Phishing No Longer Coming Only Through Your Email

Phishing attacks are no longer limited to email messages. It is true that they most often still are sent either as part of a spam campaign or from spear-phishing, but they can also arrive via text/SMS, the phone (vishing), social media, or even merely from a visitor mistyping an address in the browser. It’s even been known to happen if a phone number is misdialed, from a rogue USB drive, or from apps that have been installed on mobile devices.

There are ways to avoid this and most of them are easy and only rely on some common sense.

– If the offer or statement sounds too good to be true, it probably is and therefore should be ignored. If a claim is made that all you have to do is provide your social security number to get a million dollars, it is probably phishing. You won’t likely get money, but you might get your identity stolen.

– If you received a post or private message on social media that a friend is in trouble and needs your help, verify it first. If you had no idea said friend was heading out on an exotic vacation, the post or message could be (or even most likely is) a scam. A quick phone call, text, or email message to your friend can quickly make sense of such a post. Don’t reply to the message or even post back to them in social media. Instead, let him or her know this happened, let the social media platform know, and ask your friend to warn others that it’s a scam.

– Pay attention to the senders, but don’t blindly believe that whomever sent you the text or message is who he or she says. It’s easy to spoof (impersonate) email addresses and even phone numbers these days. If you aren’t expecting to receive a link or attachment, don’t click it. Verify it first or ignore it altogether.

– Sometimes phishers use the phone. This is called vishing. Often, someone calls offering to help you with a computer problem in exchange for a fee. Although there is a good chance you could use help with your computer, there is no way that Microsoft, Apple, or any other company will know without you telling them first that you are having an issue. Don’t give in to this tech support scam or any others that solicit money or ask for sensitive information without you initiating it.

– Remember that government agents do not initiate communications via email or phone. A letter in the U.S. Mail is the first step. IRS scams are common and tend to increase in volume around tax season. Even if the so-called agent gives a name and badge number, don’t provide any information back to them. Instead, go to the IRS or other agency’s website and contact it that way.

– If you find a USB drive lying around, don’t just pop it into your computer. Unfortunately, studies have shown that people are all too willing to do this and the results are not favorable. Often these include malicious files that open when they are inserted into the USB slots. Phishing often follows in some form. If the curiosity is too intense, take it to someone who can test it for malware first. However, it’s best to just toss it out and ignore it.

Following these guidelines will help you avoid being the next victim of a Spanish Prisoner or Nigerian Prince scam. Your information belongs to you and if a person claims to need it, take the extra time to determine if they really do. That could save you or your organization from becoming a victim of identity theft or fraud.

© Copyright 2017 Stickley on Security

Critical Flaw in WiFi Chip Leaves Millions of Mobile Devices Vulnerable; Update ASAP

Early last week, Apple released an update that addressed approximately four-dozen security flaws. One of them is a vulnerability in a WiFi chip that, should an attacker feel so compelled, could allow him or her to gain access to iPads, iPhones, and iPods and execute arbitrary code without any action what-so-ever from the user. According to the U.S. Computer Security Resource Center’s National Vulnerability Database, taking advantage of this flaw isn’t particularly complex and it also affects Android devices.

Google announced a fix for this Broadcom WiFi chip issue earlier in the month. However, the latest 10.3.3 version for Apple devices hasn’t shown up in some users’ update notifications yet. Therefore, anyone with iPhone 5 or later, 4th generation iPads and later, and 6th generation iPods may need to do a manual check to see if the update has been released by their carriers. In some cases, cellular service providers may hold off on releasing patches for a while. There is little you can do about that, but rather than wait for that little notification to show up, if you go to your general settings and check for an update manually, it may show up as available for some. Don’t forget that this also affects the Android operating system; so if your notification hasn’t shown up yet, check on it. If needed, due to the severity of this one, contact your providers and find out when they intend to release it for your device. The more people who contact them about this, the faster they are likely to push them out to customers.

In the meantime, try to avoid logging into public or unsecured WiFi locations until you can get your device updated. Also be sure not to do any transactions on these WiFi connections that require sensitive information to be sent, such as financial transactions.

As with any update, be sure to back up your devices before applying them. This is just to protect your data in case the fix doesn’t get applied as planned. You can make a backup to your computer or to the cloud and if needed, restore it from this backup.

As with any updates, as soon as they are available, take some time to apply them. And not just the operating system, keep all the software and applications on your computers and mobile devices updated with the latest patches and versions of those products.

© Copyright 2017 Stickley on Security

Fix Your Home-Repair Plan

Experts estimate that the average yearly home repairs cost $1,700. That’s a large chunk of money to not have a plan for. If you are a homeowner and you haven’t planned for this amount in your spending and savings plan, now is the time to get prepared before any nasty surprises derail you. Here are some thoughts to get you started on the process.

Why It’s A Good Idea

Even new homes are going to need repairs; things just have a way of popping up. Try not to fall into the trap of thinking you won’t need money for repairs or maintenance for a while because your home seems fine now. That can really come back to hurt you if you later need to take out costly loans or put repair bills on a credit card.

Also remember that performing routine maintenance now can actually save you a lot of money since it can help you to avoid the huge problems that neglected maintenance can lead to down the road.

Plus, making upgrades to your home can help increase the value of your home, which will be crucial when you want to sell the home or take equity out later.

How to Estimate Your Upcoming Needs

A common shorthand way of figuring home repair needs is to put at least 1% of your home’s value each year toward repairs and maintenance. For example, if your home is worth $150,000, you should try to put $1,500 year, or $125 per month, into savings for home upkeep.

Areas To Give Special Attention To

The 1% Rule is a handy guideline, but if your home has a problem with its roof, water drainage, heating/cooling or foundation, you should be putting 3-4 times more money into savings to deal with it.

What You Can Do Right Now

If you’ve already done a spending and savings plan, it’s not necessary to complete an entirely new one for these types of expenses. Just examine your current spending plan and see where some money can be moved around to give you some added security. If you can’t meet the monthly goal right away, don’t fret. Putting even a small amount each month toward eventual fixes is far superior to saving nothing.

It’s a good idea to create a separate savings account for home repairs. You may want to include this money in your general emergency savings account, but keep in mind that you may have multiple problems come up within a short amount of time. Best to have yourself covered for all eventualities.

Revised January 2016

Cut These Costs TODAY

Have you ever unexpectedly found out you’re quickly going to have less income? It’s enough to throw you into a panic. But the best way to get through hard times is to take a few deep breaths and put a plan together. Check out these common targets for quick and effective expense cuts.


You might find it obvious that evenings dining out at fancy restaurants probably aren’t the best idea when experiencing a budget crunch. But think about your groceries too. Consider avoiding the higher-priced stores and stocking up on the basics at the more reasonably priced spots. You might find that cooking at home and taking your lunch to work saves you lots of money and ends up being healthier too.


If you’re like most people, your visual entertainment comes from multiple sources. You may watch movies on cable, in the theater, via rental or online. In crisis situations, it’s best to focus on watching movies at home and using one particular way to do it. In other words, if you have both Netflix and premium movie channels, it’s probably time to go with one or the other.

Phone Plans

It’s nice to use a smart phone to be able to look up information on the go, but you could probably do it without the data plan if you had to. Did you know that you could also be on a prepaid smart phone plan? Call your service provider to ask them to perform an analysis on which plan is best for you. You might be paying for more than you actually need. Also consider eliminating your house phone if you have one.


It’s important to get some stress-relieving exercise during this trying time, but there’s no reason why you should have to spend money to do it. Brainstorm ways to be active without having to fork over a big chunk of your paycheck. The main thing is to just get moving!

Shopping as Entertainment

One activity that could put you in the trouble zone is shopping for fun or to ease tension. “I won’t buy anything, I’ll just browse” too often can lead you down the path of unnecessary spending. Eliminate leisure shopping or other activities that put you in temptation.


Is it an option to work from home more? Can you carpool or combine your errands into fewer trips? If your family has multiple vehicles, can you sell one and share the remaining?


With the ease of using the Internet to compare rates, the insurance business is much more competitive than it used to be. Shop around for the best deals on any type of insurance you have—auto, home, life, etc. Check into bundling these with one company to save even more. How is your credit score? This might affect the cost of certain insurances. Also be sure to ask about discounts you might apply for, and the option of raising your deductible in exchange for a lower monthly payment.


Think of ways to stay warm or cool more efficiently. Put on more layers in the colder months and spend more time outside during the warmer times. Be conscious of turning everything off and even unplugging electrical items when you leave a room.

Habitual Items

When you have a comfortable financial situation, it’s easy to buy coffee, cigarettes, alcohol and convenience store snacks without thinking too much about it. But in these tighter times, think about what you are really getting out of these purchases and if there are expenses that are more important.


If you have more money taken out of each of your paychecks than is necessary in order to get a large income tax refund check in the spring, you are over-paying the government each month. Cut this expense by using the IRS withholding calculator to determine the appropriate amount to have withheld from each paycheck.

None of these cost-cutting measures alone is guaranteed to immediately solve all cash flow issues, but in concert they can potentially save you hundreds of dollars per month.


Revised January 2016

10 Years and Counting: Points to Consider as You Approach Retirement

If you’re a decade or so away from retirement, you’ve probably spent at least some time thinking about this major life change. How will you manage the transition? Will you travel, take up a new sport or hobby, or spend more time with friends and family? Should you consider relocating? Will you continue to work in some capacity? Will changes in your income sources affect your standard of living?

When you begin to ponder all the issues surrounding the transition, the process can seem downright daunting. However, thinking about a few key points now, while you still have years ahead, can help you focus your efforts and minimize the anxiety that often accompanies the shift.

Reassess your living expenses

A step you will probably take several times between now and retirement — and maybe several more times thereafter — is thinking about how your living expenses could or should change. For example, while commuting and other work-related costs may decrease, other budget items may rise. Healthcare costs, in particular, may increase as you progress through retirement.

Try to estimate what your monthly expense budget will look like in the first few years after you stop working. And then continue to reassess this budget as your vision of retirement becomes reality.

According to a recent survey, 38% of retirees said their expenses were higher than they expected. Keeping a close eye on your spending in the years leading up to retirement can help you more accurately anticipate your budget during retirement.

Consider all your income sources

First, figure out how much you stand to receive from Social Security. The average annual retirement benefit is about $11,800 for women 65 and older and $15,200 for men in the same age group. The amount you receive will depend on your earnings history and other unique factors. You can elect to receive retirement benefits as early as age 62, however, doing so will result in a reduced benefit for life. If you wait until your full retirement age (66 or 67, depending on your birth date) or later (up to age 70), your benefit will be higher. The longer you wait, the larger it will be.

You can get an estimate of your retirement benefit at the Social Security Administration website, You can also sign up for a my Social Security account to view your online Social Security statement, which contains a detailed record of your earnings and estimates for retirement, survivor, and disability benefits. Your retirement benefit estimates include amounts at age 62, full retirement age, and age 70. Check your statement carefully and address any errors as soon as possible.

Next, review the accounts you’ve earmarked for retirement income, including any employer benefits. Start with your employer-sponsored plan, and then consider any IRAs and traditional investment accounts you may own. Try to estimate how much they could provide on a monthly basis. If you are married, be sure to include your spouse’s retirement accounts as well. If your employer provides a traditional pension plan, contact the plan administrator for an estimate of that monthly benefit amount as well.

Do you have rental income? Be sure to include that in your calculations. Might you continue to work? Some retirees find that they are able to consult, turn a hobby into an income source, or work part-time. Such income can provide a valuable cushion that helps retirees postpone tapping their investment accounts, giving the assets more time to potentially grow.

Some other ways to generate extra cash during retirement include selling gently used goods (such as furniture or designer accessories), pet sitting, and participating in the sharing economy — e.g., using your car as a taxi service.

Pay off debt, power up your savings

Once you have an idea of what your possible expenses and income look like, it’s time to bring your attention back to the here and now. Draw up a plan to pay off debt and power up your retirement savings before you retire.

Why pay off debt? Entering retirement debt-free — including paying off your mortgage — will put you in a position to modify your monthly expenses in retirement if the need arises. On the other hand, entering retirement with a mortgage, loan, and credit-card balances will put you at the mercy of those monthly payments. You’ll have less of an opportunity to scale back your spending if necessary.

Why power up your savings? In these final few years before retirement, you’re likely to be earning the highest salary of your career. Why not save and invest as much as you can in your employer-sponsored retirement savings plan and/or IRAs? Aim for maximum allowable contributions. And remember, if you’re 50 or older, you can take advantage of catch-up contributions, which enable you to contribute an additional $6,000 to your 401(k) plan and an extra $1,000 to your IRA in 2017.

Manage taxes

As you think about when to tap your various resources for retirement income, remember to consider the tax impact of your strategy. For example, you may want to withdraw money from your taxable accounts first to allow your employer-sponsored plans and IRAs more time to potentially benefit from tax-deferred growth. Keep in mind, however, that generally you are required to begin taking minimum distributions from tax-deferred accounts in the year you turn age 70½, whether or not you actually need the money. (Roth IRAs are an exception to this rule.)

If you decide to work in retirement while receiving Social Security, understand that income you earn may result in taxable benefits. IRS Publication 915 offers a worksheet to help you determine whether any portion of your Social Security benefit is taxable. If leaving a financial legacy is a goal, you’ll also want to consider how estate taxes and income taxes for your heirs figure into your overall decisions.

Managing retirement income to result in the best possible tax scenario can be extremely complicated. Qualified tax and financial professionals can provide valuable insight and guidance.

Account for health care

The Employee Benefit Research Institute reported that the average 65-year-old married couple, with average prescription drug expenses, would need $221,000 in savings to have at least a 75% chance of meeting their insurance premiums and out-of-pocket health-care costs in retirement in 2016. This figure illustrates why health care should get special attention as you plan the transition to retirement.

As you age, the portion of your budget consumed by health-related costs (including both medical and dental) will likely increase. Although original Medicare will cover a portion of your costs, you’ll still have deductibles, copayments, and coinsurance. Unless you’re prepared to pay for these costs out of pocket, you may want to purchase a supplemental Medigap insurance policy. Medigap policies are sold by private health insurers and are standardized and regulated by both state and federal law. These plans cover certain specified services, but offer different combinations of coverage. Some cover all or part of your Medicare deductibles, copayments, or coinsurance costs.

Another option is Medicare Advantage (also known as Medicare Part C), which allows Medicare beneficiaries to receive health care through managed care plans and private fee-for-service plans. To enroll in Medicare Advantage, you must be covered under both Medicare Part A and Medicare Part B. For more information, visit

Also think about what would happen if you or your spouse needed home care, nursing home care, or other forms of long-term assistance, which Medicare and Medigap will not cover. Long-term care costs vary substantially depending on where you live and can be extremely expensive. For this reason, people often consider buying long-term care insurance. Policy premiums may be tax deductible, based on a number of different factors. If you have a family history of debilitating illness such as Alzheimer’s, have substantial assets you’d like to protect, or want to leave assets to heirs, a long-term care policy may be worth considering.

Ease the transition

These are just some of the factors to consider as you prepare to transition into retirement. Breaking the bigger picture into smaller categories and using the years ahead to plan accordingly may help make the process a little easier.


Prepared by Broadridge Investor Communication Solutions, Inc. Copyright 2017


* Non-deposit investment products and services are offered through CUSO Financial Services, L.P. (“CFS”), a registered broker-dealer (Member FINRA/SIPC) and SEC Registered Investment Advisor. Products offered through CFS: are not NCUA/NCUSIF or otherwise federally insured, are not guarantees or obligations of the credit union, and may involve investment risk including possible loss of principal. Investment Representatives are registered through CFS. NASA Federal Credit Union has contracted with CFS to make non-deposit investment products and services available to credit union members.

CUSO Financial Services, L.P. and its representatives do not provide tax advice. For such advice, please contact a tax professional.

Everyone Knows About Phishing, So Why Are We Still Clicking?

Keeping up with the latest phishing scams and how to avoid them is apparently not fool proof enough. Cyber scammers know how we try to avoid them and they are continually using that knowledge to make phishing more sophisticated and effective.

A Google and University of California study finds a startling 25% to 45% of all phishing emails and bogus phish landing sites are successful. And just how does that happen with so many users aware of the latest and greatest phishing scams? Security experts agree that scammers are getting better and better at making their links appear to be legitimate. These cyber creeps pounce on the slightest weakness on the user’s part. Duplicating and fabricating landing pages or “linking” emails from trusted senders and businesses are only the beginning.

So how can a user not open a very tempting email link from the IRS, for example? Simply by knowing the IRS never uses email to contact Americans about their taxes. Better informed than not, security experts agree that knowledge is your best defense but admit security software is key. Being forewarned isn’t just for phishing anymore. Beware of spyware called a “keylogger” that records keyboard strokes as the user types, easily gaining sensitive financial account and other passwords. Take heart as experts share some very important phishing tips…

– An email link from an unknown sender absolutely needs a closer look. Hover your mouse pointer over the link and check its origination. There’s a huge red flag if the sender address doesn’t match the link address.

– Just because the email looks legitimate from a sender you know, check out the sender first. Faking email addresses is very easy to do.

– No legitimate business or sender will ever ask for sensitive or personal information using email. Also, beware shoddy graphics, misspellings, and poor grammar. Scammers may be crafty, but they’re not all geniuses.

– Always keep programs and security products updated. If scammers are looking for weakness, they can easily spot holes in your security.

– A company or service needs to know if they’re being used by phishing scams. Tell them immediately that something’s not right. Let your email security provider know as well. You can also contact the Federal Trade Commission (FTC) or use the Online Complaint Assistant to report most types of fraud.

– It can’t be stressed enough, create and use passwords wisely. Always use a combination of upper and lower case letters, a few numbers, and special characters. Every password should be a minimum of eight characters.

© Copyright 2017 Stickley on Security