full words and numerical sequences that are easy to guess.


    In contrast, the password “M@NSt3r-M4sH.” utilizes multiple forms of special characters–making it a much stronger password (although, changing our words into standalone letters and numbers would make this password even stronger, if less festive).

    3. Enable Multi-Factor Identification

    A password alone may not be enough to protect your more valuable information, just as a Halloween costume doesn’t always conceal your identity. Banking applications and other financial accounts, for example, often provide a multi-factor or 2-step verification feature for your login credentials.


    In the case of a password leak, your accounts are vulnerable to be hacked from any device, anywhere. However, multi-factor verification can make obtaining your information harder for hackers, and in some cases alert you of unwanted account activity.


    With multi-factor identification, you can only log into your accounts with both your password and a secondary form of identification–like a code sent to your cell phone number. It may take an extra moment for you to access your information, but it’s worth the added security.

    4. Don’t Skip Software Updates

    Are you feeling haunted by constant, recurring reminders to update your phone or home computer software? You could try burning sage, but the only proven technique to get rid of those reminders is to, well, update your software!


    Hackers target outdated software to exploit known vulnerabilities or gaps in its functionality.


    Keeping your software current allows for optimal, built-in cybersecurity–while also ensuring your device runs efficiently overall.

    5. Learn to Recognize Phishing Scams

    You probably already know not to click a link that promises prizes from an unknown sender–or take unwrapped candy from a stranger. But, cybercriminals are constantly creating more sophisticated scams that are harder to detect at first glance.


    Through email and SMS messaging specifically, phishers are often able to mimic a company, organization, or even an individual’s visual identity–luring you into a false sense of trust.


    Any email or text message that prompts you to update your billing or other personal details via an embedded link is a scam. You can also unmask more sophisticated phishing attempts by verifying ALL sender information, scanning the text for mistakes or generic messaging, and always reporting any suspicious activity to the institution that the scam is masquerading as.

    Interested in learning more advanced cybersecurity skills? Sign up to receive our no-cost Hacking 101 course here. It’s not a trick, but will treat you to an overview of the current cyber landscape, industry standard best practices, and how to start building a thriving career in cybersecurity.