Three Ways to Ensure Your Kids Stay Debt-Free Later in Life

All parents want their kids to grow up to be financially secure. So why do so many children lack basic financial skills?

A recent study by the Program for International Student Assessment found that one in five American teens lack simple knowledge of how money works. As a subject, money seems to slip through the cracks between family and school, leaving many children to learn it on their own. The problem is that, without proper guidance, they may never grasp fundamentals like saving, balancing a budget, and avoiding debt, which can lead to stress and hardship when they grow up.

To ensure that your kids become money-smart adults, here are three things to keep in mind:

1. Don’t wait to educate

Introduce money to your kids’ lives early. Many children can understand simple financial concepts as early as five, which is a good time to teach them about the value of dollars and cents, as well as concepts like needs versus wants.

Another great tool for teaching money management at a young age is an allowance. With an allowance, children start to learn the importance of not spending all their money at once. If you don’t love the idea of giving your kids free money, create a system where they can earn it through chores or tasks.

2. Have them open a savings account

Once your children start receiving an allowance or regular income, have them set aside a fixed amount for savings. Explain that savings are important for things they want but can’t afford right now. To reinforce the idea, take them to your local financial institution to open a savings account in their name. Explain that they can deposit money into it, and withdraw from it when they have enough to purchase their savings goal.

3. Share successes—and failures

As your children’s money mentor, you should share examples from your own life once your kids are a little older. Did you pay off a credit card recently? This is an opportunity to explain the concept of debt, and why it’s crucial to eliminate it.

Of course, no one’s perfect. If you over-spent and blew your budget last month, don’t sugarcoat your mistake. Talk to them about where you went wrong, and how you intend to do better next time. Honesty lets them know that it’s okay to make—and learn from—mistakes.

Looking for Love in Online Places May Lead to Scams

The holiday season for some is a time for looking for love. No one likes to be alone for the holidays, so some put pressure on themselves to hit the dating sites. But there are risks with online dating and should you choose to engage, use some good judgment when exchanging information with those you meet via online dating sites or even social media. Unfortunately, not everyone is truly looking for love. Instead, they threaten you if you don’t pay up.

There are many scams involving online dating and friendships nurtured via social media such as Facebook. In many cases, the scammers use social engineering to lure victims into a false sense of security. Once a relationship is formed, whether romantic or otherwise, some plea for financial assistance is requested. In a recent scam, the romance turns from texting and sending photos to a threat of arrest and it’s realistic enough that it may take a while for the potential victim to realize it’s really a scam.

One victim was chatting away with someone he had met on a dating site. According to her profile, she was in her late twenties. Once trust had been built, the woman sent some provocative pictures and asked him for some in return.

Not wanting to disappoint, he did it. The next thing he knew, she revealed herself to be a minor and he immediately received a call from the “local police.” He was suspicious and looked up the phone number that showed on his caller ID. It did show as belonging to the police. He picked up and was threatened with three felony counts and a prison sentence.

He then received a call from the girl’s “father” who implied that money might make the problem go away. That’s when the victim got wise.

There are a couple of notes in this scam. Firstly, it’s not difficult to make a phone number appear to come from someone else. It happens all the time. Sometimes there are legitimate reasons to spoof a phone number. For example, if you own a business and have several phone lines, you might like them all to reflect as coming from one single number so your customers don’t get confused.

However, there are many scammers who change them just to trick you into picking up. A recent tactic involves changing the number to make it appear as if it is from someone nearby, such as a neighbor. This is called “neighbor spoofing.” Sometimes, they make the number your own hoping that you’ll pick up, even if out of sheer curiosity. Just don’t answer. If you do, don’t press any numbers or provide any information. Just hang up.

The second point in the case of this romance scam, just don’t send compromising photos. Not only can they be used against you in situations like this, but also in some cases it may be a felony.

Don’t be afraid to use online dating sites. There are many success stories. However, should something like this happen to you, report it to local authorities. If people don’t, these scams will only continue and there will be more innocent victims.

© Copyright 2017 Stickley on Security

Get Free Milk And Free Malware Too

Everyone likes to get free stuff. Admittedly it’s better if it’s a free vacation or free money. However, researchers at Palo Alto Networks have found a way you can get FreeMilk. Hey, free is free! There is bad news, of course. It comes in the form of malware. The schemers have figured out a way to intercept ongoing email “conversations” to distribute malware around the world. It exploits either a Microsoft Office or WordPad vulnerability and involves two steps.

It uses a decoy document in an email message that uses specific information about the recipient in hopes it’ll make him or her think it’s an authentic message, as part one. That’s what they put together when they intercept the email conversation. This is the PoohMilk part of this. Then comes Freenki. This does the damage. It collects information such as user name, computer name, active processes on the computer, and can take screenshots of the device. The information is then sent to the attackers who can use it for other attacks.

In spearphishing, attackers gather information about the intended targets. This could be acquired from social media profiles and posts, such as from Facebook or LinkedIn, but could also be a result of a phishing phone call (vishing). Then they use it to craft the email. Since the recipients see all the specific information, they are more likely to click a link or attachment.

Just because the information may be accurate and specific, doesn’t make any attachment free of harm. Question why a document may be coming in the middle of a conversation before clicking it. Call the sender on the phone and ask about it first. You can even send a text. Just don’t reply to the message and in this case, it’s better if you don’t send email at all.

There are literally no attachments that are safe these days. Malware can come in the form of documents, spreadsheets, executable files, text files, images, and anything else you can come up with. If you are not expecting an attachment or link, don’t click it.

This is fortunately, a limited spearphishing campaign discovered by the researchers in May of this year. But that doesn’t mean it won’t come across your inbox. Always be on the lookout for these scams.

© Copyright 2017 Stickley on Security

Baby, It’s Cold Outside: Reducing Seasonal Energy Costs

When winter hits, we can’t help but think of that old song, “Baby, it’s cold outside.” For many of us, winter means high energy bills, but sitting in the dark or turning off the heat are not your only options. Here are some ways to improve your home’s energy efficiency and save money during the cold months:

Sealing

Cold air can get in around the sides of windows, doors, and vents. If you hold a piece of tissue near the frames inside on a windy day and it flutters, you need to seal the window. Check out your local hardware store and pick up some weather-stripping. Talk to an employee or do research online about the right product.

Insulation

Insulating your attic can increase your home’s energy efficiency significantly, and it’s usually fairly easy. Consult with a professional or do some research at the Department of Energy.

Heating and Cooling Systems

Temperature systems account for about 56% of the energy in a typical U.S. home, so updating can save a lot. You can retrofit or replace your furnace or boiler, depending how long your system has to live and how much each option costs. New heating systems can achieve an efficiency of up to 97%.

Appliances and Electronics

Appliances account for 20% of energy use in a typical U.S. home. Old ones can be energy hogs. To find energy-efficient products, look for the Energy Star label. For more information, check www.energystar.gov.

Water Heaters

Insulating or increasing the insulation on your water heater tank and pipes can decrease heat loss and lower your energy bills for a fraction of the price of replacing your water heater. On the other hand, if your water heater is nearing the end of its life, it is probably a good idea to replace it.

Solar Panels

Solar panels typically have high upfront costs, though they can provide clean, free energy for years to come. Use the Solar Calculator at www.findsolar.com to estimate the cost of installing panels and how long it will take for your investment to pay you back.

Financing

Many cities and states have programs to help pay for green renovations. Contact your state’s energy department to see what low-interest loans, rebates, or other benefits are available. You may also qualify for tax benefits; visit the IRS’s website.

*Energy usage and efficiency figures come from the Department of Energy. For more facts and tips, visit www.energysavers.gov.

Revised January 2016

ATMs Are Becoming The Preferred Method For Stealing Cash

While stealing via payment card and identity theft is still popular, visits to ATMs are starting to be a preferred method of stealing cold hard cash by gangs of cyberthieves. Called jackpotting or cashing out, recent attacks were carried out in Taiwan, Russia, the UK, The Netherlands, Spain, Belarus, Estonia, Armenia, and other countries throughout Europe and Asia, according to Europol and Trend Micro. These groups use malware that is installed on a financial institution’s network, eventually making it to the ATMs allowing them to empty the machines of cash.

Unsurprisingly, the malware gets there via spear-phishing. Typically, the thieves send a malicious attachment to prescreened employees of the financial institution. If it’s opened, the malware executes and makes its way through the network. This method allows it to bypass perimeter security tools such as firewalls and intrusion detection systems.

Once the malware is on the ATMs, a low-level group member (a money mule) enters a sequence of numbers onto the keypad and relieves the machine of all the cash inside. Sometimes debit and credit card information is also retrieved from the ATMs.

Ripper malware was used in such an attack in Thailand in 2016. Thieves stole roughly $363,000 worth of baht. In Taiwan, a more sophisticated technique was used, where the thieves stole administrator credentials by accessing a bank’s voice recording system. They then mapped the network, locating the ATMs updating system, ultimately “updating” the system and loading malware that instructed the machines to dispense the maximum number of banknotes. They ended up with $2.7 million.

These types of attacks are becoming more popular because it’s less risky than walking into a bank with a note and a firearm demanding all the cash from the drawers or vaults. In fact, it’s unlikely the criminals in a remote attack using the money mules will ever be identified or caught.

© Copyright 2017 Stickley on Security

TrickBot Trojan Evolves To Steal Email Messages And Cryptocurrency

The infamous TrickBot financial Trojan is a very active and ever-changing one that continues to make its way around the globe. IBM X Force Research has recently discovered that it not only is targeting major banks, but now can also empty crypto-wallets of all the accumulated currency. It doesn’t stop there, however. It can now steal Outlook email messages and information from browsers as well. This version is being propagated through phishing email messages as well as through websites.

 

Earlier this summer, this Trojan was being sent in spam campaigns at the rate of 75,000 in a mere 25 minutes. It tricked customers of the UK’s Lloyds Bank out of login credentials by using legitimate security certificates and website addresses that were so close to the actual ones, that it was nearly impossible to identify them as imposters.

Regardless of where email messages originate, always pay attention to where any links may be taking you. If you need to check something in any of your online accounts, log into them directly from the websites and verify there. Don’t click links or attachments or panic because an email claims you will be locked out of your account or poses some other threat.

If you don’t know the sender, it’s good practice to never click links or attachments anyway. And if you get an email from Aunt Martha that has a short “Hey, look at this” type of message with just a link, it should be deleted right away. It’s unlikely Aunt Martha would send such an obscure note. If you want to be sure not to offend her by trashing it without looking, pick up the phone and call her first to confirm she did intend to send it to you.

This malware is also now being delivered via fake websites. So, pay close attention when typing addresses into browsers so you don’t set it loose that way either. TrickBot is being sent at a rate of 40 million email messages per week and is targeting financial institutions in over 40 countries.

© Copyright 2017 Stickley on Security