Category Archives: Scam Alert

Set your skepticism meter to ‘high’ during the holidays

Did you know the BBB has a Scam Tracker where you can report fraudulent activity in your area? They do!  On this site, you can read details about reported scams and learn what to watch out for in your immediate area.  Here are some of the scams reported across the United States in the past month and tips on how to avoid them:Holiday Fraud Alert.jpeg

Fake or Cloned Websites – This is at the top of the BBB’s list of holiday scams this year. Do you know how to read a URL? It’s the information immediately to the left of the first single forward slash (/) that tells you where you’re actually going. The site in the image below is a fake Amazon website that really takes you to a domain called “tube-gif-converter,” which steals your Amazon credentials.

Reading URLs

Shipping Notices – Be leery of any emails you receive about a lost package or a delivery failure. These phishing emails include links to bogus websites that either install malware on your computer/phone or collect your login information for legitimate shipping sites, such as USPS or FedEx. Keep track of the packages you’re expecting and scrutinize all emails for red flags. Instead of using a link from an email, open a browser and type the company’s website before logging into your account.

Deliveries – One in five respondents to a recent survey reported packages stolen from their own or a neighbor’s home. Instead of having packages left in front of the door, have them delivered to your office (if allowed at your location) or to your apartment’s office. If neither is an option, then try to create a place that’s concealed from passers-by and add delivery instructions for the driver.  You may also want to require a signature for high-value items, when possible.

Fake Targeted Ads – Avoid clicking ads! Social media sites track which products and services you discuss or view, so hackers are able to pinpoint which ads will be the best bait for you. If you want to learn more about a product, launch a new browser and search by the product’s name or description. You can usually find a legitimate website that sells the same item. Hint: Viewing the search results as images is a great way to find what you’re looking for when you don’t know the product name.

Pet Scams – According to the BBB of Western Pennsylvania, 80% of results for pet searches online are either fraudulent links or scams. Some scammers even use a local address. Best practice is to never send money to someone you don’t know prior to seeing the animal in person.

Promo Code ScamFake Coupons or Discounts – These can be delivered via email or shared on social media sites with the goal of gathering your personal information. Any offers that sound too good to be true most likely are. One recent example is this scam that promises $150 from Kohl’s if you share a Black Friday post.

Fraudulent Letters from Santa – Even Santa isn’t safe from identity theft! People have been scammed out of money when ordering a letter from Santa for their child. There’s no need to hire an unknown company, when the US Postal Service offers this for free every year.

Public Wi-Fi – Do not conduct sensitive business (e.g., shopping, banking, etc.) while on a public Wi-Fi network. Best practice is to keep your information safe by waiting until you can connect to a trusted network.

Charities and Fundraisers – Scammers will use your holiday empathy to their advantage. Go to Charitynavigator.org to check the legitimacy of a charity/nonprofit before making a donation. You can learn more about charity scams and how to spot them by reading this blog post.

By Vickie Lubner-Webb

People can figure out your password

People can figure out your password

Even if your password isn’t “123456,” “password,” “qwerty,” or “letmein”—some of the most commonly used ones out there—odds are good that other people know your password. That’s because of two reasons: Billions of leaked credentials have found their way online thanks to data breaches. The average person uses the same password in multiple places. Especially… Continue Reading

Hacking humans: dangers of social engineering

Hacking humans: dangers of social engineering

“Amateurs hack systems, professionals hack people.”  —Bruce Schneier – cryptographer, privacy specialist, and author Social engineering is a new term to describe someone who uses psychological manipulation to get someone else to divulge confidential information or perform actions (e.g., click a link in an email or open a locked door). An older name for a social… Continue Reading

FTC alert: Social Security numbers can’t be suspended

FTC alert: Social Security numbers can’t be suspended

The Federal Trade Commission (FTC) is warning of a new variation on government imposter scam—this time claiming your Social Security Number has been suspended. A caller claims to be protecting you from a scam, all the while actually trying to lure you into one. The scam A professional-sounding caller informs you that your Social Security… Continue Reading

Can you spot the phish?

Scammers love a good phishing email scheme because they’re so efficient. With the creation of one real-looking message, they can trick hundreds, if not thousands of people into revealing personal information. From banking and credit card information, to usernames and passwords, they do their best to create an email lure to reel you in. Each… Continue Reading

Data breaches can lead to credential stuffing

Data breaches can lead to credential stuffing

Data breaches aren’t going away—in fact, data indicates that they’re happening more often than ever before. A 2018 report says that 75% of U.S. retailers have experienced a breach, with 50% experiencing the issue in the last year. Check out this graphic to see the world’s biggest data breaches. Odds are good you will, or have been,… Continue Reading