How to avoid Online Fundraising Scams

/in , /by

You’ve probably heard of the gofundme.com site, where all sorts of stories are posted of people seeking donations. Some are tragic, others are trite. You may be touched by a particular story, perhaps one in which an entire family is killed in a house fire.

9DYou click the “Donate Now” button and donate $50. So just how do you know that family who died in the fire really existed?

Gofundme.com and similar sites are loaded with “campaigns,” just tons of them. Think of the logistics involved if these sites hired people to verify every campaign. This would require enormous amounts of time and a lot of people and expense.

People don’t think. They just assume every campaign is for real. Do you realize how easy it is to start a campaign? Gofundme.com, for instance, only requires that you have a Facebook account with a valid-looking profile picture of the campaign starter, and at least 10 Facebook friends (last I checked, anyways).

  • Who at Gofundme.com and similar sites verifies that the profile picture is that of the campaign starter?
  • Who at these sites verifies that the “friends” are legitimate, vs. all phony accounts or “friends” purchased from seedy overseas companies that create fake profiles?
  • Even if the avatar and friends are for real, how do these crowdfunding sites confirm the authenticity of the campaigns?

It’s all based on the honor system. You take their word for it, though some campaigns are high profile cases. People have given money to fake campaigns. How can you prevent getting conned?

  • Check the news to see if the campaign story really happened. But a house fire in a small town doesn’t always hit the Internet. Nor is it newsworthy that some housewife is trying to raise money to buy her disabled son a set of golf clubs. So stay with campaign stories that you know have occurred.
  • But again, a scammer could take a real story, pretend to know a victim and scam donators. So see if there’s a legitimate pathway to donate to the real people involved in the story, such as through their local police department.
  • Stick to reputable charity sites. Offline, never give money solicited over the phone.
  • Be leery of charity solicitations for very high profile cases, as these attract scammers.
  • If donations are solicited by snail mail, check the Better Business Bureau. Any scammer could create a legitimate sounding name: “American Association for Autistic Children.”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

7 Ways to protect Yourself Online

/in , , /by

The biggest mistake that you can make to threaten your online safety is to treat the online world different—as far as your private information—than you would treat the physical world. In other words, if someone walked up to you and said, “Hi, can you please provide me with your name, address, birth date, home phone, cell phone, email, usernames, passowords all your friends names and all their contact info?” I think not.

9DWhat sane person would pass out cards with their Social Security number, birth date, full name, home address and bank account information to every stranger they walk past on the street? But essentially, that’s what many people do online.

Here are seven risky online behaviors:

  • Posting photos. As innocent as this sounds, photos of children have been known to get stolen and posted on child porn sites. Right click, save image as, then save to desktop; that’s all it takes. Does this mean never post photos of your kids? No. But save the picture of your naked two-year-old girl in the bathtub for your desktop. And don’t post vacation photos until after you return home.
  • Another thing about photos: Don’t post pictures of yourself engaging in activities that could come back to haunt you in some way. For example, you post a picture of yourself smoking while at a picnic. You apply for new health insurance and say you’re a nonsmoker. The insurance company might decide to view your social media pictures to catch you in the act.
  • Sounds innocent: You let your kids use your computer. But even if there are parental controls in place, your kids can still unknowingly let in a virus. Then you sit down to do some online banking…and the hacker whose virus is in your computer will then have your login credentials and bank account numbers, plus everything else. Ideally, you use a designated computer only for conducting sensitive online transactions.
  • A hacker sends (via bot) out 10,000 e-mails that are made to look like they’re from UPS. Out of 10,000 random recipients, chances are that a good number of them are waiting any day for a UPS shipment. This could be you. Will you open the e-mail and click on the link inside it? If you do, you’ll likely download a virus. This is a phishing scam. Contact the company by phone to verify the e-mail’s legitimacy. Better yet, just never click on the doggone links.
  • Do you know your apps? They most certainly know you—way too much, too. Applications for your phone can do the following: read your phone’s ID, continuously track your location, run your other applications, know your SIM card number and know your account number. Before downloading an app, find out what it can find out about you.
  • Don’t take silly online quizzes. Whoever’s behind them might just want to get as much information on you as possible with the idea of committing identity theft. Got some extra time? Read a book or do a crossword puzzle.
  • Never conduct business transactions using free Wi-Fi unless you have a virtual private network. Otherwise, anyone can cyber-see what you’re doing.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Protect Yourself from Online Fraud

/in , , , /by

Yes, it’s possible: preventing fraudsters from getting you via online trickery and other stealthy actions. Yes, it’s possible to be thinking one step ahead of cyber criminals. Let’s begin with e-mails—the conduit through which so many cyber crimes like ID theft occur. 9D

  • Imagine snail-mailing vital information like your SSN, bank account number, a duplicate of your driver’s license and your credit card number. At some point in the delivery process, someone opens the letter and see the contents. Electronic messages are not entirely private. Recognize this risk before sending knowing that in transmission there is a chance your information can be seen. Sometimes the telephone is a better option.
  • Ignore sensationalistic offers in your in-box like some ridiculously low price on the same kind of prescription drug you pay out of pocket for; it’s likely a scam.
  • Ever get an e-mail from a familiar sender, and all that’s in it is a link? Don’t click on it; it may trigger a viral attack. As for the sender, it’s a crook compromised your friends email and who figured out a way to make it look like the e-mail is from someone you know.
  • In line with the above, never open an attachment from an unfamiliar sender; otherwise you may let in a virus.
  • If someone you know sends you an unexpected attachment, e-mail or call that person for verification before opening it.
  • Enable your e-mail’s filtering software to help weed out malicious e-mails.
  • Ignore e-mails asking for “verification” of account information. Duh.

Passwords

  • Don’t put your passwords on stickies and then tape them to your computer.
  • Do a password inventory and make sure all of them contain a mix of letters, numbers and characters, even if this means you must replace all of them. They also should not include actual words or names. Bad password: 789Jeff; good password: 0$8huQP#. Resist the temptation to use a pet’s name or hobby in your password.
  • Every one of your accounts gets a different password and change them often.

General

  • Make sure your computer and smartphone are protected with antivirus/anti-malware and a firewall. And keep these updated!
  • Your Wi-Fi router has a default password; change it because cyber thieves know what they are.
  • When purchasing online, patronize only well-established merchants.
  • Try to limit online transactions to only sites that have an “https” rather than “http.” A secure site also has a padlock icon before the https.
  • Make sure you never make a typo when typing into the URL; some con artists have created phony sites that reflect typos, and once you’re on and begin entering your account information, a crook will have it in his hands.
  • Access your financial or medical accounts only on your computer, never a public one.
  • Ignore e-mails or pop-ups that ask for account or personal information.
  • When you’re done using a financial site, log out.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

10 Skeevy Scams to watch

/in , , /by

You may think you’re not dumb enough to fall for scams, but consider that someone you care deeply about is naïve enough to be conned. Besides, some scams are so clever that even those who think they’re scam-proof have actually been taken for a ride.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294Sometimes fraudsters pose as an authority figure. Some claim you won a prize, while others claim you’re in trouble. Some even claim they’re a family member (needing money) and have figured out a way to convince you of this.

Some scams are done via e-mail, while others involve a phone call or snail mail. One common ploy is for the crook to pose as a rep from the electric company and threaten to shut off your electricity unless you pay a delinquent bill. Of course, the payment must be in the form of a reloadable debit card. People will actually give these cards to the “rep,” without calling the company to confirm the situation.

A big tip-off to a scam is that you’re told you won a prize or have been hired for employment—but must send money to get the prize or be trained for the employment.

Some scams are so very obvious, but still, people get taken, like those ridiculous e-mails claiming you inherited a windfall from some deceased prince named Gharbakhaji Naoombuule. But people actually fall for these, not considering that this same e-mail was sent to 10,000 others.

Top 10 Scams

  • Caller ID spoofing. Has your phone ever rung and you saw your phone number and name in the caller ID screen? How can your own phone be calling you? It’s a scam. Ignore it. If you pick up you’ll hear an offer for lower credit card rates. You’ll be told to press 1 to opt out—but you should not even be on that long to hear this option; you should have hung up the second you heard the credit card offer. Anyways, pressing 1 indicates your number is legitimate; it’s then sold to scammers. Caller ID spoofing is also perfect for scammers posing as the police, government agency, corporations etc all with the intention to get you to part with your money.
  • Mystery shopping. Though mystery shopping is a legitimate enterprise, scammers take advantage of this and mail out checks (phony) before the “shopping” is done. A legitimate company will never do this. They also get victims to give up credit card data to pay for getting a job!
  • Calls about unpaid taxes. Always hang up, regardless of threatening nature to pay up or else. The IRS always uses snail mail to notify people of unpaid taxes.
  • Puppy scam. You find a website offering purebred puppies at very low prices or even for free, but you’re told you must pay for shipping or transfer fees (wire transfer) to get your puppy. The money is gone and you never get your puppy.
  • You get a call from someone claiming to have found buyers for your timeshare. You receive a contract, but are told you must pay funds to cover some fees. The contract is phony.
  • Tech support. Someone calls you claiming your computer needs servicing. They’ll fix it after you give them your credit card information. Legitimate geeks don’t call people; you must call them.
  • Postcard survey. Out of the blue you’re told you’ve won a gift card, or, just take a brief survey to get one. Go along with this and soon you’ll be asked to provide your credit card number. Don’t bother. You’ll get no gift card while the crook gets your credit card information.
  • A notice says you’ve won a big fat prize. To claim it, just pay some fees. Yeah, right. Never pay fees to collect a prize!
  • You’re told you’re eligible for a grant or have been awarded one, but must first pay processing fees. Federal grants don’t require fees.
  • Subscription renewal notice. The notice says you can renew for a lower rate. Check to see if the notice was sent by the publication itself or some third party (the crook).

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention.

10 Tips to avoid Scams when traveling

/in , /by

Vacationers and tourists provide a vast feeding ground for all sorts of crooks: from the simple pick-pocketing specialist to the hotel room burglar to the e-thief: credit card skimming and computer crimes. You can even have your identity stolen while sunning on that white beach.

9DAvoid Traveling Scams with These Tips

  • Don’t post your vacation or other travel plans on social media. Thieves peruse social media to see who will be out of town and when.
  • Protection begins before the trip. Put a vacation hold on your snail mail.
  • Beware of hotel room scams. A person posing as front desk staff will call random hotel rooms to sucker travelers into giving up their credit card number. Never give private information over the hotel phone.
  • When using public Wi-Fi, encrypt your activities so that hackers can’t pluck them out of the air.
  • Always know where your mobile phone is, and have it protected with a password.
  • Must you always pay with a credit or debit card? Cold cash can’t be hacked into. But I still prefer credit over debit cards (and even cash).
  • Don’t withdraw more cash than you need. Don’t take out wads of high bills because you “might” spend a lot of money. And use an ATM at a bank, not a public kiosk.
  • When you do use a card (credit, not debit!), do not let the server or sales clerk walk out of your sight with it. You just never know who might be an “inside” thief.
  • As soon as you can upon returning from traveling, check your credit card statements for suspicious activity.
  • Leave the expensive jewelry, handbags, etc. at home. A thief has a lot of interest in a well-dressed person who acts like a tourist. If you want everyone to see how exorbitantly styled you are, you’ll have to include muggers and other thieves in that group.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Holidays increase Risk of Online Scams

/in /by

The holidays mean a surge in online purchases done with laptops, cell phones, tablets and desktops.

4DOne way to be scammed is via pop-ups (on legitimate sites, but that are not connected to the site) that ask for a survey. After you complete it, you’re offered what seems like a free product. You then unknowingly set yourself up to be enrolled in a program to purchase more products—after giving your credit card information.

It’s easy to get sidetracked by pop-ups, says iovation’s Jon Karl, VP of Corporate Development in Portland. But he asks: “Who is that business on the other end of the line; do you know them? Because there’s lots of opportunities to spend your money with somebody you don’t know.” iovation is one of the biggest online fraud protection companies in the world.

“You have to be really careful when you’re clicking on offers that are coming to you,” he adds. Shoppers should be skeptical and limit how much personal information they give out. “You really should only have to give them the data that’s necessary to get a product to you. So, your name, your address and the information for your credit card.”

Avoid doing business with any retailer that requests your Social Security number or even birthdate.

Another tip from Karl is to online shop only with a credit card (not debit card or electronic check), as this offers protection for purchases gone awry.

More Tips

  • Do business only with companies you’re familiar with.
  • If you’re not sure about a company, seek out some reviews.
  • Ignore pop-up advertisements.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

12 Ways to hide Online

/in , /by

If you feel paranoid about online surveillance, there are ways you can significantly shrink your cyber presence so that it’s more difficult and expensive for anyone and even big intelligent agencies to monitor your online activities.

2P1. End-to end Encryption

This tactic encrypts your data from the beginning point of communication to the receiving end. The tool of choice for you and your message-recipients to install is OTR (off-the-record) messaging. This start-to-finish encryption will keep snoopers in the dark.

2. Maximal Encryption

If you can’t do end-to-end, at least encrypt as many communications as possible. This can be done with EFF’s HTTPS Everywhere browser add-on for Firefox or Chrome. It maximizes amount of data that you protect by making Web sites encrypt Web pages when possible. Encrypt your USB flash drive with TrueCrypt.

3. Encrypt Hard Drive

Latest versions of Macs, Windows, Android and iOS have ways to encrypt local storage. Turn this on so that anyone who uses your computer can’t copy its contents.

4. Strong & long Passwords

Forget short, easy to remember passwords like the name of your pet. Make them very long—all passwords. A password manager will eliminate having to remember a bunch of super long passwords. Diceware.com will help you create an unforgettable, strong master password.

5. Virtual private network software

Unencrypted data is highly vulnerable to prying eyes. Use a virtual private network (VPN); this ensures that all online transactions (e.g., filling out forms, downloading, shopping) are secured through HTTPS.

Hotspot Shield VPN is free and reliable, available for Mac, PC, Android and iPhone. This service also encrypts all mobile data and protects the user’s identity. VPNs can also be used for visiting sites you don’t trust much.

6. Use Tor

Installation and use of Tor will conceal your origins from mass and corporate surveillance. Giants like the NSA do not like Tor, and there’s a reason for that; it works.

7. Two-step authentication

This involves typing in a password and then a routinely altered confirmation number to protect against attacks on cloud and Web services.

8. Never click Attachments
Your computer can be hijacked when you click on a link sent via e-mail—a link accompanied by a hyped up message that’s designed to get you emotional rather than logical. Tell your friends and family to send you information in text whenever possible. If they must send a file, double check that it’s really from them.

9. Don’t open Emails with a blank Subject Line

An e-mail with a blank subject line may be an innocent lapse in judgment from a person you know, but the blank subject line is also a possible sign of a virus attack waiting for you if you open the e-mail.

If you receive blank subject lines apparently from someone you know, send a message to the sender by creating a new message and asking if they just sent something. Require everyone you know to fill in the subject line.

10. Anti-virus, updated software

Make sure your computer has anti-virus software and that it’s always kept up-to-date.

11. Be an ally
Teach others all you know about hiding online. Even install for others tools like Tor. Ask them to sign up for Stop Watching Us to guard against mass spying. Throw a “cryptoparty.”

12. Offline data

Keep your most secret data written down in a notebook and place where nobody would think to search for it.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Holiday Shopping: Beware of Unethical Online Merchants

/0 Comments/in , , , , /by

We have all encountered a sales clerk who was rude, a customer service representative who was incompetent and an online purchase that went south. Even I’ve been scammed out of an entire order and spent dozens of hours trying to get a return on another.

But when it comes to outrageous and shocking, including threats of violence and outright fraud, this story takes the cake.  An online merchant based in Brooklyn New York retailing designer sunglasses, some counterfeit and some real, thrives on bad customer service, over charging, making threats, stalking and abusing clients into giving up the fight over what’s right.

The merchant prides himself on getting negative feedback on consumer advocacy and review sites such as Get Satisfaction, ComplaintsBoard.comConsumerAffairs.com, RipoffReport.com, Yelp and Epinions.

He thrives on – for example “DO NOT ORDER ANYTHING FROM THIS COMPANY. This has been the most horrific experience EVER. I have extensive knowledge of website management and customer service, and they pretty much break every rule imagined. They are a total scam

The strategy of negativity gets this merchants website ranked high on search when listed with all the different opinion sites. Google and other search engines often rank a website to show on the first page of search based on how many links point to it from other prominent sites. So even though all the negative links are pointing to the unethical site from opinion sites, it still ranks on the first page of search helping its sales.

Beware of making purchases on any website based on how they rank in search. Even a first page organic hit can lead to a scammy company.

Learn from others bad experiences. ALWAYS search “Name Of Company” in Google before you make a purchase. The review sites almost always show on the first page of search when “Name Of Company” has been blacklisted.

More on THIS STORY.

Robert Siciliano personal security expert to Home Security Source discussing scammers and thieves on The Big Idea with Donnie Deutsch.

Summer Heat: On-line Dating Scams PT II

/0 Comments/in , , /by

After my recent post Summer Heat: On-line Dating Scams a reader responded with the following:

“I just had a similar experience that you described in your blog “Summer Heat: On-line Dating Scams”. I had joined Plenty of Fish and upgraded my profile to have more exposure. I received an email from “exquisitedaddy” a few weeks ago. We started sending emails back and forth. Then he asked me to IM on Yahoo Messenger.

His IM email address was groovyromance@yahoo.com. The name he used was Joe Reid. He escalated the relationship quickly telling me how I was the one and only and how he loved me. then on 6/26 he asked me to buy him a Blackberry Bold for $450. I told him I didn’t have the money. The next day, 6/27, he told me his bank had contacted him and that a hacker had stolen $20k from his account. His account was frozen but the bank would reimburse him the money, he just didn’t know when. So he needed to buy networking equipment to complete a huge project he was working on for Nova Engineering Place. When he finished he would be paid $800,000 and have to paid 10 employees 40k each. But he needed $8k now to buy this equipment.

He said I shouldn’t worry because he would pay be right back either when the bank released the hold on his account or when he was paid for the project. I told him I didn’t have the money. I asked him questions about why others couldn’t help him and he always had an excuse. When I asked him if I used my Amex to buy the equipment, would that work he said no he needed cash! I said I would look into it but wouldn’t call him unless I found an answer since he was so stressed. Yesterday, he left a VM message for me asking me why I hadn’t contacted him and he was hoping that I was still looking to help him with the money and that he loved me.

I would like to do anything and everything in my powers to get this person so that he cannot abuse other women. Do you have any advice on what my next steps should be? He sent me flowers on Saturday, should I contact the florist and try to follow the trail back through there? thanks. Linda”

Wow Linda, you dodged a bullet. Linda sent me the picture of a handsome man who probably doesn’t know he is being used for a scam. She also found his profile on Match.com too.

No matter who the person is, what they say, how they look, don’t automatically trust.

The moment money or loans are discussed in any capacity that is a red flag.

Don’t let your heart get in the way of basic common sense.

Sometimes loneliness trumps our ability to see the truth. Keep your head up and pay attention to someone’s “intentions”.

Robert Siciliano is a Personal Security Expert and Adviser to Intelius.com. For more information see Intelius at Sex Offender Check and Date Check to reduce your chances of encountering a bad guy. See him discussing Safe Personal Dating on Tyra. (Disclosures)