Archive for admin

Long-Standing IRA Rollover Interpretation Changed January 1, 2015

If you’re considering rolling over your IRA assets to an existing or new IRA, you need to be aware of a recent change that affects IRA rollovers.  The IRS changed its interpretation of the one-per-12-month rule following a recent U.S. Tax Court ruling in Bobrow v. Commissioner.

The court ruled that a taxpayer is limited to one rollover per 12-month period, regardless of the number of IRAs he has.  The limit will apply by aggregating all of an individual’s IRAs, including SEP and SIMPLE IRAs as well as Traditional and Roth IRAs, effectively treating them as one IRA for purposes of the limit.

The IRS for decades stated that you could rollover one IRA distribution per 12-month period for each IRA that you own.  The IRS applied the tax court’s new interpretation starting January 1, 2015.

These actions by the IRS will not affect the ability of an IRA owner to transfer funds from one IRA trustee directly to another, because such a transfer is not a rollover and, therefore, is not subject to the one-rollover-per-year limitation of Internal Revenue Code Section 408(d)(3)(B).  See Rev. Rul. 78-406, 1978-2 C.B. 157.  For assistance with completing an IRA direct transfer to NASA Federal, please contact our Member Services Team at 1-888-NASA-FCU (627-2328).  For additional information on the new rollover interpretation, visit http://www.irs.gov/Retirement-Plans/IRA-One-Rollover-Per-Year-Rule.

12 Ways To Practice Safe ATM Transactions

ATM fraud is on the rise. Here are 12 ways to protect yourself and your account from theft!

1. Look for recent device modifications – bulky keypads, electrical tape, fresh glue, unworn plastic, etc. These can be signs of a PIN capture device being used.

2. Check for cameras – tiny pinholes provide clear views of the keypad and are a prime target for recording PINs. Security cameras designed for safety are obvious and usually mounted further away.

3. Cover the PIN pad with your other hand to keep your transaction safe from prying eyes.

4. Look for people sitting nearby who are using laptops, tablets, or cellphones. If they’re sitting there for more than a few minutes, they may be eavesdropping using the device.

5. Do not share your PIN with anyone you don’t want using your card (and that should be a very small circle). If you write down your PIN (not recommended), keep it in a secure location away from the card. Don’t carry it in your wallet or record it in your phone!

6. Only use ATMs in well-lit, public spaces. Prefer those that offer drive-up service and don’t have buildings or heavy foot traffic nearby.

7. If you have trouble with an ATM, go to the nearest bank branch or use another ATM. DO NOT let strangers “help” you with the transaction.

8. Avoid ATMs in tourist hot spots like shopping malls – these high traffic areas make it easier for thieves to work.

9. Monitor your checking account statement regularly for suspicious or unknown charges.

10. Report any unusual account activity to your credit union right away.

11. Remember that POS terminals, gas station consoles and other payment locations are just as vulnerable as standalone ATMs.

12. Whenever possible, process your debit card transaction as a “credit” transaction so you will be prompted to sign for it rather than enter a PIN that can be seen by the next person in line.

Apple PayTM and Chip Cards

We always appreciate hearing from our members, because it helps us to improve upon the services that we offer. We have several projects underway to further enhance your experience with NASA Federal and to help protect the security of your account information. To answer a few of the questions we have received from members, we wanted to share an update on two projects that are currently underway.

When is Apple PayTM coming to NASA Federal?

Depending on Apple’s approval, we hope to introduce Apple Pay to our members within the next few months. We are excited to offer this service to our many iPhone 6 users who we know are also very excited to use the service on their new phones.

When Apple Pay was first launched in October, only a select few, larger financial institutions were a part of the release. NASA Federal is a part of a small group of other financial institutions that are approved to begin the process of fully testing Apple Pay with our systems in preparation for making it available to our members in the next few months.

For more information about Apple Pay, visit https://www.apple.com/iphone-6/apple-pay/.

When will NASA Federal begin issuing chip cards?

At NASA Federal, we’re constantly looking for ways of giving you more with your NASA Federal credit cards.  To provide you with greater flexibility and enhanced security, we are working to offer chip cards within the October- November 2015 time frame.

Over the next year, more merchants will begin to install chip-enabled terminals. The embedded chip in our new cards will enhance card security, giving you peace of mind when you use your card at chip-enabled terminals.

Once our new cards are issued, using your card at the chip-enabled terminals will be easy. Simply insert your chip card and sign to authorize the transaction.  For merchants who are not yet equipped with chip-enabled terminals, swipe the magnetic strip and sign your name as usual.  When making transactions over the phone or online, nothing changes. Simply provide your credit card number, and complete the transaction as you do today.

While we’re working on enhancing the security of your cards, rest assured knowing that you have the benefit of Visa’s® Zero Liability for unauthorized transactions on your NASA Federal Credit or Debit cards.

Be Wary of ‘Order Confirmation’ Emails

Republished from http://krebsonsecurity.com/2014/12/be-wary-of-order-confirmation-emails/ originally published on 12/14/2014

If you receive an email this holiday season asking you to “confirm” an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.

Home Depot Scam Confirmation

An “order confirmation” malware email blasted out by the Asprox spam botnet recently.

Seasonal scams like these are a perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that it’s easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25.

Walmart Scam Confirmation

This Asprox malware email poses as a notice about a wayward package from a WalMart order.

According to Malcovery, a company that closely tracks email-based malware attacks, these phony “order confirmation” spam campaigns began around Thanksgiving, and use both booby-trapped links and attached files in a bid to infect recipients’ Windows PCs with the malware that powers the Asprox spam botnet.

Asprox is a nasty Trojan that harvests email credentials and other passwords from infected machines, turns the host into a zombie for relaying junk email (such as the pharmaceutical spam detailed in my new book Spam Nation), and perpetuates additional Asprox malware attacks. Asprox also deploys a scanning module that forces hacked PCs to scan websites for vulnerabilities that can be used to hack the sites and foist malware on visitors to that site. For an exhaustive and fairly recent analysis of Asprox, see this writeup (PDF) from Trend Micro.

Malcovery notes that the Asprox spam emails use a variety of subject lines, including “Acknowledgment of Order,” “Order Confirmation,” “Order Status,” “Thank you for buying from [insert merchant name here]”, and a “Thank you for your order.”

Target Scam Confirmation

Target is among the many brands being spoofed by Asprox this holiday season.

If you receive an email from a recognized brand that references an issue with an online or in-store order and you think it might be legitimate, do not click the embedded links or attachment. Instead, open up a Web browser and visit the merchant site in question. Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the transaction — information that can be used to look up the order status at the merchant’s Web site.

Sony Hack: What You Need To Know

It’s easy to think no one is safe on the Internet anymore. On December 1, tech giant Sony joined retailers like Home Depot and Target on the list of apparently vulnerable computers. A large-scale hacking effort hit its films division, Sony Pictures.

There are quite a few reasons for consumers to be aware of this developing story. First off, if you’re a PlayStation owner, you might be wondering if your data was compromised. In addition, if you’re an Internet user, you might be wondering how to keep yourself safe from future hacks. To help address those concerns, let’s go over what we know and what you need to do to protect yourself.

The Hack

On December 1, the FBI issued a “flash” warning to business owners warning them of a dangerous new strain of malware. The FBI later confirmed that this malware had been used in an attack on Sony Pictures. Sony issued a statement describing the attack that afternoon.

According to Sony, screens across the company went black, their contents replaced by the message “Hacked by #GOP.” GOP, in this case, stands for Guardians of Peace, a known group of cybercriminals. The group also threatens to release “secrets” stolen from Sony servers.

Sony suspects that North Korea, or a nation acting as its proxy, may have engineered the attack out of a desire to stop the new James Franco/Seth Rogen movie “The Interview.” In the film, Rogen and Franco are TV personalities sent by the CIA to assassinate North Korean leader Kim Jong Un. The North Korean government has condemned the film in letters to the United Nations and the White House. A representative of the North Korean government denied responsibility in the attack.

The hackers compromised several screener copies of yet-unreleased Sony movies, including WWII drama “Fury” and the forthcoming remake of “Annie.” They also gained access to a great deal of confidential internal information. The Social Security numbers of several celebrities and the home addresses of many Sony employees have already been made public.

The exact extent of the leak is, as of yet, unknown. Sony has brought in an outside security expert to determine the extent of the damage while the FBI conducts an investigation into the origin of the attack.

The Followup

On December 8, hacker group Lizard Squad launched another attack, this time targeting the PlayStation Network’s login server. Sony has not indicated whether consumer records were affected by the attack and the outage lasted only a few hours.

While there is no direct evidence linking the two events, the timing is suspicious, at the very least. Until Sony completes its investigation, there’s no way to know whether or not the same vulnerability was exploited by both groups. At time of press, the gaming network is secure.

What Was Learned

As it turns out, individual web users aren’t the only victims who need to beware of suspicious downloads. In each of the big security breaches this year, corporate computer users have downloaded devastating malware onto company computers. Even the best security software couldn’t have protected against user negligence.

There’s no need for individual consumers to panic. No user data appears to have been compromised. PlayStation Network users might consider changing their passwords, but no further action is needed. Unless you work for Sony, it’s unlikely your personal information was compromised.

Continue to follow identity monitoring best practices. Check your credit card statements. Change your passwords regularly. Keep an eye on your investment accounts. Report suspicious account activity immediately.

The real lesson from the Sony hack should be the prevalent threat of malware. Even with the highest caliber security software, downloading a dangerous file can do serious damage to your computer- and your identity. Here are a few guidelines to help keep you safe online:

  • Don’t open attachments within emails unless you’re expecting them. The rise of email worms that spread using contact lists means we should always be suspicious of attachments. If you need to share a picture or document, consider using a secure upload service. Try free apps like Dropbox or Google Drive to keep your files safe and shareable.
  • Don’t follow links if you don’t know where they’re going. A malicious program could be cleverly disguised behind a news headline. If you don’t recognize the host of the website, just don’t click it.

Safeguard your login information. Don’t share usernames or passwords for any service with anyone. Any piece of identifiable information you publish can be used to fish for more passwords.

Cash Flow Budgeting

A Fast, Flexible Way To Fix Your Finances

You’ve heard it from a million places: Budget your money! Make a firm plan and stick with it. It’s the pathway to prosperity!

For many people, though, that advice just doesn’t resonate. They feel constricted by a budget. Keeping cash in separate envelopes makes them feel like they can’t have a life. It takes too much planning and too much rigid denial. They break their budget and sometimes wind up in serious financial trouble.

Other people have an inconsistent cash flow, making creating and keeping a budget difficult. Maybe they’re freelancers who work gig-to-gig. Maybe they’re in commissioned sales. Maybe their hours fluctuate month-to-month. Whatever the reason, it’s hard to make a detailed plan when your bottom line changes every month.

The answer isn’t to give up on budgeting. The collective wisdom, that monitoring your expenses and income streams is the way to stability, still holds true. It might just require a different approach to budgeting: cash flow focus.

Cash flow focus is the strategy used by most businesses. They pay their fixed costs, and whatever is left is used to grow the business. You can manage your finances the same way.

Just follow these four steps:

1.) Automate your savings

Even if you disregard everything else in this article, implementing this one tip can be life-changing. Figure out how much of your income you can save, then take that out as soon as you get paid. You can set up monthly transfers from your draft account to your savings account. You can also divide the money between the accounts on a per deposit basis. How you choose to do so is less important than doing so.

Like the saying goes, pay yourself first. This savings provides you the flexibility to cover big expenses or make major purchases on your schedule. It’s the single most important step in any budget, but it’s even more important with cash flow budgeting.

When you automate your savings, you remove the money you saved from consideration. You can’t spend it; you’ve already spent it on savings. The importance of this kind of savings will become more clear once you see this budget in action.

2.) Pay your needs and your priorities

Make a list of your essential expenses each month. Include your rent or house payment, your car loan and your utilities. Also include your student loan payments, your insurance and other necessary expenses. These are your “fixed costs.” They get paid after your savings contributions are made.

Next, make a list of your priorities. Include your charitable contributions, vacation savings and retirement account contributions. These are your “growth expenses.” They get paid after your fixed costs.

If you don’t have enough money to make these bills, you don’t need a better budget. You need to lower those bills or increase your income. No amount of spreadsheet magic will change that bottom line.

It’s helpful to automate savings for these expenses, too. That way, you never get caught short on these bills. Transferring this money to a check-only draft account can be a helpful way to ensure you don’t spend it.

3.) Spend the leftovers

This message may sound peculiar for personal finance advice. Remember, though, that you’ve already automated your savings. What you’re spending here is the leftovers – the extra that’s left at the end of the month.

Spend this money however you like – don’t worry about putting this much in entertainment and that much in travel. Just keep track of how much you’ve spent so you don’t accidentally overdraft your account.

This approach allows you to go out or indulge in a latte. You don’t have to worry about including it in your budget. Your spending habits might change as the month goes on, just like a business. If you know there’s a big outing before you get paid again, you may want to save some money for that. You don’t need to say that you can’t go because you didn’t budget for it.

4.) Roll over what’s left

If you’ve worked in a big business, you’ve seen departments desperately spending at the end of the fiscal year. Departments buy cases of pens and paper, knowing that they’ll lose whatever they don’t spend. Fortunately, you’re more flexible than a big business. You don’t have to spend it all. If you have money left over at the end of the month, then you have more to spend the next month.

If you have a month with slightly higher expenses, you can cover it from a previous month’s slightly lower expenses. Your spending will change from month to month, as might your income. So long as you keep the former smaller than the latter in the long run, you’ll be fine.

That’s what cash flow budgeting is about: flexibility. You don’t have to write your unbudgeted spending purposes in stone. You don’t have to mess with cash envelopes or other strategies. You can spend when you have money and save for when you don’t.