Phishing scams are an ongoing problem, however there is a HUGE increase in the number of scams that start around Thanksgiving and go through Christmas. Cyber-criminals take advantage of distracted staff to launch targeted attacks.
- Fake Shipping Notifications:We recommend that you DO NOT click on ANY tracking links from FEDEX, UPS or the USPS. Instead, go directly to their website and type in the tracking number in question or log in to your account and check open orders directly.
- Email Deals:Don’t click that deal! If a sale sounds too good to be true, it probably is. Ask yourself, “Did I sign up for emails from this retailer? Did I ever supply my email address to this site?” If the answer is “No,” then immediately delete the email. Remember: on your computer you can hover over the link and check for typos, repeated letters, or strange words in the link that could indicate an impostor website. If you’re really interested in the sale, go to the retailer’s website or inquire with customer service to see if the sale is real.
- Online Shopping:It’s best to type in the URLs of your favorite holiday shopping sites manually, and only click top-ranked search results when browsing. This precaution will prevent any “malicious” links with executable codes from installing something nasty on your computer or device.
- Santa Letter Scams: Knowing that every child would love a reply letter from Santa, phishers manipulate parents’ heart strings by offering great deals on “Santa letters.” Before ordering your child or grandchild a Santa letter, check for reviews and a good Better Business Bureau (BBB) rating. Even then, don’t provide too many details about your child/grandchild, such as their birth date, school name, pet’s name, etc.
- Bogus Charities:Cyber criminals play on our charitable nature during the holidays. Most legitimate charity websites use .org, not .com. Also, beware of charities with copycat names or small variations in the spelling of the website. The best policy is to call the charity directly or visit their website directly instead of clicking on email links.
- Long-lost Friends Scams:Online scammers can also send bogus links from fake organizations through your friends’ contact lists to get to you. These emails look normal, as they’re coming from a familiar name. Ask yourself, “Has this person ever sent me a message like this before? When was the last time I talked to this person?” The best policy is to pick up the phone and ask if they sent you the email. Your “friend” may not know that they’ve been compromised and that emails are being sent out with their account or in their name.
- Social Media Ads:Criminals replicate a legitimate ad (Best Buy, Amazon, Macy’s) and when you click on it, malware or ransomware can be installed on your phone or other devices. Our best advice is refrain from clicking on ads during the holiday season and don’t click on anything while on your phone! It’s more difficult to figure out what’s legitimate and what’s a scam when on your phone. If you see a great deal, go directly to the vendors website. That same deal should be on the site. If it’s not, you can always call customer service and inquire.
- Pet Scams:While a year-round issue, pet scams (puppy scams are the most used) hurt families seeking to add a family member to their household for the holidays. Pet scams are often difficult to avoid as cute pictures, and good deals pull at the heartstrings and wallet. To prevent this fraud, only purchase pets through reputable sources such as: Petsmart, the local shelter, breeders that can provide references or other local adoption agencies.
- eCards:Receiving an eCard, especially at Christmas is not unusual. However, as always, there are bad guys out there looking to take advantage and they see eCards as an easy way to do that. Malicious eCards can contain spyware or malware, designed to infect your computer and steal your data. In some cases eCards have been the source of ransomware, a virus that locks down your files and demands payment to unlock them. Here are some clues that can help you spot a malicious e-card; look out for spelling mistakes and poor grammar and never install .exe files.
- Travel Deals:We all want an all-inclusive trip to London or the Caribbean for $299 – but let’s face it, those deals are either a scam or a time share sales pitch! During the holidays scammers ramp up deals on travel packages from hotel and airfare to cruises hoping to trick people into buying items that don’t exist. In 2018 between Thanksgiving and Christmas this scam cost families more than $7 million dollars. If it sounds too good to be true, it probably is!
- Money Transfers: Got an email from your boss telling you to transfer money? STOP – don’t do it! Well, don’t do it until you verify with a phone call that you’re supposed to send that money. This time of year cyber-criminals ramp up targeting those in finance and HR with phishing emails that look completely legitimate. Many banks and insurance companies are refusing to refund money stolen this way. The best thing you can do is slow down, take a few minutes and call whomever is asking you to send the money and verbally verify that you should.
- IRS & Other Government Scams: Who likes getting a call or email from the IRS? Nope, not me either. During the holidays aggressive criminals pose as IRS agents with the intention of stealing money or personal information. This scam comes in two forms. There’s the nasty email demanding payment or they will confiscate your property and put you in jail. Then there’s the phone scam, or what’s known as “voice phishing” where the phone call phone threatens arrest, or business license revocation if you don’t pay a bogus tax bill. These calls most often take the form of a “robocall,” a text-to-speech recorded voice mail with instructions to call back a specific telephone number and the phone number is spoofed to look like it’s coming from Washington D.C. The IRS will never call you to demand payment, they always communicate via a letter first and then a certified letter.
- BONUS –Don’t Post about travel before or while you’re away: You’re excited to go see Aunt Bee for the holidays, so you start posting on social media about your plans. You want everyone back home to know you’re coming. While your friends and family may be following your posts, thieves and scammers may be as well. An interview with 50 ex-burglars found that 80% used social media to plan robberies! Not only that, some insurers have a “reasonable care” clause in their policy and could deny your claim. Be safe ~ wait until you’re back to post those awesome vacation and family photos!One More Tip so You Don’t Wreck Your Holidays and Your Life!
Lock Down Your Email
Have you ever stopped to consider just how important your email account is?
Like most people, you probably use email to send messages to friends and family members and receive updates from the various services you’ve signed up for.
But did you know that your email account is one of the most important online accounts you’ll ever use?
In fact, after your online banking account and your PayPal account if you have one, your email account is probably THE most important account you have.
Why do we say that? Because your email account is the master key to most of your other important accounts – including PayPal and your online banking account!
Think about it for a moment…
What happens when you forget the password to one of your accounts? Chances are you’ll be given a link to click that will send a password reset email to the email address that’s registered with that account.
Click the link and wait for the email to arrive, then click the confirmation link in the email to access the password reset page. We’ve all done it dozens of times.
Well, guess what? If you can click a link in an email to reset the password to an important account, so can a hacker.
That’s why it’s absolutely critical that you take the time to lock your email account down tight to prevent hackers from breaking into it and using your email address to reset the password to your online banking account, PayPal or your social media accounts.
Luckily, it really isn’t that hard to lock most any email account down tight. Just follow the steps below:
- Change your email passwordto a phrase that’s easy to remember but hard to guess or break with a password-guessing tool.
- Beware of Phishing Schemes: The fact is most compromised email accounts become compromised after the account owner falls victim to a phishing attempt. Don’t let it happen to you!
- Enable Two-Factor Authentication (2FA)on your email account.
One you’ve enabled Two-Factor Authentication on your email account, a hacker won’t be able to log into that account unless he/she has access to your mobile phone – even if they know your password!
And while you’re at it, go ahead and enable it on all of your other online accounts as well.
Bottom line: If a hacker manages to gain access to your email account, he/she will be able to reset the passwords to many (and possibly all) of your other online accounts and break into them at will.
What’s more, the hacker might be able to change your email account’s password, which would basically lock you out of your own email account!
Deliver David's Tech Talk to my inbox
We'll send David's weekly Tech Talk to your inbox - including the MP3 of the actual radio spot. You'll never miss a valuable tip again!