Cyber crimes, like phishing, costs consumers, businesses, and the government billions of dollars every year. While only 9% of all information breaches involve the use of the Internet the Federal Trade Commission reports there were already almost 10 million victims of identity theft each year and the potential for fraud grows every day.
To counteract the growing threat, the Federal Trade Commissions maintains OnGuard Online, a web site that has information concerning Identity Theft, Internet Auctions, Spyware, Wireless Network Security, Phishing, Social Networking Sites, SPAM Scams, Online Shopping Security, Peer to Peer (P2P) File Sharing, VoIP (Voice Over Internet Protocol), and Cross Border Scams.
The OnGuard Online web site includes resources like videos, tutorials, and interactive activities to educate adults and children in the dangers of internet borne thieves and scammers.
We encourage all of our customers to visit OnGuard Online. We encourage you watch the videos and take the quizzes so that you will be better prepared for the new frontier of cyberspace. The world wide web is wonderful place with amazing potential. Just don’t get caught off guard by the bad guys.
Visit FTC OnGuard to learn more
Fraudulent investment schemes are often marketed by telephone salespersons armed with high pressure and sophisticated selling techniques. Some swindlers surround themselves with the trappings of legitimacy -- rented office space, a receptionist, investment counselors, and professionally designed color brochures describing the investment.
Seniors are a prime target for fraudulent investment schemes since many have saved a good amount of money for their retirement years. Fraudulent schemes require you to invest your money -- often lots of it. Most promise you either a large increase in the value of your investment or higher-than-market interest on your capital, or both.
These schemes are fraught with danger: in most cases, you will never again see the funds you invested. And you may not even receive the promised interest. If you do receive interest, you will often be paid late. Often, unbeknownst to you, your interest will be paid from the investments of others who are newly brought into the program in order to keep it alive. The swindler hopes these payments will allay any suspicions you might have as to the strength of your investment
Learn More about Investment Fraud
Throughout the year, and especially during the holiday season, you probably get appeals in the mail or by telephone urging you to contribute financially to a good cause. But the U.S. Postal Inspection Service warns those who want to give that there are plenty of fraud operators out there who are scheming for your money--and the last thing on their mind is charity. Not only do such come-ons bilk you of your money, but they also put money you intended for the needy into the hands of con artists.
What is Phishing?
Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security Number, passwords, or other sensitive information.
According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with – for example, your Internet service provider (ISP), your bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequences if you don’t respond. The message directs you to a website that looks just like a legitimate organization’s site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal you identity and run up bills or commit crimes in your name.
The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
- Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Use anti-virus software and keep it up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
- A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Finally, your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
Report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to firstname.lastname@example.org. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Web site to learn how to minimize your risk of damage from ID theft. Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam.
The FTC works for the consumer to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit www.ftc.gov or call toll-free, 1 (877) FTC-HELP (1 (877) 382-4357); TTY: 1 (866) 653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
Are you Ready for Vishing?
In a new twist, identity thieves are sending spam that warns victims that their bank account or PayPal accounts were supposedly compromised. However, unlike typical phishing emails, there is no website address in these phishing messages. Instead, the victim is urged to call a phone number to verify account details.
The automated voice message says: "Welcome to account verification. Please type your 16-digit card number." The goal is to get the victim to enter their credit card number. In these reported scams, no mention of the bank or PayPal is made.
Security experts tracking this scam and other instances of "vishing", short for "voice phishing", say the frauds are particularly despicable because they imitate the legitimate ways people interact with financial institutions. In fact, some vishing attacks don't begin with an e-mail. Some come as calls out of the blue, in which the caller already knows the recipient's credit card number. This increases the perception of legitimacy, the caller asks for the valuable three-digit security code on the back of the card.
Vishing appears to be prospering with the help of Voice over Internet Protocol, or VoIP, the technology that enables cheap and anonymous Internet calling, as well as the ease with which caller ID boxes can be tricked into displaying erroneous information.
Be Aware of Fraudulent Email
- Never call a number you receive from a spam email, and certainly don't enter in any private information if you make a mistake and do call. If you want to call your bank, use the normal phone number you regularly use, not the phone number you get in an e-mail.
- Arrowhead e-mail messages will not directly link you to an online application.
- Never click on the link provided in an e-mail you believe is fraudulent.
- Do not open an attachment to an unsolicited e-mail unless you have verified the source.
- Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
- If you believe the contact is legitimate, go to the company’s website by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the e-mail.
- Use the FTC (Federal Trade Commission) website, Consumers can take interactive quizzes designed to enlighten them about identity theft, phishing, spam and online-shopping scams. Elsewhere on the site, consumers can find detailed guidance on how to monitor their credit histories, use effective passwords and recover from identity theft.
Beware of Schemes that Sound Too Good to Be True
You’ve just won the Tanzania National Lottery! Even though you’ve never been there and Tanzania doesn’t actually have a national lottery. If you get an e-mail or a letter with a legitimate looking check, be careful. You may end up owing your bank a lot of money. Check scams have been around for a long time, but aren’t always as obvious as you may think. Visit FakeChecks.org and learn all about some of the most popular ones out there right now.