Nearly 1.4 Million New And Unique Phishing Sites Created Monthly

If you take the Public Service Announcements (PSA) from the FBI seriously, you will be a bit on edge about one in May. It claimed that phishing scams cost businesses in the United States over $500 million each year. That’s nothing to cough at. In fact, phishing scammers are taking advantage of phishing at breakneck rates. Webroot recently released its Quarterly Threat Trends Report breaking the news that 1.385 million new and unique phishing sites are created each month.

Unfortunately, there isn’t a lot of good news to follow that. This number is up drastically from Webroot’s December findings. Those determined a measly 13,000 new sites went up per month. On top of that, the majority of the sites stay active for a very brief time; four to eight hours. That’s because the owners want to avoid having the site put onto block lists, which usually take over three days to update. By the time the malicious sites are discovered and put on these lists, they’re gone. They also can evade traditional detection strategies when their lifespan is so short.

There is something to be done, however. Scammers use very effective social engineering techniques to gather information and craft very detailed attacks against their targets. They often get this information from social media. So you can limit the information they receive.

Use caution about what you post on social media. The less information you provide, the less a scammer can find out about you merely by browsing LinkedIn, for example. Consider listing vague details about your job responsibilities, rather than specifics. Business email compromise (BEC) is still running rampant and has caught out employees of some very well-known companies, such as Seagate and SnapChat. BEC is a technique used by phishers where they target personnel that work in departments handling sensitive information, such as human resources and finance. So, if you put on your social networking profile that you work in one of these areas, it’s easier for you to be targeted by these scammers.

Don’t be afraid to network. Just be aware of these schemes and second-guess anyone asking for information such as W-2 details. Always do a verification check using the phone, a text, or a personal visit to his or her desk before sending such information.

That said, remember that email is not typically a secure form of communication. Assume that whatever you write in any message is going to be read by someone you may not intend or want to read it.

The top companies impersonated for the scams include:

© Copyright 2017 Stickley on Security

Hackers Want Extra Cheese…From Your Payment Card

Pizza lovers are once again victims of a data breach. Pizza Hut customers join CiCi’s Pizza lovers in the unfortunate fate of being victims of a security breach. Pizza Hut emailed letters to those hungry customers that it believes were victims of the breach, which occurred over a 28-hour period earlier this month. If you ordered pizza online from the company, you may be one of 60,000 others who have had information stolen.

Information that is believed to have been accessed includes payment card numbers, expiration dates, the CVV code from the back of the cards, names, delivery addresses, and even email addresses. If you ordered pizza online from Pizza Hut from October 1-2, 2017, be sure to check your card statements carefully for fraudulent or suspicious charges. Typically, there is a limited amount of time that these can be reported to the card issuing institution and limit your liability.

Always review payment card charges for suspicious activity. If possible, do this more often than once per month. Online access makes this task quite efficient. However, if you are passing any sensitive or confidential information through the Internet, such as payment card numbers, do this using a connection that is secure. Avoid using public WiFi. Even if these connections require passwords, it does not mean they are safe to use when doing these types of transactions.

In fact, a flaw was recently discovered (the WPA2 flaw called KRACK) that could allow an attacker to intercept those transactions using WiFi, public or otherwise. If those WiFi spots have not been updated, you are putting your information at risk of attack.

© Copyright 2017 Stickley on Security

Financial Tips for Traveling Abroad

Travel, especially abroad, can become very expensive, very quickly. Many of us give up the opportunity to travel because of the financial burden it may cause. Fortunately, there are strategies for traveling for less. Check out these tips on how to see the world without breaking the bank.

Get the best exchange rate.
There are three ways to exchange currency: converting cash at a bank before your trip, using a currency exchange service like the ones in airports, or simply using a credit card, in which case your money is converted automatically with a purchase.

According to an exchange rate study conducted by Card Hub, international travelers can save up to 15 percent by using a credit card. More specifically, major worldwide credit networks automatically provide the best exchange rates possible — currently 14.7 percent better than the currency exchange companies that operate out of airports and 7.9 percent better than the average major bank.

Get a no-foreign-fee credit card.
Over 90 percent of all credit card issuers charge foreign usage fees, which inflate the cost of any transaction processed outside the United States. No-foreign-transaction-fee credit cards are perfectly suited to overseas spending. Follow these guidelines to use no-foreign-fee cards to their full advantage:

– Get your card before booking flights, hotels and activities. Foreign fees apply to purchases made through foreign-based companies whether you are outside the U.S. or not. Make sure your credit card issuer does not charge these types of international fees before you book your trip to avoid surprises on your statement.

– Check to see how much coverage your credit card includes, remembering that most companies do not provide worldwide coverage.

Withdraw cash before you leave.
If you’d rather not worry about finding an ATM as soon as you arrive in a foreign country, convert some cash at your local bank before you leave. Keep in mind that you should:

– Compare bank exchange rates to get the best currency conversion.

– Watch out for fees and make sure to inquire about extra charges before agreeing to a conversion rate.

– Convert just the right amount. Get enough cash to comfortably cover your initial expenses but not more than you feel comfortable carrying.

Consider these tips.
Regardless of which debit or credit card you use while traveling overseas, it’s important to take these precautions:

– Call your issuer before leaving. Make sure to notify your bank of the exact countries and territories where you’ll be traveling as well as the dates you’ll be abroad to prevent your cards being suspended for suspicion of fraud.

– Avoid dynamic currency conversion. Merchants may offer to convert the price of a purchase from the local currency into U.S. dollars, but some merchants push dynamic currency conversion in order to apply an unfavorable exchange rate to a transaction and increase their profits. Avoid that by only signing bills and receipts expressed in the local currency. Use a smartphone for currency conversion on the go.

– Check if your trip is covered. Travel insurance can be a great way to reduce any unexpected expenses when you travel abroad. Between lost luggage and missed connections, travel can present many financial risks. Travel insurance can help put your mind at ease.

Overseas travel can be expensive, but it’s possible to minimize costs with discipline and careful planning.

Discover Halloween Savings

October is a month of pumpkins, costumes, candy and ghosts. It’s also a time when parents of all ages open their wallets to spend. Halloween purchases can really add up, as this is one of the most popular holidays in the U.S.

Don’t let the first holiday of the fall season break your budget. Read on to discover ways to reduce those tricky costs.

1. Trick-or-Treating
For the trick-or-treating items you’ll only use for a couple of hours, consider budget-friendly alternatives. Rather than purchasing overpriced candy baskets from the store, use a pillowcase or shopping bag to haul in those treats. Not only will it save money, it’s a chance to be creative and decorate an accessory to match your child’s costume.

2. Halloween Entertaining
Whether you’re hosting a big party or going to someone else’s event, keep these tips in mind to make a big impression without spending big bucks.

– Plan ahead. Make sure you have all the costume materials, decorations and candy you’ll need on Halloween to avoid last-minute splurges.

– Make a budget and stick to it. Avoid the temptation to overspend by setting a realistic budget using our Entertainment Planner calculator.

– Reuse decorations. If you keep decorations in good condition, they can be stored away and reused for years to come.

– Get crafty. Make decorating a fun group activity by getting your children or friends involved in making decorations. Construction paper, pens and a little imagination can go a long way.

– Get together. To help offset some of your holiday costs, host a party with friends and family and share the expenses.

– Shop clearance sales for next year. Buy new items the week after Halloween to get savings on costumes and decorations for next year.

3. Cost-Conscious Costumes
Whether you’re outfitting yourself or helping to dress up your children, you don’t have to break the bank to have a ghoulishly good costume for Halloween. Here are a few time-tested tricks for saving money on costumes.

– Skip the store. Seasonal Halloween stores can be tempting, but purchases can really add up. Instead of visiting a specialty shop for your entire costume, get your outfit elsewhere first and hit seasonal stores for accessories.

– Be thrifty. Cruise the thrift stores to look for the costumes you are creating. Whether it’s for a princess, a superhero or a zombie, you can often find what you need at a consignment store for a much lower price.

– Swap with friends. Children don’t typically wear the same costume year after year. Consider joining up with neighbors who have daughters or sons the same age as yours and swap costumes from previous years.

– Jump online. If you are set on the idea of buying a complete costume, check out online Halloween stores or other discount sites. Children’s clothing swap websites also offer options for cost-conscious costumes.

Facebook Servers Deliver Malware To Steal Login Credentials

It may be difficult to understand the Facebook Content Delivery Network (CDN) and it isn’t really important that you do. But this is the way some cybercriminals are distributing malware to a large amount of unsuspecting Facebook users. The CDN is how the social media site delivers video and photos to its users. In this case, the enterprising thieves are using these servers to deliver banking Trojans to your devices that can and will steal your credentials.

The scam works like this: An email shows up in your inbox that appears to be from local authorities. Included is a link that takes you to a particular CDN. On that CDN resides the malware that executes the banking Trojan.

The concern here is not simply that by using these CDN servers the malware can be delivered to a large number of people quickly; it’s also a matter of trust. You see, it is largely believed among cybersecurity professionals, that the perpetrators of this scheme are the very same ones that used Dropbox and Google’s cloud storage in the same way not long ago. All of these companies are trusted within the user communities and if we cannot trust them, then who can we really trust?

The answer eludes us. In fact, since they are trusted, cybersecurity solutions that are supposed to help protect us against attacks such as these recognize their domains as “safe” and won’t see malware on them as a threat. If the criminals used a custom domain to deliver this malware, these products would immediately discover them and block their deliveries. With large companies like these, it’s not so simple to just cut access off when something like this happens.

This is why it’s really up to users to be wise when using the Internet. Keep in mind that public officials typically do not use platforms such as links in email or social media to deliver information to citizens. So if you receive a link or attachment purportedly from a government official or public servant, it should be questioned. Don’t take any quick action. Instead, try checking their public social media sites or referring to your local news publications, radio stations, and television stations directly to get the information that is supposedly contained in the links.

© Copyright 2017 Stickley on Security
October 11, 2017

Some Couples Invest in Their Future in Ways Other Than a Diamond Ring

What does an engagement ring look like? For many people, my wife included, the answer is a diamond ring. While that’s a concept that didn’t become widely accepted until the diamond industry’s marketing campaigns in the mid-1900s, it’s one that holds strong today. However, some couples are going in an alternative direction. The intention isn’t to be cheap, but rather to use the savings to make a different kind of meaningful investment in their future together.

When and how a proposal happens can be a surprise, but hopefully, the answer won’t be. That is likely doubly true if the question is popped without a diamond engagement ring, or perhaps without a ring at all. As always in a relationship, communication is key. While some people may be excited by the idea, it could be a deal breaker for others.

What will a meaningful investment look like to the both of you? A friend of mine recently shared with me the story of how he proposed to his now wife, and the decision to forgo an engagement ring altogether.

When they first started discussing marriage and engagement rings, she said she’d rather put the money towards a down payment because starting a home together was more meaningful to her than a ring. He didn’t ask right away, but when he did take a knee, ringless, and ask her to marry him – clearly she said yes. Today they live in the home the savings helped buy, wear only wedding bands and he says neither of them regrets the decision.

A down payment might not make sense for you, but there are other ways to invest in your future together. For some couples, paying down debts or saving for their wedding so that they don’t go into debt might be a better fit. Or, you might want to start a travel or honeymoon fund.

Consider your options if you want to buy a ring. Understandably, the idea of proposing without an engagement ring isn’t for everyone, and there is a middle ground. A less expensive engagement ring with the savings going towards your shared goal.

Here are few options you could discuss with your significant other:

  • Alternative stones. There are a variety of alternative precious and semi-precious stones you could pick for the ring. Matching a stone’s color to the person’s eyes or choosing their birthstone could imbue the ring with a personal touch. However, be careful about picking a “soft” gem that could be easily scratched if it’s worn daily.
  • Diamond look-alikes. You could choose a synthetic diamond or a stone that looks similar to a diamond but costs much less, such as a cubic zirconia. Some of the man-made and alternative options can look more brilliant than genuine diamonds, and you don’t need to worry about whether or not the stone is conflict-free.
  • A solid band. While it won’t have the same flash as a ring with a large gemstone, choosing a smaller diamond or solid metal band with a symbolic meaning could be just as meaningful to your partner.
    Family heirlooms can also make for memorable engagement rings and often there isn’t a price tag attached (although a lengthy discussion might be in order). A vintage ring could appeal to some people’s style, or the center stone could be reset in a modern band. In either case, there’s something special about wearing a gemstone that’s been in one of your families for generations.

Decide on your priorities as a couple and act accordingly. According to The Knot’s 2015 Real Weddings Study, an average of $5,871 was spent on engagement rings. For some, there’s no better way to spend money. After all, it’s a ring that’s going to be worn for decades.

However, you can discuss engagement ring expectations before you ask someone to marry you. If a diamond isn’t particularly important, an alternative ring or gemstone, or no ring at all, can be an equally timeless and beautiful gesture of love when you both know the money is going to an important step in your future together.