Beware Tech Support Scams

The FTC is warning of a surge in tech support scams, many of which can be difficult toclose up of cell phone in hands spot.

In a recent widespread scam, a company calling itself Elite IT Partners, Inc., purchased keywords so it showed in searches for password recovery assistance. Victims contacted the “company,” which asked them to fill out an online form with their contact information.

Scammers then called the victims, asking for remote access to their computers. Once inside, they used phony evidence to convince victims that their computers were in need of repairs requiring pricey software. The scammers accepted payment for this software, but did not provide it.

Tech support scams don’t always follow the above script. Here are two other common scenarios:

  1. Phone calls

In this variation, scammers spoof the numbers of well-known companies claiming they’ve found a problem with the victim’s computer. They’ll ask for remote access to it, run a “diagnostic test,” and plant bogus problems. They’ll then ask the victim to pay an exorbitant amount of money to get the issue fixed.

Red flag: Legitimate tech-support companies will never initiate contact by phone.

  1. Pop-up warnings

Sometimes, a tech-support scammer will target victims with an alarming pop-up warning. The pop-up might look like a legitimate error from the victim’s system or antivirus software. The message will warn about a computer security issue and instruct the victim to call a listed number. Once the victim calls, they’ll be asked to grant the scammer remote access to their computer. The scam will then proceed much like what’s described above.

Red flag: Legitimate security warnings from tech companies will never ask you to call a phone number.

If you’ve been scammed

Are you a victim of a tech-support scam? It may not be too late to reclaim your money.

If you paid via credit or debit card, you may be able to stop the transaction. Contact your credit card company or [credit union] about contesting the charge.

You’ll also want to update your computer’s security software and run a scan. Delete anything your computer identifies as a security issue. Be sure to change your usernames and passwords as well.

Finally, don’t forget to report your scam to the FTC.

Your Turn: Have you been targeted by a tech-support scam? Tell us about it in the comments.

SOURCES:
https://www.consumer.ftc.gov/blog/2019/03/keep-tech-support-strangers-out-your-computer

https://support.microsoft.com/en-us/help/4013405/windows-protect-from-tech-support-scams
https://www.consumer.ftc.gov/articles/how-spot-avoid-and-report-tech-support-scams

Beware Social Media Scams!

The social media explosion has forever changed the way we interact with one another. InThree young adults using their phones fact, everyone knows that a vacation, a dinner out or child’s milestone never really happened unless you post it on Facebook or Instagram.

But what most people don’t realize is that the advent of social media has generated its own brand of scams. And they’re as nefarious as they are widespread. Over the last few years, the numbers of social media scams have multiplied exponentially, with fake Facebook and Twitter accounts jumping by a full 100% in just a year.

There are several types of social media scams, but most involve some kind of phishing scheme component.

Here’s how it happens: Scammers troll your accounts and try to “friend” you. They might have received your contact details from a friend of a friend or through some other roundabout method. Or, they may create a bogus profile or clone the profile of someone you know in real life. Then they’ll get you to share personal information with them without you even realizing it. Often, they’ll ask you seemingly random questions, like the name of your first pet, or your grandmother’s maiden name, and you’ll blithely provide them with the answers.

What you may not realize, though, is that you’ve just given away the security questions for your checking account password and login information. By the time you do realize this, it’ll be too late.

Other times, social media scams involve fake offers and promotions. You might click on a job offer, an incredible prize you’ve supposedly won or a get-rich-quick scheme. All you need to do to get your hands on the goods being offered is….share your personal information.

Unfortunately, that’s all the scammers need to rob you of your identity – and your money.

In yet another scam that has us at Destinations Credit Union really riled up, fraudsters will exploit your trust in your credit union to get your attention. They’ll reach out to you while impersonating Destinations Credit Union and claim to have incredible rates on personal loans, cash loans or a similar product.

You might think the poster is really us, and willingly click on the embedded link and then follow their application instructions. Sadly, once the ball starts rolling on these scams, it’s nearly impossible to stop. The scammers might then empty your accounts, trick you into making upfront payments to qualify for the loan, or take out another loan in your name, leaving you to foot the bill.

You don’t have to be a victim to these scams. Read on to learn how to spot, prevent and react to social media scams.

How to spot a scam

Watch for these red flags:

  • The poster is offering a deal, prize, job or scheme that sounds too good to be true.
  • You’re asked to make an upfront payment for a job, prize or loan application.
  • A reputable company uses a generic account, such as Yahoo or Gmail, to contact you.
  • You’re told that you qualify for a loan amount that is more than you need.
  • You’re urged to act immediately or risk losing out on the job, prize or loan.
  • The scammer looks like they represent Destinations Credit Union, but when you call us up to talk about the offer, no one knows what you’re talking about.
  • You are asked to share sensitive information before you’ve actually applied for anything.
  • A new social media “friend” keeps asking you random questions.

Preventing social media scams

Fortunately, preventing social media scams isn’t all that difficult. All it takes is a bit of common sense and some practical steps.

  • Think before you click. Ignore anything that sounds sketchy or overly intrusive.
  • If a lender has contacted you, check their legitimacy with the BBB at (859) 259-1008, 1-800-866-6668, or www.bbb.org.
  • If you need to take out a personal loan from Destinations Credit Union, contact us directly at 410-663-2500 or through our website at www.destinationscu.org. This way, you’ll know it’s really us.
  • Never share personal information online with someone you don’t know.
  • Look for a publicly listed street address and phone number that corresponds with the name of any alleged “company” that has contacted you.
  • Never agree to pay for a product or service upfront without being certain of its legitimacy.
  • Check your social media privacy settings on a regular basis. They’re often changed without you knowing it.
  • Never post anything that can be used to steal your identity.

If you are a victim

If you’ve been hooked on the social-media phishing bait, it’s important to do some damage control ASAP.

  • Shut your computer. Before anything else, you’ll want to block the scammer from accessing your computer again. Log off your device and immediately change your passwords, using a different computer or mobile device.
  • Put a fraud alert on your credit. Contact the three major credit bureaus; Equifax, Transunion and Experian, to let them know your identity has been compromised. This will prevent or delay any loans or lines of credit the scammer tries to take out in your name.
  • Let us know. Here at Destinations Credit Union, we want to do our part in stopping scammers in their tracks. By alerting us about a scam, we can watch your accounts for suspicious activity and refuse to honor sketchy charges. Also, if your case involved a fraudulent loan offer using our name, we’ll do all we can to take down the scammers.
  • Alert the Federal Trade Commision (FTC). If you’ve been targeted by a scam, make sure to tell the FTC about it so they can do whatever they can to catch those crooks.
  • Tell your friends. It’s equally important to let all of your friends know about the scam. Consider forwarding them the scammer’s bait in a private message so they know to ignore it if it shows up in their own social media feeds.

Don’t let scammers win! Always use caution when online.

Your Turn: Have you ever been targeted by a social media scam? Tell us all about it in the comments!

SOURCES:
http://m.nbc12.com/story/22461601/12-on-your-side-man-loses-money-in-online-loan-scam  

https://www.moneysmart.gov.au/scams/banking-and-credit-card-scams/loan-scams  
https://www.bbb.org/lexington/news-events/news-releases/2015/08/bbb-warns-online-loan-seekers-about-fake-site-using-commonwealth-credit-union-lawrenceburg-address/  
https://www.google.com/amp/s/www.csoonline.com/article/3202104/phishing/new-social-media-scams-can-you-tell-friend-from-foe.amp.html  
https://inspiredelearning.com/blog/social-phishing/  

Beware Of Banking Scams

Scammers never take a break. They’re always dreaming up ways to con you out of yourImage of man using computer money. Recently, there’s been a significant uptick in scams involving checking accounts at many financial institutions.

In these scams, criminals will utilize social media to connect with the victim.

They usually pose as representatives of a bank or credit union and milk the victim for sensitive information, like account numbers and passwords. Since the scammers are using the credit union’s social media accounts, the victims often won’t hesitate to share this information. When the scammers have what they need, they will proceed to empty the victim’s accounts and then disappear.

Often, when the scammers receive a response from the victim on social media, they will redirect the victim to what appears to be the financial institution’s website. The victim, thinking they are on the site they frequently use, will quickly input their username and ID, which the scammers will then use to empty their accounts or open credit cards in the victim’s name.

Sometimes, the scammers will impersonate helpful member representatives who are seemingly looking to answer your questions. You’re used to our representatives being helpful and always on call to assist you, so you won’t see anything strange with the scenario.

Other times, the scammer may claim your account has been compromised and you need to immediately update your information. They’ll be oh-so-helpful with this step. Until you share your information with them, that is.

Still other times, scammers will pose as representatives of a sweepstakes or some other contest that you’ve “won.” All you need to do is share your account information and your passwords to be made into an instant millionaire! Except that, of course, you won’t.

Don’t be the next victim! Be aware and be alert. Here’s what you need to know about this scam:

1.) Check URLs

Scammers are becoming increasingly more suave at posing as companies their victims are familiar with. You can check a site’s authenticity by double-checking the URL on the web address. Make sure it matches Destinations Credit Union’s site exactly. You can also check a site’s security by looking for the “S” after the “http” on the web address.

2.) Be suspicious

Awareness can be your best protection. It’s easy for a scammer to pose as a member representative on social media, but if you’re on guard, you’ll spot these fakers. Is a representative claiming there are problems with your account when everything seems to be in order? Are they asking you to share sensitive information through insecure channels? Is someone promising you’ve won a contest you’ve never entered? If things don’t add up, it’s best to opt out.

3.) Reach out to your credit union

It may be difficult to determine whether the people you’re talking to are the real thing. If you think you’re dealing with Destinations Credit Union but things suddenly start looking fishy, there’s a simple solution. Hang up or log out of whatever medium you’re engaged in and call Destinations Credit Union yourself. You can always reach out to us at 410-663-2500. This way, you’ll know you’ve really reached us and you’re not being scammed. Be sure to call this number and never use another number suggested by a suspicious-acting “member representative.”

4.) In case of fraud, take action

If you suspect you’ve been taken for a ride, let us know as soon as possible. The sooner you catch a scam, the better off you’ll be. We’ll also be able to alert our other members and work on catching the crooks who’ve conned you.

It’s also a good idea to let the Federal Trade Commission (FTC) know about the scam. The more information you share, the easier it will be for the feds to nail those scumbags. Contact the FTC at FTC.gov.

5.) Protect yourself

It’s a good idea to practice basic safety and protective measures with your accounts.

Here’s how:

  1. Safeguard account details: Never share account information without being certain about who you are talking to.
  2. Use good password hygiene: Use complex passwords and change them often. Be sure to use different passwords for each of your accounts.
  3. Choose extra protection: Opt in for two-factor identification when logging into your accounts. That’s an extra level of protection for you and another hurdle for scammers to scale.
  4. Set up alerts: Choose to receive an email or a text message when transactions on your account exceed your typical level of spending.
  5. Monitor your accounts: It’s a good idea to check your accounts on a regular basis, and with our mobile app, this is now easier than ever. In most cases, you will be responsible for fraudulent charges on your account if you report them more than 60 days after your monthly statement is delivered.

SOURCES:
https://www.google.com/amp/amp.timeinc.net/fortune/2016/11/11/social-media-cyber-scam 

https://money.usnews.com/money/blogs/my-money/2015/01/23/5-scams-that-target-your-bank-account 
https://www.cnbc.com/2017/05/12/this-growing-fraud-will-drain-your-bank-account.html 
https://www.infosecurity-magazine.com/news/social-media-phishing-attacks-soar/ 
https://www.advantiscu.org/fraud-prevention/beware-of-phishing-scams-in-social-media.html

Beware Of Phishing Scams!

Scammers never take a break! Just when you think they’ve run out of steam, another *scam surfaces in which fraudsters try to quietly take both your money and information.

The Federal Trade Commission (FTC) has warned of a recent upsurge in phishing scams involving credit unions. With just a bit of online digging, scammers lure victims into forking over thousands of dollars or divulging confidential information.

Like all phishing scams, the scammer contacts the victim, posing as a legitimate business or service provider that the victim is familiar with. In this case, the scammers claim to be a representative of your credit union.

The fraudsters use social engineering to trap their victims. This means they take advantage of social norms to inspire trust and manipulate people into clicking on their links or answering their emails. It’s almost impulsive for people to download attachments that look like they’re from friends or a familiar business.

The scammers most commonly reach out via email, but they may also use mediums like phone calls, text messages or social media sites. They convince the victims of their legitimacy by providing some personal details about the victim – which they easily pull off the internet.

Victims are lured into providing information with the promise of compensation for a survey or by claiming the victim needs to verify or update an account. Once the scammer has the information, they can empty the victim’s accounts, track their online activity and/or steal their identity.

Alternately, the scammer may lead a victim to click on links that are embedded with spyware. The links lead to a website that may look just like the credit union’s site, but is actually bogus. In such instances, the victim is probably certain they’re browsing their credit union’s website, and won’t hesitate to share information or input usernames and passwords.

The biggest clue that these transactions are scams is their means of communication. Your credit union will never ask for sensitive information through insecure channels. We also won’t ask you to verify your account number – we already have that information!

Despite this red flag, hundreds of people are falling prey to phishing scams. Don’t be the next victim! Here are four tips to help you protect yourself from phishing scams:

1.) Ignore suspicious emails

When online, be on guard. If you receive an email from an unidentifiable source, ignore it. Don’t reply to the email, click on any embedded links or open attachments. If you suspect an email is from a scammer, delete it and add the domain and email address to your spam filter to prevent a recurrence.

Similarly, never “friend” or otherwise accept communications from a stranger via social media. Facebook and Snapchat are for real buddies only!

As a general rule, it’s best not to share any personal information over the internet. If you do need to provide financial information over the web for completing a transaction, only use a secured site. You can verify a site’s security by looking for a lock icon on the browser’s status bar or by finding a URL that begins with “https.” The “s” signifies that this is a secure site. Remember, though, that these indicators are not foolproof in any way. Even a secure site can be hacked.

2.) Alert Destinations Credit Union

The best way to stop scammers in their tracks is to report every attempt they make. If you have reason to believe you’ve been contacted by a scammer impersonating [credit union], let us know! Send us an email with all the details of the scam attempt so we can catch those crooks. It’s best to forward the exact email you received. If you’ve already deleted the email, report the date, time of day and all other details you can recall. The more we have to work with, the easier our hunt will be.

3.) Report all suspicious activity

While we will do all we can to stop these phishing scams, we can use all the help we can get. That’s why it’s important to file your complaint at www.ftc.gov. You can also visit the FTC’s Identity Theft website at www.consumer.gov/idtheft to learn how to minimize the fallout of a possible identity theft.

4.) Strengthen your computer’s protection

It’s always a good idea to beef up your computer’s border control. Equipping yourself with sufficient antivirus software will protect it from accepting these emails in the first place. If your software doesn’t update automatically, be sure to update it manually on a frequent basis so it will recognize and reject the most current viruses and scams.

A strong firewall will prevent scams and viruses by making you invisible on the internet and blocking all communication from foreign, unauthorized sources. It’s especially prudent to run a firewall if you use a broadband connection.

If you’re a genuine social media junkie, be sure to make your settings as private as possible. Don’t lay out your life for just anyone to see. Having another few hundred “friends” or “likes” is not worth the risk of a stolen identity!

Finally, as mentioned above, all suspicious email addresses should be added to your email’s blacklist as quickly as possible. Remember: Your spam filter is only as strong as you allow it to be.

With precaution, alertness and the proper steps toward prevention, you can keep yourself safe from phishing scams!

Your Turn: Have you ever reported suspicious emails or other messages? What made you flag it as a scam? Share your experience with us in the comments!

SOURCES:
https://www.navyfederal.org/security/phishing-scams.php 

https://www.mycreditunion.gov/protect/fraud/pages/default.aspx 
https://insightcreditunion.com/tools/fraud_prevention/how_not_to_get_hooked_by_a_phishing_scam.aspx 
https://www.mccoyfcu.org/security-center/fraud-and-scams.html