Category Archives: Consumer Protection

Can Smartphones Steal Our Credit Card Information?

There was a time when credit cards had to be slid through a funky machine and stamped. This left your personal information fairly insecure or at least at the mercy of the retail establishment’s security procedures. Now credit cards are so fancy you can simply walk by and tap them to pay for your bill. Would it surprise you to know that your credit card could be even more at risk today despite the jump in technology? A CBC News investigation is saying that a simple Smartphone app is capable of swiping your information right through your wallet. In about one second, they were able to use a Samsung Galaxy SIII and an app that shall remain nameless to do the deed. Information like the card number, expiration date and name was quickly stolen with a simple walk by.

That is alarming news to those of us that use PayPass or payWave from MasterCard and Visa collectively. Both appear to be susceptible to the app and the smartphone despite what is said by those with Visa or MasterCard. Both companies say that their products are safe and that you are not responsible for unauthorized purchases anyway. For me, the proof is in the doing. They were able to take a card’s information with a simple walk by, and then use it to purchase a Coke. That shows me that it is possible despite claims to the contrary.

This is a natural progression that one should expect to see when new technologies are being formed. If you come up with a new way to do things where paying and money is concerned, someone, somewhere is going to try to exploit it. It is the unfortunate way of the world. Once they have been caught a few times, then the technology will Continue reading Can Smartphones Steal Our Credit Card Information?

Is Pattern Recognition a Fair Way to Monitor Your Credit Cards?

When it comes to protecting your credit cards, companies are going to great extremes in recent times. Gone are the days where you simply got a phone call when you spent a great deal of money and when your bill is past due. Now, credit card companies are paying close attention to your account in real time. This is called credit card pattern recognition and it has been around for longer than you might think.

If you use credit cards often, you probably have gotten those odd phone calls or emails about your recent spending habits. Perhaps your credit card company noticed an odd spending pattern, or your first purchase on vacation in Tahiti. Any type of purchase that is unusual in the eyes of the credit card company can come under suspicion.

This is being used more and more as the criminals become more advanced. While the added security is a wonderful thing when it works, it can be a bit of a pain in the tail at other times. Imagine you are on vacation and you go out to supper for the first time. Imagine that you whip out your credit card and it gets declined for no good reason. This usually leads to an awkward conversation with the waiter and a long phone with the credit card company call to straighten out the fact that you are on vacation. That is not always so fun.

So, the obvious question is…are the security measures worth it in the long run? Continue reading Is Pattern Recognition a Fair Way to Monitor Your Credit Cards?

Justice Roberts Highlights Need for Online Shopping Smarts

Chief Justice of the United States Supreme Court John Roberts made big news recently by admitting he recently had his credit card information stolen. There was already a renewed interest in identity theft due to huge increases in victimization. Justice Roberts simply showed that it can happen to anyone. Although the details were unclear about Justice Robert’s case, a large number of these credit card problems are traced back to online shopping.

Knowing how to recognize and identify the warning signs is important. Here are some important tips to help determine when a website is safe or not:

Understand that being well-known is good but not fool proof

Certainly it is a good sign when you are dealing with a large market retailer, but you can’t automatically assume it is safe. If you were a criminal, which names would you pick for your fake website? Criminals like using the big name sites and then building fake sites to get your information. Don’t assume it is safe just because it is a big name.

Make sure your phone call will go somewhere

Shoot for sites that have physical addresses and contact information that leads you to humans. Phone numbers that are disconnected and addresses that lead to nowhere are bad news. Take the time to actually go and check out the information.

Look for the S in “https” Continue reading Justice Roberts Highlights Need for Online Shopping Smarts

Top tips to help you avoid the dirty dozen tax scams this year

Uncle Sam wants you and so do identity thieves!

With tax season here, it’s easy to feel a little nervous and stressed. While nobody likes to pay taxes, even more, nobody likes to be scammed. With the April 15 filing deadline for taxes almost here, last minute filers are at risk for being scammed.

The Center for Internet Security (CIS) offers tips to keep yourself from being caught in one of the many tax scams out there. With identity theft and phishing scams still ranking among the top security concerns, email scams are still at the top for ways scammers can take advantage of you.

Pay attention to emails that offer subject lines about taxes, filing taxes, tax laws, financial loss, damage to reputation. One popular phishing scam includes a subject line about changes in tax laws and invites the recipient to download a document to explain the changes. Once downloaded, the malware in these documents can damage your computer and steal your personal information.

The IRS releases a list of “Dirty Dozen Tax Scams” each year and includes tips about how to protect yourself from online and  phone scams. One popular scam is criminals who call unsuspecting citizens, impersonating charities and asking for donations.

Here is important information to know to avoid being taken in by scammers this tax season: Continue reading Top tips to help you avoid the dirty dozen tax scams this year

What in the Heck is Smishing?

You’ve probably heard of “phishing” – when hackers send bogus messages to your email, hoping that you’ll reply or click a link so that they can get their hands on your information. But there’s a new version of this scheme that’s gaining prevalence, and it targets your smartphone. This scam is called “smishing” as in “phishing via your SMS (text) messages.”IMG_1698

One of the most popular smishes takes the form of a “Congratulations! You’ve won X prize from X company! Reply to this message to receive your reward!” text message to your smartphone. Do not reply to messages like this! Even if you figure out that it’s a scam and you really want to reply with something like “Go blank! your blank! you scamming blank!” – don’t do it. Yes, it would be cathartic, but the act of replying will only affirm to the smishers that your phone number is active, and you’ll receive more of this type of message (plus you’ll probably just be replying to a robot anyway, and robots are unfazed by profanity).

These “congratulations” messages, if replied to, may also ask you for your credit card information to allegedly pay for the shipping and handling costs of your prize. Never give out this information in a situation like this. Many messages like these have claimed to be from Walmart or Target. The Walmart messages have been used by smishers so frequently that at one point the company issued a statement saying that they absolutely never send consumers messages asking for sensitive information via text.

Another smish is one that will claim to be from your bank or another seemingly credible or important institution. The message will claim to be urgent and will request a reply. If you receive a text like this, do not reply via text message. Instead, look up the phone number for the bank or company and call them directly.

Other tips related to smishing prevention:

  • If a text message comes from the number 5000, it’s a smish. It’s safest to delete it without even opening it.
  • You may want to set up a text alias with your provider. This will allow you to receive and send texts, but the texts that you send will show up under your “alias” rather than your real number. It’s like having a secret phone number. Then you can block incoming texts to your “real” number and give family and friends your alias. Ask your service provider about how a text alias works.
  • Never give any sensitive information (your social security number, bank account information, etc) to anyone that you don’t absolutely trust.

Don’t let yourself get smished! If you’re receiving any messages that might be from smishers, report them to your service provider. You may also want to report suspicious messages to the Federal Trade Commission.

Sources:

http://www.nbcnews.com/technology/technolog/smishing-text-messages-seek-your-credit-card-info-947348

http://netsecurity.about.com/od/secureyouremail/a/Protect-Yourself-From-Smishing-Attacks.htm

http://learningcenter.statefarm.com/safety-2/family-1/avoid-the-dangers-of-smishing/

Going Back to School? Don’t Get Scammed

Is your dream to go back to school? There are many people out there just like you, who want to better their lives and provide for their families by furthering their education. Getting an online diploma can be a great option for busy people. However, some online schools are far more interested in taking your money than they are in actually teaching you anything.

image provided by flickr creative commons user <a href="http://www.flickr.com/photos/atramos/6479790855/sizes/l/in/photostream/">atramos</a>

Unaccredited Schools:

Almost all employers will only recognize a diploma from an accredited university. Schools are not accredited directly by the US Department of Education, but by recognized authorities and accrediting institutions. Sham schools will often tiptoe around this and use words like “licensed,” or “recognized.” To be absolutely sure that an online school is legitimate, you can contact the better business bureau to ask them about the school’s credentials and whether or not it’s accredited.

Diploma Mills:

To earn a legitimate degree takes a good deal of time and a lot of hard academic work. Online schools dubbed “diploma mills” will offer unsuspecting education-seekers degrees based on “life experience” or a degree earned in a disproportionately short amount of time. These schools may also charge “per degree” rather than per credit hour or semester. Watch out for online schools that have foreign addresses or use P.O. boxes. If earning an online degree seems to require little to no academic work, or there is almost no communication with professors, you might be dealing with a diploma mill. Another sign of a diploma mill is a requirement to take an online exam that seems far too easy to pass, or lets you take it multiple times to ensure that you pass it.

The following online schools have been reported to issue useless diplomas:

  • Belford University
  • University of Berkley (watch out for schools with names very similar to those of real, reputable institutions)
  • Jefferson High School Online (for getting a GED – online school scams can apply to high school diplomas too!)

These fake online schools prey on people who are trying to improve their lives through education. Don’t fall victim to one of these scams. There are some legitimate online schools. Remember to check with the BBB to ensure that the online school you’re considering will grant you a real diploma that will be recognized by the military, employers and admissions offices. Many brick-and-mortar schools also offer legitimate online programs or classes. Also, if there’s a chance that you might transfer to a different school in the future, make sure that the school you enroll in now offers credits that are easily transferable.

Sources:

What Is School Accreditation?

http://ope.ed.gov/accreditation/

http://abcnews.go.com/Business/PersonalFinance/online-schools-scam-students-fake-degrees/story?id=8322412&page=2

http://www2.ed.gov/students/prep/college/diplomamills/diploma-mills.html

When, where, why and how: Credit fraud alerts

credit freeze Have you ever received a letter in the mail from a store, service or bank that warned you that their security measures had been breached but they are sure that your information remained safe and secure?  Did you take their word for it?  Or maybe you did a cursory search of your credit or debit card statement immediately after receiving it just to make sure there were no unnecessary chargers.   Checking for charges is good, but setting up a credit fraud alert may be even better, if not safer.

What is a credit fraud alert?  A credit fraud alert can be set initially for 90 days.  By providing a telephone number, during that time whenever someone tries to open a new account in your name or extend the credit limit to existing accounts you will be contacted.   Don’t worry though, because you can put a code on the account which will lift the alert for legitimate requests that you, a business or a bank is making on your behalf.    Extended alerts as well as alerts specifically designed for active duty military.

Extended alerts are recommended in the event that you have been a victim of identity theft or fraud.  Those may last up to 7 years.  You may also request an additional free credit report when placing an alert on your credit, with access to one free for the 90 alerts and two free available to you for the extended alerts.

Although they are crafted to last for 90 days to 7 years, you can modify or lift your alert prior to the scheduled end date.

Once your receive your credit reports be sure to look for:

  • accounts you did not apply for or open 
  • information about current accounts that is incorrect (such as change of address or balance)
  • unexplained outstanding balances, and;
  • incorrect factual information such as your Social Security Number, names, address or employer.

You can place a credit fraud alert on your credit report by Continue reading When, where, why and how: Credit fraud alerts

What’s in Your Email and What Should You Do with It? Four Favorite Schemes

download-key-logger-programIt seems that not a week goes by without having to check my spam mailbox as it fills with ever more increasing frequency.  When they said “spam” and phishing schemes where on the rise they really meant, on the rise!  I thought I would share with you my five favorites this week that you should be on the look out for.  One or two  have already hit some friends  and I wouldn’t want them to happen to you.

You Got Mail!

This phishing email message is sent allegedly from FEDEX or UPS.  You have a very important package that they tried to deliver but couldn’t.  If you could just take a minute to provide this information your VIP package will be on it’s way.   This one quite often asks for information, payment of an invoice (requiring me to open an attachment) and will include a subject like like this one,  “UPS Delivery Notification Tracking Number:EVKDBQXRTKRXN4CTMI.”

UPS offers more information on these fake emails as does FEDEX .

Report these types of messages to UPS at fraud@ups.com and to FEDEX at abuse@fedex.com

You Have WON!

So far this week I have won from a lottery that I never entered (scratch offs are about as far as I go) as well as won money from a casino I never heard of, let along gambled at.   Even the FBI got in on the act, telling me that I won $1 million!  This, of course, is different from the email I received last week where the FBI (who I’m quite sure already has quite a bit of information on me) attempted to phish for some more.

You have been Blessed!  Continue reading What’s in Your Email and What Should You Do with It? Four Favorite Schemes

‘Tis the Season for Phishing for Families

Hackers might not take a break from trying to find ways to steal your information and money, but it turns out they do follow seasonal trends. According to a report by Kaspersky Lab, in October, phishing attempts on social networks were down 10%, and they saw an increase in attacks on financial institutions or banks and on online shops. They say that’s an expected trend through the holiday season, based on data from last year.

Summer time bring attacks on kids

During the summer months and holidays, hackers target kids who are out of school and likely don’t know better than to click bad links on social networks. Kids are also more likely to over share private information online, making them a prime target for scammers. Most of the younger generation hasn’t yet learned to be skeptical of deals that are too good, and that can get them into serious trouble. Once school starts again, the phishing attempts via email slow down, while the hackers move toward more promising targets.

Holiday shopping online makes a tempting target for hackers

When the holiday season rolls around, Continue reading ‘Tis the Season for Phishing for Families

How legitimate are your likes on Facebook?

Are you safe when you log into Facebook? The premise behind the social networking site was to bring real people together, but are the pages you click on legit? Are you really interacting with your favorite local business or is there someone else behind the screen? While it may not seem like a big deal, fake Facebook accounts and fan pages can actually lead to identity theft. Let’s take a closer look at how people are using fake accounts, what this could mean for you, and how to protect yourself while on the world’s largest social networking website.

What Are Scammers Doing on Facebook?

There are a number of reasons people may not use their real name on Facebook, even though the website suggests that people use their real identity. First of all, there are those that want to interact without their employers being able to find their account. There are also those that have pen names. With today’s growing business of independent publishing, this is becoming more and more common. However, it doesn’t stop there. There are those that are opening Facebook accounts and starting Facebook pages for fraudulent reasons. These people may be hoping to gain the trust of a company’s customers or portray a business as something it’s not. Because Facebook accounts are so easy to set up, it makes it much easier for scammers to fool people.

What Could This Mean to Facebook Users?

If you think a company page is legit, you may be more forthcoming with your information. For example, you might provide your address in order to obtain free samples. By gathering enough information, scammers will be able to easily steal your identity. If the page is claiming to be that of a local business, you may even be tricked into giving away your home address, which could the scammer access to your mail. With your address information and latest credit card statement in the scammer’s hands, you may find yourself the victim of identity theft.

How to Protect Yourself

How can you tell if a Facebook page is fake? One thing to lookout for are pages that ask you to allow the page access to your personal information. Another way to protect yourself is to only like company pages by accessing them through the company’s website. This makes it much easier to find the real Facebook fan page. Lastly, use common sense. Don’t give out your personal information unless you’re absolutely sure the source you’re giving it to is legit.

Facebook may have been founded on the idea of people interacting without hiding behind fake names. However, that doesn’t mean people abide by the rules. This means you need to be just as careful when using Facebook as you are in any other situation.