US Wins Gold in World Spam and Credit Card Fraud Competitions

Comments Off on US Wins Gold in World Spam and Credit Card Fraud Competitions

medalAs we’ve witnessed at the 2014 Olympics in Sochi, Russia, it is possible to be a winner without even winning a medal!  There are so many inspiring stories about athletes from all over the globe who passionately sacrifice years and time and money for the chance to compete in the Olympics.  With little chance to win any medal, these athletes still train hard and compete, giving their personal best. Without winning any medal, there are many winners – in the best sense.

Unfortunately, there are competitions where “winning” does not make a “winner”– in the best sense.  In fact winning can be evidence of not trying, of not doing the right thing, of not giving personal best. Here are two painful examples where winning is not done by winners and winning is not a cause for national pride…  And for my fellow American readers, this one is for US…

2013 Global “Spampionship”

Sophos Labs, a developer and vendor of security software and hardware headquartered in Boston and Oxford, UK, recently released its “Dirty Dozen” list – the top 12 spam producing countries for 2013.

And the Winner is — “the USA which earned the league’s top spot, generating 14.5 percent of the total spam volume sent during the last quarter of the year, giving it a clean sweep of top finishes for 2013. However, the gap to second place narrowed, with China re-emerging as a major player in the spam sending Dirty Dozen, leaping from 4.6 percent to 8.2 percent, while Russia’s spam contribution edged up from 3.0 percent in Q3 to 5.5 percent in Q4.” *

And how did the US win the “gold” as the country that generates the most spam?  Mostly by not trying – by not doing all the right things.

*http://www.sophos.com/en-us/press-office/press-releases/2014/02/dirty-dozen-spampionship-tables.aspx

US Wins the Global Daily Credit Card Fraud Competition

With only 25% of the global daily credit card transactions, the US accounts for a whopping half of the total daily global fraud activity!  That’s a blush causing percentage for a country that is supposed to be the world’s technology leader and a trusted haven in cyber darkness.

How did the US win this inglorious “competition”?  Well, it appears one more time that the US achieved this unsavory “win” by using a strategy of not doing the right things.

The Right Things

If the common thread of these tarnished wins is not doing the right things, then it seems reasonable that doing the right things is key to relinquishing these dubious titles.  So, what are the right things?

SPAM

In the case of spam, it is important to understand that spam is sent out by computers, not by countries.

The computers that send spam are unprotected, infected computers that have silently become part of botnets – zombie armies controlled by botnet managers to accomplish cyber-crime.  As the top spamming country, the US essentially has the most infected computers!  This is not a cause for pride!

There is no excuse for this situation since there are so many effective, free anti-virus and malware programs available for home users.  Corporate computers are not exempt from blame either; if there is not a corporate IT attitude of making computers on networks bulletproof with the best ongoing security practices, then those computers can be dangerous as well.

The right thing in the case of spam is to be sure your computer is protected with current, daily updated and effective anti-virus and malware protection.  Run a boot-time scan if your anti-virus program can do so; or at least run a regular full scan.  Get a good malware protection program and regularly run a full scan with that.  Get informed.  Ask questions from qualified professionals who are informed about today’s security practices.

The right thing to do to help your country lose the gold as top spamming country is to protect your computer and keep it secure.  The right thing is to help stop cyber-crime by not contributing to it with an infected, zombie computer.

Credit/Debit Card Fraud

Currently the US uses “sign and swipe” technology for credit/debit cards.  This is an “old” technology developed in the 1960s by IBM as a security pass card.  Ironically, today this technology lacks security.   We continue to use the “sign and swipe” cards only because they are convenient to use and cheap to produce.  What we continue to ignore is that this 50 year old technology is very easy to counterfeit and breach.  It is this choice of profit over security that keeps the US in the top fraud producing spot.

What would be the right thing to do at this point?  The easy answer is to get a more secure technology.  France has been using one since 1992, believe it or not – the EMV “chip and pin” type card.  Gismodo.com describes the card:  It’s a credit card that ”utilizes multiple layers of security – including a computer chip in each card that stores and transmits encrypted data, as well as a unique identifier that can change with each transaction. Cardholders also enter a PIN to authorize transactions. Total fraud losses dropped by 50 percent and card counterfeiting fell by 78 percent in the first year after EMV smart cards” were introduced there.  That sounds like it was the right thing to do.

In fact, 22 years later, the US is now considering this European technology.  Visa and MasterCard have set rollout dates for this type card by October, 2015.   However, costs and lack of clarity about who assumes liability when a breach occurs seems to underlie reluctance to adopt better technologies — the same old same old that keeps the US as the gold standard for fraud.   Oh, did you catch the wording, “when” not “if” a breach occurs?   We have to do better!!

And, we can do better!  We can all make choices to be informed and to do the right things…   If we do, we can all be winners — in the best sense.

Advertisements

Are You Now A Crime Target?

Comments Off on Are You Now A Crime Target?

TargtThis post is dedicated to alerting or even alarming all reader friends about the absolute need for CAUTION when using credit and debit cards – anywhere. If I could, I would shout from the top of the Internet Cloud — BE CAREFUL! BE CAUTIOUS! Your cards are not as safe as you think they are!

Well, that sounds a bit over-reactive, you might say. What’s bugging you, you ask? Still fretting over that Target thing way back on Black Friday, you sigh?

Guilty on all counts, I respond! If anything, I am not being reactive enough! Is something bugging me? – You bet it is! Actually I’m very bugged about what may be bugging, or hacking all of us, even as you read this! Fretting still over that Black Friday thing? Fretting doesn’t come close to what I feel as I continue to read about what really happened in the data breaches at Target, et al retailers….

I care about your security and I want you to be informed beyond the front page spin you get from the news. The retailers don’t want you to know all the scary details about their headlining data breaches because they can’t afford to lose your business. But you can’t afford to continue to do business as usual with them, because it is YOU who stands to lose the most. If you care about your safety and security, please read on…

What I want to share here are some under-reported details about the data breaches so that you can better understand your current and future threats. Then, in a coming post, I’ll try to help you learn about the new credit and debit card technologies and strategize about the realities concerning use of credit and debit cards.

Target Black Friday Data Breach

Please realize that Target thing was bigger than first reported! At Target alone, “instead of affecting approximately 40 million of their guests, Target now fears that the security breach could ultimately affect approximately 110 million people…. It turns out that the thieves didn’t just obtain your credit card numbers; they also have your names, phone numbers, mailing addresses, and e-mail addresses.”1 The credit and debit card data supposedly were dropped to servers in several places including Russia and Brazil. Knowing that some crooks in Russia have my credit card information AND know where I live is very disturbing!

Oh, by the way – that Target thing on Black Friday actually was a more prolonged activity than just Black Friday. The major news outlets gave some sanitized versions on the dates. It has been discovered that confidential information was harvested between November 27th and December 15, 2013. But here’s an even more creepy thought – the hackers were actually in the entire Target system, undetected, for weeks prior to the harvest, infecting POS (point of sale) systems and testing the efficiency of their malware. 2

Neiman Marcus and other Retailer Breaches

After the Target breach was made public, Neiman Marcus and two other yet to be named retailers reported their own breaches as well. The Neiman Marcus breach affected possibly a million customers. Although not confirmed, one of the other retailers could be Michaels.3  Michaels reported credit card breaches in 2010 as well. 4 Have you made any credit/debit card purchases at Neiman Marcus or Michaels since last fall?

White Lodging Data Breach

There are recent but under-reported breaches as well, like the one involving White Lodging, a hotel management group in Indiana which manages 168 hotels in 21 states, including Marriott, Starwood, Intercontinental and other brand hotels. In mid-2013, thousands of hotel guests’ credit and debit card information were compromised. However, information is just now (Feb. 2014) making back page news.5

In Technology We Trust – NOT

You might have noticed that details about the retailer breaches are slow to come forth. That’s predictable. Retailer’s sales are impacted by consumer’s trust in their brand. Negative news especially about inadequate security measures and technologies to protect the customer’s confidential data is a trust buster! Consider that it took Target 4 weeks to notify its customer about the data breach! And when Target did make a statement, its spin was on being a “victim” in the breach.

Well, that may be one way to look at it. But there is also a lot of high tech scrutiny about Target’s compliance (or non-compliance) to credit card standards as well as whether Target used “best practice” security technologies concerning its POS (point of sale) system and its network infrastructure. Lawsuits about these issues are already in the works.

For damage control, Neiman Marcus had to come forward about their data breach after Target’s breach announcement. Customer protection does not seem to be the motivator for the retailer confessions.

So please don’t get lulled into a false sense of security just because the news is not reporting any more details. The lack of reporting is not a sign that the storm is over.  It is not!  Who knows who the next retailer will be to confess a breach? Who knows how many more breaches are still unreported? That the US Secret Service is involved in some of these investigations might put some perspective on the severity of these breaches…

OK. Does any of this information cause a feeling of alarm in you? I hope so! And if so, I hope you understand the need for CAUTION!

So what do I do now, you ask? For starters, stay informed. What you don’t know can hurt you!

• Don’t let that thing at Target move off your radar screen. Keep watching how it plays out. Out of sight – out of mind is a dangerous attitude when it comes to self-protection.

• Be sure your information comes from current, accurate, informed and well documented sources.

• Understand that the speed of change in technology is mind boggling. Yesterday’s standards will probably not hold up under tomorrow’s threats and challenges. Don’t trust old information and technologies…

I’ll post soon more information about credit and debit cards – the “new” technology changes; what you need to understand about them to make informed choices; and strategies to be proactive in guarding yourself against credit and debit card fraud.

In the meantime —

Be Cautious. Be Aware. Be Informed.

 

1http://news.filehippo.com/2014/01/target-data-breach-much-worse-first-thought/
2 http://krebsonsecurity.com/2014/02/these-guys-battled-blackpos-at-a-retailer/#more-24517
3 http://www.nytimes.com/2014/01/26/technology/michaels-stores-is-investigating-data-breach.html?_r=0
4 http://www.massdataprivacylaw.com/crime-talk/michaels-data-breach-hits-massachusetts/
5 http://www.nbcchicago.com/news/local/White-Lodging-Investigating-Reported-Data-Breach-243230421.html

Clear Text – Why You Should Be Clear About It!

Comments Off on Clear Text – Why You Should Be Clear About It!

Don’t send personal information through e-mail because it is clear text!

You’ve probably heard and read that admonition so many times that you’ve tuned it out as just more geek speak – stuff only techie-types read and heed. Geek speak is not your language; and after all, you’ve been using e-mail for eons now without any real problems due to clear text…  So what’s the problem?

BB2Browsing Bowser now is thinking out loud: Clear text?  That doesn’t sound like geeky language. It sounds like normal English to me.  So why is there a warning about when it doesn’t seem dangerous?   Hmmm. OK. I have to admit, I’ve pretty much ignored the warning myself without giving it much thought. So I’ll bite – why is there a warning about clear text and why should I be paying more attention to it?

Glad you asked, Browsing Bowser! Because – simple as these two words sound, clear text is all about your security, protecting your personal information and cyber crime.

Let’s start with definitions and then try to explain why this warning is so vital to your security.   Text in the context of email commonly means written or printed wordsClear in this sense means visible as written.  Therefore, clear text is text that is visible as written.

Browsing Bowser here – So far, that doesn’t sound very profound… What’s the big deal?

Be patient, BB.  The “big deal” is the security issue surrounding clear text.  In security terms, clear text is unencrypted text – text that has not been altered in a way to make it unreadable without a decryption tool.

Browsing Bowser here again.  Decryption? Unreadable? I thought email was supposed to be easy to read?

Yes, it is, BB, but only after it arrives in the recipient’s inbox. Email in clear text can be a problem on the way to the recipient’s mailbox.  Because of the complex way that the email travels to its destination, it can be “sniffed” or discovered by someone with malicious intent.  If that happens, and the email is clear text, all its content can be read and used by the interceptor.

Sniffed? As a dog, I understand sniffing, says Browsing Bowser. But what does that mean in cyber terms?

Similar concept, BB. Sniffers – more correctly packet sniffers, are utilities used to discover and capture data over networks. Network administrators use them to monitor and diagnose network issues. That’s a beneficial use of packet sniffers. Packet sniffers can also be used maliciously to capture data, like email, across the internet (giant network), as I just mentioned. And “sniffer” utilities are easily available – to both network pros and cyber bad guys.

Starting to see a connection here to clear text and possible violations to your security? Not yet?

OK.  Here’s an analogy that is often used to describe the vulnerability of  email in clear text:

Envelope2You are sending a very personal and important letter to a friend through the postal system. The letter includes passwords, credit card numbers, bank account information, social security numbers, personal information, even gossip. But, you write your letter on the envelope, not in it. Anyone who handles your envelope can read your information!       (click on image to enlarge…)

So back to the warning –

Don’t send personal information through e-mail because it is clear text…

Clear?

 

Friends Don’t Let Friends Use XP!

Comments Off on Friends Don’t Let Friends Use XP!

RIP XPI posted a bit ago that the very good and popular Microsoft Operating System, Windows XP, will be laid to rest this coming April, 2014. (See post: https://doggonecomputers.wordpress.com/2013/09/17/1312/)

I posted the information, not to eulogize Microsoft’s most successful operating system, but to provide a very critical head’s up to everyone using the XP operating system – that they MUST properly prepare a RIP for XP and replace it prior to this coming April.

I’ve made it my mission to tell everyone – friends, family, the world – that they MUST, not Should, but MUST replace XP. And I am asking you to join me in that mission – to tell everyone you know, including yourself, that XP has to be replaced. Friends will NOT let friends use XP!

Unfortunately, as I’ve trumpeted my XP Retirement Call to everyone I know, I’ve found that way too many people think that retiring (referred to as sunsetting) XP is just a benign marketing ploy by Microsoft to make more money – that it is not truly a security threat.

Please get rid of that notion! It is a delusional, risky thought.

Yes, retiring or sunsetting a product is a way for the vendor to make money by forcing you to get the newest version of a product.

But – NO, it is a major mistake for anyone to dismiss the threat aspect of sunsetting a product.

  • The hard and cold problem of sunsetting any product is that there will be no more protective patches and updates provided for that product.
  • Without updates and patches, all products, including XP, become willful invitations to be violated and exploited.

Here are a few dangerous delusions and myths that are being used to justify continuing the use of XP.

  • “30% of businesses still use XP. That many good minds can’t be wrong…”

o Yes they can be wrong! Following the crowd can be a quick road toward demise. Those that won’t be counseled can’t be helped”.     Ben Franklin

  • “I have a good and current anti-virus program (or malware or security program…)”

o Vulnerabilities from outdated operating systems are NOT protected or “healed” by even up to best up-to-date anti-virus or malware programs!

  • “I only use the internet a little bit. I will be careful…”

o Hacker programs are constantly searching the internet for unprotected and vulnerable computers. It can take as little as 20 seconds to be discovered and hacked.

In case being hacked doesn’t sound like much danger to you, think identity theft and all the horrors that go with it.

Another danger is becoming enlisted in botnets. If you don’t know what a botnet is and why it is dangerous, see my post https://doggonecomputers.wordpress.com/2013/06/27/botnets-zombie-armies-what-the-hack-are-they-and-why-should-i-care/.

I will end this post the same way I ended my previous post about retiring Windows XP:       By not upgrading to a current operating system now or at least planning to pull your XP system offline by April 14, 2014, you are actually abetting cyber-crime. Please consider the consequences as very serious before you choose to ignore the XP support end date.

Edmund Burke famously said – “The only thing necessary for the triumph of evil is for good men to do nothing.”

Please do not do nothing….

Be a Friend and Don’t Let Your Friends Use XP!

Controlling Robocalls

Comments Off on Controlling Robocalls

PhoneRobot

Robocall – “a telephone call from an automated source that delivers a prerecorded message to a large number of people.”

Source: http://www.merriam-webster.com/dictionary/robocall

You know what they are – those irritating calls from telemarketers that come just as you are sitting down to dinner or the ones that pollute and commandeer telephone lines for months before elections.

Not all robocalls are bad. We appreciate (usually) reminders from our doctor or dentist about upcoming appointments; or calls from our city about garbage collection and recycle weeks; or about school closings; or even emergency or weather alerts.

However, robocalls, besides being pesky, can be downright fraudulent. Fraudster calls impersonate legitimate organizations to get money, donations, even personal information to commit identity theft. Fraudulent calling is an estimated $10 billion industry.

The Federal Trade Commission was so concerned about the rise in robocalls that it challenged techie “innovators” to create solutions that block illegal robocalls. The prize for such a solution would be $50,000!

Source: Robocall.challengepost.com

There were actually two winning solutions for the FTC Challenge. The winners were announced this past April (2013). And each winner received $25,000.

The winning innovators are Serdar Danis and Aaron Foss.

• “Danis’s proposal, titled Robocall Filtering System and Device with Autonomous Blacklisting, Whitelisting, GrayListing and Caller ID Spoof Detection, would analyze and block robocalls using software that could be implemented as a mobile app, an electronic device in a user’s home, or a feature of a provider’s telephone service.

• Foss’s proposal, called Nomorobo, is a cloud-based solution that would use ‘simultaneous ringing,’ which allows incoming calls to be routed to a second telephone line. In the Nomorobo solution, this second line would identify and hang up on illegal robocalls before they could ring through to the user.”

Source: http://www.consumer.ftc.gov/blog/robocall-challenge-and-winner

NoMoRoboCalls is now available as of September 2013.  Their website is http://www.nomorobo.com/.

Legitimate Robocalls

The only robocalls that are considered legitimate according to the FTC are:

• Informational Calls only (e.g. cancelled flight information; appointment reminders). These type calls cannot promote the sale of goods or services.

• Certain health care providers (e.g. prescription reminders)

• Political calls (this one is a head scratcher to me….)

• “Prerecorded messages from banks, telephone carriers and charities also are exempt from these rules if the banks, carriers or charities make the calls themselves.”

NOTE: “ It’s against the law to place auto-dialed and pre-recorded calls to cell phones, except in case of emergency or if the recipient has expressly consented to being called”

Source: http://www.consumer.ftc.gov/articles/0259-robocalls

Other Solutions for Dealing with Robocalls

There are some low tech solutions you can observe as well to do battle with the vexatious robocalls. You probably do some of these already:

1. Register your phone number on the Do Not Call Listhttp://www.donotcall.gov or 1-888-382-1222.

2. HANGUP as soon as you realize you have a robot on the other end of the line. DO NOT press 1 or any other number that will supposedly remove your number from their “list”. This activity only confirms you are a real live prospect.

2. Never Ever give PERSONAL INFORMATION to anyone, even if you suspect it is from a known and trusted source. If you suspect the call is legitimate, get the correct phone number from the source’s website and call them back.

3. Ask your phone provider to BLOCK the phone number. This solution might work if the provider is willing to do it. They might charge a fee.

• Spoofing of phone IDs makes it difficult to get the real phone number of the caller – the call looks like it is coming from a local caller but it is not the caller’s real number.

4. Search online for other solutions. There are fee based solutions available.

Report Fraudulent Calls

• Report fraudulent calls to the FTC – http://www.donotcall.gov or 1-888-382-1222

• Verizon Unlawful Call Center – 1‐800‐257‐2969

Reporting these calls DOES have an impact. The FCC is cracking down on violators, especially marketers who violate the law by calling cell phone numbers. Violators of the cell phone laws are liable to penalties of $16,000 per illegal call! And penalties are being assigned…. YES!

If I were The Top Dog, I’d make sure these rules were enforced; penalties would be assigned and collected; and the money collected would help pay down the national debt. What a thought – Robocall crooks helping to balance the budget….

Don’t Get Caught With Your Milk Bones Down

Comments Off on Don’t Get Caught With Your Milk Bones Down

If you are a Windows XP user who intends to ignore the “sunset” date for the Microsoft XP Operating System – the date when Microsoft will no longer provide any support, patches or fixes whatsoever for that product – this “Bad” is for you!

Woody, the Cheers bartender, asks Norm:    “How’s it going Mr. Peterson?”

Norm Peterson answers:  “It’s a dog eat dog world, Woody, and I’m wearing Milk Bone *pants*.”

(* * – original quote altered to maintain taste)

Yikes! That creates a visual image to ponder…. Dog eat dog worldmilk bone pants.   Ouch!    That gets my attention.   So what does that have to do with Windows XP Operating System being laid to rest?    Let me try to connect the dots…

Microsoft has announced that the “sunset date” for Windows XP is April, 2014.  After that date, there will be no more support for XP. None! Nada! Zero! Nix! Nothing!

However, if you naively ignore this well announced warning; if you choose to avoid preparing for this date; if you plan to continue to use your XP device on the internet after the “sunset date” – your computer will, in essence, broadcast itself into the dog eat dog cyber world as cyber milk bone pants.  And all the hungry, mean spirited cyber dogs on the hunt for outdated XP systems will be waiting to get a taste!

After April, 2014, criminal code writers will be off-leash to write code specifically to exploit expired XP systems. And no one can stop them. No anti-virus and/or malware programs will be able to protect outdated XP systems against attacks. Cyber criminals count on users naively ignoring “sunset” dates.   So, if you are going to be one of them – get ready for…   Identity theft; bot net army enlisting; unfettered cyber-crimes…

At the time of this posting, it is November, 2013. April, 2014, is less than 5 months away. Between now and XP’s “sunset date”, however, are post-Thanksgiving Black Friday sales and Christmas! That means there is ample time for you to prepare for, plan and implement the secure retirement of all XP systems and to take advantage of all upcoming, incredible electronics deals that over-eager retailers will offer this year!

Here’s the irony – the cyber criminals are the ones who are prepared for this date. 

So, please don’t miss the point –

There is no excuse to be caught with your milk bones down…

Top 10 Scams of 2012

Comments Off on Top 10 Scams of 2012

ScamsOne of the mysteries of the con-man is why he bothers (I say he, but of course there are plenty of con-women who are just as unscrupulous). He is often energetic, imaginative and ambitious, so why doesn’t he build up a decent, respectable business instead of robbing hard-working people? I suppose it’s because con-men (and I’ve met many over my years in consumer protection) all regard the people they deceive simply as walking wallets, to be ruthlessly squeezed, emptied, and then thrown away.

So the con-men will shamelessly lie to us, try to tempt us with ‘something for nothing’, ‘too good to be true’ offers – like the ‘show house’ discount for double glazing or central heating, or the ‘million pound lottery’ he pretends you have won and so on. And he gambles on the fact that when we discover that we’ve fallen for his blatant swindle, we will be too ashamed to report him to the police…

Excerpted from the Introduction to the “Little Book of Big Scams”. Source: http://www.thamesvalley.police.uk/the-little-book-of-big-scams.pdf

Internet scams are updated, worldwide versions of age-old tactics and schemes to cheat and defraud a victim. What the internet has added to con-artistry is an extreme ease of distributing fraudulent schemes to millions of people!

The Better Business Bureau listed the following schemes as the Top 10 Scams in 2012. These scams continue to be headliners so far in 2013:

Source: http://www.bbb.org/blog/2012/03/can-you-name-the-ten-most-common-scams/

Be Aware and Beware…

1. Bogus Health Products – This scam is the modern version of snake oils and elixirs that claim cures for everything that ails you.

2. Advance Fee Loans – These are bogus offers with fraudulent websites that promise to provide easy credit and/or loans. Required upfront payments are a sign the site/offer is a scam.

3. The Nigerian Scam – This is an old scam with several variations that amazingly doesn’t die. It appeals to the sympathy and generosity of the victim. An email or hard copy letter or even fax arrives asking for help to get money out of war ravaged countries to help the poor subject named in the request. The FBI reports the author requests upfront money to help complete the emotional request but the willing victim will always be out money.

4. The Grandma Scam – Aimed at seniors, the “victims receive a call from a ‘grandchild’ in distress in a foreign country. Grandparents are told to wire money to ‘the police.’” It is suggested that “the best defense is to remain calm. Make them give you their name. Insist on calling your son or daughter. Chances are, you’ll find your grandchild safe at home.”

5. Foreign lotteries or sweepstakes – “A check comes in the mail–to cover ‘taxes, fees or insurance.’ You’re supposed to cash the check and wire back funds to claim your prize, but the check is no good. Remember, it’s illegal for U.S. citizens to enter foreign sweepstakes or lotteries. If you have to send money, even if they send you a check, you haven’t won anything.”

6. Overpayment Scams – “Your classified or Craigslist ad receives an email expressing interest in the item. The mystery buyer’s English is poor. They want the item delivered through a shipper. They offer to overpay for the item and want you to wire the excess funds after the check is deposited. Never accept a check for more than the selling price and never agree to wire back funds to a buyer.”

7. Charity Scams – “Fraudulent solicitations come over the phone with scammers pretending to be affiliated with legitimate charities. Other scams involve bogus websites created to fool people into providing credit cards. If you want to donate to a charity, use the charity’s own websites directly. You can investigate unfamiliar charities online at http://www.bbb.org/us/charity.”

8. Employment/Mystery Shopping Scams – If you are applying online for employment, “regardless of the reason or excuse given by the employer, you should never give out…Social Security or bank account numbers over the phone or e-mail.”

Mystery Shopping Scams operate just like lottery scams and overpayment scams—here is a check; do a job, wire money back to your ‘employer.’ The checks are no good and you’re out any money you send away.”

9. Phishing – “Scammers, masquerading as legitimate organizations send official-seeming email to get you to reveal sensitive data. If you get an email or pop-up asking for personal or financial information, don’t reply. Don’t click any links. Contact the organization mentioned using a phone number you know is genuine, or open a new window and type the company’s correct web address to verify it.”

10. Smishing – “Cell phone text messages deliver the “bait” to get people to divulge their personal information. They claim there’s a problem with your debit or credit card or bank account, and that it’s been frozen. Never provide personal or financial information to unknown parties, and never click on any embedded Internet links in unsolicited text messages.”

DisHonorable Mention: Online Dating Scams

Although not listed on the Better Bureau’s site, Online Dating Scams deserve mention. There are many legitimate online dating services, but there are also many fraudsters who use the services to bilk a victim out of money and emotions. Here are some alerts that your potential amour is really looking for your money…

• The potential “date” quickly wants to use personal email or messaging rather than the dating site format

• They profess love quickly

• They claim to be from the U.S. but are working or traveling overseas

• They cancel a planned visit to you because of some unexpected but traumatic event and request money to help cover some of those traumatic event issues.

• Send NO Money. Report them immediately to the dating site and FBI.

Unfortunately, this is not a comprehensive list of scams and schemes. It is only a compilation of 2012’s TOP 10!   May none of these be your experience!

The cautious seldom err  –  Confucius

toogood

Older Entries