Where is My Stimulus Check

Where is my stimulus check, you ask?  The IRS has started automatically directly depositing stimulus checks – referred to as “Economic Impact Payments”. Keep in mind, these payments need to be made to nearly 140 million eligible Americans.

Where IS My Stimulus Check

Some of you may have already received your payment. Lucky you! But, if not, don’t fret. Remember that this is going to be a process to get these payments out to all 140 million Americans. According to CNN, about 60 million Americans are still waiting for their money.

Some people, who don’t usually file a tax return, will need to submit basic information to the IRS before they will receive their payment. The IRS is regularly updating the Economic Impact Payment and the Get My Payment tool frequently asked questions pages on IRS.gov  as more information becomes available.

Answers to the Most Common Questions:

How are payments calculated and where will they be sent?
If taxpayers have already filed their 2019 tax return and requested direct deposit of their refund, the IRS will use this information to calculate and send their payment. Those who didn’t provide 2019 direct deposit information or owed tax, can use the Get My Payment tool to provide account information or a payment will be mailed. For those who haven’t filed their 2019 return, the IRS will use their 2018 tax return to calculate the payment.

Payments will also be automatic for those who receive Social Security, railroad retirement or Social Security Disability Insurance (SSDI and SSI) and veteran’s benefits who don’t normally file a tax return.

However, to add the $500 per eligible child amount to these payments, the IRS needs the dependent information before the payments are issued. Otherwise, their payment at this time will be $1,200 and, by law, the additional $500 per eligible child amount would be paid in association with a return filing for tax year 2020.

What if the IRS doesn’t have the taxpayer’s direct deposit information?
If the IRS has not processed the taxpayer’s payment, the taxpayer  may be able to use the Get My Payment tool to provide their banking information to the agency so their payments can be directly deposited. If no banking information is provided, IRS will mail a check to the taxpayer’s address on record. The direct debit account information used to make payments to the IRS cannot be used as the account information for the direct deposit of your payment.

Can taxpayers who aren’t required to file a tax return receive a payment?
Yes. People who don’t normally file can use Non-Filers: Enter Payment Info tool to give IRS basic information to get their Economic Impact Payments. This includes low-income or no income taxpayers.

Can taxpayers who haven’t filed a tax return for 2018 or 2019 still receive a payment?
Yes. Anyone who is required to file a tax return and has not filed a tax return for 2018 or 2019 should file their 2019 return do so as soon as possible to receive a payment. They should include direct deposit banking information on their return.

WATCH OUT FOR SCAMMERS!

The bad guys are out there phishing with renewed fervor. Phishing sites have increased 235% since the COVID-19 outbreak. Scammers have set up over 180,000 fake Coronavirus-themed websites to steal data or misinform taxpayers. Don’t take the bait.

According to the Treasury Inspector General for Tax Administration, (TIGTA) the agency has already begun to see IRS Imposters playing every trick in the book to get personal information they can use to steal money. While the IRS Criminal Investigation Unit is doing all they can to combat this problem, people are still falling victim to these scams. Scammers are preying on vulnerable individuals who are not sure how best to get their stimulus payment.

TIPS TO NOT FALL VICTIM

  • Do not respond to anyone contacting you if they claim to be from the IRS. The IRS will never ever call you.
  • You may receive emails, text messages or contacted via social media by someone asking for verification of personal and/or banking info. They’ll claim the information is needed before you can receive your stimulus payment. Never give out your personal information.
  • NEVER click on links or open attachments in emails or text messages. Always go directly to the website using your internet browser.
  • You are not required to pay a fee to receive your payment, nor will paying an upfront fee result in you receiving your stimulus check faster.
  • Pay attention to web address extensions. The IRS website ends in “.gov” NOT “.com” or “.org” or “.net”.
  • Watch your spelling when entering a website address. Scammers register websites with misspelled names or similar names of legitimate websites  in hopes of tricking you.

If you receive an unsolicited email from someone claiming to be from the IRS, forward the email to phishing@irs.gov.  If you are looking for information about the COVID-19 pandemic you can go here.

To read a prior article I have recently written about IRS scams, go here

Pandemic Related Hazards Tsunami

Pandemic Related Hazards

I am urging all of you to be aware of an escalating number of pandemic related hazards. There is a full menu of scams, fraud and financial challenges lurking. Fraudsters are having a field day exploiting the uncertainties caused by the Coronavirus outbreak – COVID-19. They are using your fear and vulnerability as a weapon.

Here’s some examples of what these criminals are up to: From price gouging that’s preventing purchases of critical supplies, to fake products – promising cures; from loan payments to travel cancellations, from work-at-home schemes to Government Imposters seeking your personal information. AND – that’s just the tip of the iceberg!

Surviving Pandemic Related Hazards
In the meantime – Educate Yourself

How to Protect Yourself from the Coming Pandemic Related Hazards

  • Hang up on robocalls. Scammers are using illegal robocalls to pitch everything from fake coronavirus treatments to work-at-home schemes.
  • Ignore online offers for vaccinations and home test kits. At this time, there is no cure or vaccination for COVID-19, and there are no FDA-authorized home test kits. Visit the FDA’s website to learn more.
  • Do not respond to texts or emails about checks from the government from contacts you do not know. If someone tells you they can get you money immediately, it is a scam.
  • Do not click on web links from unfamiliar sources. These links could download viruses onto your computer or device.
  • Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For reliable and up-to-date information and updates, it is always best to visit the CDC’s website or the World Health Organization’s website.
  • Do your research before donating to charities claiming to help with COVID-19 efforts. Be wary of donations that require payment in cash, by gift card, or by wiring money.

If you think you are a victim of any of these pandemic related hazards involving COVID-19, you can report it without leaving your home through a number of platforms:

Some Additional Tips

Please know that government, the IRS and businesses have policies in place that are rapidly changing. Therefore, if you are seeking the latest policy of a particular entity, it is best to directly check their website rather than clicking on links in emails or attachments.

Government imposters have begun calling about COVID-19 relief. Imposters will call victims and suggest that you may qualify for a Government grant, but you have to verify your identity to process your request. Variations of the scheme involve contacts through text messages and social media posts.

Scams Coming About Stimulus Checks

IRS Pandemic Related Hazards
DON’T TAKE THE BAIT

The IRS is warning taxpayers of a tsunami of calls and phishing attempts about COVID-19 Stimulus checks. These contacts can lead to tax-related fraud and identity theft.

Scammers will suggest that you can get your Stimulus check faster if you share personal details like your Social Security number and banking information and also require you to pay a “processing fee”. DON’T TAKE THE BAIT!

Stimulus checks are free money provided from the Government. You do NOT need to spend money to receive your check. There are no short-cuts – even for a fee. The IRS will deposit your check into the direct deposit info you entered on your tax return or alternatively they will mail you a check.

The IRS will never call you or ask you to verify payment details.  Do not give out your bank account information, your debit or credit card number, or your PayPal payment details to someone who contacts you unsolicited.

The IRS has a webpage with information about the COVID-19 Stimulus payments that is updated quickly whenever new information is available. Here is the link

It’s impossible for me to cover all of the upcoming pandemic related hazards. However, the details listed above are a good refresher, especially for those who have been reading my prior articles. Remember that recognizing the red flags is one of the best weapons against scams and fraud.

You can read my prior article about Coronavirus Phishing Emails here.

I wish you and your loved ones all the best. BE SAFE OUT THERE.

Coronavirus Phishing Emails on the Rise

Coronavirus
WASH YOUR HANDS

A global health disaster like coronavirus is a golden opportunity for criminals looking to steal your personal information or money through Coronavirus Phishing Emails.

Portions of this article were reprinted from the website of consumer advocate, Herb Weisbaum, also known as Consumerman. His website is here: https://consumerman.com/

If you got an email from the Centers for Disease Control and Prevention or the World Health Organization about the Coronavirus outbreak, would you read it? Maybe click on a link? Cybercriminals are counting on it!

The outbreak is a dream come true for criminals who will use it as basis for email attacks designed to snag personal information, steal money and infect computers with malware.

Coronavirus phishing emails are on the rise. Malicious emails linked to the Coronavirus first appeared in early February, making it one of the first big phishing campaigns of the year.

“A global health disaster like this one, creates a golden opportunity for fraudsters, as there is no population or demographic that is not paying attention. As a result, the potential for impulse clicking is higher than normal,” said Adam Levin, a digital security expert who is chairman of CyberScout, a data security firm, and the author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.”

The bogus emails look legit

Coronavirus Phishing Emails may look legit, but they’re not! Those who click on the provided link in the email will wind up on a site created by criminals to steal the victims’ email credentials.

With the current Coronavirus phishing emails, fraudsters are designing their emails to look like they’re coming from the CDC or the WHO. They typically have an attention-grabbing subject line, such as “Coronavirus outbreak in your city (Emergency)” and often include the agency’s logo — cut and pasted from the real website — to add credibility.

At first glance, the sender’s email address appears to be legitimate, for example cdc-gov.org or cdcgov.org. The crooks create domains that are very close to the real CDC site — cdc.gov — making the deception easy to miss.

Even though the link looks like it will take you to the CDC.gov website about the Coronavirus, it will not.

You will instead, land on a fake Microsoft Outlook login page, created by the crooks to steal user names and passwords. Criminals control this fake Outlook page. There is no reason to provide login credentials to visit a public website, such as the CDC.

“Once they capture your login credentials, they can use them to get access to your email account and look for anything worth stealing.

BUT IT GETS WORSE

The bad guys have taken things to the next level, using the Coronavirus to infect computers with Malware!

Emails impersonating the CDC include attachments to click on that proclaim the need for the reader to open it to get advice on how to protect yourself. If you open this attachment, it will download Malware or Ransomware onto your computer.

Ransomware locks out all of your computer files and demands a ransom payment to unlock your files. I have written more extensively about Ransomware in a prior article that you can read here.

Just remember that health agencies are NOT sending out mass emails about Coronavirus. There are plenty of legitimate news websites and the CDC website, CDC.gov  itself with important updates and everything you need to know about the Coronavirus outbreak.

How to protect yourself from coronavirus scams

You need to be skeptical of any email that asks you to click on a link or open an attachment — even when the email seems legitimate.

In most cases, you can probably get the information you need by typing in the URL yourself. For the latest on the Coronavirus outbreak go directly to the CDC website.

TIPS TO PROTECT YOURSELF:

  • Don’t be taken in by the sender’s name.Scammers can put any name they like in the “from” field.
  • Look out for spelling and grammatical errors.Not all crooks make mistakes, but many do. Take extra time to review messages for telltale signs that they’re fraudulent.
  • Check the URL before you type it in or click a link.If the website you land on doesn’t look right, steer clear. Do your own research and make your own choice about where to look.
  • Never enter data that a website shouldn’t be asking for. A site that’s open to the public, such as the CDC or WHO, will never ask for your login credentials.
  • If you realize you just revealed your password to impostors, change it as soon as possible.The crooks try to use stolen passwords immediately, so the sooner you change your password, the more likely you are to stop them for doing anything malicious.
  • Never use the same password on more than one site.Once crooks have a password, they’ll try it on every website where you might have an account, to see if they can get lucky.
  • Turn on two-factor authentication (2FA), if you can. Yes, it’s a slight inconvenience to enter a six-digit code when you want to log on, but it’s a huge barrier for the crooks. With 2FA, a stolen password, by itself, is useless to them.

Prevention, Symptoms and Treatment of COVID-19

There’s currently no vaccine to prevent COVID-19. The best way to prevent illness is to avoid being exposed to this virus. The CDC recommends preventive actions every day to help prevent the spread of respiratory diseases, including:

  • Avoid close contact with people who are sick.
  • Avoid touching your eyes, nose and mouth.
  • Stay home when you’re sick.
  • Cover your cough or sneeze with a tissue, then throw the tissue away.
  • Clean and disinfect frequently touched objects and surfaces using a regular household cleaning spray or wipe.
  • Follow CDC’s recommendations for using a face mask. (see below)
  • Wash your hands often with soap and water for at least 20 seconds, especially after going to the bathroom, before eating and after blowing your nose, coughing, or sneezing or being out in public.
  • If soap and water aren’t available, use an alcohol-based hand sanitizer with at least 60% alcohol. Always wash hands with soap and water if hands are visibly dirty.

MORE TIPS FROM THE CDC:

The CDC doesn’t recommend that people who are well wear a face mask to protect themselves from respiratory diseases, including COVID-19.

Face masks should ONLY be used by people who show symptoms of COVID-19 to help prevent the spread of the disease to others. The use of facemasks is also crucial for health workers and people who are taking care of someone in close settings.

Reported illnesses have ranged from mild symptoms to severe illness and death for COVID-19 cases, the CDC said. Symptoms may appear two to 14 days after exposure to the virus and include fever, cough and shortness of breath.

There’s no specific treatment recommended for COVID-19. People with COVID-19 should get care to help relieve symptoms. For severe cases, treatment should include care to support vital organ functions, the CDC said.

People who think they may have been exposed to COVID-19 should contact their healthcare provider immediately.

IRS TAX SEASON SCAMS

IRS TAX SEASON SCAMS

It’s Tax Time again!  Be on the lookout for IRS Tax Season Scams. Thieves want to trick people in order to steal their personal information, scam them out of money, or talk them into engaging in questionable behavior with their taxes.

Phishing scams – like imposter emails, calls and texts — are the No. 1 way thieves steal personal data. Don’t open links or attachments on suspicious emails. Con artists will attempt to trick you into providing your social security number and date of birth. That info allows them to file a fraudulent tax return and get a big refund – before you even get around to filing your own return.  Always try to file your tax return as early as possible.

IRS tax season scams also come by way of con artists, posing as IRS agents. They will demand money for unpaid back taxes owed. They will use fear and intimidation to convince you to send them money. Oftentimes, these imposters will instruct you to pay your fake tax bill through the purchase of gift cards.

IRS Tax Season Scams

Here’s How Many IRS Tax Season Scams Go Down:
  • Someone posting as an IRS agent calls the taxpayer and informs them their identity has been stolen.
  • The IRS imposter claims that the taxpayer’s identity was used to open up fake bank accounts.
  • Alternatively, the IRS imposter may simply claim that you owe the IRS money and then demand immediate payment.
  • The caller tells the taxpayer to buy gift cards from various stores and await further instructions.
  • The scammer then contacts the victim again telling them to provide the gift card’s access numbers.

Once a scammer has been given the access numbers from a gift card, they can anonymously collect the money loaded on the card. You, the victim, have no recourse to reverse the transaction and get your funds returned to you.

IRS USES SNAIL MAIL NOT EMAIL

Be aware that the IRS will never call or email you. If you really legitimately owe the IRS money, the IRS will always first mail you a bill. The written letter from the IRS will state how much you owe and instructions on how to remedy the amount they say you owe. You are always given the chance to agree or disagree with the stated amount owed. You are also given 30 days to respond to their letter.

Most importantly, whenever you mail a payment to the IRS, you will always make the check payable to the United States Treasury. It will need to be mailed to one of just a few locations in the U.S.  You can go online and verify where the payment needs to be mailed. The address will vary, depending on your geographic location.

IF YOU BELIEVE YOU’VE BEEN TARGETED:

  • Contact the Treasury Inspector General for Tax Administration to report a phone scam. Use their IRS Impersonation Scam Reporting web page or call them at 800-366-4484.
  • Report phone scams to the Federal Trade Commission. Use the FTC Complaint Assistant on FTC.gov.  Be sure to add the words “IRS Telephone Scam” in the notes.
  • Report an unsolicited email, claiming to be from the IRS, or an IRS-related component like the Electronic Federal Tax Payment System (EFTPS) by forwarding your email to the IRS at: phishing@irs.gov. Remember to change the subject line in your email to “IRS Phone Scam”.

You can read prior articles I wrote about IRS scams here and here

Holiday Shopping Safety

Tis the Season…to learn about Holiday Shopping Safety!

Scammers love this time of year, because there are many opportunities for them to separate you from your money. To be a smarter and safer consumer, you need to educate yourself, so you can avoid falling victim. Here are holiday shopping safety tips to help keep your holidays merry.

Holiday Shopping Safety

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. These spam emails will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts to buy their gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites are set up all over the internet, that sell stuff that doesn’t even exist. They will offer fantastic bargains that are truly too good to be true. Also, beware of copy-cat websites that appear to be the real shopping site.  Some fake websites use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information gets sent straight to the criminal and will be used to make illegal purchases.

Fake online Ads will appear on social media sites and even on legitimate News websites. The ads exist to entice you to click on links that will ask you to provide personal information. If you see an Ad for something you like, instead of clicking on that Ad, go to the retailer’s website directly. If you don’t know the web address, use Google to search for it. The real legitimate website will be at the top of the Google results – about 99% of the time.

Public Wi-Fi is neither private nor secure. Never ever use public Wi-Fi to shop online. You can never be sure whether you’re using the authorized Wi-Fi of the retailer or actually the Wi-Fi of the thief, who is likely sitting a few tables away. When using public Wi-Fi, it is advisable to use a Virtual Private Network (VPN) for better online security.

Debit Cards should NEVER be used while shopping online. Your debit card is tied to the money in your checking account. You have better consumer fraud protections when using your credit card. Better yet, use a gift card or prepaid debit card for all of your online purchases.

STAY SAFE OUT THERE AND HAPPY HOLIDAYS TO YOU AND YOURS!

Here’s a good website to learn more about Shopping Safely Online

Here’s an article I wrote about Online Shopping

OBJECT TO THE EQUIFAX SETTLEMENT BY NOVEMBER 19TH

We should all collectively object to the Equifax settlement.

November 19th is the deadline date if you want to object to the Equifax settlement. So please do it TODAY – as soon as you finish reading this. Why?  This settlement is an insult to the millions of consumers who had their data compromised. This settlement is not only completely inadequate, but also barely a slap on the wrist for Equifax.

This Puts it in Perspective:

  1. The consumer cash portion is less than 5% of the total settlement pool.
  2. The proposed credit monitoring supplier (Experian) has had recent and large-scale data breaches of their own.
  3. The payment is likely to be magnitudes less than what was advertised.
  4. The attorneys representing the class are getting double the total cash portion of their consumer client base.
Object to the Equifax Settlement
SHAME ON YOU EQUIFAX!

I was among the millions of unfortunate victims of the Equifax Data Breach.  Equifax recently announced that a settlement to the class action against them had been finalized. Remember that nearly 148 million consumers were violated in this totally preventable breach. Our most private sensitive data was hacked and exposed. Equifax makes a handsome profit selling our data. Yet, they failed miserably when it came to protecting that data.

Here’s What Happened

When the class action settlement was first announced, many of us signed up and chose the option for the $125 cash payment – instead of the offer for free credit monitoring.  Shortly thereafter, the lawyers sent out a follow-up email. The email informed consumers that because so many people chose the cash payment option (instead of the free credit monitoring) that the cash settlement amount would be decreased from $125 to just $5.00.  Wait…WHAT???

INSUFFICIENT FUNDS

There was only a meager $31 million set aside in the settlement for those who chose to opt for the cash payment. Apparently, they greatly underestimated the number of consumers who would opt for the cash payment, instead of the free credit monitoring.

Presently, that $31 million is insufficient to grant the full $125 to everyone who chose the cash option. Therefore, those who still wish to receive a cash payment, should only expect to receive a mere $5.00 or perhaps even less than that!

It was revealed that while nearly 148 million Americans were impacted by the Equifax breach, only 3 million consumers had signed up for the free credit monitoring. Most consumers chose the cash payment option instead.

Adding insult to injury, the lawyers involved in this class action settlement have already been awarded $77 million and are now asking for even more money.

CONSUMERS CAN AND SHOULD OBJECT

Today I visited a website that walked me through the steps needed to object to the Equifax Settlement.  (See my second choice option below)

Remember, you have the right to file an objection to this absurdity. BUT – the objection must be completed by the deadline date of November 19th. Consumers have two choices on how to go about filing an objection.

The first choice – is by sending a letter to the Equifax Data Breach Class Action Settlement Administrator. The instructions are available at the Equifax Breach Settlement website on its FAQ page here:  Then see Question # 25. Warning: they don’t make it easy.

THE SECOND CHOICE IS AN EASIER WAY!

Begin by reading an article written by consumer advocate Bob Sullivan on his website here

In his article, Bob Sullivan explains that Reuben Metcalfe, founder of Class Action Inc., has made filing an objection with the court a lot easier – using a bot he created. His website is named ‘NoThanksEquifax.com’. Here’s the link

The website features a bot that semi-automates the objection letter-writing process. The bot, named Clarence, also has a sense of humor. He cheers you on as you walk through the steps of filing your objection.

The ‘NoThanksEquifax’ bot helps consumers opt-out for FREE. He thinks massive objections or opt-outs would force negotiations and hopefully result in a better deal for consumers. He states “I believe a mass opt-out campaign for the Equifax settlement would result in an additional $2 to $3 billion in… consequences”.

Once the objection date (November 19th) expires, the judge overseeing the settlement must legally consider all objections at a fairness hearing scheduled for Dec. 19.  FYI – Objections do NOT remove consumers from the class. If the settlement is approved, claimants can still receive payment or credit monitoring services offered to other class members.

To find out if you were one of the victims of Equifax’s data breach and an eligible class member, call 1-833-759-2982 or go here:

IMPORTANT NOTE: if you wish to join the class action and file a claim in the Equifax class action settlement, you must do so by January 22, 2020.

REMEMBER: THE DEADLINE TO OBJECT TO THE ABSURD DECREASE IN THE CASH OPTION AMOUNT IS NOVEMEBER 19th.  SO HURRY!  DO IT TODAY. THE MORE OBJECTIONS, THE BETTER!!!

FYI: I wrote an earlier article about the Equifax breach settlement in August. It provides many of the details about the settlement. You can read my article by clicking here. 

BEWARE OF CHARITY SCAMMERS

Beware of Charity Scammers

While natural disasters, such as Hurricane Dorian, bring out the best in people who want to help, unfortunately it also brings out charity scammers.  People with good intentions are moved to want to help the victims of a disaster, while charity scammers are moved to take full advantage of the abundance of good will.

Charity scammers exploit disasters by posing as fake charities. Instead of collecting money to help disaster victims, they keep the money for themselves.

So – How Do They Do It?

In the aftermath of most disasters, charity scammers are hard at work sending out unsolicited emails, text messages, snail mail solicitations, social media advertisements and even come knocking at your door asking for donations.

Disaster Relief Charity Scammers
Choose Your Charity Wisely!

You can never be sure whether the person contacting you is legitimate or not!

Charity scammers are also very adept at creating phony, but legitimate-looking websites that appear to be real charities. They choose names of similar sounding charities to fool you into thinking they are legit. Charity scammers will provide you with a link to their fake websites. These fake websites capture unsuspecting victims who innocently enter their personal info including their SS#, address, phone # and credit card info.

Keyboard with Donate Button
Beware of Spoofed Charity Websites

FOLLOW THESE IMPORTANT TIPS:

  • Go directly to the charity yourself. You can find the address of a charity’s website and either mail them a check or go directly to the charity’s website (by typing in the website address yourself) and make your donation online.
  • Look for the padlock symbol and the website address to start with https, not just http. The “s” stands for a secure website. Also, realize that most charity websites will end in “.org”, not “.com”.  Be careful of making typos when entering web addresses too.
  • Never, ever click on links in an email, no matter how legitimate the email looks! The US Computer Emergency Readiness Team (US-CERT) is reminding everyone that malware purveyors frequently use natural disasters and breaking news stories to trick people into clicking on malicious links or opening up booby-trapped email attachments.
  • Be careful of what you see on your ‘Caller ID’. Most phone numbers are “spoofed” to look like the call is coming from a charity, when in fact, it’s a scammer calling.
  • Telemarketers who call you, representing a charity, receive a commission for each donation they receive. So only about half of your donation actually goes to help the charity. Besides, how can you be sure that the person calling you is from a legitimate charity?  You can’t!
  • To check out a charity, you should go to either charitynavigator.org or www.charitywatch.org  Both websites help you determine if a charity is legitimate. If the charity is not on the list, then beware! You can also learn how much of the money a charity collects, actually goes to the people they are supposed to be helping.
  • Always contribute by check or credit card to have a record of your donation. Never make a donation with cash, a pre-paid debit card, bank wire, or especially an iTunes or Amazon gift card.
  • The IRS allows taxpayers to use their Tax Exempt Organization Search Tool to help find or verify qualified charities. Donations to these qualified charities may be tax-deductible.
  • Contact any organization you’re considering, and ask for the charity’s address, phone number and financial records. Consider how much of your donation will go to the program you want to support, and how much will cover administrative costs. Legitimate groups will gladly provide information about their mission and how your donation will be used. If the charity you contact is unwilling to provide you with such information, be suspicious!

You can read a previous article I wrote about charity scams here.

 

 

Equifax Settlement after Massive Data Breach

An Equifax settlement has finally been reached – nearly two years after their massive data breach. The company has agreed to a global settlement with the Federal Trade Commission and the Consumer Financial Protection Bureau. The settlement includes a Consumer Restitution Fund totaling up to $425 million to help people affected by the data breach and another $175 million going to all 50 U.S. states and territories.

Padlock with Identity Theft Theme
Nearly 148 Million Records Exposed!

TOTAL INEPTNESS

It was in September of 2017 that Equifax, one of the largest consumer reporting agencies in the world, suffered a data breach that affected roughly 148 million consumers – nearly half the U.S. population.

Equifax’s failure to maintain and update their security system is what caused this preventable breach. Despite knowing about a critical vulnerability in its software, Equifax failed to fully patch its systems. The breach went unnoticed for 76 days.

This epic breach enabled hackers to penetrate Equifax’s systems and exposed the private data of 56% of American adults. Breached information included Social Security numbers, names, addresses, birthdates, credit card numbers and some driver’s license numbers too.  It was, and still is, the largest and most damaging breach of highly sensitive consumer data.

RESTITUTION FUND – JUST A MERE $2.87 – PER VICTIM!
Equifax Settlement
Barely A Slap On The Wrist!

The Equifax Settlement includes a Consumer Restitution Fund totaling up to $425 million that will go to consumers who can demonstrate that they were financially harmed by the breach.  $300 million is dedicated to addressing consumer redress. However, if the $300 million is exhausted, the fund can increase by up to an additional $125 million. The company must also offer up to 10 years of credit monitoring services to those affected by the breach. If you don’t want the credit monitoring service, you may be able to opt for a $125 cash payment, unless they run out of funds. You can’t get both!

Furthermore, Equifax has agreed to take several additional steps to assist consumers who are either facing ID Theft issues, or who have already had their identities stolen. It includes making it easier for consumers to freeze and thaw their credit and making it easier for consumers to dispute inaccurate information contained in their credit reports.

Additionally, the Equifax settlement requires the company to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft. For at least seven years, Equifax will provide free assistance to victims via their Identity Restoration Services. In other words, if you discover there was misuse of your personal information, call the settlement administrator at 1-833-759-2982 and you will be given instructions for how to access Equifax’s free Identity Restoration Services.

WHAT DO I NEED TO DO NOW?

Equifax is offering FREE Credit Reports for ALL U.S. Consumers. Starting in January 2020, all U.S. consumers can get 6 free credit reports per year for 7 years from the Equifax website. That is in addition to the mandatory free credit report everyone is entitled to each year from each of the three credit bureaus that you get from going to www.AnnualCreditReport.com

To find out if you were one of the over 147 million victims of Equifax’s data breach and an eligible class member, call 1-833-759-2982 or you can click here

*NOTE: If you wish to file a claim, you must file your claim by January 22, 2020.

Visit the Federal Trade Commission’s website for info on How to File a Claim

Read a previous article I wrote about the Equifax Breach to learn how it all came about. And Here for Part Two of that article.

PUBLIC WIFI IS NOTORIOUSLY RISKY

Public WiFi is Notoriously Risky!

If you intend to bring your internet devices with you when you travel, you must consider the inherent dangers of Public WiFi.

Public Wi-Fi Is Not Safe
Public Wi-Fi You Must Protect Your Data

Pubic WiFi is Not a Private Secure Internet Connection

Therefore anyone can access the network and anyone can eavesdrop on what’s being transmitted via Public WiFi. People tend to let their guard down while traveling. Security is put on the back burner and we tend to do things that increase our chances of getting hacked.

According to a survey conducted by Morning Consult for IBM Security, 70% of travelers take unnecessary risks while on the road. They connect to public WiFi, charge a device on a public USB station, or enable auto-connect on their wireless devices.

Hackers Set Up Fake Public WiFi Hot Spots

A skilled Hacker will typically give their fake WiFi Network a name that’s similar to an authentic connection. If it’s a hotel, they will choose a name with the hotel’s name in it or if it’s the airport, they will choose a network name that includes the airport’s name or the name of the airlines. The same goes for coffee shops or other internet hubs.

If you are inadvertently fooled by a hacker’s fake WiFi Network, you’re now giving that network permission to start taking data off your device. Furthermore, if your device is set to auto-connect, you might be leaking your personal data and not even know it.

You can’t eliminate all digital threats when you’re on vacation, but you can significantly reduce your chances of having a problem by following these tips.

TIPS TO KEEP YOU SAFE

  • Any device you use, outside your own home network, including your smartphone, laptop or tablet should have a VPN (Virtual Private Network) installed. A VPN encrypts the data leaving your device.
  • Before turning the VPN on, be sure to shut off WiFi and close all apps. After connecting to Wi-Fi, via your VPN, it’s safe to open up any app.
  • Never have your devices set to auto-connect. If your device automatically connects to a free WiFi Hotspot, your device is vulnerable to hacking.
  • Keep the WiFi on your smartphone turned off until you need it. Cellphone data is encrypted when it travels via your phone’s mobile network.
  • Never bring your business laptop with you when on vacation. Bring a spare one that has no corporate data on it. If you need to access corporate data or your company email, do it through the cloud.

Remember, we’re more vulnerable to digital security intrusions when we travel. Don’t opt for convenience over security.

Here is the link to the IBM Survey

Read a previous article of mine about how to keep your online data safe

 

VOICE ACTIVATED ASSISTANTS

VOICE ACTIVATED ASSISTANTS POSE PRIVACY CONCERNS

Voice Activated Assistants, aka Digital Assistants, like “Alexa” and “OK Google” have become very popular. Over 20 million homes already have a voice activated assistant installed in their homes.

These digital assistants may be the latest rave in cool technology, but the devices have created new privacy concerns and security vulnerabilities. They could potentially expose personal data like your bank account info and your contact list. So, while it may be fun to own one, be aware that voice activated assistants pose a risk, if a cyber-criminal is able to hack into it.

The digital security firm Symantec released a report about voice activated assistants. The report states that “The range of activities that can be carried out by these speakers, means that a hacker or even a mischief-minded friend could create havoc, if they were able to gain access”.

Voice Activated Assistants
THEY’RE LISTENING!

WHY? IT’S ALWAYS LISTENING!

The user must first use a wake-up command such as “Alexa” or “OK Google” to activate the digital assistant. Therefore, the device must always be listening, waiting to be activated by that command. This can cause unintentional or accidental triggering. Even a radio, TV or streaming video, playing in the background, might inadvertently set it off.

Once the device is awake, it will record what is said and then sends that recording to a server, where it is stored. However, you do have the option to listen back to these recordings and delete them if you wish.

Symantec’s threat researcher sees a potential danger from these ‘always listening’ digital assistants. He states, “Someone could hack into these devices remotely and then turn them into a listening device”. “Some of them even come with cameras, so they can also see what you are doing”.

Pam Dixon, executive director of the World Privacy Forum, cautions against allowing your digital assistants to store passwords, your contact info or credit card data. Additional dangers include the fact that the device may come with a purchasing option, which is usually turned ON by default. You should set a security PIN or disable the feature.

CRIMINALS CAN TAKE CONTROL

Voice Activated Assistants are designed to be hubs that can control other devices or appliances in your home. These other external devices are referred to as the “Internet of Things” (IoT). Gadgets like lights, cameras, thermostats, coffee makers, alarm systems and door locks are all part of the Internet of Things.

Be aware that the convenience of these IoTs, may create new vulnerabilities. For example: if you connect your door locks or alarm system to your digital hub, then a burglar could command your digital assistant to “open the door and turn off the alarm”.  Additionally, any device connected to the internet is vulnerable to Malware. Always be sure to change the default password and assign a stealth password to each of them.

TIPS TO KEEP YOU SAFE

  • Be careful which accounts you connect. Don’t connect things you don’t need to use, like your address book or calendar.
  • Always use long strong passwords and enable 2-step authentication if it’s available. Remember that anyone with access to your account can listen in remotely, play back recordings, change settings and access personal information.
  • Be sure that your voice activated assistant is linked to your private home or office Wi-Fi network. Password protect your Router.
  • Devices made by Amazon and Google both offer voice recognition, so use that feature. But realize it’s not foolproof.
  • Remember to put the device on Mute when you go on vacation.

To learn more about the danger posed by these gadgets, read my prior article about the Internet of Things.