Holidays increase Risk of Online Scams

The holidays mean a surge in online purchases done with laptops, cell phones, tablets and desktops.

4DOne way to be scammed is via pop-ups (on legitimate sites, but that are not connected to the site) that ask for a survey. After you complete it, you’re offered what seems like a free product. You then unknowingly set yourself up to be enrolled in a program to purchase more products—after giving your credit card information.

It’s easy to get sidetracked by pop-ups, says iovation’s Jon Karl, VP of Corporate Development in Portland. But he asks: “Who is that business on the other end of the line; do you know them? Because there’s lots of opportunities to spend your money with somebody you don’t know.” iovation is one of the biggest online fraud protection companies in the world.

“You have to be really careful when you’re clicking on offers that are coming to you,” he adds. Shoppers should be skeptical and limit how much personal information they give out. “You really should only have to give them the data that’s necessary to get a product to you. So, your name, your address and the information for your credit card.”

Avoid doing business with any retailer that requests your Social Security number or even birthdate.

Another tip from Karl is to online shop only with a credit card (not debit card or electronic check), as this offers protection for purchases gone awry.

More Tips

  • Do business only with companies you’re familiar with.
  • If you’re not sure about a company, seek out some reviews.
  • Ignore pop-up advertisements.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

12 Ways to hide Online

If you feel paranoid about online surveillance, there are ways you can significantly shrink your cyber presence so that it’s more difficult and expensive for anyone and even big intelligent agencies to monitor your online activities.

2P1. End-to end Encryption

This tactic encrypts your data from the beginning point of communication to the receiving end. The tool of choice for you and your message-recipients to install is OTR (off-the-record) messaging. This start-to-finish encryption will keep snoopers in the dark.

2. Maximal Encryption

If you can’t do end-to-end, at least encrypt as many communications as possible. This can be done with EFF’s HTTPS Everywhere browser add-on for Firefox or Chrome. It maximizes amount of data that you protect by making Web sites encrypt Web pages when possible. Encrypt your USB flash drive with TrueCrypt.

3. Encrypt Hard Drive

Latest versions of Macs, Windows, Android and iOS have ways to encrypt local storage. Turn this on so that anyone who uses your computer can’t copy its contents.

4. Strong & long Passwords

Forget short, easy to remember passwords like the name of your pet. Make them very long—all passwords. A password manager will eliminate having to remember a bunch of super long passwords. Diceware.com will help you create an unforgettable, strong master password.

5. Virtual private network software

Unencrypted data is highly vulnerable to prying eyes. Use a virtual private network (VPN); this ensures that all online transactions (e.g., filling out forms, downloading, shopping) are secured through HTTPS.

Hotspot Shield VPN is free and reliable, available for Mac, PC, Android and iPhone. This service also encrypts all mobile data and protects the user’s identity. VPNs can also be used for visiting sites you don’t trust much.

6. Use Tor

Installation and use of Tor will conceal your origins from mass and corporate surveillance. Giants like the NSA do not like Tor, and there’s a reason for that; it works.

7. Two-step authentication

This involves typing in a password and then a routinely altered confirmation number to protect against attacks on cloud and Web services.

8. Never click Attachments
Your computer can be hijacked when you click on a link sent via e-mail—a link accompanied by a hyped up message that’s designed to get you emotional rather than logical. Tell your friends and family to send you information in text whenever possible. If they must send a file, double check that it’s really from them.

9. Don’t open Emails with a blank Subject Line

An e-mail with a blank subject line may be an innocent lapse in judgment from a person you know, but the blank subject line is also a possible sign of a virus attack waiting for you if you open the e-mail.

If you receive blank subject lines apparently from someone you know, send a message to the sender by creating a new message and asking if they just sent something. Require everyone you know to fill in the subject line.

10. Anti-virus, updated software

Make sure your computer has anti-virus software and that it’s always kept up-to-date.

11. Be an ally
Teach others all you know about hiding online. Even install for others tools like Tor. Ask them to sign up for Stop Watching Us to guard against mass spying. Throw a “cryptoparty.”

12. Offline data

Keep your most secret data written down in a notebook and place where nobody would think to search for it.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Holiday Shopping: Beware of Unethical Online Merchants

We have all encountered a sales clerk who was rude, a customer service representative who was incompetent and an online purchase that went south. Even I’ve been scammed out of an entire order and spent dozens of hours trying to get a return on another.

But when it comes to outrageous and shocking, including threats of violence and outright fraud, this story takes the cake.  An online merchant based in Brooklyn New York retailing designer sunglasses, some counterfeit and some real, thrives on bad customer service, over charging, making threats, stalking and abusing clients into giving up the fight over what’s right.

The merchant prides himself on getting negative feedback on consumer advocacy and review sites such as Get Satisfaction, ComplaintsBoard.comConsumerAffairs.com, RipoffReport.com, Yelp and Epinions.

He thrives on – for example “DO NOT ORDER ANYTHING FROM THIS COMPANY. This has been the most horrific experience EVER. I have extensive knowledge of website management and customer service, and they pretty much break every rule imagined. They are a total scam

The strategy of negativity gets this merchants website ranked high on search when listed with all the different opinion sites. Google and other search engines often rank a website to show on the first page of search based on how many links point to it from other prominent sites. So even though all the negative links are pointing to the unethical site from opinion sites, it still ranks on the first page of search helping its sales.

Beware of making purchases on any website based on how they rank in search. Even a first page organic hit can lead to a scammy company.

Learn from others bad experiences. ALWAYS search “Name Of Company” in Google before you make a purchase. The review sites almost always show on the first page of search when “Name Of Company” has been blacklisted.

More on THIS STORY.

Robert Siciliano personal security expert to Home Security Source discussing scammers and thieves on The Big Idea with Donnie Deutsch.

Summer Heat: On-line Dating Scams PT II

After my recent post Summer Heat: On-line Dating Scams a reader responded with the following:

“I just had a similar experience that you described in your blog “Summer Heat: On-line Dating Scams”. I had joined Plenty of Fish and upgraded my profile to have more exposure. I received an email from “exquisitedaddy” a few weeks ago. We started sending emails back and forth. Then he asked me to IM on Yahoo Messenger.

His IM email address was groovyromance@yahoo.com. The name he used was Joe Reid. He escalated the relationship quickly telling me how I was the one and only and how he loved me. then on 6/26 he asked me to buy him a Blackberry Bold for $450. I told him I didn’t have the money. The next day, 6/27, he told me his bank had contacted him and that a hacker had stolen $20k from his account. His account was frozen but the bank would reimburse him the money, he just didn’t know when. So he needed to buy networking equipment to complete a huge project he was working on for Nova Engineering Place. When he finished he would be paid $800,000 and have to paid 10 employees 40k each. But he needed $8k now to buy this equipment.

He said I shouldn’t worry because he would pay be right back either when the bank released the hold on his account or when he was paid for the project. I told him I didn’t have the money. I asked him questions about why others couldn’t help him and he always had an excuse. When I asked him if I used my Amex to buy the equipment, would that work he said no he needed cash! I said I would look into it but wouldn’t call him unless I found an answer since he was so stressed. Yesterday, he left a VM message for me asking me why I hadn’t contacted him and he was hoping that I was still looking to help him with the money and that he loved me.

I would like to do anything and everything in my powers to get this person so that he cannot abuse other women. Do you have any advice on what my next steps should be? He sent me flowers on Saturday, should I contact the florist and try to follow the trail back through there? thanks. Linda”

Wow Linda, you dodged a bullet. Linda sent me the picture of a handsome man who probably doesn’t know he is being used for a scam. She also found his profile on Match.com too.

No matter who the person is, what they say, how they look, don’t automatically trust.

The moment money or loans are discussed in any capacity that is a red flag.

Don’t let your heart get in the way of basic common sense.

Sometimes loneliness trumps our ability to see the truth. Keep your head up and pay attention to someone’s “intentions”.

Robert Siciliano is a Personal Security Expert and Adviser to Intelius.com. For more information see Intelius at Sex Offender Check and Date Check to reduce your chances of encountering a bad guy. See him discussing Safe Personal Dating on Tyra. (Disclosures)