Tag Archives: Preventing Identity Theft

14 Tips to Avoid Cyber Monday Scams

Posted on by
2

cyber-monday-discountIn the frenzy of limited time offers, last minute sales and one-click shopping, it can be difficult to stay secure while you shop online, particularly on days like Cyber Monday.

Consumers spend about 1.5 billion dollars on Cyber Monday. Coupled with the boom in sales is a predicted increase in the amount and severity of online scamming and data theft.

Will Pelgrin, CEO of The Center for Internet Security (CIS), a non-profit organization focused on improving the cyber-security posture of both the private and public sector, shares a few helpful tips about staying secure online this season.

1. Don’t Click on Pop-up Ads

Though it may seem obvious, malicious pop-up ads still pose one of the largest threats to web shoppers. According to Pelgrin, studies have shown that a large amount of consumers will click on the “ad” regardless of its message. Be mindful of what pop-ups say, it could be evidence of a security threat.

2. Keep Software Up-To-Date

Though many systems automatically update your software as new features become available, it’s important to keep your programs as current as possible. To avoid security holes, update apps and software minimally once a week, as newer versions appear.

3. Use Strong Passwords

An essential part of online security in any sense is using strong passwords. This means no birthdays, dog names or variations of “1234” for any of your accounts. For help making a strong password, check out this guide: How to Create a Secure Password.

4. Install Antivirus and Anti-Spyware software

When shopping, you don’t want others to be able to track what sites you’re visiting and what information you’re entering online. It’s important to make sure you have antivirus software installed on your computer to protect your sensitive financial information.

5. Enable ‘Timeouts’ on Mobile

According to Pelgrin, more and more consumers are doing the bulk of their holiday shopping on mobile phones. If you’re one of those consumers, make sure to enable a lock screen password, in case your device is lost or stolen. “If your phone isn’t timed out, you’re leaving the keys to your kingdom to whoever picks it up,” says Pelgrin.

6. Use a Secure Connection

Pelgrin recommends that any and all online financial transactions take place through a secure, private Wi-Fi connection, as opposed to using the more vulnerable free Wi-Fi in a coffee shop or library.

7. Avoid Email Advertisements

Your inbox is likely swarming with holiday promotions from all of your favorite (and likely least favorite) brands. To avoid being hacked, the CIS recommends you always enter the shop’s URL in your browser, rather than following the links contained in an email.

8. Shop at Companies You Know

Before you buy from a merchant on Amazon, Etsy or Ebay, check their rating and number of sales. Make sure they have good return policies and clearly posted contact information. If worried, you can always check on a businesses legitimacy through the Better Business Bureau.

9. Use Credit, Not Debit

“There are more security protections on your credit card that may not exist while using your debit card, should your info be taken,” says Pelgrin.

10. Ensure Your Site Is Secure

If you are entering your financial information on a webpage, make sure the URL begins with “https” as opposed to “http” or has a lock in your browser’s search bar.

11. Be Wary of Charity Sites

Though the holidays are frequently the most popular time to make donations to charity, Pelgrin urges consumers to check the legitimacy of your charity’s website.

“Fraudulent sites pop up during disasters and holidays like clockwork. Be alert,” he says.

12. Check Your Location and Privacy Settings

Many apps and websites will automatically share your GPS location by default. Sometimes, apps will change your settings once downloaded. Check what services your downloads have access to in your phone’s privacy settings.

13. Check Your Statements Frequently

According to Pelgrin, some hackers will do very low level theft once obtaining your information, charging small amounts to your credit card to avoid detection. Stay on top of your account statements and keep a record of how much you spend and where.

14. Add Browser Extensions and Security Apps

Pop-up blockers and malware detection extensions will add an extra layer to your security this season.

Happy Safe Shopping!

Click here to view the article source by Max Knoblauch of Mashable.

new%20ncua%20disclaimer-resized-600

5 Ways Consumers Can Protect Themselves in 5 Minutes

Posted on by
Reply

Most consumer protection tips tend to be reactive — telling you how to spot a scam email, for instance, or respond to a collections call. But there are also certain proactive steps you can take right now to head off fraud before it even takes place.

Here are five actions you can take to protect yourself as a consumer, all of which should take less than five minutes to complete.

1. Turn on Two-Step Verification on Your Email

Security experts will tell you that you should have a different password for every online account you open. But anyone who uses the Internet on a regular basis knows that this is virtually impossible — you likely have dozens of accounts ranging from bank accounts to email to social media to news sites, and you access them on multiple devices.

You have a few options here. One is to use a few strong, unique passwords for your most sensitive accounts and then repeat passwords for non-critical accounts. A better choice is to use a password-management tool like LastPass; you’ll only have to remember one master password, and the program will generate high, uncrackable passwords for all of your accounts.

But whichever route you choose, there’s one easy step that you should take now: Enable two-step verification on your email.

Email is in many ways your most important account: When you forget a password to one of your other accounts, the password reset link will be sent to your email. If someone takes over your email, they can reset all the passwords to your other accounts and take them over.

Fortunately, email providers like Gmail now offer what’s known as two-step verification. Enabling this feature means that if someone tries to access your email account from a different computer than you usually use, they’ll need more than just your password — they’ll also need a second one-time password that’s sent to your mobile phone. So unless the hacker has also gotten a hold of your phone, they’ll be unable to get into your account.

Two-factor authentication can be set up in less than 5 minutes. We’d recommend putting it in place for your email and bank accounts.

2. Get on the Do-Not-Call List

If you’re being harassed by a telemarketer, you can always block the call. But let’s be honest: You probably don’t want to hear from any telemarketers, ever, so you might as well exercise your right to block them forever.

If you didn’t get on the do-not-call list when it first came out, don’t fret: You can do it any time, and you can add up to three numbers, including your cell phone. The registration does not need to be renewed unless you get a new phone number.

You can register in less than a minute at DoNotCall.gov or by calling (888) 382-1222. And one final word of warning on the subject: If you get an unsolicited phone call offering to add your number to the registry for a fee, it’s actually a scammer. The government doesn’t allow private companies to register people for the list, and registration is free. Such cons are either trying to make a quick buck, or trying to get you to hand over your personal information.

3. Get a Free Credit Report

According to the FTC, 42 million U.S. consumers have errors on their credit reports they don’t know about. Those errors can lower your score, reduce your eligibility for loans and credit cards, and cost you a good chunk of change on a home loan.

You can’t get rid of those errors until you know about them. Fortunately, you’re entitled to one free credit report every year from each of the major consumer credit reporting agencies (Equifax, Experian and TransUnion). You can get that free credit report at AnnualCreditReport.com.

But keep in mind that getting your credit report once a year arguably isn’t often enough, as you’ll want to dispute erroneous items on your report as quickly as possible.

“We think checking your credit report once a year, an often recommended interval, is insufficient for most people,” says Erik Larson of NextAdvisor, a site that reviews credit cards, Internet providers and other consumer services. “An identity thief can wreak havoc on your credit in a matter of days, much less an entire year.”

With that in mind, Larson recommends signing up for a credit-monitoring service, many of which provide identity theft protection and monthly updates on your credit score.

As an alternative, you can space out those three free credit reports, one from each bureau, ordering one free report every 4 months. Not quite as proactive a choice as a credit-monitoring service, but it’s free.

4. Set Up Alerts on Your Bank Account

If there’s a fraudulent charge on your bank account or credit card, you have 60 days to spot it and report it. As such, simply looking at your bank and credit card statements every month should still give you enough time to successfully dispute bogus charges and get your money back.

But if someone gets a hold of your credit or debit card number, you really don’t want to let them spend a month running amok. That’s especially true when it comes to fraud on your debit card — if you don’t spot it right away, you could wind up with an empty checking account, leaving you broke until the situation is resolved.

That’s why Miranda Perry, staff writer for online complaint resolution site Scambook, says that consumers should set up alerts on their bank accounts to notify them of unexpected charges.

Financial institutions and credit card issuers have safeguards in place to spot truly unusual activity — a $2,000 shopping spree, for instance, or a sudden charge halfway across the world. But setting up custom alerts allows you to use your knowledge of your own spending habits to provide an extra layer of protection. For instance, if you’re conscientious about keeping account balances over a certain amount, you can set up an alert to trigger any time your balance falls below that level.

The alerts take just a few minutes to locate on your online banking site and set up.  If you have questions about setting up alerts on your accounts within First Financial’s Online Banking, please give us a call to help walk you through the steps at 732.312.1500.

5. Set Up a Google Alert for Your Name

Credit monitoring and bank alerts can help secure you against threats to your finances. But what about threats to your reputation?

Rather than Googling yourself every day looking for any incorrect (or incriminating) information about you, just take 30 seconds to set up a Google alert. Then, any time your name pops up on a blog, news site or other search result, you can get an email.

If you find information about yourself that you’d rather not have floating around the Web, Google provides a basic primer on getting it removed. Understand, though, that you can’t demand that Google remove a search result just because you find it unflattering. Unless the result is somehow in violation of the law or Google’s terms of service, you’ll have to go directly to the website hosting information to request its removal. Only if the page is amended or removed can you then go to Google and request that they remove it from the search results.

Let’s be honest, though – have you checked your social media privacy settings recently? You want to make sure your profiles are not visible to the public to see. As such, one final five-minute task we’d recommend is to manage your privacy settings on Facebook and any other social network where you have a profile.

Article Source: http://www.dailyfinance.com/2013/03/06/consumer-protection-week-tips-advice/ 

You Thought You Were Safe? 6 Myths and Realities of Online Security

Posted on by
Reply

Even at the best of times, surfing the Web involves a delicate dance between security and freedom. After all, while you have the freedom to visit any site in the world, the thought that your favorite website might be infected with malware can put a dent in your plans. When it comes to privacy on the Internet, nobody is completely secure.

For years, security experts have offered a more-or-less unchanging menu of advice. But do things like shredding your documents and changing your passwords really keep you safe? Bo Holland, founder and CEO of identity theft protection company AllClearID shared his thoughts on the most important moves for ensuring your safety … as well as the ones that aren’t quite as important anymore.

  1. Shredding: For years, security professionals have emphasized the importance of shredding your personal documents before you throw them out. But Holland notes that shredding isn’t as much of a priority as it used to be. “There aren’t nearly as many documents with personal information out there as there were even just two years ago,” he explains. “These days, it’s much easier to get your information off your computer.”
  2. Strong Passwords: Passwords are your first line of defense against intruders. But, as Holland points out, even the most careful people sometimes have password breaches. “I’ve helped chief privacy officers from health care and security firms,” he notes. “If they’re getting hit, then anyone is vulnerable.” While Holland notes the importance of having a good password, he emphasizes that the most important thing is paying attention to password breach notifications. If you hear that one of your passwords may have been breached, he counsels, change it immediately. And, because many of your accounts may be linked, he notes, it’s not a bad idea to change the rest of your passwords as well.
  3. Keep on Top of Updates: One piece of advice that you don’t often hear is to keep on top of software updates. But, Holland argues, updating your operating system, your software, and your security programs is one of the easiest and most important ways to ensure your security. Software companies spend a lot of time and money trying to stay ahead of online intruders — it only makes sense to take advantage of their work.
  4. Double Check Your Financial Institution: Even if you are convinced that your security is state-of-the-art and your password is unbreakable, it never hurts to double-check your most sensitive accounts. Holland suggests regularly checking your financial and credit card statements to ensure that there aren’t any inappropriate charges on your accounts.
  5. Set Email and Text Alerts: When a breach happens, a fast response can mean the difference between a minor annoyance and a major pain in the neck. With that in mind, Holland suggests talking to your financial institution about having transaction alerts placed on your account. Every time your account is credited with a transaction over a particular amount — $50, for example — your financial institutions will send you an e-mail or text notification. If it’s an expected transaction, you can discard the message; if not, you’ll be able to respond immediately.
  6. Check Your Free Credit Report: Every year, you are entitled to a free credit report from each of the reporting bureaus. Holland suggests taking advantage of this free service, noting that your credit report is a great way to track your outstanding debts and ensure that nobody is trying to open false accounts in your name.

*Click here to view the article source.

new%20ncua%20disclaimer-resized-600

Smishing – An ID Theft Scam

Posted on by
Reply

Have you been “smished” lately? Be on the alert for text messages with links — they could be an ID theft scam known as smishing.

Similar to phishing (which involves email), smishing uses cell phone text messages to deliver bait that’s intended to get you to divulge personal information. Smishing may involve winning a prize or a message that contains something that requires your immediate attention — the link tells you to “click here.” If you click on the infected link, it downloads malware that allows the bad guys to gain control of your device remotely. They can then use your phone from anywhere in the world to access your banking information, credit card data and the like.

What to do:
If you receive a text message that asks for sensitive information –

  • Do not reply to the message.
  • Do not click on any of the links that may be embedded in the message.
  • Contact your carrier’s privacy or fraud team. If their company name or brand is used in efforts to fraudulently obtain personal information, they may choose to pursue legal action.
  • Contact your financial institution to be sure your accounts have not been compromised.

Visit the FTC Identity Theft website to learn more about how to minimize damage from identity theft. If you believe that you have been a victim of a smishing scam, you can file an online complaint with the Federal Trade Commission’s Report Fraud webpage. You can also call the FTC toll-free at 1.877.FTC.HELP (1.877.382.4357).

Bottom line: Avoid clicking!

Save someone from getting smished:
As technology provides new ways to expose and defend against familiar scams, clever con artists devise new ones. Please share this with loved ones and friends — smish be gone, pass this on!

If you notice any fraudulent activity on any of your First Financial accounts, contact us by calling 732.312.1500, emailing info@firstffcu.com or stopping into any one of our branches.

Article Sources: http://www.andersoncooper.com

Online Shopping Tips to Prevent Fraud this Holiday Season

Posted on by
1

Xmas timeCyber Thieves are officially out these days to steal your credit card information or any other private personal information they can intercept as you shop online during the holiday season. Ongoing awareness of these scams is critical so that you are cautious and informed in order to protect your personal and financial information.

Take a few moments to read over these tips to ensure your financial and personal security:

  1. Be extremely careful when using free Wi-Fi hotspots to shop online, as you may be watched by data sniffers.
  2. Only shop on secure, reputable Websites that: A. You know via other means (the press; you shop at their store) B. Look for “https” in the URL, C. The Website has a small padlock icon in the bottom right corner of your browser or the URL turns green, signaling a “safe” site.
  3. Never offer more personal information to online stores than absolutely necessary (e.g., Social Security numbers, bank account numbers, passwords, PINs).
  4. Never use the same password across multiple Websites, and do not use your name, pet’s name, birthdate, dictionary word or other easily guessed attribute as a password. Use a combination of letters, symbols and numbers and vary upper and lower case.
  5. Leave suspicious Websites immediately (that ask for more information than normal or require you to double enter information).
  6. Do not respond to emails, text messages, and phone calls that advertise the sale of gift cards, holiday gifts, promotions, contests and jobs – unless it’s a reputable company or store you frequently shop at and you know it’s a legitimate advertisement.
  7. Log out of your online accounts when you are not actively shopping, and password protect your smartphone, tablet and laptop in case they do go missing.
  8. You should ensure your home computers are secured with a firewall and antivirus software before performing any online transactions. Operating system patches should be downloaded when made available by software vendors. Make sure you also protect mobile devices (mobile phones, tablets, etc.) used to conduct online transactions by installing anti-virus software.
  9. Use automated account alerts and frequently monitor your credit card charges and bank balances, allowing you to catch fraud immediately.
  10. Only cyber shop on a non-public (e.g., not in a library) computer with a secure Internet connection, updated anti-virus software and up-to-date operating system.
  11. Try to avoid tempting holiday offers, such as free downloadable applications for smartphones, anti-virus software, screen savers, ring tones and electronic greeting cards, which may be infected with viruses and/or malware.
  12. Only donate to known charities and only when you have initiated the gift. Never send money (via check, cash or electronically) based solely on a wall post, email or phone call. Respond to such correspondence by contacting the charity on a reputable phone number or Website.
  13. If you shop on auction sites like Craigslist or eBay you unfortunately you might purchase merchandise that will never be delivered. Be sure to follow the best practices published by Craigslist and other public auction websites to avoid scams.
  14. Fraudsters often place bogus advertisements for free prizes on social media like Facebook and Twitter. We urge you to not respond to these advertisements.

If you take these tips to heart, you will not only save yourself the stress of shopping in person, you won’t have to think twice about doing your holiday buying online. It is crucial that you immediately report any unauthorized transactions to First Financial if you notice any fraudulent activity on your accounts. You can contact us by calling 732.312.1500, e-mailing info@firstffcu.com or stopping into any one of our branches. You can also report scams to the Federal Trade Commission or call toll-free 1.877.FTC.HELP (1.877.382.4357).

Alert: Credit Union Members Recruited as Money Mules

Posted on by
Reply

alert-resized-600What is a Money Mule you may ask? A Money Mule is a person who transfers stolen money or merchandise from one country to another, either in person, through a courier service, or electronically. The term is commonly used to describe online scams that prey on victims who are unaware that the money or merchandise they are transferring is stolen. As a precaution, First Financial wanted to alert our members that there have been several reports of credit union members across the country being recruited as Money Mules, and unknowingly assisting fraudsters in laundering stolen funds. We want you to be aware of this scheme and to report any suspicious activity to your local authorities immediately.

Alert Details

Money Mules unknowingly assist fraudsters in laundering stolen funds. The source of the stolen funds received by the Money Mules is often from account takeovers at other financial institutions through online banking systems.

Money Mules are most often recruited through bogus job offers for payment processors, financial managers, or overseas representatives. Fraudsters typically find their potential Money Mules by searching websites where job seekers post their resumes. A key consideration in accepting the position is the ability to work from home.

Upon accepting the job, the Money Mules are notified they will receive deposits to their accounts via ACH and/or wire transfer. In some cases, the money mules are instructed to open an account at a financial institution in order to receive the funds. The Mules are instructed to not share details of their new job with anyone. Upon receipt of the funds, the Mules are instructed to either wire the funds to an account at another financial institution (foreign and domestic) or send the funds to individuals via Western Union. The Money Mules keep a portion of the funds deposited to their accounts as wages.

The deposits made to the Money Mule accounts via ACH and/or wire transfer are actually stolen from deposit accounts at other financial institutions and investment accounts held at brokerage firms. Using sophisticated banking Trojans, fraudsters steal the login credentials of online banking users and investors who access their investment accounts online. The fraudster logs into the account and transfers funds.

If you’ve fallen for the scam and become a Money Mule, here’s what has gone wrong:

  • You’re receiving stolen money. This may be through bogus sales from online auctions or the proceeds of phishing, where crooks have obtained victims’ bank details and are transferring their cash to your account (which is why they often want you to open an account at a particular bank — the same one as their victims).
  • It may even be cash from a crime that the crooks just want to get out of the country. Or someone just sends you a bogus check that you bank and then forward.
  • You’re taking a cut of the proceeds of crime and transferring the rest via an untraceable money wire to a crook.
  • You’ve given away your own personal information in that phony employment contract you signed, leaving yourself open to identity theft.

Although easy-money job offers sound so inviting, you do not want to become the real perpetrator of this crime. So here are some ways to make sure you DO NOT become a Money Mule:

  • First and foremost, money forwarding jobs like this don’t exist. Period. There is no law preventing global companies from directly transferring money from one country to another.
  • Never accept payments from anyone and then transfer part of the proceeds by money wire.
  • Don’t open a new bank account to receive money from people you don’t know.
  • Scrutinize the name of the company offering employment. Go to a site like DomainTools.com and check out when the website was registered. If it’s a scam, it’ll probably be within the prior 28 days.
  • Check the advertisement or email for poor language and grammar.

Please contact our Member Service Center at 732.312.1500 if you suspect any fraudulent activity on your First Financial accounts.

Contributing Article: http://www.scambusters.org/moneymule.html