Spread the word about government imposters

Government-imposter-scam-alert-FTC-tightens-consumer-security_0

Those pesky government imposters are at it again, using the FTC’s name to try to con people into paying them for something. Whether it’s to clean up your credit report, give you a prize, resolve a complaint against you, or pay off a debt you owe, they’re all lies. The message may be a call or an email, but it isn’t from the Federal Trade Commission, or any other federal agency.

Here’s the bottom line: if someone claiming to be a government employee asks you to send money to collect a prize or remove negative information from your credit report, don’t do it. And don’t give them your personal or financial information, either.

As long as the scammers keep posing as government officials, the FTC will keep putting out warnings like this one. But the FTC needs your help to spread the word. Talk to your friends. Tweet it. Post to your social networks. Blog about it. You just might help someone you care about avoid falling for a scam.

Sign up to get free scam alerts by email.

 

by Alvaro Puig
Consumer Education Specialist, FTC

Beware of Fake Websites

Fake website with http and fish hooks

When you browse to a website there is a certain level of trust that is required. You assume that if you type in a specific URL, you will connect to that website and in turn the data you provide to that website will be kept secure.  Unfortunately cyber criminals continue to find new ways to inject themselves between you and the secure websites you are trying to visit.

The most important thing to remember whenever you browse tountrustedwebsite any website that requires you to provide login credentials or any confidential information is to look for the encrypted session. By now most of you will be very familiar with the concept, but the reality is that people often don’t pay attention. When you visit a website and the URL starts with “https://,” it indicates that the webpage you are viewing has been encrypted and should generally be considered secure. Of course just having those characters at the beginning is not a guarantee. You also need to confirm that the encryption is validated. To accomplish this, most modern web browsers will display a warning if there is a problem with the encrypted session. It is up to you to choose to ignore this warning or not. There should never be a situation where you continue to provide confidential information to a website if you have received a warning that the connection is not secure. This warning is telling you there is something wrong. If there is something wrong, you can’t trust anything about the webpage.

If you visit a website that is asking for login or other confidential information and you do not have an encrypted connection with “https://,” you should stop.  Any legitimate website will always provide encryption when requesting this type of information. It is very easy to get lazy. If you visit a website often, as long as the site looks the same as every other day, it is easy to stop paying attention to the URL. However you need to remain diligent to ensure you remain secure.

It is also important to remember that you can manually type in the URL for where you would like to go, but actually end up at a malicious website instead. Even worse, the URL will still reflect that website you intended to connect to. This is due to both “Man in the Browser” and DNS type of attacks.

Man in the Browser attacks allow criminals to modify your web malwarepopupbrowser through malware and cause the information displayed and accessed to be manipulated without your knowledge. It gets worse. The page might show https:// and not even throw any error messages. This is why keeping up with security patches and keeping your computer clear of malware is so important. In addition, DNS attacks can allow criminals to alter where your browser connects causing it to appear to be connected to one website, but in reality it is connected somewhere entirely different. In these situations, the criminal will make the alternate website appear as though it was the original website you intended to connect to, but this new site will actually be designed to steal your confidential information.

Like with most cybercriminal activity, there is no magic bullet to eliminate all risk when browsing on the Internet. Instead, you must always remain diligent and watch for little things that might indicate there is something out of place whenever browsing to websites that contain or require your confidential information.

 

© Copyright 2016 Stickley on Security

Cyber Criminals Use Email from Turbo Tax To Steal From You

 

Concept of hacking or phishing a login and password with malware program

Tax time means another game of cat and mouse for scammers. Again, Intuit is warning that it’s Turbo Tax being used in spam emails claiming to be from the company. The subject is “Turbo Tax not working for days now…” or “Turbo Tax is currently unavailable.”

If you receive an email similar to this, don’t open any attachments or click on any links. They will likely lead to nothing good. In addition, don’t forward the message to anyone. It’s best to just delete it without opening it at all. It is really never a great idea to click on an unsolicited email or text link. If you want to go to TurboTax.com, it is much safer to open a browser and type in the address or use a bookmark.

turbotax

Also, make sure anti-malware software is installed on all systems and that it is kept updated. Although this will not prevent you from filling in a form with your details, if there is something in that message trying to install on your computer, the anti-malware should catch it.

Intuit has requested that anyone receiving fake emails using its name to send a copy to them as well.

Email messages like this are phishing attempts. The criminals know it is tax time in the U.S. and they will exploit it whenever possible. Turbo Tax is not the only company that has been or is likely to be used in these schemes. In fact, TaxAct reported a security incident recently where stolen passwords used on other sites, were reused for its site with some success. This reminds us to not reuse passwords across online sites. Cyber criminals will try the login combinations on various sites to see if they can get access. Unfortunately this is successful more often than anyone would think.

Therefore, it’s a great habit to change online passwords regularly. Set a reminder in your calendar and in the word of Nike, “just do it.” This is particularly important for financial accounts.

In addition, Intuit reminds users that it will not send software updates via email. So, should you receive one claiming so, it is fake and should be sent to Intuit as well.

 

© Copyright 2016 Stickley on Security

Could you Save with a Car Share Program?


car_sharing_1

If you live in an urban setting and own a vehicle, chances are you spend either more money or more time or both than you would like to on transportation-related issues. If you are exploring ways to have a happier relationship with your wheels, a car share program might be worth taking a look at. These programs, which allow you to reserve online a car parked at a location near you, could save you quite a bit of money depending on your situation. You could truly see big savings if you:

Pay a lot for parking currently

City parking spots can run into the hundreds of dollars per month. Yes, there are definitely some advantages of having your own car nearby, but imagine paying ZERO for storing a vehicle and still having a ride close to you.

Don’t use your car that frequently

One of the advantages of buying a car is that eventually you may have no monthly payment once you own it outright. However, if you are currently just using your car to make a few trips to the grocery and big box stores a month, can you really justify making a car payment of hundreds of dollars every four weeks?

Have high insurance costs

Any comparison between owning and sharing a vehicle will include evaluating all the expenses associated with each option. You definitely should not forget to include insurance costs in the equation for owning. If for whatever reason your insurance costs are high, consider the alternative of sharing and thus paying nothing each month in this category.

Don’t do a lot of long-distance trips

You may tell yourself that you want to hold onto your car so you can make those spontaneous weekend getaways. But consider how often you really do that. If you make longer trips infrequently, it may make more sense to use a car share program for week-to-week trips and then renting a vehicle when you want to do a longer trip. It helps to do a realistic forecast of your vehicle use for the foreseeable future and then incorporating that into your decision-making process.

Spend a lot on repairs or maintenance

Using your own car to make lots of quick, short trips around the city puts a lot of wear on it. With a car share program, you don’t have to worry about paying for any of the upkeep. This can take a lot of stress out of your life if you worry with each giant pothole you hit.

Shell out for a lot of taxi rides

Do you find yourself using cabs a lot to run errands or do your shopping? Track how much you spend on taxis by requesting a receipt each time you pay for a ride. At the end of the month, total how much you have spent. Then compare this to what you would have spent with a car share program. You may find that the latter is the better option.

Remember that going with a car share program could also have the benefit of putting some extra cash in your pocket if you are able to sell your current vehicle. You also don’t have to worry about paying for or renewing vehicle registration or parking stickers. Many vehicle sharing programs also pay any local tolls for you.

Many car share websites have calculators that allow you to enter a little information about your automotive habits and then get a cost estimate for using their program. This can make it easy to crunch the numbers and see if making the switch makes sense for you.

© 2013 BALANCE

Get the Most Out of Your Gift Cards

 giftcard

If someone gave you a $50 bill, you probably wouldn’t just stick it in a drawer and forget it. But that’s essentially what happens to billions of dollars worth of gift cards each year – people either lose or forget about them, or never use up their balances.

Here’s how gift cards work. There are two basic types:

  • Retail gift cards, used to buy goods or services at a single merchant or affiliated group of merchants.
  • Network-branded gift cards, issued by a bank and carrying the logo of a payment card network (like Visa, MasterCard or American Express) and can be used at any location accepting cards from that network.

Account information is stored in the card’s magnetic strip. If you’re not sure of the remaining balance, ask the merchant to scan the card, call the toll-free number on the card or verify it on the card issuer’s website provided. Some store-branded cards can be reloaded; and most can be replaced if lost or stolen – although you may have to provide proof of purchase and pay a replacement fee.

The 2009 Credit Card Accountability, Responsibility and Disclosure Act changed laws governing gift cards sold on or after August 22, 2010. It requires that:

  • Money loaded on gift cards must not expire for at least five years from date of purchase or after funds were last reloaded.
  • If the card expires but the underlying funds have not, you can request a free replacement card.
  • Inactivity, account maintenance and service fees may not be charged until after 12 months of inactivity; after that, only one such fee may be deducted from the balance each month. (Fees for activation or lost/stolen card replacement are exempt.)
  • Fees must be clearly disclosed on the card or its packaging.

Here are a few tips to get the most out of your gift cards:

  • Use them quickly; the longer you wait, the more likely you are to forget or misplace them.
  • Treat them like cash; and write down the account and toll-free numbers to report lost or stolen cards.
  • Ask if the retailer will honor the card for online purchases, if that’s your preferred shopping method.
  • Be sure to use up the entire account balance, or ask if a cash refund is available. You may be able to use multiple cards for a single purchase – say you have several low-balance Starbucks cards.

If you don’t care for a particular retailer, consider trading gift cards with friends. Or check out some of the websites that have sprung up where you can buy, sell or swap certain kinds of gift cards, such as CardHub (www.cardhub.com), Plastic Jungle (www.plasticjungle.com), and Swapagift.com (www.swapagift.com). Just make sure you understand any transaction or registration fees or commissions that may be charged.

A few additional safeguards:

  • If you have a retail gift card and the company goes out of business, you may forfeit the balance.
  • Be cautious when trading cards with strangers. For example, if using a third-party exchange site, ask about their verification policies and check with the Better Business Bureau (www.bbb.org) for complaints.
  • Avoid unsolicited offers for free cards that sound too good to be true. By following spam links you could jeopardize your personal information.

By Jason Alderman

 

Insurance Commissioner Warns of Phone Scam

Female hands holding credit card and making online purchase using mobile phone. Shopping consumerism delivery or internet banking concept. Anti-fraud and financial security concept

Connecticut insurance policy holders are getting an unwelcome holiday gift; credit card fraud. The State Insurance Commissioner is warning of a phone scam in which callers pose as insurance company representatives telling victims their policies are being cancelled. They will ask for credit card numbers in order to reinstate the policy.

If you get a call from anyone stating a policy is expired or cancelled, call your insurance company or agent to confirm. Then, renew or settle the issue with them. Don’t give out credit numbers over the phone unless you initiate the call and are intending to make a purchase.

If you think you may have already been a victim of this, report it to your local law enforcement and your state insurance commissioner.

Currently, this is only being reported as happening in Connecticut. However, no one is immune to phone scams with similar scams continually running across the nation. Always be aware of who is on the other end of the phone when providing sensitive information. This is particularly true during the holidays. Unfortunately, some are more in the taking spirit than the giving one.

© Copyright 2016 Stickley on Security