Picture this: It’s Sunday afternoon. You’re in the kitchen meal planning for the week and thinking about dinner.

The phone rings. It’s your bank calling about a problem with your account.

A Fraud Prevention team member asks if you authorized a transfer to a foreign account? No, of course not. Oh, they say, because two wire transfers are pending now.

You ask what you can do. They pause, then say there might be a way to stop the transfers, but only if you act now. Of course, you say, what’s the first step?

They transfer you to a supervisor. You can reverse the charges but you have to act fast. Time is of the essence, he says, for them to help you recover your money.

What would you do?

It’s Not As Simple As You Think

It’s easy to think you would do the right thing.

You might think to check your account to see the activity the supervisor is describing. Or ask for their contact information and try to verify it with an online search. Or hang up.

But you might not because cyber criminals are very good at their jobs.

They’ve researched you. They know your patterns. Where you bank. Your friends and family members.

They know how to prey on human tendencies to act rashly when we’re tired or anxious especially about our hard-earned money. They’re so good, in fact, we lose more money to cyber criminals every year.

According to the FBI’s Internet Crime Complaint Center, 2024 cyber crime losses increased by 33% from the prior year. Of the 256,256 complaints it received which involved actual losses, criminals made off with an average of $19,372 in each complaint.

Could you afford to lose that much right now to a phone call?

Me neither, so let’s get ready together.

Following are some straightforward things you can do right now. They could keep a cyber criminal from getting to you in the first place and give you helpful tips if you do find yourself on the receiving end of a suspicious call.

The Telephone Is Ringing. Should It?

Assuming you’re an iPhone user and upgraded to iOS 26, I strongly recommend using Screen Unknown Callers and Call Filtering. I use them to divert first-time callers to voicemail so I can deal with them on my schedule and not theirs.

Both options are found by opening “Settings” on an iPhone, searching for “Phone,” then scrolling through the options. Similar functionality is available on many Android phones.

Enabling these settings will mean that, effectively, you will never again answer a call from a number not in your Contacts. It’s easier to live with than you might think, though. I’ve had these settings enabled on my phone for months. Aside from needing to return calls to a home repair company or two, it hasn’t been a burden.

This is a harder line than some recommend and you still need to be vigilant as Caller IDs can be spoofed. Regardless, it raises a formidable line of defense against scammers trying to get you on the phone when they’re ready to take advantage of you.

Verify Off-Channel

If somebody does connect with you by phone, text, or email and claims to be from your bank or another similar institution, pause and switch channels. The scams are most effective when they draw you in on their terms to prey on your emotions.

Hang up the call, then get the phone number from your statement or another trusted source. Never ask a caller for a contact number or use information they supply to verify their identity.

A scammer will already have another fake number or website set up for you. They want to keep you in the emotional tunnel of their scam so they go to lengths to ensure they can counter your questions on the fly.

By switching channels on them, you wrest control of the exchange out of their hands. Although it may take time to verify details, the breathing room you give yourself is exactly what you need to make quality decisions.

Commit to an Overload Plan

Scammers prey on fatigue and distraction. They need you to follow their instructions so their scheme can successfully put your money in their pockets.

An “Overload Plan” involves making a decision in advance to not make any financial moves when you’re rushed, tired, or have not checked with a trusted friend, family member, or advisor. Essentially it creates a fiscal circuit breaker so, if pressed by a scammer, you won’t take an action you’ll regret later.

AARP calls this the “Active Pause:”

Taking an active pause when triggered can help us regain control of the situation. It gives us time to reflect on what we may know about the scenario, or to call a friend or verify the contact.

That pause is the space you need to think calmly about what you’re being asked to do. Knowing it may save you about $20,000 makes it a beat worth taking.

These three steps are simple, effective, and free. You can put all of them into play for yourself today as you read this post.

I have one more suggestion, though. While it will break the digital data chain bad actors count on to survive, you might call it overkill.

Split Your Digital Identity

For almost every online account, an email address is required. From banks to auto leases to streaming subscriptions, an email is one of the two keys needed to access every account.

When we use the same email address everywhere, we help scammers chart a road map of our online activity. From merchant to merchant, they use these connections to craft a plan of attack.

Instead, you can foil their efforts by using unique email addresses for your financial accounts, shopping accounts, and personal messages. If one address leaks or one merchant is hacked, none of your other accounts are jeopardized.

I’m not only preaching this approach. I’m practicing it.

After my electric utility account got hacked earlier this year, I started to think seriously about doing this very thing. Months later, after a lot of study and consideration, I’m on my way to pulling the digital rug out from under any cyber criminal trying to hoodwink me.

I’ll share more about how and why I did it in a future post. For now, it’s a step to consider while the other three are “must do’s.”

Act Now To Protect Yourself

If you’ve been reading my posts, you know I am serious about online safety. From password managers to opting out of data brokers to switching to a privacy-first browser, I believe we should all take every step we can to protect ourselves and our data.

But don’t take my word for it.

Read about how Michael Wilson, a New York Times reporter almost wired $2,100 to a cyber criminal. He went as far as being a moment away from submitting the transfer before he realized what was happening.

And then a friend got hacked last week. He’s a smart guy, but a scammer got to him when he wasn’t expecting it.

This is happening now and likely to people you know.

Don’t allow yourself to be a victim. Give yourself the best chance of foiling the attack when it happens by:

1. Screening unknown callers and setting up call filtering
2. Verifying inquiries off-channel
3. Committing to an overload plan.

Every scammer deserves to have a bad day. Either take these steps now yourself, or engage me for a personal tech audit. Let’s work together to make sure no scammer can take advantage of you on a Sunday afternoon or any day.