Beware Of Banking Scams

Scammers never take a break. They’re always dreaming up ways to con you out of yourImage of man using computer money. Recently, there’s been a significant uptick in scams involving checking accounts at many financial institutions.

In these scams, criminals will utilize social media to connect with the victim.

They usually pose as representatives of a bank or credit union and milk the victim for sensitive information, like account numbers and passwords. Since the scammers are using the credit union’s social media accounts, the victims often won’t hesitate to share this information. When the scammers have what they need, they will proceed to empty the victim’s accounts and then disappear.

Often, when the scammers receive a response from the victim on social media, they will redirect the victim to what appears to be the financial institution’s website. The victim, thinking they are on the site they frequently use, will quickly input their username and ID, which the scammers will then use to empty their accounts or open credit cards in the victim’s name.

Sometimes, the scammers will impersonate helpful member representatives who are seemingly looking to answer your questions. You’re used to our representatives being helpful and always on call to assist you, so you won’t see anything strange with the scenario.

Other times, the scammer may claim your account has been compromised and you need to immediately update your information. They’ll be oh-so-helpful with this step. Until you share your information with them, that is.

Still other times, scammers will pose as representatives of a sweepstakes or some other contest that you’ve “won.” All you need to do is share your account information and your passwords to be made into an instant millionaire! Except that, of course, you won’t.

Don’t be the next victim! Be aware and be alert. Here’s what you need to know about this scam:

1.) Check URLs

Scammers are becoming increasingly more suave at posing as companies their victims are familiar with. You can check a site’s authenticity by double-checking the URL on the web address. Make sure it matches Destinations Credit Union’s site exactly. You can also check a site’s security by looking for the “S” after the “http” on the web address.

2.) Be suspicious

Awareness can be your best protection. It’s easy for a scammer to pose as a member representative on social media, but if you’re on guard, you’ll spot these fakers. Is a representative claiming there are problems with your account when everything seems to be in order? Are they asking you to share sensitive information through insecure channels? Is someone promising you’ve won a contest you’ve never entered? If things don’t add up, it’s best to opt out.

3.) Reach out to your credit union

It may be difficult to determine whether the people you’re talking to are the real thing. If you think you’re dealing with Destinations Credit Union but things suddenly start looking fishy, there’s a simple solution. Hang up or log out of whatever medium you’re engaged in and call Destinations Credit Union yourself. You can always reach out to us at 410-663-2500. This way, you’ll know you’ve really reached us and you’re not being scammed. Be sure to call this number and never use another number suggested by a suspicious-acting “member representative.”

4.) In case of fraud, take action

If you suspect you’ve been taken for a ride, let us know as soon as possible. The sooner you catch a scam, the better off you’ll be. We’ll also be able to alert our other members and work on catching the crooks who’ve conned you.

It’s also a good idea to let the Federal Trade Commission (FTC) know about the scam. The more information you share, the easier it will be for the feds to nail those scumbags. Contact the FTC at FTC.gov.

5.) Protect yourself

It’s a good idea to practice basic safety and protective measures with your accounts.

Here’s how:

  1. Safeguard account details: Never share account information without being certain about who you are talking to.
  2. Use good password hygiene: Use complex passwords and change them often. Be sure to use different passwords for each of your accounts.
  3. Choose extra protection: Opt in for two-factor identification when logging into your accounts. That’s an extra level of protection for you and another hurdle for scammers to scale.
  4. Set up alerts: Choose to receive an email or a text message when transactions on your account exceed your typical level of spending.
  5. Monitor your accounts: It’s a good idea to check your accounts on a regular basis, and with our mobile app, this is now easier than ever. In most cases, you will be responsible for fraudulent charges on your account if you report them more than 60 days after your monthly statement is delivered.

SOURCES:
https://www.google.com/amp/amp.timeinc.net/fortune/2016/11/11/social-media-cyber-scam 

https://money.usnews.com/money/blogs/my-money/2015/01/23/5-scams-that-target-your-bank-account 
https://www.cnbc.com/2017/05/12/this-growing-fraud-will-drain-your-bank-account.html 
https://www.infosecurity-magazine.com/news/social-media-phishing-attacks-soar/ 
https://www.advantiscu.org/fraud-prevention/beware-of-phishing-scams-in-social-media.html

How To Spot A Credit Repair Scam

Repairing your credit can be an uphill battle. You’re looking at months of hard work, headache billsnegotiating with creditors, reworking your budget and identifying the factors that are making your credit score lag. In short, it’s a hassle and it takes lots of time.

Those two aspects are what makes credit repair scams so successful. They know you’re looking for a quick way out, and they’re offering it to you on a silver platter. Unfortunately, when they’re done with you, not only will your credit score be just as low as when you started, but you’ll also be out hundreds or thousands of dollars, and may even be facing criminal charges.

There are legitimate credit repair companies, but without educating yourself, finding them instead of the scammers who only want your money can be tricky.

Here are the most common warning signs of a credit repair scam:

1.) Demands upfront payment

Know your rights. Under the federal Credit Repair Organizations Act, credit repair companies are forbidden to request or receive payment until they’ve completed the services they’ve promised. If a company is demanding upfront payment, it’s surely a scam.

2.) Makes big promises

To lure you into their trap, many scammers make wild promises about your credit score. They may assure you that they can remove negative information from your credit report, even if that information is accurate and current. Don’t believe them; no one can do this.

They might also promise to boost your score a huge amount in just a few weeks or less. This, too, is absolute hogwash. You will never see an improvement on your score until at least 30 days has passed since you’ve taken action.

3.) Promises to help you create a “new credit identity”

This red flag should alert you to one of the most devastating credit repair scams possible. In these scams, companies promise to create a new credit identity for you in exchange for a fee. After you cough up the money, the company will provide you with a nine-digit number that’s similar to a Social Security Number. They may refer to this number as a CPN – a credit profile number or a credit privacy number. Alternatively, they may direct you to apply for an EIN – an Employer Identification Number – from the IRS.

Once you have your new number, the company will instruct you to use this form of ID to apply for credit. They assure you that the process is legal. In reality, though, it’s not – and you’ve just been scammed.

These companies are actually selling you a stolen SSN, often one belonging to a child. They walk away with the money you paid them, while you are stuck in a far deeper hole than when you first contacted them. It is a federal crime to misrepresent your Social Security number, to obtain an EIN from the IRS under false pretenses and to lie on a credit application.

Falling for a credit identity scam could mean facing fines or prison time. If you come across a credit repair company offering you a new identity, run the other way and don’t look back (and report them to the authorities)!

4.) Tells you not to contact the credit reporting agencies

Every U.S. citizen has the right to a complimentary report from the three major credit reporting agencies every year. If a company advises you not to contact these agencies directly, they will probably charge you for obtaining the report on their own. In other words, you will be paying for a free service.

5.) Tells you to dispute accurate information on your credit report

Disputing accurate information on your credit report is dishonest and illegal.

6.) Is evasive about your legal rights and their services

The Credit Repair Organization Act made it illegal for credit repair companies to lie about your legal rights and about their services. This law is enforced by the Federal Trade Commission (FTC). To comply with this law, credit repair companies are required to explain:

  • Your legal rights and clear details in a written contract of the services they’ll perform
  • Your three-day right to cancel the contract without charge
  • The anticipated amount of time it will take until results are evident
  • The total cost you will need to pay for their services
  • Their guarantee

If you’ve already hired a credit repair company and they haven’t lived up to their promise, you still have options.

You can choose to sue the company for your losses in federal court or seek punitive damages – money to punish the company for violating the law. You can also find other victims so you can band together and file a class action lawsuit against the company.

To protect others from falling prey to the same scam, it’s best to report it to your local consumer affairs office or to your state Attorney General.

It’s also advisable to file a complaint with the Federal Trade Commission. The FTC cannot resolve individual credit disputes, but it can take action against a company for multiple law violations. You can file your complaint online at ftc.gov/complaint or call 1-877-FTC-HELP.

Finally, if you’re in financial trouble of any kind, we can help! Stop by today to ask about our free credit counseling services and assistance with creating and sticking to a budget. [We even offer debt consolidation loans, providing you with the opportunity to transfer your debt to one low-interest loan, making the prospect of paying down your debt a lot more manageable.]

Your Turn: Have you been targeted by a credit repair scam? How did you spot the scam? Share your experience with us in the comments!

SOURCES:
https://www.consumerfinance.gov/ask-cfpb/how-can-i-tell-a-credit-repair-scam-from-a-reputable-credit-counselor-en-1343/
https://www.consumer.ftc.gov/articles/0225-credit-repair-scams
https://www.thesimpledollar.com/dont-fall-for-these-credit-repair-scams/
https://www.lexingtonlaw.com/blog/credit-repair/is-credit-repair-a-scam.html 

Beware Of Phishing Scams!

Scammers never take a break! Just when you think they’ve run out of steam, another *scam surfaces in which fraudsters try to quietly take both your money and information.

The Federal Trade Commission (FTC) has warned of a recent upsurge in phishing scams involving credit unions. With just a bit of online digging, scammers lure victims into forking over thousands of dollars or divulging confidential information.

Like all phishing scams, the scammer contacts the victim, posing as a legitimate business or service provider that the victim is familiar with. In this case, the scammers claim to be a representative of your credit union.

The fraudsters use social engineering to trap their victims. This means they take advantage of social norms to inspire trust and manipulate people into clicking on their links or answering their emails. It’s almost impulsive for people to download attachments that look like they’re from friends or a familiar business.

The scammers most commonly reach out via email, but they may also use mediums like phone calls, text messages or social media sites. They convince the victims of their legitimacy by providing some personal details about the victim – which they easily pull off the internet.

Victims are lured into providing information with the promise of compensation for a survey or by claiming the victim needs to verify or update an account. Once the scammer has the information, they can empty the victim’s accounts, track their online activity and/or steal their identity.

Alternately, the scammer may lead a victim to click on links that are embedded with spyware. The links lead to a website that may look just like the credit union’s site, but is actually bogus. In such instances, the victim is probably certain they’re browsing their credit union’s website, and won’t hesitate to share information or input usernames and passwords.

The biggest clue that these transactions are scams is their means of communication. Your credit union will never ask for sensitive information through insecure channels. We also won’t ask you to verify your account number – we already have that information!

Despite this red flag, hundreds of people are falling prey to phishing scams. Don’t be the next victim! Here are four tips to help you protect yourself from phishing scams:

1.) Ignore suspicious emails

When online, be on guard. If you receive an email from an unidentifiable source, ignore it. Don’t reply to the email, click on any embedded links or open attachments. If you suspect an email is from a scammer, delete it and add the domain and email address to your spam filter to prevent a recurrence.

Similarly, never “friend” or otherwise accept communications from a stranger via social media. Facebook and Snapchat are for real buddies only!

As a general rule, it’s best not to share any personal information over the internet. If you do need to provide financial information over the web for completing a transaction, only use a secured site. You can verify a site’s security by looking for a lock icon on the browser’s status bar or by finding a URL that begins with “https.” The “s” signifies that this is a secure site. Remember, though, that these indicators are not foolproof in any way. Even a secure site can be hacked.

2.) Alert Destinations Credit Union

The best way to stop scammers in their tracks is to report every attempt they make. If you have reason to believe you’ve been contacted by a scammer impersonating [credit union], let us know! Send us an email with all the details of the scam attempt so we can catch those crooks. It’s best to forward the exact email you received. If you’ve already deleted the email, report the date, time of day and all other details you can recall. The more we have to work with, the easier our hunt will be.

3.) Report all suspicious activity

While we will do all we can to stop these phishing scams, we can use all the help we can get. That’s why it’s important to file your complaint at www.ftc.gov. You can also visit the FTC’s Identity Theft website at www.consumer.gov/idtheft to learn how to minimize the fallout of a possible identity theft.

4.) Strengthen your computer’s protection

It’s always a good idea to beef up your computer’s border control. Equipping yourself with sufficient antivirus software will protect it from accepting these emails in the first place. If your software doesn’t update automatically, be sure to update it manually on a frequent basis so it will recognize and reject the most current viruses and scams.

A strong firewall will prevent scams and viruses by making you invisible on the internet and blocking all communication from foreign, unauthorized sources. It’s especially prudent to run a firewall if you use a broadband connection.

If you’re a genuine social media junkie, be sure to make your settings as private as possible. Don’t lay out your life for just anyone to see. Having another few hundred “friends” or “likes” is not worth the risk of a stolen identity!

Finally, as mentioned above, all suspicious email addresses should be added to your email’s blacklist as quickly as possible. Remember: Your spam filter is only as strong as you allow it to be.

With precaution, alertness and the proper steps toward prevention, you can keep yourself safe from phishing scams!

Your Turn: Have you ever reported suspicious emails or other messages? What made you flag it as a scam? Share your experience with us in the comments!

SOURCES:
https://www.navyfederal.org/security/phishing-scams.php 

https://www.mycreditunion.gov/protect/fraud/pages/default.aspx 
https://insightcreditunion.com/tools/fraud_prevention/how_not_to_get_hooked_by_a_phishing_scam.aspx 
https://www.mccoyfcu.org/security-center/fraud-and-scams.html 

Beware Of Inheritance Scams!


Who doesn’t dream of becoming an instant millionaire? You might even have some detailed plans for how you’d spend an unexpected windfall if it were to happen. Imagine if a distant relative who’d been rolling in the stuff suddenly passed on and left you as their sole heir. Your dreams could now become a reality! Wouldn’t you do anything to make that happen?
That’s what some underhanded scammers are counting on. Inheritance fraud has been around for a while, but scammers have recently made their ploy even more convincing.
If you’ve been targeted, you’ll receive a long-winded email from a foreign “lawyer” or “bank official” claiming that a long-distant relative of yours has just died intestate, making you the sole heir. You’ll be warned that immediate action is necessary to stop the government from seizing the money.
The letter will then go on to state that your inheritance is difficult to access due to government and bank restrictions, and that you’ll need to pay various fees as well as provide personal details for claiming it .
To make the email appear authentic, it will include identifying documents of the lawyer or bank official, such as a passport, along with legal documents, such as a power of attorney letter for you to sign. The scammer will also provide an overseas address for the bank in which the money is now being held. Recently, scammers have upped their game by using a local address for this step.
Unfortunately, there is no inheritance and the person contacting you is definitely not a lawyer or a bank official. If you respond to the fraudsters, they’ll start charging you various fees, which will gradually increase in size. They’ll remind you that this money will be small change for you once you receive the inheritance. They’ll also claim that all fees must be paid upfront before the inheritance money can be accessed.
Next, the scammers will ask you for your checking account information so they can finally transfer the millions of dollars that are supposedly coming to you. By this time, you may have already lost thousands of dollars to them. If you continue falling for their tricks and provide them with this information, you’ll open yourself to even more loss or identity theft. Of course, once they have this information, you’ll never hear from them again and all you’ll have left from the experience will be a massive loss.
Be on the lookout for these warning signs and protect yourself from becoming the next victim of inheritance fraud:
1.) The initial email
The email itself is your first clue that something is off. First, a bank official or a lawyer will never contact you via email over a matter of this magnitude. Second, if you take a close look at the wording, you’ll find many typos and grammatical errors. Third, if you’re asked to contact an email address using a public domain such as @yahoo.com or @gmail.com, that’s another alert. Banks and reputable law firms will use their own domains for security purposes.
2.) Personal documents
Is the “lawyer” overly eager to share their personal documents? Is the “bank official” willing to show you account statements from their institution? This is a huge red alert. Nobody, especially a bank official or lawyer, would ever share personal documents with a stranger. Surely they would not do so online or by email.
Never send money, give credit card information or copies of your personal documents to someone you don’t know, and especially not over the internet.
3.) Bogus bank
The scammer will always share the name and address of the bank where your supposed inheritance is being kept. You can do a quick Google search on the address provided to check its legitimacy. It will usually turn out to be a bogus address, or at least not an address at which a reputable financial institution exists.
Recently, a scam has been circulating in which the “Royal Bank” of Pittsburgh, Pennsylvania is the bank of choice. The address and bank do officially exist, but a bit of digging will reveal that the Better Business Bureau has rated this institution with an “F” because of its business practices.
4.) Overseas wire transfer
Never agree to an overseas payment with a stranger via money order, wire transfer, pre-paid debit card or electronic currency. Once these transactions have been made, it is nearly impossible to recover the funds.
Have you been scammed? If you suspect you’ve fallen victim, remember to contact Destinations Credit Union and your credit card companies immediately to minimize the damage. Also, be aware that you are now a likely target of other fraud, because fraudsters commonly share details of their victims.
Your Turn: How do you protect yourself from online and email fraud? Share your best tips with us in the comments!


How To Respond To ‘Can You Hear Me?’


“Can you hear me now?” is the once-popular tagline of Verizon commercials, but it’s also the headline of a new scam. Scammers making robocalls will ask some innocuous question. Once the targeted person says “yes,” a recording is made of the response and it is used to sign up the target for unwanted, expensive services. It’s a scheme that’s been targeted at businesses before, but it has now shifted targeting to individual consumers across the country. 

Scheme variants

Robocallers have gotten increasingly sophisticated over the years. They’re doing everything in their power to mimic real sales calls. A pleasant-sounding voice might ask an innocuous question, like “Can you hear me?” or “Are you a homeowner?” The objective is to get you to say “Yes.” That’s all the scammer needs.

The scammer may then send you an invoice for a service. They may also bill your phone number directly, or attempt to make a charge using your credit card. When you call to contest the charges, the scammer will use your recorded “yes” to intimidate you into paying.

Even if the scammer doesn’t successfully bill you, your “yes” can still be hurtful. Answering the phone and talking demonstrates that your number is a viable target for telemarketing. The scammer may bundle your information with other victims and sell it to other potential scammers.

How to avoid it

The easiest way to avoid being a target in this scam is not to answer your phone if an unknown number calls. For many people, though, that’s not an option. If you’re job hunting, freelancing or even selling things on Craigslist, unknown numbers represent opportunities. Not answering your phone could mean missing out on the job of your dreams.

Until you can figure out if you’re talking to a real person, it’s best to avoid giving straightforward answers. If someone asks if you can hear them, say “I can hear you just fine.” If they ask a personal question, ask them why they want to know. Both of these responses will throw a robocall or a call center employee off script, giving you an opportunity to see if it’s a real person calling with a real opportunity or a scammer wasting your time.

It’s also worth repeating that you should never give out personal information over the phone. Often, phone scammers will claim to be a representative of some government entity as an attempt to scare you into turning over your information. Don’t believe them. Unless you initiate the call, government officials don’t do business over the phone.

You can also register your number on the federal Do Not Call registry at www.donotcall.gov. That way, if scammers do call, you can report the number to the FTC. These complaints help the FTC to find and shut down people illegally using the phone system, and hopefully putting an end to these scams once and for all.

If you’ve been targeted…

There’s no way for a scammer to use a recording of your voice to do any serious damage, according to researchers at snopes.com. It’s more likely that the scammer will try to intimidate you into paying by claiming that the voice recording is authorization of charges. Know your rights: Unless you’ve given someone your payment information and explicitly authorized them to charge you, you’re not responsible for paying those bills. Don’t be intimidated into giving up payment information because of threatening language. These scammers can’t actually do anything to you.

It’s still a good idea to keep a careful eye on your account statements and phone bills, just in case. Most phone providers have what’s called “bill-through” service, where third-party charges will be placed on your phone bill. It’s how some apps work, but it’s also how an alarming number of scams work.

Through a practice called “cramming,” third parties can pile unauthorized charges on your phone bill. By keeping the charges small and the names innocuous, third parties can rack in millions across the country for services that consumers don’t want and didn’t agree to purchase. While illegal, it’s still a widespread problem because voice authorization can make it more difficult to dispute the charges.

Make sure you understand exactly the purpose of each item on your phone bill. If there’s anything you don’t recognize, call your phone provider immediately. Disputing charges early is the best way to get them off your bill and keep that money in your pocket.

Your Turn: What’s your best practice for identifying robocallers? Share your tips and tricks in the comments!


Stay Safe From These AirBNB Scams


Going on vacation should mean more than waking up in a different bed. It should also mean getting to see and know a place more like a local does. That’s part of the appeal behind room-sharing sites like the incredibly popular AirBNB. AirBNB lets anyone with a spare room become a host. As a guest, you can stay with a local and get a real sense of what a location is all about. Also, you can save quite a bit of money! 

However, the system is based on trust. Any time there’s trust, there’s some opportunistic crook waiting to make a quick buck by exploiting it. That’s certainly been the case with AirBNB. The Australian Better Business Bureau reported a six-fold increase in scams related to the room-sharing service in 2016. The service recently expanded its offerings, allowing users to book independently-run guided tours or experiences in addition to rooms, and this expansion has been part of the drive behind the increase. Before you book at AirBNB, make sure you keep yourself safe from these scams!
 

1.) Fake websites
An AirBNB host you were interested in sends you an email to check out a few other properties they have for rent. These properties come complete with reviews, official logos and other hallmarks of authenticity. There’s even a live chat service reassuring you that everything’s official and on the level. So, you think nothing of wiring a fee to reserve your room.
Everything’s fine until you go to confirm your reservation with AirBNB. They have no record of your transaction and don’t even have the properties listed. What happened?
A scammer capitalized on your trust by directing you to a fake booking website that’s not hosted by AirBNB. These groups go to extreme lengths to create accurate reproductions of the official site and have even fooled several veteran AirBNB users.
There are two ways to avoid this tactic. First, always check the URLs of sites you visit. Make sure you’re visiting a site where the word AirBNB occurs right next to the .com. If there are words between the two, you may be visiting a phony site! Second, only pay through AirBNB’s official checkout platform. They use modern encryption technology to keep your financial information safe. It’s a whole lot more secure than paying outside the system.
2.) Phony excursions
A new feature of AirBNB is the ability to book “experiences,” or days out on the town with locals. The site claims to be encouraging entrepreneurs by bringing in new clients for small businesses. For example, one Los Angeles resident offers pottery classes and guided meditation retreats for visitors. Another Sydney, Australia AirBNB user offers yoga retreats for guests.
While the expanded line of services is likely a boon to many small business owners, it also creates a new opportunity for scammers. Instead of needing a real property to hook potential victims, scammers can offer phony tours. While the company vets the potential tours carefully, it’s difficult for one company to monitor a distributed network of service providers.
Experiences are a behind-the-scenes look at a city and may appeal to many visitors. However, it’s always worth proceeding with caution. This service is new and experimental. Always check reviews (on a legitimate AirBNB site) before agreeing to pay for anything!
3.) External payment
AirBNB charges a 3% commission on all bookings done through the website. This may encourage some enterprising landlords to offer a discount in exchange for direct payment through a third-party processing site. Travelers on a tight budget might be tempted to save a few bucks this way. Those travelers would be shocked to find themselves out of luck when they get to their destination.
Resist the temptation. Payments outside the website don’t have any conflict resolution procedures, so there’s no guarantee you’ll have a room at all if you use one. AirBNB earns its 3% by mediating disputes between renters and hosts, so there’s a good reason to use the website’s services.
Also, no legitimate business will ask you to wire funds directly to their account. Given the prevalence of services like Square and PayPal, even the smallest business has the capacity to accept credit or debit cards. When you use a card, you have some recourse if your transaction goes wrong for some reason. After you wire money, it’s gone. Always insist on using a secured form of payment. If your host won’t go along, just walk away.
Your Turn: Have you ever used AirBNB or a similar service? What was your experience like? Share safety and savings tips with us in the comments!
SOURCES:

Watch For These Product Recall Scams!


When a company has to recall a product, it’s never pretty. Organizing refunds, exchanges, and other considerations for customers takes time. Meanwhile, the customers just want the product they bought to work as advertised. 

That combination of confusion and frustration creates the perfect opportunity for scammers to make an opportunistic buck. There are a number of ploys that criminals will use to steal money or information while using the cover of a product recall. 

1.) Discounted cellphones
 

If you’ve been following technology news, you know the Samsung Note 7 phones became so hot, they were melting on the inside. Samsung issued a product recall, stating you could just take your phone to your carrier’s store and exchange it for a new one.
Not everyone thinks that’s such a great deal, though. Either they’re not the original purchaser of the phone, or they bought it online and are having trouble getting the exchange. To recoup losses, they sell it online.
In the days after the product recall was announced, thousands of Note 7 phones went up on auction sites like eBay. They were selling for as little as half their market price. Getting 50% off a smartphone might sound like a good deal, especially when the seller promises the ability to trade it in for a phone of your choice. But buyer beware. There’s no assurance that second-hand buyers of the phone are eligible to participate in any refund program.
Before you buy a steeply discounted product, check to make sure there’s no recall on it. A quick online search should be all you need to see to it that the potential deal you’re getting isn’t going to blow up in your hands. If it feels too good to be true, it almost certainly is.
2.) Fake rebates
Sometimes, companies decide the best way out of a jam is to just write checks. They’ll compensate everyone who bought their product for the damages they caused, and move on to the next product. That’s been the strategy that car maker Volkswagen has employed in the wake of its emissions scandal.
Any time there’s money changing hands, scammers will be there trying to take advantage. In this case, it’s people trying to buy the recalled vehicles for less than the buyback price and hoping to turn a profit in the interim. In other cases, scammers have just posed as representatives of a company issuing a recall and pumped product owners for bank information so they could supposedly deposit the refund directly.
When getting a refund for a recalled product, only deal with the company directly. There are never processing fees or any other costs associated with getting a refund from a company, nor would any company refuse to send a check rather than making a direct deposit. If a product you recently purchased is being recalled, be proactive. Find out what steps you need to take to get your money, and take them. Then, you can safely ignore anyone who calls you with special instructions.
3.) Telephone number swaps
With large-scale product recalls, getting information from a company can be a headache. After all, everyone else who bought the same product is calling at the same time, and likely for the same reason. Long hold times can be a serious drain on your nerves and patience.
That was the thinking of a group of scammers after a major Toyota-issued recall. The scammers sent out an official-looking email instructing Toyota owners to call a number exactly one digit off from the official Toyota help line. Calls to this line were put on hold with a recorded message saying that all operators were busy. The message went on to explain that there was a premium help line available to recall participants. There was a $5.95 per minute charge attached to it, but that information went by so fast, many callers didn’t even hear it. Worse yet, people who called that fake premium helpline were then asked for personally identifiable information, like Social Security numbers.
Here, too, the best way to avoid being hooked in a scam like this is to do your own research. Find the company’s phone number yourself and call. Sure, you might have to wait on hold a while, but the alternative is to put yourself in jeopardy from scams like this one.
YOUR TURN: How do you deal with the frustration of a product recall? What tips do you have to keep your cool and keep yourself safe from scams like these? Let us know!
SOURCES:


It’s All Fun And Games ‘Til Someone Loses A Credit Card: Safety In Online Games


Before the cellphone era, gaming was a pretty secure business. You went to the store, bought a disk, a cartridge or deck of cards, and played it many times over until you grew bored of it. On the surface, today’s gaming seems like an improvement. The majority of gaming apps are free and they’re always available to play regardless to time and place. This convenience, though, does come with costs. 

Obviously, the news surrounding the robbery of “Pokemon Go” players in O’Fallon, Missouri is one type of threat that mobile apps can pose. Be aware of apps that others can use to predict your location, and always keep an eye on your surroundings. That will keep you safe from the most obvious threats, but not from all of them. 

It is incredibly convenient to have all your games on a single device you can keep in your pocket and have with you at all times. The downside is that everything else — your phone number, your email address, even your financial information — may all be on that device, too. With everything on one device, it’s become easier for online scammers to take what they want. Fortunately, there are some steps you can take to protect yourself. Be on the lookout for these three ways mobile games take your money, and know what you can do about them. 

1.) In-app purchases 

In-app purchases are deceptively simple. You “buy” a free game in the app store, thinking you got a bargain. You play the game for a few minutes, enjoying yourself as you assemble an army or destroy your friends at trivia or pop some bubbles. After a little while, though, you hit a snag — you’ve maxed out the number of games you can play in one day, and you’ll have to wait 24 hours to play again. You’re frustrated and upset. You’re willing to do anything you can to keep playing. And, lo and behold, the game offers you a solution. You can pay a small fee of $0.99 to continue playing — and paying. 

Unfortunately, there’s no simple solution to this one: Either you cough up the $0.99 or you don’t. In cases like this, sometimes the best move is just not to play that game. The golden rule of the internet works here, too: if you’re not paying for something, you’re not the customer. You’re the product. Don’t support business models that work on addiction and deception. Find a different game. Sometimes it’s even better to find a game you have to buy once to feel a little more secure in knowing you won’t have to keep buying up to keep playing. 

2.) Phishing scams 

This scam, too, starts with the purchase of an innocent-looking app. In order to use it, the app claims, you need to set up an account with the app manufacturer’s website. Citing security reasons, it says the account will ensure mysterious strangers cannot come in and mess up your process playing tic-tac-toe and hangman. All it needs is your email account, and then for you to create a username and password. You input your email account, you come up with a username, and then you use the password that you use for everything. Just like that, you’ve given a company you know nothing about access to all the details of your online life. Any other system you use that password for can now be compromised. 

Another version of the scam is the fake game login screen. An email looking like it’s from the game company will soon arrive. It will tell you to login through a link in the email to receive a fabulous in-game prize. Of course, there is no prize, and the email was a tool for scammers to collect your login information.

The best way to prevent this is through research. A quick search for the app you’re considering and the word safe is all you need. Look at the top three results. You can then make the smart decision about whether or both to give that app your email address.
3.) “Bonus credit” 
This one begins in the same way an in-app purchases scam does. You buy the app, you play the app for awhile, and it suddenly says you can’t play anymore today. In this case, though, it’s not that you’ve run out of time, it’s that you’ve run out of credits, coins, or some other form of in-app currency that lets you play the game. Once you’ve paid all your coins for the day, there’s nothing for you to do but wait. All you have to do to get more is watch an advertisement or take an IQ quiz. The advertisements are, surprisingly, almost always legit, but the “IQ quiz” will include an agreement to pay $10 a month on a phone bill!
This scam is especially sneaky because crooks don’t need access to a credit card number or a login. All that’s necessary is for one user on a family plan, even a child, to click through a service agreement without reading it carefully. Then, the whole family’s on the hook. If you don’t go through your bill carefully every month, these charges can add up, and fast.
For this one, awareness and common sense are the keys. Once you know that the quiz is a scam, simply avoid taking the quiz – at least the quiz that asks for your phone number. Avoid apps that ask you for purchases to play the game. Research apps before you give them any personal information.
The gaming industry has long passed the simplicity of Pong and Pac-Man, but as long as you keep your personal security your number one priority, they can still be just as fun.

SOURCES:
https://www.baekdal.com/opinion/how-inapp-purchases-has-destroyed-the-industry/
http://www.scambusters.org/onlinegamesscam.html

https://www.theguardian.com/technology/2016/jul/10/pokemon-go-armed-robbers-dead-body

Ransomware: The Modern Equivalent Of Being Tied To Train Tracks


When we think of ransom, we typically think of a black-and-white movie with a kidnapper leaving notes made from a variety of newspaper cuttings. Today, ransom is much less melodramatic, much more common and targets something you might not expect: your computer files. 

In late 2013, the ransomware threat was added to the list of things that can kill your computer alongside bugs and crashes. Hackers made a new bug that’s capable of taking over a computer, encrypting all its files and displaying a brief message demanding money to decrypt them. Sometimes, affected companies or individuals would pay up, the hacker would decrypt the computer as promised and everyone would be on their merry way. Victims would sometimes refuse to pay the fees in the given time and would then lose their valuable files forever. And sometimes, victims would fork over the cash, only to have the hackers disappear with the files still locked and therefore as lost as before the victims paid up.
One study estimates that in its first 100 days as a scheme, ransomware infected 250,000 computers. It earned the hackers a collected $6 million in bitcoins. If that trend continued, we can expect that they’ve hacked at least 24 million computers in the past two years. including one major hospital that reportedly forked over $17,000 to get its files back.
The original operator of ransomware, Cryptolocker, was shut down in May of 2014. Still, many ransomware copies arose shortly after and continues to wreak havoc. The program continues to evolve, now locking computers and displaying menacing countdowns to create a heightened sense of urgency to pay up.

The question now, of course, is what you should do to protect yourself. For starters, if the only computer you have to worry about is a private computer, ransomware is a less significant risk. Ransomware scammers tend to target computers of companies that have the capability to hand over large sums of money. If your computer handles the larger functions of a company, there are still some steps you can take to protect yourself.

1.) Don’t trust online solutions

For starters, there are many software programs that promise to completely rid your computer of ransomware, but those are best left on the virtual shelf. Ironically, some of those alleged file-saving downloads are actually ransomware in disguise. Your best bet is to backup your files however you can – onto an external hard drive, onto a separate computer or even on paper. Anything you do will ensure that, when the hackers come, you’ll already have those encrypted files elsewhere. It’s advisable to check at least once a month to ensure everything you need is safely backed up.

2.) Hold onto your money

While it might seem like the only option that gives you a chance to get your files back, the FBI has issued a statement asking people not to pay such ransoms. If hackers are paid, they have more incentive to continue, and payment really doesn’t influence whether they decrypt your files or not. “The FBI does not condone payment of ransom, as payment of extortion monies may encourage continued criminal activity, lead to other victimizations, or be used to facilitate serious crimes,” as FBI Special Agent Christopher Stangl elaborates in an interview. If you’re desperate for your files, paying may seem like the only option, but consider the difference that could be made if no one paid them anymore. Crime syndicates would be stopped without any work from the FBI.

3.) Call the cops, but don’t hold your breath

Many are currently asking whether anything significant has been done by the FBI to this point. This includes Sen. Ron Wyden, who wrote to James Comey, the director of the FBI, to ask how the agency intended to clean up the ransomware problem. Comey responded that they were making progress, but pointed out that making arrests wasn’t easy as “most of the top cybercriminal actors are located outside of the United States.” Still, he went on to assure Wyden that, “The FBI is committed to following the money in investigating all crimes with a financial component; ransomware is no exception.”

4.) Back up and stay safe

While the FBI has its best men on the task of catching these cyber culprits, it’s your responsibility to be as safe as possible until they do. Back your files up. Don’t click on any sketchy-looking links. Buy security that a trusted provider assures you is safe. Ransom is no longer a thing of black-and-white movies; but in the digital age, it’s still our job to protect ourselves.
SOURCES:
Photo Source:  From Barney Oldfield‘s “Race For A Life” 1913 Silent Movie.

http://www.pcworld.com/article/2901672/how-to-prevent-ransomware-what-one-company-learned-the-hard-way.html

Avoiding Scams In The Workplace: Keeping Yourself And The Rest Of Us Safe


Pop quiz: What do the data breaches at Target, Home Depot and Sony all have in common? Give up? They were all caused by employee errors. These, along with about 500 other breaches, are confirming what many security professionals have worried about for years. In the digital age, the weakest link in our information security is us: humans. The most common cause of data breaches around the world is employee error or negligence.

This kind of negligence can take a few forms. It can be an employee responding to a phishing email or downloading a piece of malicious software on a company computer. An employee could fail to adequately secure his login information (by, say, writing it on a sticky note and attaching it to the monitor) or could leave company technology vulnerable to theft.

As with many other complex, human-focused problems, no single solution can address this problem. There are structural and technological changes that can help mitigate the risks posed by employee error. While these changes are developed and implemented, here are three simple steps you can take to help keep your workplace safe from hacks. 

1.) Read something, say something 

Everyone thinks they can detect a scam. It’s a line of thinking called the general attribution error, that what’s true of “most people” can’t possibly be true of us and the people we know. We constantly believe we’re the exception rather than the rule, and our susceptibility to fraud demonstrates this well. Most people consider themselves intelligent, discerning Internet consumers. Yet, a recent Google study found that 45% of users fell victim to a fake login page.

Scammers wouldn’t keep using these tactics if they weren’t working, and even if you are savvy enough to spot 99 phishing attempts in a row, the one you miss is all it takes for another big data breach to happen. If you work at a company with 100 people who are all as adept as you are at catching these emails, every scam attempt works on one person on average. Worse still, some hacking attempts begin by sending out emails from the first victim to people on that person’s contact list. When that happens, one person falling victim to an attack can quickly increase the credibility of subsequent attacks.

The solution to the general attribution error is the power of collective wisdom. If you receive an e-mail that’s clearly an attempt to solicit sensitive information, don’t just delete it and move on. Forward it to your company’s IT representative. Mention it to a colleague. Ensure that everyone knows this scam is circulating at your company.

If you do fall victim to one of these hoaxes, don’t try to cover it up. You might face disciplinary action for opening malicious emails, but you will face disciplinary action if your login credentials are used to expose sensitive information! 

2.) Off the clock? Lock it up! 

The VA breach, one of the biggest data leaks that hit some of the most secure data in the nation, was caused when an employee improperly took confidential information home to continue working. The information was stolen and the integrity of the VA’s servers was compromised. Taking work home with you might be a good way to get ahead, but unless your home can provide the same level of security as your office, it’s just not worth it.

If you must take work outside the office, keep it in a secure place. Ideally, you should place it in a safe or locking file box. Failing that, keep it in a locking briefcase or other lockable container. If you’re working with paper copies, don’t forget to destroy or return them once you’re done.

If you have a standing arrangement with your employer to do some work remotely, there are still a number of steps you can take to keep your work technology safe. If you work on a laptop, invest in a cable lock. This piece of hardware works like a bicycle lock. You loop it around a heavy object and fit the lock into your computer’s power port. Should a dedicated thief rip the lock out of the port, the computer will be rendered inoperable, turning a catastrophe into a hardware replacement.

Also, don’t connect to unsecured wireless networks. Anyone can join these and set up monitoring software on them to steal data in transit. If you work on your home wifi, set up a security protocol. Don’t forget to change the default administrator password on your router. Most manufacturers have a default router password which would enable scammers to access your network. 

3.) Keep it out of the office! 

Most people spend at least some part of their work day browsing the Internet. Modern technology has made work more efficient, so some employees think they can do a little browsing during slow times. The problem is that recreational browsing can expose the office to risks.

Even the most tame hobbies can have risks. Searching for “download sewing templates” could take you to websites dotted with malicious software masquerading as innocuous archives and executables. If your interests run to games or gambling, the Internet can be a very dangerous place for your work computer.

If you’re interested in gaming, you might be tempted to load up a USB drive with a few fun titles. It’s very easy to accidentally save sensitive information to that USB, which becomes a liability. USB drives are the bane of IT security people everywhere, since they’re easy to lose, steal or swap.

If you have downtime at the office, stick to browsing sites you know and trust, or the ones permitted by your IT department. If you feel the need to explore the darker side of the Internet, be sure you do so at home where you can better control the sensitive information on your computer. 

Your Turn- 

One final way to beat the bad guys of the Internet is to work together with other good guys. Share your wisdom – your tips, tricks and experiences in keeping information safe! Let us hear from you: What are you doing to keep your workplace safe?

SOURCES:

https://www.entrepreneur.com/article/273221?utm_source=google-news&utm_medium=syndication&utm_campaign=google-editors-pick&google_editors_picks=true