SHOPPING SAFELY ONLINE

Shopping Safely Online is Important! 

Shopping safely online is more important now than ever before. Since the COVID-19 pandemic began, online sales have been skyrocketing. More and more of us are opting to get our basic necessities via online shopping.

There are dangers lurking anytime you are required to provide personally identifiable information (PII), such as passwords and payment information online.  You need to be cyber smart to reduce the risk of becoming a cyber crime victim.

Shopping Safely Online
Don’t Use Your Debit Card

Credit Cards vs. Debit Cards

When it comes to shopping safely online, one of the best tips I can give you is to use your CREDIT card instead of your debit card. If you have the choice, you should always use your credit card instead of your debit card when making online purchases.

Debit Cards Are Tied to Your Bank Account

We often forget that every time we make a purchase using a debit card, the funds are withdrawn directly from our checking account. When making purchases with a credit card, you’re using the bank’s money. It’s a line of credit, not real money from your checking account.

With a credit card, it’s the bank’s money that’s on the line. Therefore, you’re not going to be held liable for fraud. The bank will need to deal with it.  When it comes to credit card fraud, the most you could be liable for is $50 and the majority of banks waive the fee.

Debit cards however, do not offer the same fraud protections as a credit card. With a debit card you should be able to get your money back when and IF you report fraud promptly, but it could take 10 days or more to get it back. While the bank is investigating the fraud, your account is frozen, so you will have no access to the funds in that account. This could be a huge problem, if you need that money to pay your bills, and even more so, if you have bills that are set up for auto-pay.

There’s Different Rules for Debit Cards

If an unauthorized transaction appears on your bank statement (but your card or PIN has NOT been stolen) you won’t be liable for the debit if you report it within 60 days after your account statement is sent to you.  BUT – if the charge goes unreported for more than 60 days, your money could be lost. When you report the theft, the bank will investigate and decide if you they are required to credit the money back to your account.

Alternatively, the time frame is much shorter if your card or PIN was lost or stolen. You only have 2 business days in order to limit your liability to no more than $50 of unauthorized charges. After those 2 business days have passed, you’re liable for $500 of the amount lost, between 3 and 60 days. After 60 days, you are liable for the entire amount of your losses. You must, therefore, be sure to make a report as soon as you learn that your card is missing or that your PIN has been stolen.

How to Report a Suspicious Debit Charge

If you spot a fraudulent transaction, immediately call the card provider’s toll-free number on the back of the card. Ask them if you need to follow up with written correspondence. You can also read your monthly statement or error resolution notice for how and where to report any suspicious transactions. Lastly, if you get a replacement card, with a new number, remember to update any automatic payments that were linked to the original card.

More Tips for Shopping Safely Online

1.) Even when using a credit card, be careful where you shop online. Scammers have already set up millions of bogus online website shops. Especially since the Coronavirus pandemic began, fraudsters are trying to sell everything from COVID-19 DIY testing kits, to cleaning disinfectants and medical supplies.

2.) Only shop on websites that you know and trust and type the URL of the website yourself, instead of clicking on any links or attachments in emails. Be careful of your spelling too! Scammers often set up websites with incorrectly spelled names of common websites.

3.) When logging on to a website, utilize two-factor authentication (2FA) to ensure that the only person who has access to your account is you.

4.) Use long strong, stealth passwords or use a password manager. Always, use a separate stealth password for important sites you log on to. For example, be sure to use a separate password when logging into your online banking account than the one you will use to log on to your Facebook or Amazon account.

5.) Never use your debit card for recurring charges on the internet. Use a prepaid card with a limited amount of money available on it.

6.) Do not use public Wi-Fi at an airport, a hotel, a restaurant, etc. for online purchases. If you have no choice, then be sure to confirm the exact name of the network and login procedures to ensure that the network is legitimate.

7.) Use only websites that begin with “https://” when shopping online.  Watch out for website extensions.  Most online shopping website addresses end in “.com”

8.) Privacy is important too. Here’s a link to your privacy settings on Google.

You can read a prior article I wrote about shopping safely online here

 

Where is My Stimulus Check

Where is my stimulus check, you ask?  The IRS has started automatically directly depositing stimulus checks – referred to as “Economic Impact Payments”. Keep in mind, these payments need to be made to nearly 140 million eligible Americans.

Where IS My Stimulus Check

Some of you may have already received your payment. Lucky you! But, if not, don’t fret. Remember that this is going to be a process to get these payments out to all 140 million Americans. According to CNN, about 60 million Americans are still waiting for their money.

Some people, who don’t usually file a tax return, will need to submit basic information to the IRS before they will receive their payment. The IRS is regularly updating the Economic Impact Payment and the Get My Payment tool frequently asked questions pages on IRS.gov  as more information becomes available.

Answers to the Most Common Questions:

How are payments calculated and where will they be sent?
If taxpayers have already filed their 2019 tax return and requested direct deposit of their refund, the IRS will use this information to calculate and send their payment. Those who didn’t provide 2019 direct deposit information or owed tax, can use the Get My Payment tool to provide account information or a payment will be mailed. For those who haven’t filed their 2019 return, the IRS will use their 2018 tax return to calculate the payment.

Payments will also be automatic for those who receive Social Security, railroad retirement or Social Security Disability Insurance (SSDI and SSI) and veteran’s benefits who don’t normally file a tax return.

However, to add the $500 per eligible child amount to these payments, the IRS needs the dependent information before the payments are issued. Otherwise, their payment at this time will be $1,200 and, by law, the additional $500 per eligible child amount would be paid in association with a return filing for tax year 2020.

What if the IRS doesn’t have the taxpayer’s direct deposit information?
If the IRS has not processed the taxpayer’s payment, the taxpayer  may be able to use the Get My Payment tool to provide their banking information to the agency so their payments can be directly deposited. If no banking information is provided, IRS will mail a check to the taxpayer’s address on record. The direct debit account information used to make payments to the IRS cannot be used as the account information for the direct deposit of your payment.

Can taxpayers who aren’t required to file a tax return receive a payment?
Yes. People who don’t normally file can use Non-Filers: Enter Payment Info tool to give IRS basic information to get their Economic Impact Payments. This includes low-income or no income taxpayers.

Can taxpayers who haven’t filed a tax return for 2018 or 2019 still receive a payment?
Yes. Anyone who is required to file a tax return and has not filed a tax return for 2018 or 2019 should file their 2019 return do so as soon as possible to receive a payment. They should include direct deposit banking information on their return.

WATCH OUT FOR SCAMMERS!

The bad guys are out there phishing with renewed fervor. Phishing sites have increased 235% since the COVID-19 outbreak. Scammers have set up over 180,000 fake Coronavirus-themed websites to steal data or misinform taxpayers. Don’t take the bait.

According to the Treasury Inspector General for Tax Administration, (TIGTA) the agency has already begun to see IRS Imposters playing every trick in the book to get personal information they can use to steal money. While the IRS Criminal Investigation Unit is doing all they can to combat this problem, people are still falling victim to these scams. Scammers are preying on vulnerable individuals who are not sure how best to get their stimulus payment.

TIPS TO NOT FALL VICTIM

  • Do not respond to anyone contacting you if they claim to be from the IRS. The IRS will never ever call you.
  • You may receive emails, text messages or contacted via social media by someone asking for verification of personal and/or banking info. They’ll claim the information is needed before you can receive your stimulus payment. Never give out your personal information.
  • NEVER click on links or open attachments in emails or text messages. Always go directly to the website using your internet browser.
  • You are not required to pay a fee to receive your payment, nor will paying an upfront fee result in you receiving your stimulus check faster.
  • Pay attention to web address extensions. The IRS website ends in “.gov” NOT “.com” or “.org” or “.net”.
  • Watch your spelling when entering a website address. Scammers register websites with misspelled names or similar names of legitimate websites  in hopes of tricking you.

If you receive an unsolicited email from someone claiming to be from the IRS, forward the email to phishing@irs.gov.  If you are looking for information about the COVID-19 pandemic you can go here.

To read a prior article I have recently written about IRS scams, go here

Pandemic Related Hazards Tsunami

Pandemic Related Hazards

I am urging all of you to be aware of an escalating number of pandemic related hazards. There is a full menu of scams, fraud and financial challenges lurking. Fraudsters are having a field day exploiting the uncertainties caused by the Coronavirus outbreak – COVID-19. They are using your fear and vulnerability as a weapon.

Here’s some examples of what these criminals are up to: From price gouging that’s preventing purchases of critical supplies, to fake products – promising cures; from loan payments to travel cancellations, from work-at-home schemes to Government Imposters seeking your personal information. AND – that’s just the tip of the iceberg!

Surviving Pandemic Related Hazards
In the meantime – Educate Yourself

How to Protect Yourself from the Coming Pandemic Related Hazards

  • Hang up on robocalls. Scammers are using illegal robocalls to pitch everything from fake coronavirus treatments to work-at-home schemes.
  • Ignore online offers for vaccinations and home test kits. At this time, there is no cure or vaccination for COVID-19, and there are no FDA-authorized home test kits. Visit the FDA’s website to learn more.
  • Do not respond to texts or emails about checks from the government from contacts you do not know. If someone tells you they can get you money immediately, it is a scam.
  • Do not click on web links from unfamiliar sources. These links could download viruses onto your computer or device.
  • Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For reliable and up-to-date information and updates, it is always best to visit the CDC’s website or the World Health Organization’s website.
  • Do your research before donating to charities claiming to help with COVID-19 efforts. Be wary of donations that require payment in cash, by gift card, or by wiring money.

If you think you are a victim of any of these pandemic related hazards involving COVID-19, you can report it without leaving your home through a number of platforms:

Some Additional Tips

Please know that government, the IRS and businesses have policies in place that are rapidly changing. Therefore, if you are seeking the latest policy of a particular entity, it is best to directly check their website rather than clicking on links in emails or attachments.

Government imposters have begun calling about COVID-19 relief. Imposters will call victims and suggest that you may qualify for a Government grant, but you have to verify your identity to process your request. Variations of the scheme involve contacts through text messages and social media posts.

Scams Coming About Stimulus Checks

IRS Pandemic Related Hazards
DON’T TAKE THE BAIT

The IRS is warning taxpayers of a tsunami of calls and phishing attempts about COVID-19 Stimulus checks. These contacts can lead to tax-related fraud and identity theft.

Scammers will suggest that you can get your Stimulus check faster if you share personal details like your Social Security number and banking information and also require you to pay a “processing fee”. DON’T TAKE THE BAIT!

Stimulus checks are free money provided from the Government. You do NOT need to spend money to receive your check. There are no short-cuts – even for a fee. The IRS will deposit your check into the direct deposit info you entered on your tax return or alternatively they will mail you a check.

The IRS will never call you or ask you to verify payment details.  Do not give out your bank account information, your debit or credit card number, or your PayPal payment details to someone who contacts you unsolicited.

The IRS has a webpage with information about the COVID-19 Stimulus payments that is updated quickly whenever new information is available. Here is the link

It’s impossible for me to cover all of the upcoming pandemic related hazards. However, the details listed above are a good refresher, especially for those who have been reading my prior articles. Remember that recognizing the red flags is one of the best weapons against scams and fraud.

You can read my prior article about Coronavirus Phishing Emails here.

I wish you and your loved ones all the best. BE SAFE OUT THERE.

ANTI-ROBOCALL BILL

Finally, an Anti-Robocall Bill

As we celebrate the New Year, we can add another thing that is cause for celebration. Last Thursday, lawmakers passed the Anti-Robocall Bill!  It now awaits the President’s signature to become law.

“The U.S. Senate today sent Americans a holiday gift on everyone’s list: stopping the plague of robocalls,” said Sen. Ed Markey, a Massachusetts Democrat who introduced the legislation with Sen. John Thune, a South Dakota Republican.

All I can say is: Its About Time!!!

Americans received a staggering amount of robocalls in 2019. There were 49 billion calls placed. More robocalls have been placed in the first 10 months of 2019, than in all of 2018!

Anti-Robocall Bill

It’s been a five year battle to take back our phones from these incessant robocallers. The new law will hopefully put a larger dent in the number of calls received. It will decrease millions of ‘spoofed’ robocalls and crack down on spammers who intentionally violate the rules against calling us.

The organization, Consumer Reports (read more here) played a big role in the movement to make the Anti-Robocall Bill finally become a reality. They were instrumental in rallying millions of consumers to send emails, sign petitions, initiated letter writing campaigns and they even held a consumer lobby day.

Consumer Reports Anti-Robocalls Bills

GOOD NEWS & BAD NEWS

The Good News: The bill will make it easier for consumers to identity robocalls using a number-authentication system. The Bad News: It will still take awhile for the number of intrusive calls to decline.

The Anti-Robocall bill requires all telephone systems in the U.S implement a coordinated authentication methodology to improve the accuracy of the caller-ID displayed on our phones. In other words, the bill requires phone companies to offer free call-blocking apps that will verify that the number calling you is real. That’s been an issue, because fraudsters now use fake ‘spoofed’ numbers to look as though they’re coming from the IRS or others to trick you.

Robocaller
DON’T ANSWER IT! SEND IT TO VOICEMAIL

The Federal Communications Commission (FCC) said that phone companies can now block unwanted calls without getting customers’ permission first, which could help increase the use of phone-blocking apps. The agency has said it expected the deployment of a new phone-number system to begin this year. Many major phone companies have already begun rolling it out, but to work well, all carriers must adopt it.

The Anti-Robocall bill also strengthens enforcement tools against robocallers, by giving the FCC more opportunities to fine them. It also brings together different government agencies and state attorneys general to help combat the problem.

The phone industry trade group, USTelecom, applauded the bill’s passage, saying it “will supercharge” the fight against robocallers.

I have written prior articles about Robocalls that you can read here and another one here.  My advice is simple. Never believe what you see on your caller-ID, only answer calls from numbers you recognize, hang up on robocalls or let them go to voicemail.

Wishing a Happy 2020 to all my readers.

Holiday Shopping Safety

Tis the Season…to learn about Holiday Shopping Safety!

Scammers love this time of year, because there are many opportunities for them to separate you from your money. To be a smarter and safer consumer, you need to educate yourself, so you can avoid falling victim. Here are holiday shopping safety tips to help keep your holidays merry.

Holiday Shopping Safety

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. These spam emails will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts to buy their gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites are set up all over the internet, that sell stuff that doesn’t even exist. They will offer fantastic bargains that are truly too good to be true. Also, beware of copy-cat websites that appear to be the real shopping site.  Some fake websites use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information gets sent straight to the criminal and will be used to make illegal purchases.

Fake online Ads will appear on social media sites and even on legitimate News websites. The ads exist to entice you to click on links that will ask you to provide personal information. If you see an Ad for something you like, instead of clicking on that Ad, go to the retailer’s website directly. If you don’t know the web address, use Google to search for it. The real legitimate website will be at the top of the Google results – about 99% of the time.

Public Wi-Fi is neither private nor secure. Never ever use public Wi-Fi to shop online. You can never be sure whether you’re using the authorized Wi-Fi of the retailer or actually the Wi-Fi of the thief, who is likely sitting a few tables away. When using public Wi-Fi, it is advisable to use a Virtual Private Network (VPN) for better online security.

Debit Cards should NEVER be used while shopping online. Your debit card is tied to the money in your checking account. You have better consumer fraud protections when using your credit card. Better yet, use a gift card or prepaid debit card for all of your online purchases.

STAY SAFE OUT THERE AND HAPPY HOLIDAYS TO YOU AND YOURS!

Here’s a good website to learn more about Shopping Safely Online

Here’s an article I wrote about Online Shopping

BEWARE OF CHARITY SCAMMERS

Beware of Charity Scammers

While natural disasters, such as Hurricane Dorian, bring out the best in people who want to help, unfortunately it also brings out charity scammers.  People with good intentions are moved to want to help the victims of a disaster, while charity scammers are moved to take full advantage of the abundance of good will.

Charity scammers exploit disasters by posing as fake charities. Instead of collecting money to help disaster victims, they keep the money for themselves.

So – How Do They Do It?

In the aftermath of most disasters, charity scammers are hard at work sending out unsolicited emails, text messages, snail mail solicitations, social media advertisements and even come knocking at your door asking for donations.

Disaster Relief Charity Scammers
Choose Your Charity Wisely!

You can never be sure whether the person contacting you is legitimate or not!

Charity scammers are also very adept at creating phony, but legitimate-looking websites that appear to be real charities. They choose names of similar sounding charities to fool you into thinking they are legit. Charity scammers will provide you with a link to their fake websites. These fake websites capture unsuspecting victims who innocently enter their personal info including their SS#, address, phone # and credit card info.

Keyboard with Donate Button
Beware of Spoofed Charity Websites

FOLLOW THESE IMPORTANT TIPS:

  • Go directly to the charity yourself. You can find the address of a charity’s website and either mail them a check or go directly to the charity’s website (by typing in the website address yourself) and make your donation online.
  • Look for the padlock symbol and the website address to start with https, not just http. The “s” stands for a secure website. Also, realize that most charity websites will end in “.org”, not “.com”.  Be careful of making typos when entering web addresses too.
  • Never, ever click on links in an email, no matter how legitimate the email looks! The US Computer Emergency Readiness Team (US-CERT) is reminding everyone that malware purveyors frequently use natural disasters and breaking news stories to trick people into clicking on malicious links or opening up booby-trapped email attachments.
  • Be careful of what you see on your ‘Caller ID’. Most phone numbers are “spoofed” to look like the call is coming from a charity, when in fact, it’s a scammer calling.
  • Telemarketers who call you, representing a charity, receive a commission for each donation they receive. So only about half of your donation actually goes to help the charity. Besides, how can you be sure that the person calling you is from a legitimate charity?  You can’t!
  • To check out a charity, you should go to either charitynavigator.org or www.charitywatch.org  Both websites help you determine if a charity is legitimate. If the charity is not on the list, then beware! You can also learn how much of the money a charity collects, actually goes to the people they are supposed to be helping.
  • Always contribute by check or credit card to have a record of your donation. Never make a donation with cash, a pre-paid debit card, bank wire, or especially an iTunes or Amazon gift card.
  • The IRS allows taxpayers to use their Tax Exempt Organization Search Tool to help find or verify qualified charities. Donations to these qualified charities may be tax-deductible.
  • Contact any organization you’re considering, and ask for the charity’s address, phone number and financial records. Consider how much of your donation will go to the program you want to support, and how much will cover administrative costs. Legitimate groups will gladly provide information about their mission and how your donation will be used. If the charity you contact is unwilling to provide you with such information, be suspicious!

You can read a previous article I wrote about charity scams here.

 

 

Sweetheart Scams – Your Money Your Heart

Sweetheart Scams can hurt both your heart and your bank account.

The National Consumers League (NCL) is sounding the alarm about Sweetheart Scams. It is also referred to as the Romance or Friends Scam. Con Artists are swindling their victims out of millions of dollars. According to the NCL report, the average victim loses approximately $18,831. The group says that complaints to their organization about Sweetheart Scams have spiked upwards by 45%. That’s double the amount of complaints from 2017.

Sweetheart Scams
Don’t Let Someone You Love Get Duped

Con Artists are Masters of Persuasion

They prey on their intended victim’s powerful emotions. Examples of those powerful emotions are fear, greed, urgency, pride, loneliness and love. Realize that Love and Loneliness are two of the most powerful emotions on earth. Victims of Sweetheart Scams act on both of those emotions, rather than using reason. It’s as if the con artist has cast an impenetrable spell on their victim.

Con Artists are not looking for affection or a loving relationship

Their goal is to separate you from your money.  It’s also much easier now for them to pull off these romance scams because of the digital age.  Kindling a relationship with their victim can be a long drawn out process or it can happen fairly quickly.

It may begin with a phishing email, a contact on social media or when someone joins an online dating website such as Match.com.  The con artist will create a fake online profile that’s designed to lure you in. They will use a fake name and photo. They often falsely take on the identity of a trusted person such as a professional working abroad or someone in the military or perhaps an aid worker in a foreign country.

Realize that these con artists will strike up a relationship with not just you, but with hundreds of potential victims. Be especially wary if your new-found-friend or lover quickly asks you to move your conversations from the website’s messaging platform to your personal email or phone.

Eventually, that new special someone in your life will convince you to send them money to pay for some kind of emergency. They may even ask you for money so they can travel to visit you.  Either way it’s a trap!

Younger people claim they would never fall for this type of scam, but the statistics say otherwise. Con artists work to gain the victim’s trust and separate them from their support system. Victims are so convinced that they have found their true love, that they will even put themselves in harm’s way. One woman, a teacher, flew to Jamaica to meet her lover and was murdered in the process.

The elderly population also seems to be vulnerable to the Sweetheart Scam. Many of them have suffered a painful loss, like the death of a spouse or other family member. Many of them live alone and are yearning for companionship or love. Con artists easily manipulate and swindle people who are in such an emotional state of mind.

Keep in mind that when money is sent via a gift card, MoneyGram, or a prepaid debit card it is untraceable and you will never get your money back!

Scams-of-the-heart are especially egregious, because victims are hurt both emotionally and financially.  To read the National Consumers League article on this topic go to:  https://www.nclnet.org/romance_scams

Apple iPhone Scam – Very Convincing

I did not write this article, but I copied the important main parts of it here. It was written by Brian Krebs who is a security news and investigator. His website is called KrebsonSecurity.  Here is the link to his original article:  https://krebsonsecurity.com/2019/01/apple-phone-phishing-scams-getting-better/

I thought it was important enough to alert you to this new Apple iPhone scam – Read on…

Apple Phone Phishing Scams Getting Better

A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company. The scary part is that if the recipient is an iPhone user who then requests a call back from Apple’s legitimate customer support Web page, the fake call gets indexed in the iPhone’s “recent calls” list as a previous call from the legitimate Apple Support line.

Jody Westby is the CEO of Global Cyber Risk LLC, a security consulting firm based in Washington, D.C. Here is an account of what happened to her. Earlier in the day she received an automated call on her iPhone warning that multiple servers containing Apple user IDs had been compromised (the same scammers had called her at 4:34 p.m. the day before, but she didn’t answer that call). The message said she needed to call a 1-866 number before doing anything else with her phone.

Here’s what her iPhone displayed about the identity of the caller when they first tried her number at 4:34 p.m. on Jan. 2, 2019:

Apple iPhone Scam

Note in the above screen shot that it lists Apple’s actual street address, their real customer support number, and the real Apple.com domain (albeit without the “s” at the end of “http://”). The same caller ID information showed up when she answered the scammers’ call this morning.

Westby said she immediately went to the Apple.com support page (https://www.support.apple.com) and requested to have a customer support person call her back. The page displayed a “case ID” to track her inquiry, and just a few minutes later someone from the real Apple Inc. called her and referenced that case ID number at the start of the call.

Westby said the Apple agent told her that Apple had not contacted her and that the call was almost certainly a scam. Apple said they would never do that — all of which she already knew. But when Westby looked at her iPhone’s recent calls list, she saw the legitimate call from Apple had been lumped together with the scam call that spoofed Apple.

“I told the Apple representative that they ought to be telling people about this, and he said that was a good point,” Westby said. “This was so convincing I’d think a lot of other people will be falling for it.”

KrebsOnSecurity called the number that the scam message asked Westby to contact (866-277-7794). An automated system answered and said I’d reached Apple Support, and that my expected wait time was about one minute and thirty seconds. About a minute later, a man with an Indian accent answered and inquired as to the reason for my call.

Playing the part of someone who had received the scam call, I told him I’d been alerted about a breach at Apple and that I needed to call this number. After asking me to hold for a brief moment, our call was disconnected.

No doubt this is just another scheme to separate the unwary from their personal and financial details, and to extract some kind of payment (for supposed tech support services or some such). But it is remarkable that Apple’s own devices (or AT&T, which sold her the phone) can’t tell the difference between a call from Apple and someone trying to spoof Apple.

Phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. If a call has you worried that there might be something wrong and you wish to call them back, don’t call the number offered to you by the caller. If you want to reach your bank, for example, call the number on the back of your card. If it’s another company you do business with, go to the company’s Web site and look up their main customer support number.

Relying on anything other than a number obtained directly from the company in question — such as a number obtained from a direct search on Google or another search engine — is also extremely risky. In many cases, the scammers are polluting top search engine results with phony 800-numbers for customer support lines that lead directly to fraudsters.

These days, scam calls happen on my mobile so often that I almost never answer my phone unless it appears to come from someone in my contact list. But as this scam shows, even that’s not always a great strategy.

It’s a good idea to advise your friends and loved ones to ignore calls unless they appear to come from a friend or family member, and most importantly to just hang up the moment the caller starts asking for personal information.

AGAIN, I DID NOT WRITE THIS ARTICLE. IT WAS COPIED HERE FROM AN ARTICLE WRITTEN BY BRIAN KREBS.  HERE IS HIS HOME PAGE LINK:

https://krebsonsecurity.com/

SYNTHETIC IDENTITY THEFT

According to the Federal Trade Commission, 80 to 85% of all identity fraud stems from Synthetic Identity Theft. Fictitious identities are created when an Identity thief creates a fresh new identity using elements of valid and/or fabricated forms of personal information.

As an example – a thief with a stolen valid Social Security number will combine it with a fake name, address and date of birth to create a brand new identity.  Because a valid Social Security # is used, there is no actual victim or true identity behind this false combination of identity elements.

Synthetic Identity Theft

 

Once Created – The Mischief Begins!

The merger of this real and fake personal data is then used to commit criminal, medical or financial fraud. Once an ID thief creates a new synthetic identity, they will attempt to apply for loans, credit or a job; get medical services, obtain cellphone service or even use the synthetic ID if they get arrested.

Remember that this newly created identity still contains your social security # as the main component and source of reference. Therefore, it becomes part of a fragmented or sub-file to your main credit file.

Additionally, fraud alerts, credit freezes and credit monitoring services will not indicate that anything is amiss. These usual protective measures do not stop Synthetic Identity Theft.

Unfortunately, the massive Equifax data breach, reported in September of 2017, exposed the valid social security numbers of nearly 148 million Americans. Realize also that those stolen social security numbers have already been purchased by criminals on the dark web – in underground black markets. Unfortunately, you cannot change your social security number!

 

What are Banks and Credit Card Companies Doing to Combat This?

Financial institutions understand the need to use any and all tools available to stop synthetic identity theft. They’re using advanced analytics, device intelligence and monitoring of underground websites. Credit Bureaus utilize tools that are able to detect when identity elements appear to be used inconsistently. They have developed analytical scores that help them determine whether a Social security # and identity belong to the right person.

A new federal law should also make it easier for creditors to verify ownership of a Social Security # with the Social Security Administration – which should help them verify that credit applicants actually exist.

 

THERE’S NO SILVER BULLET – BUT THESE STEPS MAY HELP

  • Only use an identity theft monitoring service that includes dark web monitoring. The service will check for personal identity elements, such as a SSN, that may have been exposed in a recent data breach.
  • It’s still worth placing a credit freeze with all three of the credit bureaus. Credit Freezes are now FREE in all 50 States as of September, 2018. Here’s is a previous article of mine explaining how to place a freeze
  • Get your free credit report at annualcreditreport.com from one of the three credit bureaus and check to see that there hasn’t been any unauthorized accounts opened.
  • A child’s SSN is often used to create Synthetic ID Theft. So, be sure to also place a credit freeze for your minor children as well.
  • National databases hold the key to discovery of Synthetic ID Theft. The DMV, insurance companies, data brokers, employers, prison or police records may all contain synthetic identities that include your social security number. Use a credit monitoring service that checks national databases.

 

Synthetic identity theft is a complicated and growing problem because it’s hard to detect and prevent this type of fraud. Once these synthetic identities are created, they become ‘verifiable’ identities and can therefore pass traditional security checks.

Unfortunately, it’s going to be up to you to be ever diligent if you want to protect yourself in the age of rampant fraud and deception.

DISASTER CHARITY SCAMS

DISASTER CHARITY SCAMS  Good Intentions – Bad Outcome

Beware of disaster charity scams! Fraudsters – posing as reputable Charitable Organizations – have been out in full force to trick you into making donations, to help victims of disasters.

Criminals always take advantage of kind-hearted, well-intentioned people who want to help after a disaster makes headline news. All of us need to be vigilant, because disaster charity scams will always appear to be totally legitimate.

Disaster Charity Scams
When Disaster Hits Watch Out For Fake Charities

Disaster Charity Scams normally start with unsolicited contacts in several ways. The scammer will contact their possible victim by telephone, social media, email solicitations, or at your door.

Then scammers use a variety of tried-and-proven tactics to lure information out of people. Donors should not give out personal financial information to anyone who solicits a contribution. This includes things like Social Security #, passwords or credit card and bank account numbers. You must always do your homework first.

Disaster Charity Scams Are Abundant
Always Do Your Research First!

THINGS YOU NEED TO KNOW:

  • Thieves pretend they are from a familiar sounding charity. Their goal is to get money or personal financial information from unsuspecting donors.
  • Bogus websites use names that are the same name or a similar name of a legitimate charity. Emails that appear to come from a real charity will always provide a link that will take you to a fraudster’s bogus website.
  • Scammers may even try to get you to provide your social security number, claiming they need it for your receipt or for tax reporting. This is a falsehood! Never give a charity your SS#.
  • Always go directly to the source when making a charitable donation. Don’t trust strangers at your door, telemarketers on the phone or emails with links that will lead you to a fake charity website that appears legitimate.
  • Always contribute by check or credit card to have a record of your donation. Never make a donation with cash, a pre-paid debit card, bank wire, or an iTunes or Amazon gift card.
  • You can check out whether a charity is legitimate by going to www.charitynavigator.org or www.charitywatch.org  If the charity is not on the list, then beware!
  • Scammers may even claim to be working for ― or on behalf of ― the IRS. The thieves tell disaster victims they can help them file casualty loss claims to get big tax refunds.
  • The IRS website allows taxpayers to use their Tax Exempt Organization Search to help find or verify qualified charities. Donations to these qualified charities may be tax-deductible.
  • Contact any organization you’re considering, and ask for the charity’s address, phone number and financial records. Consider how much of your donation will go to the program you want to support, and how much will cover administrative costs. Legitimate groups will gladly provide information about their mission and how your donation will be used. If a charity is unwilling to provide you with such information, be suspicious!