Use Caution when Posting Information on Social Media

Conceptual image about how a smartphone open a door to worldwide information sharing.

Facebook, Twitter, Instagram, Snapchat, LinkedIn. These and many others are all online social networking sites that can lead to lots of sharing and fun, but also carry risks.

Online social networks are not harmless. Anyone participating in a social network online assumes some risk of becoming a victim of a con artist or other criminal. This doesn’t mean don’t participate. It’s part of our society and in some cases an important part of business. It’s fine to use it. Just be aware of the risks and do what it takes to avoid becoming a victim of identity theft.

It’s of significant note that once you put something on the Internet, it is on there forever. It never really disappears and there is nothing preventing your connections from sharing. Once that happens, you lose control of it. You cannot remove or delete it or if you can, it will not be easy or fast. If someone in their network shares it, it will crawl even further into the Internet and there really is little to nothing you can do about it.

Therefore, always know who you are giving access to your personal information and if you don’t want them to share something, ask them not to or just don’t post it. In addition, keep in mind that what you post can reflect on your business relationships as well.

Pay attention to who wants to follow, friend, or share with you. Often cybercriminals will try to connect with people in order to learn about them, bring them into confidence, and then scam them. Often this will come in the form on attachments or links passed on once you are “friends” with that person.

Any information found on the Internet may be used against you for nefarious purposes, so always think about what you post. Hackers of all types troll social networking sites to put together collections of information on specific targets. The information may be used for something completely unrelated to social media, but can do a lot of damage. Besides putting yourself in physical danger your information may be used to create phishing messages and send emails to people who know you including your co-workers. Included in the messages could be malware. Once a link or attachment is clicked, it could unleash something nasty on the network and no one wants to be responsible for that.

A good example where criminals will often go to learn important information about you is LinkedIn. This social networking site is a great way to form business relationships but is also often used by criminals to learn more about an organization’s personnel. For example, LinkedIn can provide a would-be criminal with the employee names, job positions, job responsibilities and even how long an employee has worked at the organization. This information can then be used by the criminal to target “high risk” employees or even be used as part of a larger social engineering campaign.

Because this information is now available to the public, you need to be even more diligent in detecting potentially malicious activity. From suspicious emails to phone calls, just because a person contacting you knows some personal information about you, does not mean they can be trusted. They could have gathered that data from social media sites, so don’t be tricked into giving out even more information or opening links and attachments contained in emails.

Think about how you use social media and how much information you want to share with the world. Because even if you think it’s just your “village” seeing the information, the reality is that it isn’t. It’s everyone, everywhere.

© Copyright 2016 Stickley on Security

Know Your Money Psychology Style

moneypsychology

We all make decisions with our money at one point or another that don’t work out for the best. It’s just inevitable. But if you find yourself falling into patterns of behavior that lead to negative financial consequences, it could be time to examine a little more closely how you make these choices.

Experts who study how people make money decisions have identified certain psychological styles for doing so. While no one’s behavior is ever completely encapsulated in a simple description, see if any of the below profiles sounds like you and if so, how that impacts what you do with your money.

The over-giver
Uses monetary gifts to express feelings and connect with people. In some cases, this person may give gifts to others and neglect their own needs.

The soothing spender
Treats money as a tool for self-medicating through difficult times. May make a lot of rash spending decisions that lead to negative feelings later.

The status seeker
Makes money choices based on how it will appear to others and to boost their own self-esteem. Engages in “keeping up with the Jones” behavior to their own detriment.

The bargain maven
Gets a thrill out of finding discounts, whether the product is needed or not. Derives satisfaction not from having a sound financial plan in place, but the emotional boost they get from landing a deal.

The denier
Tries to avoid difficult money issues in the hope that things will “just sort of work out.”

The risk-taker

Always on the lookout for a get-rich-quick scheme like the lottery or highly speculative investments. Lacks patience and looks for shortcuts at the expense of prolonged security.

The hedonist
Sees money as a way to maximize pleasure right now instead of planning for the future.

The controller
Uses money as a way to gain control over people or their own circumstances. Sees money as a way to gain a feeling of safety.

The striver
Constantly looks for ways to improve financial standing for self and for family. May believe that with money comes power. Goal oriented.

The victim
Financial problems are always someone else’s fault. The system is “rigged” against them.

The ultra-conservative
Is afraid of losing money and opportunities for growth are sometimes lost because of it. May be overly affected by events from their earlier life that cause them to not want any risk in their financial affairs.

The prudent manager
Actively saves money, looks to future and avoids emotional money decisions. Seeks out opportunities to expand knowledge and is realistic about strengths and weaknesses.

No one can ever expect you to be perfect, but think about which of these styles your money decisions fall into and which category you would like to be in going forward.

If it helps, the next time you make a purchase or other money decision you end up regretting, ask yourself what emotions fed into that choice. Being able to identify these feelings will help you find better ways to deal with those situations and put you in greater power over your financial life.

 

© 2013 BALANCE

Take a Close Look at Social Security in 2016

ssn

If you’re not close to retirement age, it’s easy to ignore what Social Security is doing. However, some significant announcements late last year make now a very good time to pay attention.

What follows is a summary of notable changes to Social Security at the start of 2016 and ways to ensure you’re making the right retirement planning and claiming (http://www.consumerfinance.gov/retirement/before-you-claim/) decisions based on what’s ahead:

  1. 2016 Social Security payments won’t increase. In late October, Social Security (https://www.ssa.gov/myaccount/) announced that there wasn’t enough inflation in 2015 to create a cost-of-living adjustment (COLA) to monthly benefits this year. Understandably, this announcement shook up recipients who look to Social Security for a significant part of their monthly income. It’s only the third time payments were frozen in the past 40 years since automatic COLA adjustments began, but here’s the rub – all three occasions occurred after 2010. In short, most seniors will have to live with an average monthly payment of $1,341 with married beneficiaries receiving a total of $2,212.
  2. Married and divorced individuals may have to rethink the way they claim benefits. Also last October, Washington settled a federal budget battle in part by closing some notable loopholes in Social Security law that allowed certain married couples to substantially increase their benefits over time and certain divorced individuals to claim benefits from former spouses under certain circumstances. These new restrictions on so-called file-and-suspend and restricted-claim strategies go into effect this coming May. In short, if you’re close to age 62 (the earliest age you can start claiming Social Security benefits) getting qualified advice has never been more important.
  3. Other COLA-related issues. When there’s no cost-of-living adjustment, there’s no change in the maximum amount of earnings subject to the Social Security tax, which will stay at $118,500 in 2016. This means earnings above that level aren’t subject to the Social Security portion of the payroll tax or used to calculate retirement payouts. At the same time, the Social Security earnings limit for people who work and claim Social Security payments will stay at $15,720 in 2016 for people ages 65 and younger. Social Security beneficiaries who earn more than this amount will have $1 in benefits temporarily withheld for every $2 in earnings above the limit.
  4. Some benefits are going down – a little. The highest possible Social Security payment for a 66-year-old worker who signs up for Social Security this year will be $2,639 per month, down $24 from $2,663 in 2015. The reason? Social Security noted that despite no cost-of-living adjustment there was an increase in the national average wage index, one of the statistical guideposts the agency uses to calculate benefits.
  5. Service changes. If you haven’t created a My Social Security account, do so for two reasons: First, there have been reports of ID theft related to thieves attempting fraudulent signups for such accounts. Second, the agency is making more detailed account data available online such as estimates of monthly payments at various claiming ages. Also, Social Security expanded office hours in some of its field locations in 2015, so if you need face-to-face assistance, check hours of operation at your closest local office (https://secure.ssa.gov/ICON/main.jsp).

Bottom line: Social Security froze benefit amounts for the coming year, and that has an impact on both current and future recipients. You can’t fully understand your retirement without understanding how Social Security works, so now’s the time to learn.

By Nathaniel Sillin

 

2016 Security Threat Predictions – Part 1

2016 graphic against composite image of doors opening to reveal beautiful sky

At Innovation Project 2015, the former National Security Agency (NSA) Director, General Keith Alexander had some pretty dire news to report. Cybercrime is going to get worse, before it gets better. And the experts have a list of threats they think are going to be at the top of the bad list. They also have some ideas that will make it a little less bitter.

In the first two parts of this article series, we discuss the threats. After you have had a moment to soak that up, a separate article will talk about the future mitigation and how security experts think we will all try to stay ahead of the curve. In addition, there are some recommendations on how you can help yourself.

The following are in no particular order. They are all troublesome and all worth attention.

Ransomware becoming a primary form of attack. This type of malware can encrypt and hold your data for ransom. The dollar value to get it decrypted ranges from a few bucks to hundreds. Experts at the security company Norton did a study over a period of one month. The numbers were astonishing. Over 68,000 computers were infected with ransomware. Of those, 2.9% paid the ransom resulting in $394,000 in payouts to cybercriminals…in a single 30-day period. Often this type of malware is loaded from malicious websites that are visited via clicking links in phishing email messages. Other times just accidently typing in an incorrect URL will result in infection.

Do This: Make regular backups of your computer. Then, if this happens to you, a restore can be done quickly and easily without paying a dime. Also make sure anti-malware is installed on all your devices and that it is kept updated. Don’t click links in email messages unless you are 100% certain they are safe. If you do find your files held for ransom, don’t pay the money. That backup will be priceless at that moment and paying it out only encourages more of this criminal activity. Use caution when typing URLs into the browser to avoid accidently doing a “drive-by” and infecting your devices.

Phishing isn’t going away and will become more targeted. Phishing is the top method for getting users to install malware, click links that lead to malicious or undesirable websites, and to extract information from targets. Spearphishing is taking it one step further. These are considered Advanced Persistent Threat (APT) actors. The hackers actually seek out those who can provide the most value to them within an organization or an industry and stick with them over time until they can get what they are after. Often these targets are people with ability to make financial transactions. Business Email Compromise Scams are in this category and recently, the FBI issued a warning to businesses about this very thing. In 2015, this type of crime has resulted in over $1.2 billion in losses and it isn’t expected to decline in the near future.

Do This: Pay attention to what arrives in email messages and don’t click links in them that are not expected. If the sender is unknown, just delete the message immediately. If you are not sure, confirm via voice or separate email with the sender. Look for messages that use incorrect grammar, punctuation, and have typos. Make sure to confirm where links are directing you by hovering over them with the mouse pointer or holding down on them on a smartphone or tablet to see where it actually goes. If it doesn’t make sense to you, skip it. If you make financial transactions for your company, follow a multi-authorization processes before wiring or transferring money and always verify with the requestor via phone or separately composed email messages (in other words, don’t just hit the reply button).

In the next part, we discuss more of the ugly. Don’t worry though. There is a light at the end of this tunnel.

© Copyright 2016 Stickley on Security

IRS Phishing Scams Right on Time for Tax Season

IRSPhishing

It’s no surprise to the U.S. public, nor is it apparently news to the Eastern European hacking community that it’s tax season. That means there will be no shortage of phishing email messages claiming to be from the IRS showing up in our in boxes. In fact, a security researcher from Kaspersky Labs has just warned of one that requests private information be entered into a form claiming to be from the IRS. However, that form is hosted in Eastern Europe, which is not where the IRS hosts forms.

The IRS will not request information from you in an unsolicited email message, phone call, or fax. In fact, on the IRS website, there is an entire page devoted to this topic and it starts with “The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.”

Keep in mind that this is just the start of IRS phishing season, they will be coming at you fast and furious for the next few months. Here is a look at the current scam that is getting way too many people responding.

IRSexample

Always be on the lookout for phishing email messages and scams. Sometimes they will come via the telephone, fax, or even regular mail. However, the IRS just doesn’t work that way.

If you do get a phone call from someone claiming to be from the government, take down his or her name, badge number, and contact details. Then look up the phone number for the office separately by going to the department’s website. Odds are, once you ask for names and phone numbers, the person on the other end of the line will hang up. Just don’t give them any details about yourself.

Never reply to unsolicited and unexpected emails either. It’s not difficult to spoof the return address to make it look legitimate, but in reality, it goes back to hackers somewhere.

Don’t click on attachments or links in unsolicited email messages or from those who are unfamiliar to you. Often, they contain malware.

In the case of this recent scam, the form in the email asks for personal information such as social security number and bank account details. The IRS would like to know when these phishing attempts and scams are going around, so be sure to report it if you receive one.

This isn’t likely the end of these for the season. Keep an eye out and make sure it really is Uncle Sam before you correspond with anyone claiming to be from the IRS.

© Copyright 2016 Stickley on Security

5 Ways to be Charitable on a Budget

 charity

If you’ve ever wondered if you can be charitable with only a few extra dollars in your wallet or a little bit of free time, the answer is yes. You just have to get a little creative.

In the Chronicle of Philanthropy’s latest analysis of charitable giving, it appears people who earned less were giving more. Based on state-by-state tax data, the nonprofit industry trade publication reported that between 2006 to 2012, Americans earning more than $200,000 gave a smaller percentage of their income to charity while those earning less than $100,000 actually gave more during the same period.

Wherever you stand on the income scale, stretching charitable dollars or time should begin with a little planning. Here are five steps to consider.

  1. Check your finances first. Helping others is a worthwhile lifetime habit. However, before you start writing checks or handing out cash to various individuals or groups, check your budget to determine whether you actually have extra money to spare for charitable donations in any form. If you itemize, check the IRS rules (www.irs.gov) on charitable giving or consult with a qualified tax professional to see if there are charitable giving options that fit your circumstances.
  2. Screen charities you’re considering. It’s never been easier to evaluate a potential charity or nonprofit organization. Leading online databases like CharityNavigator.org, CharityWatch.org and Guidestar.org provide extensive data on thousands of national, state and local charities and nonprofit organizations. The Better Business Bureau also operates Give.org, a national charity database that accredits and notes complaints. The U.S. Federal Trade Commission’s Charity Scams website offers breaking news on illegal fundraising activities and best practices for evaluating charities and nonprofits year-round. What else can you do? Play reporter. Even if an organization checks out through these reputable sources, do an online search of news media just to make sure no unsavory developments have occurred that might discourage your donation.
  3. Research what’s needed. If the charity in question accepts physical items or volunteer work, see if you’re interested in providing help that way. Check with the charity either online or by phone to determine what they will and will not accept – donating the wrong items simply wastes staff and volunteer time. If you would like to volunteer, ask about opportunities and make sure that volunteer assignment fits you before you commit. Remember, charities really count on their volunteers and your enthusiasm for an assignment can help them keep their turnover to a minimum. Some organizations may also have travel-based service missions that can provide charitable travel opportunities that allow you to help while seeing the world.
  4. Ask if your employer will match your donation. Even if your cash donation is modest, some employers can make your contribution go farther if they have a matching gifts program. Check with your human resources department or benefits manager. Also, many nonprofits, universities and charitable organizations keep their own online databases of employer matching gift programs.
  5. Go micro. If you can only find a few dollars to give, don’t let that discourage you. Organize like-minded friends and family members to pool funds, attend events or volunteer time for a cause, or consider a particular nonprofit’s organized crowdfunding (https://www.councilofnonprofits.org/tools-resources/crowdfunding-nonprofits) efforts that will allow you to make an impact with only a few dollars. Still short on cash and want to help? Pick up the phone or email the charity and ask if they accept small items or in-kind services. Some ideas might include gift cards (including ones with unused balances), office supplies, stamps, catering for events or board meetings or help with writing, fundraising or technology.

Bottom line: Making a difference in the world doesn’t always require big bucks, but big know-how helps. Check your finances first, research charities you’re interested in and investigate how small donations of time, money and physical items can make an impact.

 

By Nathaniel Sillin