5 Steps To Take After Being Hacked

Uh oh — you’ve been hacked! Finding out someone has cracked open your accounts and helped themselves to your information can be alarming, but there are ways to mitigate the damage while jump-starting your recovery process.

Here are five steps to take after being hacked.

Step 1: Assess the damage

First, take a step back and determine how much damage was done. Unfortunately, one hacked password can often be the gateway to multiple hacked accounts and even complete identity theft. This is especially true if you use the same password for several accounts, or use the hacked account or device for password recovery on other accounts. So, first things first: Review your credit card and account statements for any suspicious activity.  Also, try accessing your email, social media accounts and mobile devices to see if they’ve been hacked.

Step 2: Change your passwords

Once you know which accounts and devices have been hacked, change the passwords and PINs on these accounts. For an added measure of protection, it’s a good idea to change the passwords on all of your accounts that may hold sensitive information. Remember to choose strong, unique passwords for every account. A strong password uses a combination of letters, numbers and symbols; varies the use of capital letters; and does not use a piece of personal information that can easily be scraped off the internet, such as your date of birth or home address. You may want to use a password service like LastPass  or  StickyPassword to make this step easier.

While completing this step, consider signing up for two-factor authentication for any accounts that do not already have it in place.

Step 3: Protect your credit

Now that you’ve blocked the hacker(s) from your accounts, it’s time for damage control.

First, dispute any fraudulent charges on your compromised account(s). If necessary, have the account(s) locked, or even shut and/or deleted.

Next, place a fraud alert on your credit reports. This serves as a red flag to potential lenders and creditors, making it more difficult for the scammer to open up additional lines of credit or to take out a loan in your name.

Consider a credit freeze as well. This blocks potential lenders from accessing your credit report, making it impossible for the hacker to open new credit accounts in your name. (Note, you will need to lift the freeze for any legitimate credit you are applying for).

Step 4: Alert the authorities

You can alert the Federal Trade Commission (FTC) about a possible or confirmed identity theft at identitytheft.gov.  You’ll also find a detailed recovery plan on the site to help you repair your credit and reclaim your identity.

Hacking is usually done remotely, but it’s still a good idea to let your local law enforcement agencies know about the breach. This way, they can be on the alert if the hacker decides to assume your identity and use your credit cards in stores near your hometown.

Also, if you haven’t already done so, don’t forget to let Destinations Credit Union know what’s happened! Whether it’s a credit card that’s been stolen, a checking account that’s been breached or a social media account that’s been broken into, we’ll do all we can to protect your accounts. If you’ve been hacked, give us a call at 410-663-2500 to see how we can help.

Take additional precautions with your Destinations Credit Union credit and debit cards by using card controls in our mobile app. You can set up an alert to get a message each time your card is used. You can also temporarily or permanently lock your card from the mobile app.

Step 5: Proceed with caution

Once you’ve taken all necessary steps toward damage control and mitigation, you can start thinking about the future.

It’s important to keep a close eye on your accounts for the next month. Look out for any suspicious activity on all accounts, including charges you don’t recall making, large withdrawals of cash and even new loans being opened in your name. If you find any fraudulent activity, be sure to let the account holders know and to follow the steps suggested above.

If you’ve opted to go with a credit freeze, it will generally lapse after 90 days. If your accounts are determined to be safe, consider opening new lines of credit now to jump-start the recovery of your credit health.

If the hacker went all out and stole your identity, it’s best to follow the recovery plan outlined by the FTC . This plan may include replacing your Social Security number, driver’s license and more.

Getting hacked is never fun, but taking immediate and decisive action can help mitigate the damage, as well as speed up the recovery process.

Your Turn: How have you dealt with your accounts being hacked? Tell us about it in the comments.

Sources:
https://www.allthingssecured.com/identity-protection/what-to-do-when-youve-been-hacked-step-by-step-guide/
https://digitalguardian.com/blog/data-breach-experts-share-most-important-next-step-you-should-take-after-data-breach-2014-2015

IRS Reveals List of “Dirty Dozen” Tax Scams for 2020

Each year, the IRS publishes the “Dirty Dozen,” a list of tax scams most prevalent during Hands on computer in shadowsthat year’s tax season. This year, with COVID-19 pushing off the federal tax deadline to July 15, the IRS held off publishing the list until early July, and of course it’s loaded with COVID-19-related scams.

Whether you’ve filed for an extension, you’ve had your taxes filed for months or you’ve gotten them in just in time at the mid-July deadline, be on the lookout for the Dirty Dozen of 2020, which continues spreading for months after Tax Day.

1. Phishing: Fake emails or websites impersonate the IRS in an attempt to steal information about refunds or Economic Impact Payments (EIPs).

Protect yourself: The IRS will never initiate contact with taxpayers via email. Be extra wary of any websites and emails making heavy use of COVID-19 terms like stimulus, coronavirus and Economic Impact Payment.

2. Fake charities: Criminals exploit the fear and uncertainty surrounding the pandemic to set up bogus charities that rob innocent victims who believe they’re helping the unfortunate. The “charity” may even claim to be working on behalf of the IRS to help victims of the virus get their tax refunds.

Protect yourself: Charities with familiar-sounding names that aggressively market themselves are often bogus charities trying to make donors believe they represent the actual well-known organization. They will also refuse to provide an Employer Identification Number (EIN) when asked, and will not have a positive review on sites like Charity.org. Taxpayers can also search for legitimate charities using the IRS charity search tool.

3. Threatening impersonator phone calls: An alleged IRS agent threatens the victim with arrest, deportation or license revocation if taxes are not paid immediately by prepaid gift card or wire transfer.

Protect yourself: The IRS will never threaten a taxpayer or demand immediate payment over the phone. It also will not insist on being paid via gift card or wire transfer.

4. Social media scams: Scammers use information that can be found on social media platforms for a variety of scams, including the impersonation of the victim’s friend to get at the victims’ more private information. This ruse often ends in tax-related identity theft.

Protect yourself: The victim’s “friend” will claim to be in a compromised position and to urgently need the victim’s personal information. When contacted privately, though, the “friend” will have no knowledge of the interaction.

5. EIP or refund theft: Scammers steal taxpayers’ identities, file false tax returns in their names and pocket their refunds and their EIPs.

Protect yourself: Personal information should never be shared online with an unverified contact, even if the contact promises to assist in tax filing or receiving the EIP.

6. Senior fraud: Scammers, or long-term caregivers of the elderly, file tax returns on their behalf and then pocket the refunds and EIPs.

Protect yourself: Seniors should be wary of bogus emails, text messages and fake websites asking them to share their personal information.

7. Scams targeting non-English speakers: Scammers impersonate IRS agents and target non-English speakers, threatening jail time, deportation or revocation of the victim’s driver’s license if an immediate tax payment is not made. The victims have limited access to information and often fall for these scams.

Protect yourself: The IRS will not threaten taxpayers over the phone or insist upon immediate payment.

8. Unscrupulous return preparers: Alleged tax preparers will reach out to the victim and offer their services. Unfortunately, though, they will steal the victim’s personal information, file a tax return on their behalf and pocket the refund, or promise inflated refunds for a bigger fee.

Protect yourself: If a tax preparer is not willing to share their preparer Tax Identification Number (TIN), they are likely to be a scammer. Also, if the alleged preparer promises credits and deductions that sound too good to be true, they probably are.

9. Offer in Compromise scams: Bogus tax debt resolution companies make false claims about settling tax debts for “pennies on the dollar” through an Offer in Compromise (OIC) in exchange for a steep fee.

Protect yourself: An OIC that sounds outrageously attractive is likely bogus. Taxpayers can use the IRS’s OIC tool to see if they qualify for an authentic offer.

10. Fake payments with repayment demands: A scammer steals a taxpayer’s personal information, files a fake tax return on their behalf and has the refund deposited into the taxpayer’s checking account. The scammer then calls the victim impersonating the IRS and claiming the refund was mistakenly inflated, so the victim must return the extra funds via gift card or wire transfer. Of course, this money will go directly into the scammer’s pockets.

Protect yourself: Refund checks will never be deposited in a taxpayer’s account if they have not filed taxes. Also, the IRS does not demand payment by a specific method.

11. Payroll and HR scams: Scams target tax professionals, employers and taxpayers to steal W-2s and other tax information. They will then impersonate the employee and request to change their direct deposit information for their paychecks.

Protect yourself: If an employer or HR representative receives a request for a direct deposit change, it’s best to check with the employee directly to see if the request is legitimate.

12. Ransomware: Malware infects a victim’s computer, network or server, and tracks keystrokes and/or other computer activity. Sensitive data is then encrypted and locked. When the victim tries to access their data, they’ll receive a pop-up message demanding a ransom payment for the return of their information.

Protect yourself: Links embedded in emails from unverified sources should never be opened. Tax software should not be downloaded unless it features multi-factor authentication.

Don’t be a victim of the dirty dozen! Stay alert and stay safe.

Your Turn: Have you been victimized by a tax scam? Tell us about it in the comments.

Sources:
https://www.irs.gov/newsroom/irs-unveils-dirty-dozen-list-of-tax-scams-for-2020-americans-urged-to-be-vigilant-to-these-threats-during-the-pandemic-and-its-aftermath
https://abcnews4.com/news/local/irs-reveals-dirty-dozen-list-of-tax-scams-for-2020

Beware Back To School Tuition Scams

Back-to-school season means a flurry of shopping — and a flurry of scams. Scammers young man studyingknow that students and their parents are caught up in a frenzy of preparations and errands and are, therefore, more likely to fall victim to schemes. As you get ready for school (whether online or in-person), look out for these scams targeting college students and parents of private school students that tend to peak before the start of the school year.

The tuition fee scam

How it plays out: A college student, or the parent of a private school student, receives a phone call from a caller introducing themself as a secretary or administrator at their school, or their child’s school. The caller claims the student or parent owes tuition fees and will not be allowed to return to school for the coming semester unless the fees are paid. They may explain that a tuition check has bounced or that a credit card payment didn’t clear. Alternatively, the caller claims the student’s grant or scholarship was abruptly canceled and the student is now being billed for the full tuition fee.

The caller insists on being paid the outstanding sum immediately or the student will lose their spot in the school. The “secretary” or “administrator” provides the victim with detailed information for wiring money or dropping off the cash at a private address. Of course, once the money is sent, it will never be seen again.

Protect yourself: This scam is easy to spot because most schools will not insist on immediate payment, or payment through a wire transfer. If you receive a call like the one described above, ask the caller detailed questions about the school, their position and the money owed. If it’s a scam, the caller will not be able to answer well. You can also explain that you need to see the actual bill before making any payments, and that you’d like to pick up the bill yourself from the school. Finally, you can insist on calling the school directly to make the payment.

The student tax scam

How it plays out: In this scam, someone allegedly representing the IRS calls a college student at a public university and claims they neglected to pay their student tax. The caller explains that the student tax helps fund the university and that failure to pay this tax can result in disqualification from class and possible imprisonment. They will insist on immediate payment via prepaid gift card or wire transfer.

Protect yourself: You can spot this scam by remembering that the IRS will always first contact people by mail. Also, the IRS won’t insist on being paid through gift card or wire transfer.

The scholarship scam

How it plays out: A scammer reaches out to a college student telling them they’ve been guaranteed approval for a scholarship or grant. The only catch is that the student must pay a hefty fee to receive it. Unfortunately, the scholarship is bogus and, if the victim falls for the scam, they will never see that money again.

In a similar scam, a victim is instructed to pay a fee to a company that will allegedly file a Free Application for Federal Student Aid (FAFSA) form in their name. Of course, no FAFSA form will be filed, and the money paid for this “service” will go directly into the scammer’s pockets.

Protect yourself: Student scholarships and grants are designed to help students and their parents pay for education; they don’t charge for eligibility. If an alleged scholarship claims to charge a fee before granting approval, it is most certainly a scam. Also, no company will guarantee approval for a scholarship or grant; there is always a vetting process of some kind before eligibility is determined. Finally, there is no reason to pay to have a FAFSA form filed; it can be completed easily online here.  For additional help, college students can contact the financial aid office at their university.

Scammers are out in full force before the start of the school year. Don’t let them make the grade! Stay alert and stay safe.  Visit the Fraud Page on Destinations Credit Union‘s website for resources to stay informed.

Your Turn: Have you been targeted by a back-to-school scam? Tell us about it in the comments.

 

Beware of Coronaviris Scams

Scammers are notorious for capitalizing on fear, and the coronavirus outbreak is no man in a medical maskexception. Showing an appalling lack of the most basic morals, scammers have set up fake websites, bogus funding collections and more in an effort to trick the fearful and unsuspecting out of their money.

The World Health Organization (WHO) has published on its website a warning against email scams connected to the coronavirus. The agency claims it has received reports from around the world about phishing attempts mentioning coronavirus on an almost daily basis.

Closer to home, the Federal Trade Commission (FTC) is warning against a surge in coronavirus scams, which are being executed with surprising sophistication, so they may be difficult for even the keenest of eyes to spot.

The best weapons against these scams are awareness and education. When people know about circulating scams and how to identify them, they’re already several steps ahead of the scammers. Here’s what you need to know about coronavirus-related scams.

How the scams play out

There are several scams exploiting the fear and uncertainty surrounding the virus. Here are some of the most prevalent:

The fake funding scam

In this scam, victims receive bogus emails, text messages or social media posts asking them to donate money to a research team that is supposedly on the verge of developing a drug to treat COVID-19. Others claim they are nearing a vaccine for immunizing the population against the virus. There have also been ads circulating on the internet with similar requests. Unfortunately, nearly all of these are fakes, and any money donated to these “funds” will help line the scammers’ pockets.

The bogus health agency

There is so much conflicting information on the coronavirus that it’s really a no-brainer that scammers are exploiting the confusion. Scammers are sending out alerts appearing to be from the Centers for Disease Control and Prevention (CDC) or the WHO; however, they’re actually created by the scammers. These emails sport the logo of the agencies that allegedly sent them, and the URL is similar to those of the agencies as well. Some scammers will even invent their own “health agency,” such as “The Health Department,” taking care to evoke authenticity with bogus contact information and logos.

Victims who don’t know better will believe these missives are sent by legitimate agencies. While some of these emails and posts may actually provide useful information, they often also spread misinformation to promote fear-mongering, such as nonexistent local diagnoses of the virus. Even worse, they infect the victims’ computers with malware which is then used to scrape personal information off the infected devices.

The phony purchase order

Scammers are hacking the computer systems at medical treatment centers and obtaining information about outstanding orders for face masks and other supplies. The scammers then send the buyer a phony purchase order listing the requested supplies and asking for payment. The employee at the treatment center wires payment directly into the scammer’s account. Unfortunately, they’ll have to pay the bill again when contacted by the legitimate supplier.

Preventing scams

Basic preventative measures can keep scammers from making you their next target.

As always, it’s important to keep the anti-malware and antivirus software on your computer up to date, and to strengthen the security settings on all of your devices.

Practice responsible browsing when online. Never download an attachment from an unknown source or click on links embedded in an email or social media post from an unknown individual. Don’t share sensitive information online, either. If you’re unsure about a website’s authenticity, check the URL and look for the lock icon and the “s” after the “http” indicating the site is secure.

Finally, it’s a good idea to stay updated on the latest news about the coronavirus to avoid falling prey to misinformation. Check the actual CDC and WHO websites for the latest updates. You can donate funds toward research on these sites as well.

Spotting the scams

Scammers give themselves away when they ask for payment via specific means, including a wire transfer or prepaid gift card. Scams are also easily spotted by claims of urgency, such as “Act now!” Another giveaway is poor writing skills, including grammatical errors, awkward syntax and misspelled words. In the coronavirus scams, “Breaking information” alerts appearing to be from health agencies are another sign of a scam.

You can keep yourself safe from the coronavirus by practicing good hygiene habits and avoid coronavirus scams by practicing healthy internet usage. Keep yourself in the know about the latest developments.

At Destinations Credit Union, we will never e-mail or phone you asking for personal information.  If you call us, we will verify that you are who you say you are by asking questions.  If you get an e-mail and you are unsure if it is legitimate or not, don’t click!  Go directly to the website of the legit organization or call them.

Your Turn: Have you been targeted by a coronavirus scam? Tell us about it in the comments.

All You Need to Know About Data Breaches

If you follow the news, you’ll note that there seems to be another major data breach person typing on keyboard with graphic locks over the imagemonopolizing headlines every week. The details vary, but in each breach, thousands, millions or even billions of victims’ sensitive information is compromised, and they’re now vulnerable to identity theft unless they take immediate action.

Here at Destinations CU, your financial success and safety is our primary goal. To help keep your information and your finances secure, we’ve compiled a comprehensive guide on data breaches.

What is a data breach?

Data breaches occur when sensitive information is accessed or used without authorization. Factors like a wealth of online data and sophisticated hacking tools have spurred a steep increase in data breaches in recent years, causing tremendous damage to individual consumers and businesses across every industry.

Data breaches occur by exploiting vulnerabilities in a company’s security system. Alternatively, an employee can be tricked into giving a cybercriminal access to the company’s network.

The goal of most data breaches is to obtain personal information, like names, email addresses and passwords, as well as financial information, like credit card numbers and account details. This information is used by criminals to steal identities and empty accounts, or sold to other criminals who will then do so.

While major data breaches make headlines, according to the Identity Theft Resource Center, there is an average of three data breaches each day, most of which will never even make the news.

After a data breach

Whenever you hear about a major data breach that can possibly affect you, it’s best to monitor your accounts for suspicious activity. In most cases, you will be notified by the victimized company if your data has been compromised; however, it helps to keep an eye on your accounts even if you haven’t been contacted so you can minimize your loss by acting quickly if your are among the unfortunate victims.

If you’ve been victimized by a breach

If you’ve been informed your information is compromised by a data breach, take the following steps immediately:

1. Freeze your credit
Placing a freeze on your credit is the most crucial step you can take to stop scammers from getting at your information. A credit freeze will not bring down your credit score, but it will serve as a red flag for lenders and credit companies by alerting them to the fact that you may have been a victim of fraud. This added layer of protection will make it difficult, or impossible, for hackers to open a new credit line or loan in your name.
You can freeze your credit at no cost at all three of the major credit bureaus, Equifax, Transunion and Experian. You’ll need to provide some basic information and you’ll receive a PIN for the freeze. Use this number to lift the freeze when you believe it is safe to do so.

2. Change your passwords
Most people are on the alert following a major data breach, but they tend to let their guard down once the heat is off and things calm down. Hackers know this, and they’ll often hold onto victims’ information immediately following a data breach and then sell it months down the line to other identity thieves. To protect your accounts from a delayed-reaction hack, change all of your passwords after a breach that possibly has affected you.

3. File an identity theft report
Unfortunately, these protective measures can sometimes be too little, too late. If your accounts have been compromised, and you believe your identity has been stolen, file an identity theft report with the Federal Trade Commission (FTC) as soon as possible. This will assist the feds in tracking down your hacker(s) and returning your finances to their usual state as quickly as possible.

Protecting your information

There’s no fool-proof way to protect yourself from a data breach, but following these simple steps can help keep your information as safe as possible:

Monitor your credit. Check your credit accounts for suspicious activity on a regular basis. You can request a free credit report from each of the three major credit bureaus once a year at AnnualCreditReport.com. You may also want to consider signing up for credit monitoring, a service that will cost you $10-30 a month for the promise of notifying you immediately about any suspicious activity on your accounts.

Use strong, unique passwords. Use a different password for each account, and choose codes that are at least eight characters long. Also, use a variety of numbers, letters and symbols. Vary your capitalization use as well, and don’t utilize any portion of your name, phone number or a common phrase as your password. Using a password manager like Dashlane or iPassword can also help keep your information safe. It’s also a good idea to choose two-factor authentication when possible, and non-password authentication, such as face recognition or fingerprint sign-in, for stronger protection.

Browse safely. Never share sensitive information online and always keep your security and spam settings at their strongest levels. Make sure your devices are fully updated at all times. It’s also a good idea to keep your social media accounts as private as possible.

Destinations Credit Union has tools to help you prevent unauthorized use of your account.  In our mobile app, you can sign up for card controls and get notified each time your debit or credit card is used.  In addition, you can get group pricing, as a Destinations Credit Union member, on ID Shield, which helps restore your identity in the event of a theft.

Hackers never stop trying to get at your data, but with the right protective measures in place, you can keep them from seeing success.

Your Turn: How do you protect yourself from data breaches? Share your tips with us in the comments.

Sources:
https://www.forbes.com/sites/nicolemartin1/2019/02/25/what-is-a-data-breach/amp/
https://www.malwarebytes.com/data-breach/
https://www.experian.com/blogs/ask-experian/what-is-a-data-breach/

 

Should I Lend Out My Credit Card? 

Q: Some of my friends keep asking to borrow my credit card and I’m wondering if this iswoman with credit card a good idea. Should I be lending out my credit card?

A: While circumstances vary, lending out your credit card to friends and family is generally not a recommended practice.

Here are six reasons to say no when a friend, partner or family member asks to use your credit card:

  1. You’re making yourself vulnerable to fraud

While it is not against the law to lend out your card, you are likely breaking the rules of your credit card contract by doing so. Worse, you’re opening yourself up to unprotected fraud.

Federal law puts the cap on credit card holders’ liability for fraudulent charges at $50. In addition, many credit cards offer extra protection against fraud to keep you covered; however, none of these laws and stipulations apply if you’ve willingly lent out your card and fraud ensued. If your friend lost your card, was irresponsible with keeping its information secure or was simply in the wrong place at the wrong time and your card was hacked through no fault of their own, you’ll have to bear the brunt of that fraud. Even a zero-liability policy will not protect you if you’ve performed an act of “gross negligence”-which includes lending out your card.

  1. It can hurt your credit score

If your friend, partner or family member is asking to use your credit card for a purchase, there’s a good chance their own credit is shot. If your credit is still in good shape, why risk hurting your score by allowing someone who has proven to be an irresponsible spender to use your card?

  1. You’ll enable bad habits

The borrower is likely in the position of needing to borrow a card because of a reckless lifestyle and a buildup of irresponsible habits. You might think you’re being a good friend by helping them out in their time of need when, in reality, you’re only enabling them to continue on their path of self-destruction. You’ll be a truly good friend by showing some tough love and saying no.

  1. Payback time trouble

What happens when it’s time to pay that credit card bill and it’s a lot bigger than usual thanks to your friend’s spending spree? You might chase after your friend, asking for payment, only to have them respond by claiming you only need to pay the minimum payment right now, so they don’t need to pay it all back now. They may argue that you need to make that payment each month regardless of their spending, conveniently forgetting or playing dumb to the fact that interest is accruing on their purchase until it’s paid off.

This can go on for months as they continue procrastinating. They’ll reassure you that they haven’t forgotten the loan-they’re only waiting to land that dream job, get that raise they’ve been chasing or win the lottery. But until that happens, you’re left holding the bag.

It gets even stickier. Your friend may not understand that spending money on a credit card can mean paying back a lot more than the actual cost of the purchase. A prolonged balance on a credit card collects cumulative interest. Who’s responsible for paying that interest, you or your friend? While it’s your card, your interest expenses can increase a lot due to the large outstanding balance created by your friend.

However, if your friend believes they’ve only borrowed the amount they used to make their purchases, you’ll essentially be paying for the privilege of lending money.

  1. You’re putting your relationship in jeopardy

If you value your relationship with the person asking to use your credit card, you’ll turn down their request. By agreeing to let them use your card, you’re taking the risk of putting an unpaid loan between you and this person in position to ruin the relationship you share. You’ll feel awkward asking your friend to repay the loan yet again, and your friend may avoid your company when you’ve asked to be repaid one time too many. Why ruin a valuable relationship over a request you should have refused?

  1. You’re opening yourself up to repeat requests

Once you’ve gone down the road of lending out your credit card, it’ll be difficult to retrace your steps and learn how to say no. The original borrower may make a habit out of asking you to lend out your card, and other friends or family members who’ve heard about the arrangement may ask you to grant them the same privilege. Be strong and firm the first time you’re asked to lend out your credit card and you’ll better avoid facing the uncomfortable predicament of needing to turn down family and friends.

Your credit cards are personal objects marked with your own name. When friends, partners or family members ask to borrow your cards, just say no!

Your Turn: Do you think there’s ever a time to lend out a credit card? Share your thoughts with us in the comments.

SOURCES:
https://www.moneycrashers.com/why-you-should-not-lend-money-to-friends-and-family/

https://www.marketwatch.com/story/this-is-why-you-should-never-lend-someone-your-credit-card-2018-03-10
https://www.creditcards.com/credit-card-news/sandberg-lending-credit-card-relative-responsible-1377.php

How To Recognize And Protect Yourself From Scams   

Scammers are always trying to con victims out of their information and money. They are,woman looking at tablet sweepstakes scam unfortunately, often successful. Scammers are expert impersonators, using sophisticated technology and their best acting skills to convince you they represent a business, institution or government agency you may trust. They also tend to prey on the most susceptible victims, including those who are down on their luck or are exceptionally naïve and trusting.

Here at Destinations Credit Union, our biggest priority is your financial wellness, and that includes keeping you and your money safe. To help you achieve it, we’ve put together this guide about recognizing the signs of fraud and protecting yourself from scams.

Five red flags of scams

While the details surrounding the way a scam plays out can vary greatly, most follow a similar theme. They try to get victims to share personal information or to pay for a service or product that doesn’t exist. Here are five ways to spot a scammer:

  1. They demand detailed information before agreeing to process an application. A favorite ploy among scammers is asking for sensitive, non-public information like your date of birth, Social Security number and login information for online accounts. They will typically do this before processing any application for an alleged product, service or job.
  2. They insist on a specific method of payment. If an online seller or service provider will only accept payment through a wire transfer or a prepaid debit card, you’re likely looking at a scam.
  3. They send you a check for an inflated amount. Another favorite trick among scammers is to overpay a seller or “employee,” and then ask the victim to return the extra money. In a few days’ time, when the original, inflated check doesn’t clear, the victim realizes they’ve been conned but it’s too late to get back the “extra” money they returned.
  4. You can’t find any information about the company the caller allegedly represents. A scammer representing a bogus business can easily be uncovered by doing a quick online search about the “company.”
  5. You’re pressured to act now. Scammers are always in a rush to complete their ruse before you catch onto their act.

Who are the targets?

Scammers usually cast a wide net to ensnare as many victims as possible. However, lots of scams focus on a subset of highly vulnerable targets. Here are some of the most common targets of scams:

  • The unemployed. The internet makes it easy for scammers to learn that you’re looking for a job. If you’re job hunting, be careful not to respond to any emails offering you a “dream position” you never applied for or even knew about.
  • The aging. Older people are another favorite target for scammers. Retired individuals often spend lots of time online, making them more vulnerable to scams. Also, as relative newcomers to the online world, they may be less aware of the dangers lurking on the internet.
  • Children. Sadly, the youngest members of society are another huge target pool for scammers. Children are naturally trusting and will more readily share information with strangers, which can then be used to steal their identity. Small children will likely not be checking their credit for years, which means a stolen identity can go unchecked until the child grows into a young adult. By that time their credit can be wrecked, almost beyond repair.

What do scams look like?

Here are some of the most common scams:

  • Cyberhacking. In this scam, hackers gain remote access to your computer and proceed to help themselves to your personal information.
  • Phishing scams. Scammers bait you into sharing personal information via a bogus job form, an application for a service they allegedly provide or by impersonating a well-known company or government agency.
  • Mystery shopper. A bogus company will “hire” you to purchase a specific item in a store and then report back about the service experience. Before you get started, though, you’ll have to pay a hefty fee, which you’ll never see again.
  • Job offers. Scammers “hire” you for a position and then scam you by sending you an inflated check, as detailed above.
  • Sweetheart scams. A scammer pretending to be an online lover will con you into sharing your personal information and/or sending them money and gifts.
  • Fraudulent investments. Scammers reach out to potential investors with information about lucrative investments that don’t exist.

10 ways to protect yourself from scams

Keep yourself safe by following these rules:

  1. Never share personal information online.
  2. Don’t open unsolicited emails. If you already have, don’t click on any embedded links.
  3. Never send money by insecure means to an unknown party.
  4. Protect your devices by using the most up-to-date operating systems, choosing two-factor authentication and using strong, unique passwords for every account.
  5. Choose the strongest privacy settings for your social media accounts.
  6. Keep yourself in the know about the latest scams and learn how to protect yourself.
  7. Educate your kids about basic computer safety and privacy.
  8. If you have elderly parents who spend time online, talk to them about common scams and teach them to protect themselves.
  9. Don’t take the identity of callers at face value, even if your Caller ID verifies their story. If a government agency, utility company or financial institution reaches out to you and asks you to share personal information, tell them you’ll contact them on your own and then end the call.
  10. Never accept a job or agree to pay for a purchase or service without thoroughly researching the company involved.

Above all, remember the golden rule of scams: If it’s too good to be true, it’s probably a scam.

Once an individual falls prey to a scam, there is very little that can be done to mitigate the loss. Full financial recovery can take years. It’s best to protect yourself from scams before they happen by educating yourself and asking [credit_union] for help.

Your Turn: How do you keep yourself safe from scams? Share your best tips with us in the comments.

SOURCES:
https://www.fbi.gov/scams-and-safety/common-fraud-schemes/investment-fraud

https://www.consumer.ftc.gov/blog/2019/02/romance-scams-will-cost-you
https://www.consumer.ftc.gov/articles/0053-mystery-shopper-scams
https://www.wisebread.com/the-comprehensive-guide-to-identity-theft-everything-you-need-to-know

4 Super-Scary Scams To Watch For This Halloween

Don’t let a Halloween scam spook you! Stay a step ahead of those crooks by looking out witch with pumpkin facefor these four scams this season.

  1. The shipping scam

The internet is brimming with Halloween-themed stores in the months leading up to Oct. 31. Lots of these retailers offer an impressive selection of costumes, accessories and decorations at great prices.

Unfortunately, though, some of the retailers that own such sites will never deliver the ordered goods. That’s because, though the company may exist, and will appear legit, at the end of the day there was never a real intent to ship the item(s). The delivery date may be postponed until after Halloween, or the order might get canceled without notification. Sometimes, the shopper will receive the promised package on time – only the package is empty!

Before placing an order with a seasonal store, look for the company’s physical address and phone number. Check what the  Better Business Bureau (BBB) has to say about it and look for information about return and refund policies in case things go south. Finally, as always, be careful about sharing your credit card information with an unsecure site. Look for the lock icon near the URL and the “s” after the “http” in the web address; both indicate you’re on a secure site.

It’s also a good idea to order your costumes and décor in September. This way, you’ll have time on your side if you need to return a costume or a product that didn’t turn out as expected. You’re also less likely to purchase goods from iffy retailers and vendors you don’t recognize when you aren’t pressed for time. Finally, you won’t be forced to spend a ton of money on last-minute shipping costs when you make your purchase early in the season.

  1. The fraudulent offer

In this scam, a bogus company advertises a “Super Special Deal” for “Today Only” offer, or something similar. It will offer amazing Halloween goods for prices that are too good to be true and lure lots of unsuspecting customers into the trap. Unfortunately, the company is bogus and the offer doesn’t actually exist. If you purchase the advertised product, you’ll never see the product – or your money.

As with all potential scams, check out a company’s authenticity and a website’s security before purchasing.

  1. The fake ticket scam

Planning to take a trip to an amusement park, attend a concert or take in another event on Halloween? Be wary of the fake ticket scam, in which third-party vendors sell bogus tickets to unsuspecting customers right before an event. They’ll also tack on an exorbitant commission, claiming that they need to charge extra because of the last-minute purchase. Of course, the ticket is bogus and they’ll pocket the ticket money, plus the commission.

Make sure to get your tickets to any event you’d like to attend well in advance. Contact the event organizers directly to make sure you’ve reached the right address. If you find tickets being sold online near Halloween time, do a quick online search to see if the event has already sold out. Check for spelling mistakes and erroneous information about the date and time of the event on the ticket, as well.

  1. The bogus purchase scam

In this scenario, scammers try to convince you that you ordered something you have no recollection of purchasing just to get you to share your personal information. Once the scammers have this data, they’ll do anything from emptying your accounts to taking out loans in your name or committing full-blown identity theft.

If you receive any emails, phone calls or text messages asking you about a costume you never ordered or a ticket you never purchased, do not engage with the sender or caller. Delete the emails or flag them as spam. Also, block the contact from calling or texting you again. With any luck, the scammer will get the message that you’re not an easy target and leave you alone.

Here’s wishing you and yours a safe and frightfully fun Halloween from all of us here at Destinations Credit Union!

Your Turn: Have you ever been targeted by a Halloween scam? Tell us about it in the comments.

SOURCES:
https://www.scam-detector.com/article/halloween-fake-shops

https://help-center.pissedconsumer.com/top-5-halloween-scams/
http://legalshred.com/halloween-scams/

Debit Card Safety

“And how are you paying for your purchases today?”Close up of ATM key pad

It’s a question we have to answer almost every day. Will you be using cash, a credit card or a debit card?

It may be instinct for you to pull out any piece of plastic without thinking, but your random card of choice might not be the safest way to pay. Sometimes, you’ll want to use a credit card. And sometimes, its a better idea to pay with a debit card. Still other times, you’re best off using cash.

Let’s explore when and how to use your debit card.

Credit and debit: How are they different?

They’re both plastic, with a series of numbers, a security code and your name embedded on them. So, how are debit and credit cards different?

A better question might be: How are they the same? Appearances aside, your credit and debit cards have very little in common.

Credit cards allow you to choose your purchases now, and pay for them weeks, months or even years later. If you let your balance grow, you’ll be paying for a lot more than it really costs in the way of interest. But, if you make timely payments, you’ll have yourself a small loan that usually costs you1 little to nothing. Credit cards also offer rewards, purchase protection and the ability to back out of a purchase you’ve decided against. You can also contest fraudulent charges on your account, freeze your credit on a compromised card or even close the card completely.

Debit card transactions, on the other hand, take the money right out of your checking account as soon as you swipe. Some point of sale terminals put a freeze on the amount, removing it from your account a few days later. But, either way, you won’t be able to access that money and you won’t have to worry about paying for it later. There’s no interest here, but there also may be no purchase protection, depending upon your financial institution. Finally, in case of fraud you may need to resort to closing your checking account. However, usually a simple issuing of a new debit card is all that’s needed.

Which one’s better? It depends on the purpose. Debit cards are great for helping you stick to your budget and won’t send you into a cycle of debt. However, because they may offer very little recourse in cases of fraud, credit cards are usually the better choice in the most vulnerable situations.

5 purchases you should carefully consider before using your debit card

According to data from FICO, during the first 6 months of 2017, the number of compromised ATMs and point-of-sale devices was 21% higher than it was in the first 6 months of 2016. Don’t let your card be next!

Here’s where you may not want to use your debit card:

1.) At the pump

Card skimmers at gas stations are on the rise. By choosing to use your credit card instead of your debit card at the pump, you’ll have an added layer of protection against fraud. You can also choose to use cash. It’s the safest way to pay (so long as you watch out for pickpockets!).

2.) At an isolated ATM

The ATM at Destinations Credit Union? Definitely safe to use.  We check regularly for signs of tampering.

The one at the crowded pharmacy? Probably OK.

The machine in a secluded corner of an empty convenience store? Very possibly tampered with.

Isolated ATMs in locations with very little security and sparse foot traffic are prime targets for hackers. It’s best to give these machines a wide berth and pick up your cash at Destinations Credit Union.

3.) In an unfamiliar location

When on vacation, it’s important to think before you swipe. You don’t know the area and you can’t be certain which clerks are to be trusted. You’re better off paying with a credit card or with cash so your purchases are protected against fraud.

Also, a large charge in an area you never frequent might cause your purchases to be flagged as fraudulent. Let your credit union know about your trip and be careful how you swipe!

4.) For large purchases

If you’re springing for a new entertainment center or another big-ticket item, you’re best off using your credit card. It’ll offer you dispute rights in case the product doesn’t turn out how you expected, and you might be granted an extended warranty just for using a credit card.

5.) Restaurants

Can you really trust the servers at your favorite restaurant with your personal financial information? When you hand them your debit card at the end of the meal, that’s exactly what you’re doing. The server has more than enough time to clone your card and then use it for any purchases they’d like to make. Unless your restaurant has a tableside payment system, you’re better off using a credit card or cash to pay for your meal.

Look out for skimmers

Always use caution when using your debit or credit card. Check the payment processor for anything that looks out of place, such as a newer keypad on an older machine, or a hard-to-use slot for your card. Don’t forget to cover the keypad with your hand when inputting your PIN.

Stay ahead of hackers by using your debit card with caution!

Your Turn: Was your debit card ever compromised? Share your experience with us in the comments!

SOURCES:
https://budgeting.thenest.com/problems-using-debit-cards-gas-pumps-23710.html
https://www.creditcards.com/credit-card-news/10-places-not-to-use-debit-card-1271.php
https://www.creditcards.com/credit-card-news/gas-pump-atm-skimmers.php
http://news4sanantonio.com/news/local/skimming-devices-found-on-pumps-at-northwest-side-gas-station

Cryptocurrency Hacks

Cryptocurrency is all the rage. Money you can’t see? Online accounts that aren’ttwo people looking at computers regulated by big banks or even the feds? It has a futuristic feel, and anyone and everyone seems to be buying into the trend.

Lots of those folks who are buying up bitcoins by the hundreds claim cryptocurrency investment is the ticket to a richer tomorrow. But security experts think otherwise. They’ve repeatedly warned that all cryptocurrency is extremely vulnerable and at risk of being hacked – and that includes yours.

Is cryptocurrency the wave of the financial future, or is it really as risky as experts would have you think?

Before making your decision, read on to arm yourself with all the information you’ll need about cryptocurrency hacks.

How it works

Cryptocurrencies are decentralized and unregulated. That means there is no single country or institution controlling bitcoin, Ethereum or Litecoin. These currencies are, consequently, extremely volatile and vulnerable to risk. Since all cryptocurrency transactions are processed online, a hacker can simply break into crypto exchanges, drain people’s wallets and disappear without a trace.

As you may expect, hackers have been following the meteoric rise of cryptocurrency and are eager to cash in on the prize. They’ve been systematically frauding the system for years, and have only gotten bolder over time. In the most recent major heist, hackers made off with an incredible $530 million in cryptocurrency from Coincheck, the leading Asian bitcoin exchange, this past January.

And experts predict that it will get worse.

An Ernst & Young report studied 372 preliminary coin offerings between 2015 and 2017 and found that more than 10% of the funds were stolen, amounting to as much as $1.5 million a month.

It’s not only individuals who’ve been defrauded; the report shares that huge companies have lost several million dollars on hacked cryptocurrency.

According to Chainalysis, a risk management software company for virtual currencies, more than 50% of these hacks occurred through phishing.

In other instances, hackers have modified malware to redirect bitcoins to their own wallets during a trade or purchase. This scam is particularly nefarious because the hackers snag the victim’s exchange credentials and login information so they can gain complete control of the mark’s bitcoin wallets.

By extension, this means the hackers have also accessed the victim’s credit card information and can do untold damage to their credit score while racking up huge bills in the victim’s name.

Any way you slice it, cryptocurrency hacks pose a major risk to all investors and users.

Who’s paying?

Nearly 20% of bitcoin investors purchase their cryptocurrency using a credit card – and almost 25% of them cannot pay off their credit card balance after making this purchase.

Some credit card companies are ready to throw in the towel on cryptocurrency. They’ve had their fair share of headaches caused by cryptocurrency hacks aimed at their cardholders, including disputed charges, fraudulent transactions and the inability to pay for large purchases.

Earlier this year, many major credit card companies, including Discover and Capital One, announced they will no longer allow cardholders to purchase cryptocurrencies using their credit cards due to the high level of risk and potential fraud associated with such transactions.

Lots of financial institutions have followed suit with similar announcements, claiming the increased volatility poses a loss to the institution, which may be forced to pick up the pieces for their member if a cryptocurrency investment or purchase is hacked.

Are cryptocurrency exchanges government-regulated?

The short answer is no. The very attraction of bitcoins and Ethereum is that they are decentralized, answering to no institution or government.

A little digging reveals that some foreign countries, like China, are actually taking stronger approaches toward protecting their citizens from cryptocurrency fraud and are coming down hard on all scammers and hackers.

For the average U.S. citizen, though, when it comes to cryptocurrency, you’re on your own.

Protecting yourself

Cryptocurrency transactions pose an extra risk by being absolutely final. There’s no way to cancel a cryptocurrency payment, back out on a purchase or secure an anti-fraud guarantee from a reputable financial institution. In case of fraud, you may be able to trace the computer that was used for robbing you, but it’s nearly impossible to identify the scammers that took off with your money.

In other words, by using cryptocurrency, you’re putting yourself at significant risk. There’s no one protecting you and no way to undo the damage once you’ve made a payment that’s been hacked.

The only thing you can do is take proactive steps to be as careful as possible when engaging in crypto-payments:

1.) Stick to established, recognized exchanges, like Coinbase.

Only use exchanges you’ve heard of, and only those that utilize two-factor authentication.

2.) Don’t store too much digital currency online.

It’s best to store your money as actual greenbacks in a brick-and-mortar financial institution. You can keep some cash in your wallet or even hoard it in a home safe, but be careful not to put too much in an online digital exchange.

3.) Keep your OS and security software up-to-date.

Always accept and install the most recent patches and updates when they become available. To ensure your system doesn’t fall behind, elect to have it update automatically.

4.) Be wary of suspicious emails and links.

Never share sensitive information over the internet, no matter how sincere or urgent an email or link may appear to be. Don’t download anything from an unverifiable source, and keep your spam settings working at their strongest capacity.

Cryptocurrency may be the dollar bill of the future, but don’t fall prey to the many criminals who are counting on consumer naivety to make a quick buck. Use caution and be on guard to keep your money safe!

Your Turn: Do you use or invest in cryptocurrencies? What precautions do you take against hacks? Share your own tips with us in the comments!

SOURCES:
https://www.google.com/amp/s/www.nbcnews.com/business/business-news/amp/hidden-dangers-buying-virtual-currency-go-beyond-simple-hack-n852706  

http://money.cnn.com/2018/01/29/technology/coincheck-cryptocurrency-exchange-hack-japan/index.html  
https://www.fool.com/investing/2018/01/29/after-the-biggest-cryptocurrency-hack-ever-bitcoin.aspx