Showing posts with label Phishing. Show all posts
Showing posts with label Phishing. Show all posts

Don't let paying your taxes cost you (again).

Tax scams seem to crop up every year, both before taxes are filed (here's a list of ID theft tips we published before Tax day) and after, as Forbes has reported.

The latest scam (which has made the rounds over the years in different varieties), has thieves sending e-mails out to potentially unknowing customers, directing them to click on a link to rectify a problem with their return.

Of course, you may ask yourself why scams like this are recycled year after year, but the scary answer is the simple one:

Because they probably work.

Posted by Christine

Pass the Word

In April, Darragh discussed what Phishing is, and a couple of things that you can do to protect yourself. Well now, with GMail being hacked, it seems like a good idea to bring that up again, as a refresher, as well as to point out a great article in the Wall Street Journal about how to protect your Gmail account.

One of their tips is to use a "strong password." It's a tip that's been given in hundreds of locations, but what exactly does that mean? Well, a strong password is generally more than 12 characters, and uses capitalization, numbers and symbols. It also shouldn't be something that's connected to your life (for example, your dog's name).

Using strong passwords should be your normal course of action for every site you log in to, as should using a different password for every site you log in to. I suspect that a majority of people don’t do this.

Posted by Mike

Gone Phishing

Yesterday, Christine discussed a couple of reasons why folks in certain states may be more susceptible to ID Theft, and she mentioned specific types of people being more vulnerable to Phishing. As such, I thought it might make sense to discuss, in a little more depth, what exactly Phishing is, and hoe you can take steps to prevent being caught on the line.

Wikipedia opens it's page on Phishing with the following:

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

So, how does it work?

Thieves will create communications (perhaps an e-mail) that appears as though it is from a bank, and then send it to a load of people. Sometimes, it is very obvious that the e-mail shouldn't be handled (if, for example, you get an e-mail from a bank that you aren't a customer of, you likely won't read it or enter too much information).

However, when a thief hits his or her mark, the message that they send might go to a customer of the bank they are spoofing. In that case, how does a bank customer know if the e-mail they are receiving is from their bank or from a thief?

Here are a few things to keep an eye out for (I'll be discussing tips for e-mail phishing, but these apply to other types as well):

• Typos- many phishing schemes tend to come with grammatical errors or typos.
• Requests to verify information- Often, these e-mails come as some sort of request to verify account information (usually, there is a link asking for everything from your account number and password to your address). Note: Your bank should never e-mail you with this type of request.
• Blurred logos- Because thieves may have copied the logo from a bank’s website (or used a screen capture technology), it's possible that the logo they use in an e-mail phishing scheme will look slightly blurry or distorted.

Ultimately, the most important tip I can offer regarding phishing is this:

If you're not sure it came from your bank, call your bank using the phone number on the back of your credit or debit card, and ask them if the request is valid.

Posted by Darragh