Watch Out for Tax Scams!

/in /by

Spring is here (at least in some parts of the world in the northern hemisphere)! The bees are buzzing, the flowers are blooming, and the accountants are working late because for those in the U.S., it’s tax season! Scammers love tax season—there is a lot of money moving around as people pay taxes and receive tax refunds. And they have developed many ways to take advantage of that and steal your hard-earned money.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813The Internal Revenue Service (IRS) maintains a list of the scams that they call the Dirty Dozen and have published this again for 2015. It’s a good idea for all of us to familiarize ourselves with these. Here’s the top three.

  • Phone scams. Your phone rings—it’s the IRS stating that you owe money and you must pay it NOW! It can be disconcerting but, never fear, this is a scam. Keep in mind that if you do owe the IRS, they will first contact with you via snail mail before calling. This is the number one scam that criminals are using during tax season so don’t answer your phone (just kidding…just be aware of this).
  • Phishing Hackers imitate the IRS and send an email that asks you to update your e-file immediately. The link then directs you to a bogus website. If you enter your information, the hacker collects any information you enter on the site. Remember, the IRS generally does not send emails, text messages or social media posts to request personal or financial information. If you receive any unsolicited communication that appears to be from the IRS, report it to phishing@irs.gov.
  • Identity Theft. If a cybercriminal gets access to your Social Security number (SSN), they can pose as you and file a tax return under your name, but have the refund sent to them. When you file your tax return, you’ll get a notice from the IRS stating that more than one tax return was filed for you. If you think you are a victim of identity theft or have been in the past, make sure to contact the IRS as they can issue you an identity theft PIN that will be used in addition to your SSN.  Make sure to protect your SSN and do not share it unless absolutely necessary.

Stolen tax returns and tax scams have been growing consistently, leaving many identity theft victims struggling to recoup their lost refunds and identities. To help you, here are some tips to protect yourself this tax season.

  • Protect your data.Store sensitive documents in a fire-proof safe. If you plan to receive documents with sensitive information like your financial information in the mail, make sure you have a mail box with a lock.
  • Shred non-essential paperwork.Check with your accountant to determine what you need and what you don’t. Use a cross-cut shredder to destroy unneeded documents.
  • File early.The earlier you file, the more quickly you thwart any criminal’s attempt to file on your behalf and collect your refund.
  • Be cautious when clicking. Don’t click on any links or email attachments from emails that appear to be from the IRS. Be suspicious of strange emails and websites instead of clicking on links navigate to IRS.gov on your browser directly
  • Protect your devices. Install comprehensive software like McAfee LiveSafe™ service that protects all your PCs, Macs, smartphones and tablets and make sure to keep it updated.

Here’s a great video from the IRS about tax scams and additional information on how to report IRS phishing scams.

Hope you have a safe tax season!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Very effective Social Engineering Scams

/in /by

It’s amazing how ingenious cybercriminals are, but the victims also need to take some responsibility for falling for these ruses, especially when the victim is a business that has failed to train its employees in cybersecurity measures.

10DRansomware

The stuff of science fiction is here: Who would have ever thought there’d ever be a such thing as criminals remotely stealing someone’s personal information (word processing files, any kind of image, etc.), scrambling it up via encryption, then demanding ransom in exchange for the remote “key” to “unlock” the encryption?

Payment is remotely by Bitcoin which can’t be traced. The payment is usually at least $500 and escalates the longer the victim waits.

The virus that poisons a computer to steal someone’s files is called ransomware, a type of malicious software (in this case, “Cryptolocker” and “CryptoDefense”). But how does this virus get into your computer in the first place?

It’s called social engineering: tricking users into allowing their computer to be infected, or duping them into revealing personal information.

Often, a phishing e-mail is used: It has an attention-getting subject line that entices the user to open it. The message contains a link. They click the link, and a virus is downloaded. Or, the link takes them to a site which then downloads the virus.

These e-mails, sometimes designed to look like they’re from the company the user works for, often go to workplace computers where employees get tricked. These kinds of attacks are lucrative to their instigators.

Funeral Fraud

If you wanted to notify a relative or friend that a mutually dear person has left this earth…would you send an e-mail or phone that person? Seems to me that heavy news like this would warrant a phone call and voice interaction.

So if you ever receive an e-mail from a funeral home indicating that a dear one to you has passed, and to click a link to the funeral home to learn details about the burial ceremony…consider this a scam.

Because if you click the funeral site link, you’ll either get redirected to the crook’s server because he’s already created an infected funeral looking site ahead of time. This is where a virus will be downloaded to your computer.

Vishing Credit Card Scam

You get a phone call. An automated voice identifies itself as your credit card company (they’ll say “credit card company” rather than the specific name). It then says something like, “We are investigating what appears to be a fraudulent charge on your card.”

They’ll ask if you made a particular purchase lately, then to hit 1 for yes and 2 for no. If you hit no, you’re told to enter your credit card number, three-digit security code and expiration date. You just fed a thief all he (or she) needs in order to go on an online or on-phone spending spree.

Ever order something via phone and all you had to give up was the credit card number, expiration date and security code? This trick is also aimed at employees. The calls come from an automated machine that generates thousands of these calls.

Healthcare Record Scam

You receive an e-mail that appears to be from your employer or healthcare provider that you get through work. This may come to you on your home computer or the one you use at work. The e-mail is an announcement of some enticing change in your healthcare plan.

The message may reference something personal about you such as marital status, income or number of dependents. When enough of these e-mails are pumped out with automated software, the personal situation of many recipients will square off with those identified in the e-mail, such as income and number of children. The user is then lured into clicking a link in the e-mail, and once that click is made…malware is released.

Facebook Company Group Scam

Scammers will scan Facebook and LinkedIn seeking out employees of a particular company and create a group. This groups purpose is for information gathering so scammers can penetrate a company’s facility or website. Once all the groups member join, the scammers will pose various innocuous questions and start palatable discussions that make everyone feel comfortable.

Over time scammers will direct these discussions to leak bits of data that allow criminals to enter a facility under a stolen identity or to contact specific employees who have advanced access to computer systems in an attempt to get usernames and passwords.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

10 Skeevy Scams to watch

/in , , /by

You may think you’re not dumb enough to fall for scams, but consider that someone you care deeply about is naïve enough to be conned. Besides, some scams are so clever that even those who think they’re scam-proof have actually been taken for a ride.

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294Sometimes fraudsters pose as an authority figure. Some claim you won a prize, while others claim you’re in trouble. Some even claim they’re a family member (needing money) and have figured out a way to convince you of this.

Some scams are done via e-mail, while others involve a phone call or snail mail. One common ploy is for the crook to pose as a rep from the electric company and threaten to shut off your electricity unless you pay a delinquent bill. Of course, the payment must be in the form of a reloadable debit card. People will actually give these cards to the “rep,” without calling the company to confirm the situation.

A big tip-off to a scam is that you’re told you won a prize or have been hired for employment—but must send money to get the prize or be trained for the employment.

Some scams are so very obvious, but still, people get taken, like those ridiculous e-mails claiming you inherited a windfall from some deceased prince named Gharbakhaji Naoombuule. But people actually fall for these, not considering that this same e-mail was sent to 10,000 others.

Top 10 Scams

  • Caller ID spoofing. Has your phone ever rung and you saw your phone number and name in the caller ID screen? How can your own phone be calling you? It’s a scam. Ignore it. If you pick up you’ll hear an offer for lower credit card rates. You’ll be told to press 1 to opt out—but you should not even be on that long to hear this option; you should have hung up the second you heard the credit card offer. Anyways, pressing 1 indicates your number is legitimate; it’s then sold to scammers. Caller ID spoofing is also perfect for scammers posing as the police, government agency, corporations etc all with the intention to get you to part with your money.
  • Mystery shopping. Though mystery shopping is a legitimate enterprise, scammers take advantage of this and mail out checks (phony) before the “shopping” is done. A legitimate company will never do this. They also get victims to give up credit card data to pay for getting a job!
  • Calls about unpaid taxes. Always hang up, regardless of threatening nature to pay up or else. The IRS always uses snail mail to notify people of unpaid taxes.
  • Puppy scam. You find a website offering purebred puppies at very low prices or even for free, but you’re told you must pay for shipping or transfer fees (wire transfer) to get your puppy. The money is gone and you never get your puppy.
  • You get a call from someone claiming to have found buyers for your timeshare. You receive a contract, but are told you must pay funds to cover some fees. The contract is phony.
  • Tech support. Someone calls you claiming your computer needs servicing. They’ll fix it after you give them your credit card information. Legitimate geeks don’t call people; you must call them.
  • Postcard survey. Out of the blue you’re told you’ve won a gift card, or, just take a brief survey to get one. Go along with this and soon you’ll be asked to provide your credit card number. Don’t bother. You’ll get no gift card while the crook gets your credit card information.
  • A notice says you’ve won a big fat prize. To claim it, just pay some fees. Yeah, right. Never pay fees to collect a prize!
  • You’re told you’re eligible for a grant or have been awarded one, but must first pay processing fees. Federal grants don’t require fees.
  • Subscription renewal notice. The notice says you can renew for a lower rate. Check to see if the notice was sent by the publication itself or some third party (the crook).

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention.

10 Tips to avoid Scams when traveling

/in , /by

Vacationers and tourists provide a vast feeding ground for all sorts of crooks: from the simple pick-pocketing specialist to the hotel room burglar to the e-thief: credit card skimming and computer crimes. You can even have your identity stolen while sunning on that white beach.

9DAvoid Traveling Scams with These Tips

  • Don’t post your vacation or other travel plans on social media. Thieves peruse social media to see who will be out of town and when.
  • Protection begins before the trip. Put a vacation hold on your snail mail.
  • Beware of hotel room scams. A person posing as front desk staff will call random hotel rooms to sucker travelers into giving up their credit card number. Never give private information over the hotel phone.
  • When using public Wi-Fi, encrypt your activities so that hackers can’t pluck them out of the air.
  • Always know where your mobile phone is, and have it protected with a password.
  • Must you always pay with a credit or debit card? Cold cash can’t be hacked into. But I still prefer credit over debit cards (and even cash).
  • Don’t withdraw more cash than you need. Don’t take out wads of high bills because you “might” spend a lot of money. And use an ATM at a bank, not a public kiosk.
  • When you do use a card (credit, not debit!), do not let the server or sales clerk walk out of your sight with it. You just never know who might be an “inside” thief.
  • As soon as you can upon returning from traveling, check your credit card statements for suspicious activity.
  • Leave the expensive jewelry, handbags, etc. at home. A thief has a lot of interest in a well-dressed person who acts like a tourist. If you want everyone to see how exorbitantly styled you are, you’ll have to include muggers and other thieves in that group.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

‘Tis the Season for the 12 Scams of the Holidays

/in /by

Fa la la la la, la la la la. Yes that’s me singing, but thank goodness you can’t really hear me (I save that for the shower). If you can believe it, it’s that time of the year again (even though it seems like we just finished Halloween). Time for holiday parties, family traditions, ugly sweaters, and… scams? Yes, that’s right. Now that the holiday season has begun, many of us are sharing, shopping and booking travel online— even more than we normally do.

And scammers know that with all that money and personal information floating around, they have a big opportunity. Using techniques like phishingsocial engineering, fake charities and infected USB drives, cybercriminals can invade your privacy and drain your bank account.

Don’t let these hackers and thieves dampen your holiday cheer. To help you stay safe this season, McAfee has compiled a list of the 12 Scams of the Holidays. Check it out and educate yourself on what scams you need to look out for this holiday season.

12-scam

Here’s some tips to help you stay safe during the holidays:

  • Be careful when clicking. Don’t click on links in email or social media messages from people you don’t know, and use a URL expander to know what site you are going to before clicking on a shortened URL.
  • Be suspicious. If a deal seems too good to be true, it probably is.
  • Practice safe surfing. Use a Web safety advisor, such as McAfee® SiteAdvisor®, that protects you from going to risky sites.
  • Avoid public Wi-Fi. Public Wi-Fi might be convenient, but it’s also accessible to anyone who wants to see what you are doing online.
  • Shop safely online. Make sure you stick to reputable e-commerce sites that have been verified as safe by a third-party Trustmark, like McAfee SECURE™. Also look for “https” at the beginning of a site’s URL, which indicates that the site is using encryption to protect your information.
  • Use security software on all your devices. Make sure you have comprehensive security protection, like McAfee LiveSafe™ service, for all your devices, including your mobile phone and tablet that also safeguards your data and includes identity protection.

Season of Sharing Sweepstakes

To make sure that we all have a safe and merry holiday, McAfee and Dell have teamed up to bring you the Season of Sharing Sweepstakes—and give you a chance to win prizes. By sharing safe shopping and online safety tips around the 12 scams with your friends and family, you’ll not only be helping others to stay safe online this holiday season, but you’ll also earn a chance to win a $1,000 gift card to Dell.com** along with McAfee LiveSafe service to make sure all your devices are protected!

‘Tis the season to be jolly, so make sure you stay safe online.

*Sweepstakes open to US residents only. NO PURCHASE NECESSARY. Sweepstakes is from November 4 – December 12, 2014. See www.12scams.com for full terms and conditions.
**Terms and conditions apply. See www.dell.com/giftcard.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Beware These College-Related Scams

/in /by

The last group of college students has headed off to school for another semester of dorm rooms, late-night library sessions, and the occasional college party. For many students, college is the first time they’ve lived away from home. They are young, open to new things, and sometimes, naïve. These traits make them prime targets for scams.

9DHere are some of the most popular college scams:

  • Fake College Websites
    Here’s how this works. Scammers copy a college’s website but use a fictitious name on the site (in essence creating a spoofed site). They use this site to collect application fees and gather personal information. They even go so far as to send out rejection letters to applicants to try and “maintain” their credibility. But all this application will get you is financial loss and the potential to be victim for future phishing scams.
  • Diploma Mills
    These are unaccredited colleges or universities that provide illegal degrees and diplomas for money. Many spoofed college websites are also used as diploma mills. Though some diploma mills may require students to buy books, do homework and even take tests, the student will be passed no matter what. In some cases, users get a diploma simply by purchasing it. In any case, you’re out of money and have no valid diploma.
  • Fake Scholarships
    Let’s face it. College is not cheap. Therefore, many students look for scholarships to help ease the financial cost. Scammers profit on this need by creating fake scholarships, which require you to submit a fee when applying for the money. You never see a dime and you’ve lost that application fee as well as given up some of your personal info.
  • Wi-Fi Scams
    Computers are an essential part of the college experience and wi-fi connectivity is a necessity. So while you may not want to pay or can’t afford to pay for wi-fi connectivity, you need to be careful when using free wi-fi as hackers can easily intercept your communications.

So while college is a time to learn and experience new things, you also want to avoid getting scammed. So here’s some tips on how to make sure you don’t get taken by one of these scams:

  • To protect yourself, develop the habit of not giving personal information to strangers and double check the authenticity of the organization.
  • Before sending in any online application, double check the accreditation for any college or university. In the United States, you can do that on the Department of Education site.
  • Verify that a scholarship is valid, by checking with an organization like FinAid.org.
  • Avoid doing any sensitive transactions like shopping or banking when using free wi-fi connections.

Yes, there are plenty of scams out there. But with common sense and a willingness to double-check, students can avoid being lured in.

Have a great school year!

For more tips on how to stay safe online, follow McAfee on Twitter or like them on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Puppy Scams lure in Pet Lovers

/in /by

Wow, a dog that normally sells for at least a thousand bucks is being given away for free, and it’s young and healthy. Hmmm. The ad is on Facebook, too. Double hmmm.

7WIn Lorain, Ohio, Jessica was that person who saw the Facebook ad—for a free English bulldog puppy. Free! But she had to pay shipping costs. Then she had to pay for shots and medical bills. Jessica ended up paying $6,500 for a free puppy. Amazingly, only e-mail was used for correspondence with the alleged puppy’s owner.

Would Jessica have had to spend this kind of money in a legitimate transaction for an English bulldog puppy? Maybe to some extent. Except in this case, she never got the puppy. And she never got her money back. She ended up in the doghouse.

How to Prevent These Scams

  • Don’t pay for a puppy you’ve never held in your hands. Easier said than done, but there’s no breed out there that’s so rare that you can’t visit up close and personal. This way you can meet the owner, know that the puppy actually exists, and have a firmer grasp on the seller.
  • Don’t be fooled by glorious photos of animals on websites. It’s so easy to lift photos from legitimate sources and put them up on a phony site that a third grader could do it.
  • Be very careful about whom you send money to. Don’t wire it or use prepaid cards.
  • An ad with misspellings and grammatical errors is suspect, but even a crook can have good writing skills. But if an ad is cluttered with poor English, this is a bright red flag since many pet scams come from overseas.
  • Watch out for sob stories such as needing to find a home for “Roxie” because her owner is being deployed to a war zone.
  • Make sure the puppy has “papers.” This means that the breeder can provide documentation that the puppy’s parents have been registered with the appropriate kennel club. This means that the dog is a legitimately pure-bred. And once you receive it, you should register it with the appropriate kennel club.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware of the Lottery Scam

/in /by

“You have won!” Yippeeee! NOT! Let’s see if you’re in that percentage of the population who will fall for this lottery scam. The alert can be an e-mail, snail mail or phone call, claiming you won a bundle of money. But keep this alert a secret due to some “mix-up in names” and you must contact a “claims agent.” You then must pay “processing charges” or “transfer fees.” You then wait. And wait. And wait.

9DThere’s one born every minute. Many scammers use the names of valid lottery organizations, but this doesn’t mean the legit entities are involved.

The latest con is to tell someone they won a Powerball jackpot while planning on stealing their identity. This happened to Jim Shella, a newsman from Indianapolis. From a random number he received several texts mentioning his name and saying he won.

Deputy Attorney General Terry Tolliver knew this was a scam. A text requested Shella’s Facebook screen name for confirmation. The requests for personal information, in these scams, will escalate. Shella texted back asking for identification. The answer: “This is Agent Paul, the delivery consultant for Powerball.” When Shella said he had no winning ticket, Agent Paul said that none were necessary to collect the $26,500.

Shella said he was a reporter and asked Agent Paul if he wanted to be in a story. Agent Paul asked if Shella wanted his winnings. Tolliver warns that these scammers will attempt to suck enough information out of you to steal your identity. Though Shella was playing head games with the crook, it’s best to delete the first text message you get like this and never respond.

How to recognize a lottery scam

  • You can’t win without a ticket. Period. So if someone claims you won, and you didn’t buy a ticket, it’s a scam.
  • You must pay a fee. Legitimate operations subtract fees and taxes from the winnings rather than demand you pay an amount in order to collect the prize.
  • Scams almost always originate from free e-mail accounts like Yahoo, Hotmail and Gmail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware of 5 Summertime Scams

/in /by

The Better Business Bureau says beware of big summertime scams: five in particular.

9D“Wow, it’s a steal!” No, that’s not necessarily from the customer; it’s from the crook who entices the consumer with an irresistible deal involving airfare and room and board. If you see a deal that seems too good to be true, do an online search of the associated phone number and address, whatever it takes to confirm legitimacy.

Seasonal jobs. Con artists like to target high school and college students especially. Be careful about job ads stating that no experience is needed, though these can be legit. However, be extra cautious if the company requires you to pay for training or to pay for a background check.

Concert tickets. Con artists will attempt to resell the same ticket over and over, as the ticket can be printed out when a concert venue sells it directly from their website. Be suspicious of someone giving you a sob story for why they must sell their ticket. Be leery of those who will take only a cash payment.

Movers. Planning on moving this summer? Beware of whom you hire, and take a second look at a price that seems like an outrageously good deal. A cost that’s quoted online or over the phone isn’t always carved out in stone. Don’t just hire without first checking them out, even if they were recommended by friends or a service person you recently hired and were pleased with.

Door to door sales. Don’t be swayed by someone at your door. Get everything in writing before you hire someone, be it for landscaping or a security system. Never sign a contract that lacks a start and finish date.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

How to Prevent Summertime Scams

/in , /by

Summertime is here…and that means sunshine and vacations. Most people love summertime, including scammers! Hackers can use this time to take advantage while we are planning vacations or on vacation or just enjoying fun in the sun. Here are some key scams to watch out for this summer:9D

  • Family or Friend Requests Money
    You receive an email from a friend or family member. They tell you a sob story and say they need money. It sure seems like the right person. You even ask them for more details and they give them spot-on. Convinced they’re the real McCoy, you wire them money. But what you just did was wire money to an imposter who got all those personal details off social media. One way to prevent this it to establish a secret code that your friends and family promises not to post on social media (and the code should be a nonsensical sentence or something that isn’t easily guessed). If a person can’t type out this secret code, then you know it’s a scam. Another way to avoid this scam is to always speak live to the person asking for the money.
  • Home Improvement
    Summer is when homeowners are most gullible to people offering home repairs. In many of these cases, repairmen do only superficial repairs to make something look nicer or others take your deposit money and then disappear into thin air. To avoid this, make sure you check references and be leery of anyone appearing out of the blue offering home improvement services or those who are not insured.
  • Moving Scams
    As summer is a time when many people move homes, it’s also a time ripe for moving scams. You could experience something like the moving company suddenly charging you more if you want your belongings unloaded from the truck. To avoid moving scams, be careful when you choose a moving company, check references and make sure you use an accredited moving firm.
  • Vacation Rental Scams
    Vacations are something you want to enjoy and getting a great deal makes it even better. But not if it’s a sham. Scammers offer deals on vacation rentals and then you arrive to find that the keys don’t work or worse—the rental is an empty lot. Before you pay for a vacation rental, make sure that the rental address exists by using Google Earth search. And just like other things, get references and only rent from trusted sites like TripAdvisor.
  • Online Employment Ads
    If you’re job searching, you need to be aware. This scam is usually found on free job listing sites, but can be found in emails too. The red flag is when they want YOU to pay THEM (never mind how legitimate it sounds) or they ask you for a ton of personal information like your driver’s license or birthdate. Just don’t give out your information. Stick to well-known job sites when hunting online.

Summer is a time that we should all enjoy—both online and offline. Make sure you educate yourself on the latest scams and be wary of things that seem too good to be true. Remember, it’s better to be safe than sorry.

Stay safe this summer!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.