Category Archives: Internet Scams

Educated Employees are the First Line of Defense in the Fight Against Data Hacking

by Barbara Parrott McGinity, LMSW
BBB Education Foundation

Data Breach! System has been hacked! Personal information stolen! From the IRS to Chase Bank to Blue Cross Blue Shield, we are reading about security systems being infiltrated by criminal hackers every day. How can this happen? Hackers seek out weaknesses in your computer system and one of those weaknesses can be untrained personnel who mistakenly click on the wrong email.

Here is one recent email from my inbox:
Today, 3rd June, 2015. We are upgrading our email system in order for our email server to be compatible with the newer versions of software 2015 spam filter. This service creates more space and easy access to email. Please update your account by clicking on the link below. Click for Activation
CLICK HERE<http://owaadminportal.jimdo.com/&gt; And follow the instructions on the pop-up page for upgrade
Failure for any user to do this will render his/her account inactive.
Thank you,
IT Support Desk

Another example:
Hi my name is Annabella
my resume is pdf file
I am looking forward to hearing from you
Yours faithfully
Annabella

Both of these emails demonstrate how systems are breached, they require the recipient to get more information through the click of their mouse, one has a link and the other has an attachment.

Every day, we receive numerous unsolicited emails at both work and home. Some of it from sources you have done business with or ordered products from, while others come from unknown sources. Often you give that information away by putting information into pop-up windows, handing out business cards, or responding to unsolicited emails.

A couple of weeks ago I received a very simple, seemingly innocent email:
Hi Barbara:
For us newbees can you give me the crossroads for the location of the garden sale.
Thanks.
Jan LeCates
Your first instinct might be to reply, “What garden sale?” And that is what the sender was hoping for, because this type of email is looking to confirm good email addresses which then get sold to people sending the spam. For me it was easy to hit the delete button because I knew I was not going to a garden sale and I do not know Jan LeCrates. But what would your employee do?

The National Cyber Security Alliance has a website, http://www.staysafeonline.org, that provides information for businesses on cyber security. This includes accessing your risks, protecting customers, and education tips for employees. Here is what you need to pass onto your employees:

• Keep a clean machine: Your company should have clear rules for what employees can install and keep on their work computers. Make sure they understand and abide by these rules. Unknown outside programs can open security vulnerabilities in your network.
• Follow good password practices: Making passwords long and strong, with a mix of uppercase and lowercase letters, numbers and symbols, along with changing them routinely and keeping them private are the easiest and most effective steps your employees can take to protect your data.
• When in doubt, throw it out: Employees should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Employees should also be instructed about your company’s spam filters and how to use them to prevent unwanted, harmful email.
• Back up their work: Whether you set your employees’ computers to backup automatically or ask that they do it themselves, employees should be instructed on their role in protecting their work.
• Stay watchful and speak up: Your employees should be encouraged to keep an eye out and say something if they notice strange happenings on their computer.
The hackers are getting better, more sophisticated, and more difficult to catch. Everyone needs to be vigilant, stay alert to cyber threats, and never assume things are as they appear. Protecting your business by taking the time to educate your employees is the best way to defeat these criminals.

Advertisements

Study Suggests Some People Are More Vulnerable to Online Fraud Than Others

by Barbara Parrott McGinity, LMSW

One of the recurring scams I hear about from older adults is the “Microsoft Scam.” How does it work? You receive a phone call telling you “this is Microsoft and we have detected a virus on your computer and we want to help you.” They ask for access to your computer. I equate this to letting a robber into your house, and you sit and watch them still items right in front of you.

Here is what the scammers may ask you to do:
• Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
• Convince you to visit legitimate websites (like http://www.ammyy.com) to download software that will allow them to take control of your computer remotely and adjust settings to leave your computer vulnerable.
• Request credit card information so they can bill you for phony services.
• Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

In a survey by AARP released in May 2014 titled, Caught in the Scammer’s Net, they revealed the risk factors that increase your chances of becoming an Internet fraud victim. The survey identified 15 particular behaviors, life experiences, and knowledge attributes that may make a person more vulnerable to online fraud:

Behaviors:
• Clicking on pop-ups
• Opening email from unknown sources
• Selling products on online auction sites
• Signing up for free limited time trial offers
• Downloading apps
• Purchasing through an online payment transfer site
• Visiting a website that required them to read a privacy policy;
• Visiting a website that required them to read a terms of agreement statement
• Being impulsive

Life Experiences:
• Feeling isolated/lonely
• Loss of a job
• Negative change in financial status
• Being concerned about debt

Knowledge:
• Being unaware that banks do not send emails to their customers asking them to click on a link to verify personal information
• Being unaware that a privacy policy does not always mean the website will not share their information with other companies
Are you at risk to be a victim of Internet fraud? In reading them, do feel you might meet any of these risk factors? It is important to be aware of these factors and do understand how you could be tricked.

Be safe and remember: do not click on pop up windows of any type or warning, do not give your personal information to unverified websites, check out all websites and offers before making purchases, do not open emails from strangers, and do not click on links sent by friends unless you have personally verified they sent the email.

Data breaches such as those at Blue Cross Blue Shield and J P Morgan Chase provide scammers with alot of different information to try and trick you. Stop, think and ask…that is the only way to stay safe on the Internet.

BBB Advice on What to Do After a Data Breach Compromises Your Identity

Better Business Bureau (BBB) has some suggestions for consumers concerned that their personal identifying information (PII) may have been compromised by a data breach. PII includes name, address, Social Security number, date of birth, and other information that can be used for identity theft.

When a data breach happens, companies often set up separate websites with information for customers, but the BBB recommends that consumers always go to a company’s main website first and follow links from there. Scammers often take advantage of data breaches and subsequent confusion to set up spoof websites and send phishing emails.
BBB offers the following suggestions for consumers concerned that their PII has been stolen:

1. Do not take a “wait and see” approach as you may have done with breaches involving credit card data. You must act quickly. Breaches involving Social Security numbers have the potential to be far more detrimental to victims, and the damage can be difficult to repair.

2. Consider taking a preemptive strike by freezing your credit reports. This will not impact existing credit cards and financial accounts, but will create a roadblock for thieves seeking to create fraudulent accounts using your personal information.

3. At a minimum, if you know your Social Security number has been compromised, place a fraud alert on your credit reports. While less effective than a freeze, this will provide an extra layer of protection. Click here to learn more about security freezes and fraud alerts.

4. Take advantage of any free credit monitoring services being offered by the company to breach victims. While this is not a preventative measure, this will alert you to new accounts or inquiries using your Social Security number so that you can act quickly to repair the damage.

5. Vigilance is key. Regularly check your credit reports at annualcreditreport.com for unauthorized charges or other signs of fraud. (NOTE: This is the only free credit report option authorized by the Federal Trade Commission.)

6. For more information and complete step-by-step guidance on repairing the damage caused by identity theft, visit the FTC’s identity theft resources.

7. Expect that scammers will take advantage of this data breach to send out phishing emails and other messages that appear to be from Anthem, a credit bureau or other legitimate companies. Do not click on links from any email, text or social media messages about this or any other data breach.

Major Retail Data Breaches Put You at Risk

by Barbara Parrott McGinity, LMSW

Seems like every other week we hear about a new company or retailer whose data security system has been breached by hackers. If you have shopped at Target or Home Deport, or bank with JP Morgan Chase, there is possibility that your personal information has been put at risk for use by thieves.

The first thought that comes to mind is how do you protect yourself from identity theft? These companies frequently offer free credit monitoring services for up to a year. You should take advantage of such offers, but remember, at the end of that year, you will have to pay to for continued credit monitoring.

But aside from the possible identity theft, how else are you at risk from these data breaches? The hackers not only steal credit information and personal identifiers, they also get information your name, the name of a spouse, your phone number, your email address and your mailing address. This type of information can be used to fool you into giving away more information or even worse, giving away your money.

Information like this can be used to make an email, phone call or letter to you sound personal in an attempt to lure you into a trap. The most likely way they will access you is by email. The email will be personally addressed, look like something official from a company you do business with, but will include some type of link you are asked to click.

If you follow instructions and “click,” then this link spreads a virus through your computer, stealing information, especially email addresses of friends and families. Then they receive an email that appears to be from you with a link, and the process goes on and on.

Maybe they send you an email with personal information and say they are with the FBI and accuse you of buying child pornography over the Internet. Or maybe they are the IRS and say they will put you in jail if you do not pay the money you owe them. The possibilities are endless. Remember, no government agency will contact you by email or phone and they do not ask people to wire money as a way to avoid jail.

What can you do? First of all, NEVER click on any links sent to you in an email from friends or family. Ask them what they are sending first. Second, if you think it is a legitimate email from a company, again, do not click on any links to a website. Open up your browser and type in the address to the website yourself. This way you will be sure to get to the correct website.

Remember, the people who are committing these data breaches are very smart. It is their job to steal information and to come up with a way to use it to their benefit. You can avoid being a victim twice if you think before acting. If you have a question or have a suspicious experience, call and we can discuss, 713-341-6184.

Age Old Schemes Promising Miracle Cures

by Barbara Parrott McGinity, LMSW

Health fraud schemes are not old. You’ve seen the movie version of the snake oil salesman traveling the countryside selling his miracle cures. But the same schemes are alive and well, all dressed up for the 21st century. Instead of traveling the country in a horse drawn wagon, they come to in the form of infomercials on TV, realistic websites via the Internet, or glossy magazine ads.

But the past and present have one thing in common, they are promising you an easy cure for difficult health problems…all for an amazing price! While these products claim to effective against medical conditions, they have never been proven to be safe or effective. What they do prove is that people are easy targets for deceptive sale practices.

Consumers waste billions of dollars a year on health scams that can have serious and even fatal consequences. Here are a few of the most common health product frauds:

  1. Cancer fraud: One of the longest running scams is the Hoxsey Cancer Treatment, an herbal regimen with no proven benefit. Another scam involves products called black salves which claim to draw cancer out of the skin, but can be corrosive to your tissues.
  2. Arthritis fraud: It is estimated that consumers spend about $2 billion a year on unproven arthritis remedies not backed by adequate science. For accurate information on arthritis treatments and alternative therapies check with the Arthritis Foundation at www.arthritis.org.
  3. Diabetes fraud: The FDA is taking action against sales of fraudulent diabetes “treatment” that claim to “drop your blood sugar 50 points in 30 days” or “reduce or eliminate the need for diabetes drugs or insulin.” You should always work with your doctor and healthcare provider in developing a diabetes treatment.
  4. Weight loss fraud: You cannot lose weight by taking a pill. You lose weight by changing your diet and increasing your exercise. These weight loss products can contain dangerous prescription drug ingredients that are not listed on the label.
  5. Sexual enhancement product fraud: There are many drugs being sold for treating erectile dysfunction and for enhancing sexual performance, usually marketed as “dietary supplements.” They are really illegal drugs that contain potentially harmful ingredients.

The people peddling these miracle cures provide glowing testimonials from people whose lives have been miraculously changed. But you need to realize that testimonials are not a substitute for scientific proof. The Food and Drug Administration advises that you never diagnose or treat yourself with questionable products.

Always check with your health care professional before using new medical products. And inform your doctor of any supplements or enhancements you are taking to make sure they do not conflict with your current medications.

Be sure and check out the companies selling the products with the Better Business Bureau at www.bbb.org. And check www.fda.gov for current schemes and warnings about these so-called miracle cures. Feel free to call me at 713-341-6184 with questions.

Are you Vulnerable for Getting Caught in the Scammer’s Net?

AARP recently released the results of a survey of adults age 18 and older titled Caught in the Scammer’s Net. They were researching which individuals are more likely to become a victim of Internet Fraud. If you are a regular reader of this column, you know how much I emphasize the dangers of answering your phone. The same caution applies to dealing with email and the Internet. (http://www.aarp.org/money/scams-fraud/info-2014/internet-fraud-victimization-attitudes-behavior-washington.html)

Unsolicited emails and pop up offers put you at great risk. The Internet is how scammer collect information on individuals. And often times, it is ourselves who provide that information by clicking on items or responding to people and offers from strangers.

While this survey did not specifically indentify older adults as being the most vulnerable to Internet scams, the survey did identify 15 particular behaviors, life experiences, and knowledge attributes that may make a person more vulnerable to online fraud. Look closely at these and see if you or your friends and family match the profile of a potential Internet fraud victim.

Behaviors:
• Clicking on pop-ups
• Opening email from unknown sources
• Selling products on online auction sites
• Signing up for free limited time trial offers
• Downloading apps
• Purchasing through an online payment transfer site
• Visiting a website that required them to read a privacy policy;
• Visiting a website that required them to read a terms of agreement statement
• Being impulsive

Life Experiences:
• Feeling isolated/lonely
• Loss of a job
• Negative change in financial status
• Being concerned about debt

Knowledge:
• Being unaware that banks do not send emails to their customers asking them to click on a link to verify personal information
• Being unaware that a privacy policy does not always mean the website will not share their information with other companies

Based on its survey, AARP estimates that there are 34 million Internet users who are at high risk of becoming victims. Do not be one of them. Exercise caution when online. Close pop up windows when they appear. Be suspicious of emails from unknown individuals. Do not click on any links provided to you in an email. Most importantly, check before doing business with anyone. Feel free to call me at 713-341-6184 with any questions about a website or a company.

Get Paid to Drive Around!!! What a deal…NOT

Today I got this interesting email that sounded like a quick, easy way to get paid $500 a week for just driving my car.   Here it is:

Hello,

We Advertise company products on cars, Vans, Trucks, e.t.c (Car Wrap) So, car owners can make money from wrap advertisement.  However, We are mostly looking for people who drive on regular basis,if you are qualified and you drive to work or if you drive for fun, then vehicle wrap advertisement is for you.

Please send us an email with your name, city you live in, car make and year.  Compensation:  $500 weekly payment.  Looking forward to doing business with you.  Send all Automobile details to:  David.Fisher@carwrapadvertisement.com.

First clue this is a scam:  poorly written and incorrect grammar.  Does not sound very professional does it?  Secondly, why would a stranger pay me…a stranger…to advertise their product.  What if I am a terrible driver and people cuss at me on the road?  Would not be a favorable impression of whatever product my car is advertising.

In doing a bit of research, this is a rather new email scam, but the bottom line is that in some form or fashion they will be asking me to wire money.  The reports I read state that the scammers send you a large cashier’s check and you are to wire back the difference.  Of course, the cashier’s check will be fake and you will have to pay back the money the bank gives you.

Two big red flags that are common in every scam: 1) it is too good to be true; and 2) you NEVER pay money to get money.  Best advice, just DELETE!

Barbara Parrott McGinity, LMSW

UPDATEI sent an email asking how does the program work and I received the reply below.  Can you point out the verbage that tells you this is coming from overseas and is written by someone who is not a native English speaker.

First, you once again notice the capitalization errors.   Notice the use “advert.”  Americans do not use the term “advert,” we say “ad” when talking about advertisements. 

Then this is for a company that makes biscuits?  When do we use the term “biscuit” when talking about cookies?  Then finally, poor grammar and sentence construction.

Be smart and notice the patterns and always delete these email offers…as they are too good to be true!

“Thanks Barbara.
Our company is one of the most innovative Advertising agencies with clients all over the world.We have a target to advertise so many products for a number of companies mostly in USA,as a whole and we also have representatives in this regions.

The ads are typically vinyl decals, also known as “auto wraps,” that almost seem to be painted on the vehicle and which will cover any portion of your car’s exterior surface.

What does the company get out of this type of ad strategy?

Lots of exposure and awareness. The auto wraps tend to be colorful and eye-catching and attract lots of attention. Plus, it’s a form of advertising with a captive audience,this means people who are stuck in traffic can’t avoid seeing the wrapped car alongside.

We work as an advertising agent and we will be doing the advert for the new company which will be producing biscuit which includes cookies, crackers, and cereals. The advert will be a small sticker which will be placed on your car and we need someone in your state who will be dedicated to doing this and be rest assured you will be paid promptly.

However,We are mostly looking for people who drive on regular basis,if you are qualified and you drive to work or if you drive for fun, then vehicle wrap advertising is for you.

This program will last for 3 months and the minimum period you can participate is 1 month.

We shall provide experts that will handle the advert placement on your car. You will receiving a weekly payment of $500 and this payment will be sent as an upfront payment to you for allowing us place the advert on your car.