QR codes seem to be everywhere. You may have scanned one to see the menu at a restaurant or pay for public parking. And you may have used one on your phone to get into a concert or sporting event, or to board a flight. There are countless other ways to use them, which explains their popularity. Unfortunately, scammers hide harmful links in QR codes to steal personal information.
There are reports of scammers covering up QR codes on parking meters with a QR code of their own. And some crafty scammers might send you a QR code by text message or email and make up a reason for you to scan it. These are some of the ways they try to con you:
- they lie and say they couldn’t deliver your package and you need to contact them to reschedule
- they pretend like there’s a problem with your account and you need to confirm your information
- they lie, saying they noticed suspicious activity on your account, and you need to change your password
These are all lies they tell you to create a sense of urgency. They want you to scan the QR code and open the URL without thinking about it.
A scammer’s QR code could take you to a spoofed site that looks real but isn’t. And if you log in to the spoofed site, the scammers could steal any information you enter. Or the QR code could install malware that steals your information before you realize it.
So how can you protect yourself?
- If you see a QR code in an unexpected place, inspect the URL before you open it. If it looks like a URL you recognize, make sure it’s not spoofed — look for misspellings or a switched letter.
- Don’t scan a QR code in an email or text message you weren’t expecting — especially if it urges you to act immediately. If you think the message is legitimate, use a phone number or website you know is real to contact the company.
- Protect your phone and accounts. Update your phone’s OS to protect against hackers and protect your online accounts with strong passwords and multi-factor authentication.
A trending scheme referred to as “Display Rack Gift Card Scams” is something you need to protect yourself from all year round, but especially as we head into the holiday season.
Take a few moments to examine the packaging and gift card. Look for signs of tampering, such as the wrapping being torn or resealed. Also, look for stickers placed over the barcode or card number. Scammers will place a custom barcode sticker over the real barcode of the gift card, which allows them to secretly load the cash onto their own card immediately after you purchase the compromised gift card.
Additional tips:
- Choose a card from the back of the rack: Scammers often place their fraudulent cards at the front of the display, so choosing a card from the back can reduce the risk of purchasing a tampered card.
- Purchase gift cards that are in view of the cashier: Gift cards that are in view of the cashier can be a safer option because they are less likely to be tampered with. Additionally, if the gift card is kept behind the counter or in a locked display case, it can provide an extra layer of protection against tampering.
- Avoid unfamiliar brands: If you’re not familiar with the brand on the gift card, do some research before purchasing. Some scammers create fake gift cards for non-existent or defunct brands, so it’s important to be cautious.
- Report suspicious activity: If you suspect that a gift card is fraudulent or has been tampered with, you should report it to a store associate right away and request a refund or exchange. Plus, it should be reported to the Federal Trade Commission (FTC), as well as asking the company that issued the gift card to have it re-issued.
The FTC also provides a list of contacts for some of the major retailers that offer gift cards and outlines what a consumer should do when they encounter a gift card scam.
If someone calls or sends a message claiming to be a family member or a friend desperate for money, don’t trust the voice on the line — even if it sounds like your family member or friend. Scammers are good at faking it. Here’s what to do to verify the person’s identity:
- Resist the pressure to react and send money immediately. Hang up — or tell the person you’ll call them right back. If you don’t feel comfortable hanging up, try asking a question only the real person would know the answer to, like “What kind of dog do you have?” or “Where did you spend Thanksgiving last year?”
- Use a phone number you know is right to call or message the family member or friend who (supposedly) contacted you. Ask them if they’re really in trouble.
- Call someone else in your family or circle of friends, even if the caller said to keep it a secret — or sounds like a loved one. Do that especially if you can’t reach the friend or family member who’s supposed to be in trouble. A trusted person can help you figure out whether the story is true.
Cybersecurity risks have grown just as rapidly as technology has and online scam artists are always finding new ways to lower a system’s defenses.
Ramping up your cybersecurity awareness means learning how to stay safe online, and it’s the best way to keep your personal information (and money) safe from scammers. Here are 50 helpful internet safety tips to help you form cyber-safe online habits.
Be wary of online strangers.
Anyone you meet online could be a threat. In fact, the FBI has estimated that an astounding 500,000 predators are online each day—most of which have multiple online accounts, personas, and profiles. Dating apps, social media platforms, or other messaging apps, in particular, are a cybercriminal’s playground. Make sure you’re following these important guidelines while using these kinds of apps.
1. Never agree to privately meet anyone face to face. And especially don’t agree to go with anyone to a secluded location—anyone that truly respects you wouldn’t ask you to do that anyway.
2. Don’t share any personal information through a device—not even to someone you think you know. Period. Scammers won’t just impersonate strangers. In fact, scammers often hack into someone’s account in order to send phishing links to unsuspecting friends and contacts.
3. Be wary of online requests for money or private information. It’s never a good idea to give out details about your personal identity online. Even if you know the person and they actually are who they say they are, who’s to say their account won’t get hacked and your information stolen?
What’s a VPN and how can it keep your internet connection secure?
A VPN—Virtual Private Network—is an encrypted tunnel between your device and the internet that nobody can see down. This tunnel protects you and your information from online snoopers and is one of the easiest ways for people to keep their online identities and data safe. A VPN can make you appear to be in any location you select upon login and will shield your identity from websites, apps, or other services that might share or steal your information.
4. Never log on to sensitive sites on a public network. One of the easiest ways to ensure your safety on the internet is to refrain from checking highly sensitive information while out in public or on a public server.
5. Be wary of supposedly free VPN services. Even if a free VPN service is legit, it would be hard for them to compete with paid VPNs. The less legit services will sell your data connection to other customers or monitor your internet surfing patterns and sell that information to marketing agencies. Both of these are things VPNs should prevent, not enable.
6. Make it as difficult as possible to access your VPN. Use the strongest possible authentication method for VPN access. Most everyday systems use the standard password authentication method but this should be and is avoided when setting up a VPN.
7. Limit VPN access. Don’t let just anyone have access to your VPN. A VPN is known for being secure because it’s a secret and it gets less secure the further the secret spreads.
Practice safe browsing.
Entire websites can be set up as scams meant to infect the security of a computer and access someone’s personal information. Remember to double-check every site that your online presence touches. Here are 11 tips to help identify if a website is fake:
8. Make sure the site’s URL doesn’t have two domains. Sometimes scammers will create a false website and disguise the actual site’s domain with a fake one. This leads to URLs having more than one domain hidden inside. Here’s how that might look: officialwebsite.org.confirmation-assistant-phony.com/signin?US&x=en_US
9. Look for a padlock symbol in front of the site’s URL. But remember that this alone isn’t good enough to prove the authenticity of a site—studies show that roughly 84% of scammers still include this symbol to fool people into believing the site is legit.
10. Look for poor spelling or wonky designs. These are signs that the site is either mimicking another or a fake.
11. Check how long the site has been active. Iplocation.net has a useful tool that checks the authenticity of a website. Just copy and paste the site’s URL and hit submit to see how long the site has existed. If the website hasn’t existed for very long but the company is older, then you know it’s a scam.
12. Click on the URL to ensure it starts with https://. If you see https:// on a website URL, it means that all data and communication made within the site is encrypted and secure.
13. Be wary of any online stores with too-good-to-be-true deals. Scammers know that if you give anyone a deal that’s too good to pass up and, cha-ching, the money comes flowing in. So don’t be that person who rushes to enter your card information for a deal that will only ever be a scam.
14. Don’t let emotions prompt you into making a rash decision or go to a website directly rather than using links within an email or text. Urgent messages such as “An unauthorized user has signed into your account. Click this link immediately to change your password and secure your account.” are often linked to fake password login pages, customer support websites, or package delivery websites. The second you enter your login information, the scammer has it.
15. Avoid remaining on sites that contain consistent pop-ups. Aggressive pop-ups can be malicious and infect your device.
16. Only log in to medicare and health insurance sites directly, rather than through a link sent to you. Scammers will create fraudulent Medicare or health insurance sites to trick people into handing out sensitive information.
17. Always double-check too-good-to-be-true flights before you book them. From fake flight cancellation messages to bogus flight booking sites, scammers take full advantage of the airline business.
18. Be wary of “free” products and services. It’s likely that there are hidden strings attached to any free service so always ask yourself, “Why is it free,” do your research, and go from there.
Don’t leave bluetooth enabled on your devices.
Leaving bluetooth running on your device may leave it vulnerable to hacks, abuse, or privacy violations.
19. Change bluetooth settings to “Not Discoverable.” Most hackers will target devices that are within range and discoverable.
20. Turn off bluetooth as soon as you’ve unpaired from any device.
21. Remember to unpair from devices when you aren’t actively using them.
22. Be particularly mindful of crowded public areas. Bluetooth hackers need to be in close proximity to your device to link to it. That means they typically target crowded areas where people tend to stay a long time like coffee shops or libraries.
23. Be careful who you pair with and don’t accept any unexpected pairing requests. If you’re trying to pair with your friend’s or your own device, be sure to double check what the device’s pairing name is.
24. Avoid pairing devices in public. Pairing a device, particularly for the first time, can be a long process. And in order to pair, you’ll need to make your device discoverable to all potential pairing devices, meaning your device is extra vulnerable. Make sure to pair devices at home or another secure location.
Don’t post everything about your private-life on social media.
Be mindful of what you’re posting online Here are six ways to keep safe online while using social media.
25. Don’t post that you’re home alone for extended periods of time. Sharing that you are home alone makes you vulnerable to anyone who might mean you harm—even if you might think you know them well.
26. Don’t share where you live. Sharing where you live to the wrong person could be an invitation for an attack or robbery.
27. Avoid mentioning too much about your day-to-day schedule. The wrong person knowing when and where you are can lead to a dangerous situation.
28. Refrain from posting or sending compromising pictures of yourself—even if you trust who’s receiving it. The sad reality is that even if your picture wasn’t for public view, it can get leaked or your account can get hacked.
29. Don’t share personal information like passwords, login information, credit card numbers, etc. via online message or on a public post.
30. Keep your privacy settings on. Giving public access to your social media accounts is opening the doors for criminals to access sensitive information.
31. Never post your travel plans. It might be fun to share your adventures with the world, but it’s not fun when the wrong person knows everything about your travel itinerary and takes advantage of that in a way you don’t like.
Use up-to-date antivirus software.
Antivirus software tracks all the files that enter your computer system. When the software sees something out of place, it flags it and notifies you of a potential threat. It doesn’t just detect it, antivirus software also takes steps to prevent and derail any potential attacks. But just having the software sometimes isn’t enough. Here are some more internet safety tips that will help strengthen your computer’s defense.
32. Keep your antivirus software up-to-date. Updating your antivirus software gives it a run-down of the latest, most common threats.
33. Update your device. Updating your device is another essential way to ensure its health & safety. Some devices are released with unknown risks that aren’t found until they’re on the market. These risks get evaluated and then fixed with updates.
34. Think before you click. Your antivirus software can only do so much when you click something that blatantly downloads a threat.
Use and keep secure passwords.
Managing your passwords may seem exhausting, but it’s vital to the security of your device and all the information it holds. Here are some password best practices to keep in mind as you’re creating accounts, shopping online, and more.
35. Don’t reuse passwords. Reusing passwords means that if one account is hacked, others will be too. That turns what could be a small problem into an exponentially larger one.
36. Never share passwords with anyone. Giving someone else your password means the door is open for them to accidentally leak it to a harmful source—whether through getting hacked or something else.
37. Use multi-factor authentication. It might be a bit annoying to get a text or answer a question every time you try to login, but it will keep your accounts much more secure than a simple password.
38. Create long passwords. Long passwords are better than short passwords no matter the complexity of the latter.
39. Use phrases that are hard to guess but easy for only you, yourself to remember—a minimum of 12 characters is best.
40. Avoid single word passwords. These are too easy to guess.
41. Don’t use your name, birthdate, or other publicly available information (pet names, favorite sport teams, car models, etc. are all common password choices and, thus, easy to hack).
Data breach tips—what it is and how to prevent it.
A data breach is when confidential information is taken from a device without the knowledge or authorization of its owner. A breach like this can happen at someone’s workplace or on their own personal computer system. There are multiple types of information—personal, financial, health, business, etc.—that can be leaked this way.
There are ways you can stay vigilant in protecting the personal information on your device. Here’s how:
42. Install anti-malware and antivirus software.
43. Backup files so that they aren’t lost if an attack occurs.
44. Be careful what you download. Scammers will try any phishing trick and clickbait tactic in the book to make you open a link and download harmful software.
45. Never log in from a link sent via messaging or email—go to the site’s direct page and then log in that way. And always ensure you’re logging on through a secure wifi.
What to do when your information is stolen.
If your information does get leaked or stolen, don’t panic. There are things you can do to lessen the impact.
46. Change your passwords. If your passwords are the same or similar, change all your passwords and not just the one that was leaked.
47. Constantly check for updates to the situation. Whether it be with your bank, credit union, or work place, it’s important to stay up-to-date and try to resolve the issue quickly.
48. Contact the Federal Trade Commission by visiting IdentityTheft.gov to report identity theft.
49. Freeze your credit and/or cancel your cards. Depending on the severity of the breach, act accordingly. If you notice unsolicited purchases are being made from either a debit or credit card, be sure to contact your provider as soon as possible to cancel the cards affected.
50. Watch your bank accounts and credit reports—if something seems off, contact your financial institution and the Federal Trade Commission.
By following all of these tips, you can help ensure that your information, identity, and devices stay safe as you surf the web.
Con artists cheat Americans out of billions of dollars every year. Recognizing red flags for potential scams can help protect you, your loved ones, and your hard earned cash.
Phishing
Phishing is when scammers pretend to be someone that they aren’t to gather sensitive information or access to a person’s funds through a credit card or bank account. Phishing can take many forms, including emails, texts, and even fake websites. Often, you’ll get an email or text informing you that there’s been a problem with your account or offering you a great deal from a company you know and trust.
Do not click on these links or enter your information. Navigate to a separate browser or even use a different device to go to the official website and review your account or check out the offer. Do not enter any of your information into a pop up or when prompted by an email.
Threatening Impersonations
Similar to phishing, scammers can also try to intimidate you into paying them by pretending to be a person in power. That could mean impersonating someone from the IRS, a debt collector, or anyone who demands you pay them immediately.
The IRS will never call you and ask you to pay. If you get a call claiming someone is from the IRS, hang up, and reach out to an official IRS channel to confirm if there is really a problem. You can find ways to contact the IRS at IRS.gov. When it comes to debt collection, you don’t have to take the person at their word either. You can research the collector and send a Debt Validation Letter.
Scammers try to intimidate you by creating a sense of fear and urgency, so that you’ll pay them or give them information before you have the chance to really think it through. If you ever get a call that does that, be suspicious.
Scams Targeting Seniors
Unfortunately, seniors are often the group targeted most aggressively by scammers. This means that they need to be extra cautious when answering the phone or browsing the internet and vigilant about keeping their information and money protected. One tactic that scammers can use is to claim to be or represent a family member or loved one that’s in trouble and needs money for an emergency. Seniors and anyone else who receives a call or email like this should always confirm the legitimacy of the cry for help before doing anything.
Malware or Ransomware
Some scams will install malware or ransomware on your device if you click on a link. That means that your device could be infected with a virus that steals your information or forces you to pay in order to get access to your files again. These links can come from popups, ads, posts on social media, emails, or even messages from the accounts of friends or family that have been hacked.
You should always be wary of clicking on any link that someone sends you unprompted, particularly if they use extremely generic language or don’t sound like themselves. If you do click on such a link and fear your device has been infected, you should have your antivirus software run a scan immediately and take any actions it suggests.
Affinity Fraud
Affinity fraud occurs when a dishonest person plays on someone’s affiliation with a group, such as a religious congregation, alumni association, support group, or social club, as a way to win his or her confidence. The goal is usually selling something, convincing someone to make a fake or inappropriate investment, or tricking a victim into handing over important information. The scammer may be an actual member of the group (even someone the intended victim knows or likes) or just pretend to be.
No matter who the person on the other end of the line is or claims to be, you should always be weary before giving them money or information. If they claim to represent the group and you want to support them, it’s often best to do so through official channels like their website to ensure that the money gets to the people you want to help rather than a scammer.
When You Encounter a Scammer
If you’re contacted by a scammer, the best thing you can do is simply ignore them—don’t answer their calls, delete their emails, and navigate away from a sketchy looking site. You should never give anyone information or send them money until you are sure that they are legitimate. If you’ve been contacted by a scammer, you can also report them to the FTC to help stop them from reaching out to you or others.
If you’ve sent money to someone you believe is a scammer, it’s best to act as soon as possible. Cancel the card, call your bank or credit union to inform them you believe your account information has been stolen, or reach out to an administrator or help line for the account. If the scammer has your sensitive information, such as your social security number, this site from the FTC can help you know what to do next.
Scammers are constantly changing and refining their attempts to take your money or information, to learn more about the recent scams that have been reported and to see more tips for keeping yourself safe, you can visit the FTC’s website.
1. Your Venmo balance doesn’t earn interest
Unlike money in your investments or savings account, your Venmo balance isn’t working for you. Rather than increasing in value over time, your balance remains the same no matter how long you keep it in the app.
Instead, putting that money into a high-yield savings account will allow it to grow. High-yield accounts currently offer rates as high as 0.6% APY.
2. Your Venmo balance isn’t insured
Unlike your bank account, your Venmo balance isn’t insured by the Federal Deposit Insurance Corp. If your bank were to go under, the government insures up to $250,000. But Venmo has no such guarantees.
That means that in the unlikely event that the service goes down, Venmo isn’t responsible for you getting back whatever funds you had sitting in your account.
It’s smarter to minimize your risk by not leaving any significant sums of money in the app.
3. Venmo transfers take time
Because Venmo reviews all of its transfers, you could be left unable to pay a bill because your funds are stuck in limbo.
Venmo says transfers typically arrive to user bank accounts within one to three days, but warns that reviews may cause delays. If rent is due and you don’t have access to your funds, that could be a big problem.
While it may be convenient to keep some cash in Venmo for quick transfers, keep the majority money safe and working for you.
Read the full article here: CNBC
Published Tue, Jun 29 20219:41 AM EDT Updated Tue, Jun 29 20211:29 PM EDT
Nicolas Vega
You got the job! Work from home and earn top dollar. They already sent you a big check to buy supplies. (“Send us whatever is left, probably around $1,000,” they said.) If your alarm bells are clanging — great. This dream job has earmarks of a job scam.
Last year, tens of thousands of people reported business and job opportunity scams to the FTC, making them one of the Top 10 frauds reported to the FTC in 2022.
The scams show up as offers to help you start your own business or earn big bucks working from home. Some are pyramid schemes in which promoters claim you can make good money by selling their products, but your earnings really depend on you recruiting new participants. Other scams are fake job listings or employment services aimed at tricking you into handing over your money and personal information.
In 2022, people told the FTC they lost $367 million to business and job opportunity scams, a nearly 76% increase from 2021. What’s more, the median loss was a whopping $2,000. Compare that to the $650 median loss for all fraud types combined in 2022.
There’s no sure-fire way to detect business or job opportunity scams, but these steps can help you decide whether an opportunity is the real deal or a scheme to get your money and personal information:
- Do your own research. Don’t accept any job offer until you’ve checked it out. Scammers pretend to be both well-known and smaller companies, posting jobs on employment websites. So, reach out to the company directly using contact information you know is legit.
- Never bank on a “cleared” check. No honest employer will ever send you a check and then tell you to buy supplies, gift cards, or something else and send back whatever money is left. That’s a fake check scam. The check will bounce, and the bank will want you to repay the amount of the fake check.
Read the full article at the Federal Trade Commission.
While scammers have the capability to make phone numbers look like they’re coming from your bank, or even change the caller ID, it is up to consumers to be discerning. It can be helpful to save your bank’s phone number, or the five-digit codes banks often use when sending text messages to customers.
The biggest piece of advice to consumers is to never respond to these messages or calls, and never click on any links. Taking the time to call your bank and confirm something is legitimate can protect you from falling prey to a scam – and also save you money and stress.
Scammers are also likely to make the situation seem urgent or ask you to send money to yourself using a digital wallet app or some other type of digital currency. Banks aren’t going to do either of those things, and these requests should indicate to consumers that they’re working with a scammer.
If you do receive a scam text or call, block the number, and report it. Both Androids and iPhones have the capability to report numbers as spam or junk, and numbers can also be reported to the FTC.
What Is Elder Financial Abuse?
It’s a crime that deprives older adults of their resources and ultimately their independence. Anyone who sees signs of theft, fraud, misuse of a person’s assets or credit, or use of undue influence to gain control of an older person’s money or property should be on the alert. Those are signs of possible exploitation. Older Americans that may have disabilities or rely on others for help can be susceptible to scams and other fraud. Advances in technology can also make it difficult for seniors to know who to trust and what’s safe.
Despite these threats, taking simple steps to safeguard personal information and being aware of warning signs can protect aging men and women from financial abuse.
Tips for Seniors
What should you do to protect yourself?
- Plan ahead to protect your assets and to ensure your wishes are followed. Talk to someone at your financial institution, an attorney, or financial advisor about the best options for you.
- Shred receipts, bank statements and unused credit card offers before throwing them away.
- Carefully choose a trustworthy person to act as your agent in all estate-planning matters.
- Lock up your checkbook, account statements and other sensitive information when others will be in your home.
- Order copies of your credit report once a year to ensure accuracy.
- Never give personal information, including Social Security Number, account number or other financial information to anyone over the phone unless you initiated the call and the other party is trusted.
- Never pay a fee or taxes to collect sweepstakes or lottery “winnings.”
- Never rush into a financial decision. Ask for details in writing and get a second opinion.
- Consult with a financial advisor or attorney before signing any document you don’t understand.
- Get to know your banker and build a relationship with the people who handle your finances. They can look out for any suspicious activity related to your account.
- Check references and credentials before hiring anyone. Don’t allow workers to have access to information about your finances.
- Pay with checks and credit cards instead of cash to keep a paper trail.
- Feel free to say “no.” After all, it’s your money.
- You have the right not to be threatened or intimidated. If you think someone close to you is trying to take control of your finances, call your local Adult Protective Services or tell someone at your bank.
- Trust your instincts. Exploiters and abusers often are very skilled. They can be charming and forceful in their effort to convince you to give up control of your finances. Don’t be fooled—if something doesn’t feel right, it may not be right. If it sounds too good to be true, it probably is.
What should you do if you are a victim of financial abuse?
- Talk to a trusted family member who has your best interests at heart, or to your clergy.
- Talk to your attorney, doctor or an officer at your bank.
- Contact Adult Protective Services in your state or your local police for help.
Tips for Family and Friends
What are the warning signs of financial abuse?
The key to spotting financial abuse is a change in a person’s established financial patterns. Watch out for these “red flags”:
- Unusual activity in an older person’s bank accounts, including large, frequent or unexplained withdrawals.
- ATM withdrawals by an older person who has never used a debit or ATM card.
- Changing from a basic account to one that offers more complicated services the customer does not fully understand or need.
- Withdrawals from bank accounts or transfers between accounts the customer cannot explain.
- New “best friends” accompanying an older person to the bank.
- Sudden non-sufficient fund activity or unpaid bills.
- Closing CDs or accounts without regard to penalties.
- Uncharacteristic attempts to wire large sums of money.
- Suspicious signatures on checks, or outright forgery.
- Confusion, fear or lack of awareness on the part of an older customer.
- Refusal to make eye contact, shame or reluctance to talk about the problem.
- Checks written as “loans” or “gifts.”
- Bank statements that no longer go to the customer’s home.
- New powers of attorney the older person does not understand.
- A caretaker, relative or friend who suddenly begins conducting financial transactions on behalf of an older person without proper documentation.
- Altered wills and trusts.
- Loss of property.
What should you do if you suspect financial abuse?
- Talk to elderly friends or loved ones if you see any of the signs mentioned here. Try to determine what specifically is happening with their financial situation, such as a new person “helping” them with money management, or a relative using cards or credit without their permission.
- Report the elder financial abuse to their bank, and enlist their banker’s help to stop it and prevent its recurrence.
- Contact Adult Protective Services in your town or state for help.
- Report all instances of elder financial abuse to your local police—if fraud is involved, they should investigate.
Remember
Never give your Social Security number, account numbers or other personal financial information over the phone unless you initiated the call.
For more information, check out the FBI’s elder fraud tips.
To read the full article from the American Bankers Association, please Click Here.