December 1, 2025 • 9 mins
Auditor for the state of Ohio, Keith Faber has tips to keep you protected from scammers who have become very creative!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
And then of course today's cyber Monday, more spending expected
(00:02):
to do today online and that kind of opens up
the possibility of some scam. So let's bring in Ohio
Auditor of the States, Keith Favor joining us. Keith, good
to talk to you. Hope you had a nice Thanksgiving weekend.
What should people be worried about today on cyber Monday
to avoid being cybercrimed?
Speaker 2 (00:21):
Thanks for having me. It was a great weekend capped
off by a great buck guy win. And look right now,
scammers are really really good at social engineering. They will
convince you that they are who they say they are.
And so if it sounds too good to be true,
if it sounds like somebody's asking you for information that's personal,
(00:42):
don't give it to them. It probably is a scam.
Speaker 1 (00:44):
What are some of the red flags? If you're you know,
you're looking at your email inbox today and you're seeing,
you know, forty to sixty percent off all of these
great deals, and maybe the email looks a little fishy,
what what should people look for?
Speaker 2 (00:57):
Well, the first thing is is whenever somebody and we
all get these almost every day, and you're in box saying, hey,
you want to free grill from lows just answer our
survey questions. Or Sam's Club's going to give you a
free membership, or Costco's going to all of those are
generally fake. They're all scams. They're trying to get your information. Basically,
the best thing you can do is if you get
(01:18):
an email and you want to check somebody, go out
independently to the person's website, get out of the email.
Don't click a link, never click links. And so if
you think Costco's running a deal, go to costco I
mean go to costco dot com. I mean go out
to their own site. If you're not sure what their
site really is, search it on Google or go out
to your own search engine and go directly to the site.
(01:42):
But generally, and I know, today's a day everybody's looking
for the great deal, and so you're looking for some
kind of a deal, and so they're going to be
playing into that. And what they're really trying to do
isn't just to try and get your get you to
click on something and say, okay, I want to buy
you know, ninety inch big screen TV for twelve bucks. Okay,
you know that's probably a scam. But if they're trying
(02:04):
to convince you that they're giving you a deal that
isn't isn't frankly ever going to be delivered. If you're
ordering something from China, the good good luck trying to
get it, and so those kind of things you just
need to be wary. Keep a good track on your
credit cards to make sure your charges on your cards
are actually yours. Also, the other big thing is is
(02:27):
you need to make sure that when people contact you.
I probably was getting five to ten calls a day
from somebody trying to convince me that I would be
eligible for a better Medicare healthcare plan. Well the secret
is is I'm not Medicare eligible, So I knew all
of those were scams. And so you know, they're trying
(02:47):
to convince, particularly our senior citizens, that they're going to
give you a deal. And you know, I always say,
if you saw the Beekeeper movie, that wasn't too far
away from the truth. Well, the Jason Statham Park, you
know where we went and on all the people. That's
probably not accurate. But the part that scammers are trying
to take advantage of senior citizens to get them to
give them access to their crucial data is actually very
(03:11):
very true and happening all too often.
Speaker 1 (03:13):
Keith Favor, Auditor of the State of Ohio, our guest,
And you've got a special investigations unit that you oversee
and trying to keep people safe. What do they do
and how do they help keep us safe in the
State of Ohio.
Speaker 2 (03:27):
Yeah, people are always shocked to hear that the state auditor
has a criminal division. What we do is watch out
for government money, because just like the scammers are trying
to take advantage of Bob and Betty Buckeye, they're trying
to take advantage of your tax dollars too. And so
what we do is we go out and try and
catch people who are lying, cheating, and stealing with government money.
Since I've been auditor, we've now convicted one hundred and
(03:47):
fifty or so people for lying, stealing, and cheating with
government money. And they range from a couple county sheriffs
to fiscal officers to government employees across the board. But
as bad as employee theft and dishonesty is inside government,
cyber fraud is worse when it comes to government because
(04:07):
we lose more money to cyber criminals. People pretending to
be a legitimate vendor of your city, your county, your township,
and your township or cities sending them checks that the
money's gone. And we see that all too often. Almost
every week I see a six figure loss come through
from a city or a village or a township or
somebody that's had those kind of losses.
Speaker 1 (04:29):
Keith, I think the best thing you said was be
wary of clicking links. That's the first step is be
really sure that we know what you click is actually
going to take you to where you think it does.
But in a moment of weakness, as someone does do
something and maybe they go even the next step and
they start putting in you know, personal information, you know,
and god forbid, credit card information and they do get scammed.
(04:50):
What what's their next step? What can they do to
try to prevent some serious losses?
Speaker 2 (04:58):
Well, the number one thing is if you become a victim,
don't hide it. Immediately contact your local law enforcement, the
FBI if it's appropriate. If it's government, we require them
now by state law to contact us. To contact law enforcement.
There's also a FBI has a cyber Crimes Division, and
there's a cyber range that can help other governmentities immediately
(05:22):
contact somebody and seek help. In many cases, if we
find out about stuff really quickly, you know, within a
day or two, generally we can help get the money back.
In one case, we had a six million dollar loss
from a college, and by contacting the FBI and Secret
Service in US, we were able to work to get
all of the loss back. Because they were using ACH
(05:44):
transactions and using something called the Federal Reserve Jill program,
we were able to stop those ACCH transactions and get
the money back. Had that piscal officer buried their head
in the sand and said, oh my goodness. You know,
I don't want anybody to find out about this, that
money would have been gone. And so that's the first
thing I tell people is if you're a victim, say
something the other thing. And I never show for products.
(06:06):
So everybody just needs to take this with a grain
of salt. You know, it's not bad to look at
a LifeLock type product or one of those identity protection products,
particularly if you're in the public like you guys. You know,
it's not a bad investment to keep your identity at
least has some level of protection. Now, it doesn't guarantee
you're not going to be a victim, but it does
have a method of trying to help you get your
(06:28):
resources or get your information. Pack. The other thing to
tell you, and you mentioned this, don't click on links
look at the email. If you think you're getting an
email from Sam's Club and it's from somebody on Gmail,
click to see who that email is from. Hover over
that button, click the link, hover over the address, and
if it's some somebody on a Gmail, it's a scam.
(06:49):
One hundred percent. Costco doesn't use Gmail or Sam's doesn't
use Gmail to send you emails. The other thing to
look at is look at the email address that they
claim to be coming from or that they want you
to respond to. Oftentimes, now you have to have a
really good eye here. They will try and spoof the
email addresses. But they'll use an L for an I
(07:11):
or an I for an L, or they'll put something
else in there to you know, it will say Costco
Customer Service squiggly at you know, you know, Costco dot
DOUG or Costco dot GM or odd site. They're not
gonna they're not gonna use the official site. They're going
to try and spoof the email office. So so one
(07:31):
be cautious. Don't click on links, look at the the
from box, and then look at where they're trying to
send you very carefully. But the best advice is just
never click on a link.
Speaker 1 (07:40):
I saw one that was spoofed. It claimed you be
coming from Microsoft, and instead of the M on Microsoft,
it was a lowercase R next to an N, and
at first glance, Keith, it looked like an M, so
it was not coming from Microsoft. It was like our
N Microsoft, and they're getting real career. It's really kind
(08:01):
of troubling to see the links that they're going to
try to get into your bank accounts.
Speaker 2 (08:07):
Oh, they are really really good at social engineering and
really really good about tricking your eyes. We had a
loss for a port authority in Ohio that the email
purportedly asking the fiscal officer of the county to send
the money said hey, we changed our bank account from
Fifth Third to key Bank, and here's the bank address.
(08:27):
And so because the email purported to be from the
director of the port authority, the fiscal officer looked at
it and said, yeah, we'll send you the money at
the new bank account. Well, the port authority email address
had substituted one letter just one letter in the Port
authority email address, and it wasn't from the Port Authority
director ghosts, go figure, and so it costs him eighty
(08:49):
six thousand dollars. That's the kind of stuff you see,
and that's why we recommended a two step confirmation for
any vendory directs and we require that now you never
never ever accepted them to redirect request. And this is
for business too. Electronically or over the phone. You require
people to have two persons verifications so that the person
(09:10):
in the governmental entity that deals with them actually contacts affirmatively,
not through the email they sent, but from a phone
call or some other way the person that you know
and verify the accresses
And then of course today's cyber Monday, more spending expected
(00:02):
to do today online and that kind of opens up
the possibility of some scam. So let's bring in Ohio
Auditor of the States, Keith Favor joining us. Keith, good
to talk to you. Hope you had a nice Thanksgiving weekend.
What should people be worried about today on cyber Monday
to avoid being cybercrimed?
Speaker 2 (00:21):
Thanks for having me. It was a great weekend capped
off by a great buck guy win. And look right now,
scammers are really really good at social engineering. They will
convince you that they are who they say they are.
And so if it sounds too good to be true,
if it sounds like somebody's asking you for information that's personal,
(00:42):
don't give it to them. It probably is a scam.
Speaker 1 (00:44):
What are some of the red flags? If you're you know,
you're looking at your email inbox today and you're seeing,
you know, forty to sixty percent off all of these
great deals, and maybe the email looks a little fishy,
what what should people look for?
Speaker 2 (00:57):
Well, the first thing is is whenever somebody and we
all get these almost every day, and you're in box saying, hey,
you want to free grill from lows just answer our
survey questions. Or Sam's Club's going to give you a
free membership, or Costco's going to all of those are
generally fake. They're all scams. They're trying to get your information. Basically,
the best thing you can do is if you get
(01:18):
an email and you want to check somebody, go out
independently to the person's website, get out of the email.
Don't click a link, never click links. And so if
you think Costco's running a deal, go to costco I
mean go to costco dot com. I mean go out
to their own site. If you're not sure what their
site really is, search it on Google or go out
to your own search engine and go directly to the site.
(01:42):
But generally, and I know, today's a day everybody's looking
for the great deal, and so you're looking for some
kind of a deal, and so they're going to be
playing into that. And what they're really trying to do
isn't just to try and get your get you to
click on something and say, okay, I want to buy
you know, ninety inch big screen TV for twelve bucks. Okay,
you know that's probably a scam. But if they're trying
(02:04):
to convince you that they're giving you a deal that
isn't isn't frankly ever going to be delivered. If you're
ordering something from China, the good good luck trying to
get it, and so those kind of things you just
need to be wary. Keep a good track on your
credit cards to make sure your charges on your cards
are actually yours. Also, the other big thing is is
(02:27):
you need to make sure that when people contact you.
I probably was getting five to ten calls a day
from somebody trying to convince me that I would be
eligible for a better Medicare healthcare plan. Well the secret
is is I'm not Medicare eligible, So I knew all
of those were scams. And so you know, they're trying
(02:47):
to convince, particularly our senior citizens, that they're going to
give you a deal. And you know, I always say,
if you saw the Beekeeper movie, that wasn't too far
away from the truth. Well, the Jason Statham Park, you
know where we went and on all the people. That's
probably not accurate. But the part that scammers are trying
to take advantage of senior citizens to get them to
give them access to their crucial data is actually very
(03:11):
very true and happening all too often.
Speaker 1 (03:13):
Keith Favor, Auditor of the State of Ohio, our guest,
And you've got a special investigations unit that you oversee
and trying to keep people safe. What do they do
and how do they help keep us safe in the
State of Ohio.
Speaker 2 (03:27):
Yeah, people are always shocked to hear that the state auditor
has a criminal division. What we do is watch out
for government money, because just like the scammers are trying
to take advantage of Bob and Betty Buckeye, they're trying
to take advantage of your tax dollars too. And so
what we do is we go out and try and
catch people who are lying, cheating, and stealing with government money.
Since I've been auditor, we've now convicted one hundred and
(03:47):
fifty or so people for lying, stealing, and cheating with
government money. And they range from a couple county sheriffs
to fiscal officers to government employees across the board. But
as bad as employee theft and dishonesty is inside government,
cyber fraud is worse when it comes to government because
(04:07):
we lose more money to cyber criminals. People pretending to
be a legitimate vendor of your city, your county, your township,
and your township or cities sending them checks that the
money's gone. And we see that all too often. Almost
every week I see a six figure loss come through
from a city or a village or a township or
somebody that's had those kind of losses.
Speaker 1 (04:29):
Keith, I think the best thing you said was be
wary of clicking links. That's the first step is be
really sure that we know what you click is actually
going to take you to where you think it does.
But in a moment of weakness, as someone does do
something and maybe they go even the next step and
they start putting in you know, personal information, you know,
and god forbid, credit card information and they do get scammed.
(04:50):
What what's their next step? What can they do to
try to prevent some serious losses?
Speaker 2 (04:58):
Well, the number one thing is if you become a victim,
don't hide it. Immediately contact your local law enforcement, the
FBI if it's appropriate. If it's government, we require them
now by state law to contact us. To contact law enforcement.
There's also a FBI has a cyber Crimes Division, and
there's a cyber range that can help other governmentities immediately
(05:22):
contact somebody and seek help. In many cases, if we
find out about stuff really quickly, you know, within a
day or two, generally we can help get the money back.
In one case, we had a six million dollar loss
from a college, and by contacting the FBI and Secret
Service in US, we were able to work to get
all of the loss back. Because they were using ACH
(05:44):
transactions and using something called the Federal Reserve Jill program,
we were able to stop those ACCH transactions and get
the money back. Had that piscal officer buried their head
in the sand and said, oh my goodness. You know,
I don't want anybody to find out about this, that
money would have been gone. And so that's the first
thing I tell people is if you're a victim, say
something the other thing. And I never show for products.
(06:06):
So everybody just needs to take this with a grain
of salt. You know, it's not bad to look at
a LifeLock type product or one of those identity protection products,
particularly if you're in the public like you guys. You know,
it's not a bad investment to keep your identity at
least has some level of protection. Now, it doesn't guarantee
you're not going to be a victim, but it does
have a method of trying to help you get your
(06:28):
resources or get your information. Pack. The other thing to
tell you, and you mentioned this, don't click on links
look at the email. If you think you're getting an
email from Sam's Club and it's from somebody on Gmail,
click to see who that email is from. Hover over
that button, click the link, hover over the address, and
if it's some somebody on a Gmail, it's a scam.
(06:49):
One hundred percent. Costco doesn't use Gmail or Sam's doesn't
use Gmail to send you emails. The other thing to
look at is look at the email address that they
claim to be coming from or that they want you
to respond to. Oftentimes, now you have to have a
really good eye here. They will try and spoof the
email addresses. But they'll use an L for an I
(07:11):
or an I for an L, or they'll put something
else in there to you know, it will say Costco
Customer Service squiggly at you know, you know, Costco dot
DOUG or Costco dot GM or odd site. They're not
gonna they're not gonna use the official site. They're going
to try and spoof the email office. So so one
(07:31):
be cautious. Don't click on links, look at the the
from box, and then look at where they're trying to
send you very carefully. But the best advice is just
never click on a link.
Speaker 1 (07:40):
I saw one that was spoofed. It claimed you be
coming from Microsoft, and instead of the M on Microsoft,
it was a lowercase R next to an N, and
at first glance, Keith, it looked like an M, so
it was not coming from Microsoft. It was like our
N Microsoft, and they're getting real career. It's really kind
(08:01):
of troubling to see the links that they're going to
try to get into your bank accounts.
Speaker 2 (08:07):
Oh, they are really really good at social engineering and
really really good about tricking your eyes. We had a
loss for a port authority in Ohio that the email
purportedly asking the fiscal officer of the county to send
the money said hey, we changed our bank account from
Fifth Third to key Bank, and here's the bank address.
(08:27):
And so because the email purported to be from the
director of the port authority, the fiscal officer looked at
it and said, yeah, we'll send you the money at
the new bank account. Well, the port authority email address
had substituted one letter just one letter in the Port
authority email address, and it wasn't from the Port Authority
director ghosts, go figure, and so it costs him eighty
(08:49):
six thousand dollars. That's the kind of stuff you see,
and that's why we recommended a two step confirmation for
any vendory directs and we require that now you never
never ever accepted them to redirect request. And this is
for business too. Electronically or over the phone. You require
people to have two persons verifications so that the person
(09:10):
in the governmental entity that deals with them actually contacts affirmatively,
not through the email they sent, but from a phone
call or some other way the person that you know
and verify the accresses
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Are You A Charlotte?
In 1997, actress Kristin Davis’ life was forever changed when she took on the role of Charlotte York in Sex and the City. As we watched Carrie, Samantha, Miranda and Charlotte navigate relationships in NYC, the show helped push once unacceptable conversation topics out of the shadows and altered the narrative around women and sex. We all saw ourselves in them as they searched for fulfillment in life, sex and friendships. Now, Kristin Davis wants to connect with you, the fans, and share untold stories and all the behind the scenes. Together, with Kristin and special guests, what will begin with Sex and the City will evolve into talks about themes that are still so relevant today. "Are you a Charlotte?" is much more than just rewatching this beloved show, it brings the past and the present together as we talk with heart, humor and of course some optimism.