Posts Tagged ‘phishing schemes’

New FTC Website Helps Small Businesses Avoid Scams and Cyber Attacks

Attacks can be especially devastating to small businesses; Agency provides information on how they can protect themselves

PRESS RELEASE

May 9, 2017

At the direction of Acting Chairman Maureen Ohlhausen, the Federal Trade Commission has launched a new website – ftc.gov/SmallBusiness – with articles, videos, and other information aimed at helping small business owners avoid scams and protect their computers and networks from cyberattacks and other threats.

“Small businesses are critical to our economic strength, building America’s future, and helping the United States compete in today’s global marketplace,” Acting Chairman Ohlhausen said. “This innovative new website is a one-stop shop where small businesses can find information to protect themselves from scammers and hackers, as well as resources they can use if they are hit with a cyberattack.”

According to the U.S.Small Business Administration (SBA), there are more than 28 million small businesses nationwide, employing nearly 57 million people. Scammers frequently target small businesses with deceptive tactics designed to get them to pay for supplies they didn’t order, donate to fake charities or trick them into giving access to their network or downloading malware that can corrupt their business’s computers.

Cyberattacks can be particularly devastating to small businesses, and many of them lack the resources that larger companies have to devote to cybersecurity. Symantec Corp.’s 2016 Internet Security Threat Report(link is external) indicates the percentage of spear-phishing attacks targeting small business rose dramatically from 18 percent to 43 percent between 2011 and 2015.

The FTC’s new web page offers specific information to help small businesses protect their networks and their customer data. This includes a new Small Business Computer Security Basics guide, which shares computer security basics to help companies protect their files and devices, train employees to think twice before sharing the business’s account information, and keep their wireless network protected, as well as how to respond to a data breach. It also has information on other cyber threats such as ransomware and phishing schemes targeting small businesses. The FTC is continuing to work with the SBA on additional ways to help small businesses.

click image for “Ransomware – a Closer Look”

Advertisements

Answering these text messages could lead to empty bank accounts

CONSUMER FORUM

Posted Sept. 19, 2016, at 9:55 a.m.
gone-phishing

Click to access booklet

Customers at some Maine banks and credit unions have been receiving fraudulent text messages. The messages are from scammers falsely claiming that there’s a problem with the customer’s account or debit card.

You can guess at the rest. There are frantic-sounding instructions to click on a link or phone number contained in the message. Failure to do so will cause some horrendous problem with the account, card or the customer’s credit rating.

The fix is easy, says the text. Just type in your account or card information and any passwords that you can remember. The sender will take care of everything — like emptying your account or running up bogus charges.

The message seems to come from a customer’s financial institution. On its website, the Maine Credit Union League said members of at least two credit unions in eastern and central Maine appear to have been targeted.

The phony text message said their debit cards had been compromised and to call either 844-334-6152 or 844-611-0709. People who called either number were asked for their card numbers and CVV codes. Divulging that or other personal or financial information is a bad idea.

The superintendent of Maine’s Bureau of Financial Institutions says consumers should not fall for the hoax.

“Banks and credit unions will not text, call or email customers asking them to divulge account numbers, PINs or Social Security numbers,” Lloyd LaFountain III said.

LaFountain said if a consumer believes he or she has received a scam text, the consumer should:

— Not return the text or call the number provided.

— Never provide personal or financial information following such a request. Banks and credit unions will never request personal account information that way.

The Bureau of Financial Institutions has a consumer library containing hints about spotting and avoiding financial scams. There’s also a consumer specialist on staff who can answer questions about scams or accounts in general.

If you’re unsure after receiving an unsolicited email, call someone at the bureau, instead of clicking on anything in the message. The bureau’s phone number is 207-624-8570, and its website is maine.gov/pfr/financialinstitutions/index.shtml.

Maine’s Bureau of Consumer Credit Protection has published the Downeaster Common Sense Guide: Gone Phishing. It also contains tips to detect and avoid scams.

Find it online at Credit.Maine.gov; it’s listed under “Consumer Guides.” Call the bureau (1-800-332-8529) with any questions about protecting your credit.

The Federal Trade Commission also has a wealth of information on its website. Learn about phishing and other scams at consumer.ftc.gov/scam-alerts.

Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s all-volunteer, nonprofit consumer organization. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer, ME 04412, visit https://necontact.wordpress.com or email contacexdir@live.com.

“Gone Phishing” – WABI-TV

Video link

David Leach of the Maine Bureau of Consumer Credit Protection was in the studio with Russ Van Arsdale on Monday for this week’s Consumer Contact segment. They were speaking to Joy about a new anti-scam guide being released by the bureau. The guide is called “Gone Phishing” and it gives tips on avoiding all manner of scams and protecting your credit.

Order form for all Bureau publications

Publications available on-line:

Don’t take the bait: Avoid phishing scams

CONSUMER FORUM

By Russ Van Arsdale, Executive Director, Northeast CONTACT
Posted May 18, 2013, at 1 p.m.
 

There’s a kind of social engineering designed to part consumers from their hard-earned money.

It’s called phishing, and it’s become one of the most common scams. It was the fourth most common scam reported to the National Consumers League fraud center last year, and — when lumped in with all “imposter scams” — it ranked No. 8 in the top 10 frauds reported to the Federal Trade Commission.

Phishing involves a number of ways that con artists gain people’s trust and thereby gain access to their personal and/or financial information. Once that’s done, it’s a short step to stealing someone’s identity, cleaning out their bank account or otherwise wreaking havoc on their financial lives.

The director of consumer protection at the Consumer Federation of America says new phishing schemes are popping up every day.

“We want people to realize that it should be no different when someone approaches you online or by phone asking for that information,” Susan Grant said in a news release last week.

For whatever reason, some of us are more trusting of nameless, faceless people who hit us up by email or over the phone. Most of us would not think twice about refusing a request for personal information from someone who rang our doorbell; when that person makes an electronic approach, we might think twice.

That’s what the con artists want. They pretend to be someone they’re not: an employee of your bank, a government official or an officer of the company where you work. They call or email you with what sounds like a legitimate request for information; instead, it is a (sometimes) cleverly disguised way to get you to reveal your Social Security number, bank account number or other personal data that they can use.

The approach by telephone might be the easiest phishing attempt to ward off. You can simply say, “Sorry, I don’t do any business over the phone,” and hang up. It may be a little tougher when the come-on appears in your email.

It might say that you’ve left something off your income tax return: “Don’t delay your return — click here.” Or you may be asked for an account number “to pay the administrative fee on this prize you’ve won.” The variations are endless … and so is the phishing.

A common theme among phishing attempts: They are not what they seem to be. If you’re asked to click on a link, picture or anything from a source you don’t know, DON’T DO IT. You might be downloading malicious spyware onto your computer. You also could be redirected to another, unknown website where trouble awaits. A request to “join my social network” might really be a hook that someone is using to try to reel you in.


The Consumer Federation has a new video summarizing these and other helpful hints at www.consumerfed.org/fraud. If you think you have been a victim of identity theft, visit www.IDtheftINFO.org to find out what to do. There’s more information about scams and protecting your identity at the FTC website, www.consumer.ftc.gov.

Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s all-volunteer, nonprofit consumer organization. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer 04412, visit https://necontact.wordpress.com or email contacexdir@live.com.

Cyber thieves getting more sophisticated – Bangor Daily News

Cyber thieves getting more sophisticated – Bangor Daily News.

…If all of this sounds like ground we’ve covered previously in this column, it is. The troubling news is the cyber thieves’ increasing sophistication; They’re making their e-mails look and sound more professional. They’re using more deceptive cyber tricks to make you think they’re legitimate.

One common misdirect may show up in a link the thieves ask you to click. It looks as though it will take you to PayPal’s website, but not so. If you were to fill in all the requested data, clicking the link would send it to the thieves’ den.

Right-clicking on the message before reading it reveals the coding and shows that the e-mail came from “ppal,” not PayPal. Our e-mail message (which has been around the world over the last several months) urges the reader to consult the “help” section of the real PayPal website. Nice touch.

PayPal is a favorite shield the thieves use because of its popularity and success.

PayPal publishes information warning customers about such phishing schemes.

For advice on this and other cyber scams, you may want to visit www.hoax-slayer.com. It contains tips on dealing with suspicious e-mail and many types of Internet hoaxes.

Defeat would-be thieves by keeping sharp – Bangor Daily News

Defeat would-be thieves by keeping sharp – Bangor Daily News.

…If you’re a customer of a bank, credit union or other business named in a phishing attack and feel your information has been compromised, you should contact the customer service department. You also may want to notify local police. While phishing attacks are widespread, police may not be aware of a particular incident until someone lets them know it’s going on.

Thieves are polishing their phone techniques as they find new ways to take your money. Social engineering refers to all the ploys that a caller might use to convince you that 1) the call is legitimate, and 2) you should give the caller whatever information is requested. DON’T FALL FOR IT. Real businesses don’t work that way.

Neither do government agencies. Some phish scammers mail official-looking envelopes containing information-seeking letters; these crooks have no right to ask for information of any kind from you. Simply throw their letters away and notify police and postal inspectors of the fraud.

Be suspicious of any letter, e-mail, text message or phone call that’s not a response to an inquiry by you. The crooks are working overtime to avoid doing something productive; don’t be their victim.

%d bloggers like this: