Tag Archives: scammers

Online Holiday Shopping 2015 – Is That Website Trustworthy?

Bad SantaAfrican-Americans all over the county are about to dive into the holiday  season to exercise close to a trillion dollars in buying power.  And you can bet a lot of that money will be spent online this season. So the question black people should be asking is; Is that website trustworthy?

Internet holiday shopping scams cost Americans more than $50 million in 2014. Much of the holiday scams involved phony sales from dubious websites. These websites offer hard to believe prices. The old rule still apples; if it sounds too good to be true then it probably is.

So how can you tell if a website is real or not? First lets start with one of the oldest tricks in the book, fake or replica websites. Cyber criminals are very, very good at creating websites that look exactly like legitimate online stores. You may find one by accident or it may arrive in you email inbox. Cyber criminals will send out emails that lure unsuspecting consumers to their fake website that look exactly like Walmart.com or Amazon.com  or any of the popular online stores. The email may say that you have been selected for a special sale for a limited number of customers. You will find prices you won’t believe and you may even click on the link. Here is where you get taken. That link will take you to a website that looks exactly like Walmart.com but it won’t be. Look closely; the URL or website may read Wall-mart.com or Wallmart.com or Amozon.com or something very similar to the real site but designed to trick you. Be aware! Examine the URL or web address of the website carefully for anything that does not look right. Hover you cursor over the ink and look at the web address that pops up. This is a classic scam that robs thousands of people every holiday season.

If you enter your credit card information into one if these fake websites you can bet your card will be maxed out in a matter of hours.

Smart shoppers will explore the Internet for the best bargains. And these consumers will find good deals but may question the website’s trustworthiness. Fortunately there are websites that specialize in measuring website trustworthiness. Start by learning how to identify a trustworthy website here.

logoOne of the top website trust services is ScamAdviser.com. The site is easy to use and interpret and can save you money and headaches. Simply enter the web address into box and click on ‘Check It Now’. The site will return a grade on a sliding bar that will tell you exactly how trustworthy the site is. You can see what other people have been checking by clicking on the ‘Recent Checks’ menu tab. Click on the ‘Risk Sites” tab and see instantly the websites that have been labeled risky or untrustworthy. If you have a question or interest you can find answers under the ‘Forums’ tab .

Be aware that the FBI has already warned consumers that cyber scammers will be out in force this holiday season. And again the FBI warns about deals that seem too good to be true.

The FBI warns consumer of some very common tricks. These include, as was mentioned earlier, sending phishing emails advertising hard-to-get items. If you get caught in this scam it could end up costing you more than money. You could see your holiday season go down the toilet by having all your personal and credit card information stolen. And beware of  social media traps. These traps work by offerings free $500 gift cards seemingly posted by a friend. The truth behind this trap is that your friend’s account has probably been hacked and the hacker is looking for more victims.

 Now you know.

 

 

 

 

ALERT! Phony Calls From VISA Card Services ALERT!

visa-full-colour-reverseCurrently there is a clever fraud scheme that is striking VISA card holders in the midwest. Card holders are receiving calls from criminals claiming to be VISA Security and Fraud Department. The scam works like this .

1) Person calling says – “This is (name) and I’m calling from the Security and Fraud Department at VISA. My Badge number is (xxxxx), your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of bank).”

2)  They ask; “Did you purchase an Anti-Telemarketing Device for $497.99 from a marketing company based in Arizona?” When you say “No”, the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching, and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards.” Before your next statement, the credit will be sent to (gives you your address). Is that correct?’ You say “yes”.

3) The caller continues – “I will be starting a Fraud Investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security. You will need to refer to this Control Number.” The caller then gives you a 6 digit number. “Do you need me to read it again?”

4)  Here’s the IMPORTANT part on how the scam works – The caller then says, “I need to verify you are in possession of your card.” He’ll ask you to “turn your card over and look for some numbers.” There are 7 numbers; the first 4 are part of your card number, the last 3 are the Security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the last 3 numbers to him. After you tell the caller the 3 numbers, he’ll say, “That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?”
After you say no, the caller then thanks you and states, “Don’t hesitate to call back if you do”, and hangs up. You actually say very little, and they never ask for or tell you the card number.

The scammer is after the 3-digit PIN number on the back of the card. For online purchases they need this number to verify they have the card in their possession. If you are a VISA card holder you should understand that VISA has all this information. Consumers need to know that VISA will not call or e-mail cardholders to request their personal account information. Report suspicious calls or emails by calling the number on the back of your payment card or by contacting the FTC’s Complaint Assistant. Cardholders should also know that Visa’s zero liability fraud policy ensures that they are not held responsible for any unauthorized purchases.

If you get a call like this and you suspect something is amiss hang up and call the company back. Never give your credit card information to anyone you are not certain of.

Finally; how did the scammer know your name, address, bank and credit card number? Scammers do their homework on targeted victims or buy stolen or hacked information on black market websites. That information often comes from data breaches.

To learn more about protecting yourself visit the VISA website and test your security IQ. Or call the Visa Global Customer Assistance Center at (800) 847-2911

ALERT! – Phishing Email Scam hits LinkedIn – ALERT!

Scammers are phishing for LinkedIn members log in credentials by sending emails that are supposed to be from LinkedIn Support.

Symantec Senior Security Response Manager  Satnam Narang wrote about the phishing campaign observed over the past week.

In the post Narange stated; “The body of the email claims that irregular activities have prompted a ‘compulsory security update’ for the recipient’s LinkedIn account.”

Instead, opening the attachment leads to a website, which looks like a legitimate LinkedIn login page, he said. The scammers have changed the websites source so that the login and password credentials are sent to the scammer.

Victims are duped into believing the email is authentic by using a lowercase ‘i’, as opposed to an uppercase ‘I’ in the bogus LinkedIn address.

Symantec pointed out that the scammers used HTML attachments in order to bypass browser blacklists. These black lists serve to keep users off phishing websites. Narang stated the best defense against this scam is to  implement LinkedIn’s two-step verification for improved login security.

“With two-step verification enabled, even if a user’s credentials are compromised, an attacker would not be able to log-in without having access to the user’s mobile phone,” he said.

If you believe that you have been scammed and you credentials are compromised then please change your password immediately and notify LinkedIn support.

Reacting to Online Fraud

You want to see a black person mad? Have them pay for something and not get what they paid for. Fraud is a reality whenever you shop online. And nothing is more frustrating than not knowing who to call when you discover you have been ripped off.

According to the  FBI’s Internet Crime Complaint Center or IC3 there were 262,813 complaints of Internet crime filed with the agency last year alone. Of that number 119, 457 or 45% reported actual financial losses. So how much money was lost to online fraud in 2013? How about $781,841,611! Yeah; I used an exact number because you need to see exactly how much money the criminals are raking in. The average victim lost $2,975  to online fraud. Again, exact numbers. You can see all the stats in the IC3 2013 Internet Crime Report.

Imagine how much larger those numbers would be if all the crime was actually reported. It is believed that as much as 15% of online fraud is never reported because the victims are just too embarrassed. 

Shopping or conducting business online is fairly secure if you take the right precautions. But what if you lose money to a fraud or scam? Who do you report it to? First let me say this; if you call your local police they may be woefully untrained on how to handle a cyber crime. Its not their fault. Investigating cyber crime is a specialized task that is beyond their pay grade. If you got ripped off by a fake charity that comes to your door they may be able to help. But a cyber crime that may originate half a world away is just out of their league.

One of the most common scams that strike people online is the phishing attack.  A phishing scam is when a cyber criminal tries to trick you into revealing potentially valuable information. The same information that was stolen from JP Morgan.

The criminal will create an email that is a near perfect duplicate of an email from your bank or other trusted source. The email may warn you about a potential security incident then provide you a link to click on for further information,  or to go to the website or a security patch or something like that.

If you click on the link one of two things are going to happen. You may be taken to a duplicate website and asked for your user name and password. Or you may download some form of malware that could steal valuable information. Most banks and other financial institutions do not communicate this way. My advice is never, ever click on a link you are not absolutely certain of what it is.  But if you do…

1) Forward the phishing email and link along to the company being imitated. If they impersonated your bank or other financial service provider make sure you let the bank know and forward the email to them as well.

2) Contact your local law enforcement and at least complete a police report. Also report the incident to the Internet Crime Complaint Center or IC3.

3) Remember that a paper trail is your best friend. Your bank or credit card company keeps excellent records. You should too. Keep a record of all the calls  you make and to whom you spoke with, your statements with the suspicious transactions and any other correspondence or documentation required.  If enough people report this scam it could trigger a community alert. Inform a government consumer protection agency or relevant tech firm.    

4) Delete the message once you’ve done all this and add the email address to your spam folder so you never have to see it again.

Most legitimate online shopping sites will offer a way for customers to dispute a sale or charge or report fraud of any kind.

For example if you get caught up in PayPal themed phishing campaign you will need to contact PayPal’s fraud department.  Do a simple web search for PayPal Phishing or PayPal Fraud. Remember that these cyber criminals can craft an absolutely flawless copy of a PayPal site or email so don’t click on or respond to anything suspicious. Once you are in touch with the real PayPal they will tell you exactly what to do. Nearly every bank and online merchant will have a procedure to report phishing and fraud. Use it. And the next question is; if they don’t why are you doing business with them?

I shop online regularly. And I worry about what happens if I don’t receive what I ordered. This rarely happens. But what if it did?

Disputing charges or an order is a skill you have to master if you shop online. You have to learn who and how to report it. How to return it and if necessary how to get your money back? Or what if you are overcharged? You need to learn how to dispute and get the correct product or money back.  Here are some effective steps for dealing with disputed or fraudulent transactions.

1) Contact the organization where the charges are coming from. Most legitimate organizations  have a fast and efficient system to help the customer. They want to correct the situation as soon as possible. And they will. These merchants will provide return shipping and refunds if the order or the price is not right. I have even returned items and got a coupon for the next time I shop on their site. They want your business.

2) But if that’s not the case or doesn’t solve your problem, contact your bank or credit card provider. You may be able to block the charges or even get your money back. Some credit card issuers and banks have fraud protections for their card holders. Merchants take notice when the bank or a credit card company calls. They don’t want that kind of trouble.

3) You may need to contact law enforcement or the Better Business Bureau or the IC3. Don’t hesitate if you think you’ve been ripped off. And don’t be afraid to take to social media and let them have it! You’ll be surprised what happens if you send out a Tweet.

Sites like eBay and Amazon are market providers. They simply create the online site where people sell directly to each other. There are many sites that specialize in providing a marketplace for buyer and sellers. Some online marketplaces carry very specific or unique products and others carry just about everything like Craigslist. A very dangerous place if you don’t know what you’re doing and how to protect yourself.  Now eBay and Amazon and many other online marketplaces are very diligent at protecting their customers and their reputations. But using these sites means you have to protect yourself.  Learn how they fight fraud before you get involved with them. eBay has an excellent system in place to judge the sellers on their site and are very responsive to complaints. Same for Amazon. Learn how to use their systems. But if something does happen you’ll need to follow their specific instructions for handling fraudulent sellers. Amazon and eBay are definitely ready to fight fraud with you and for you. 

Remember there are ways to fight online fraud. You have to educate yourself to spot it before it happens and how to react when it does happen. There is no software that is going to do the job for you.

Now you know

 

Shopping Online? Think Credibility and Security

canstockphoto18667912Buying online. Its called e-commerce. African-Americans have gone from Black Friday sales to Cyber Mondays online. Online shopping is perfectly natural. You probably never even think about it, you just do it. Even with all the hacking and and identity theft going on millions of black people, like myself, will go online to find the best price on the product we need or want.

But before you shop you need to trust the website you’re dealing with. Website credibility means money for the merchant. But no credibility means you could get taken. Happens everyday. So I’m gonna say it again even though I’ve said it a thousands times already; Black people don’t play when it comes to our money.

Before I get into e-commerce credibility I want to talk about our credibility. African-Americans are a powerful consumer segment. According to research done by the Neilsen Company. Black buying power will reach $1.1 trillion by 2015. Yes, I said TRILLON! And that number will only grow. Neilsen says our buying power will reach $1.3 trillion by 2017. Clearly we are growing and gaining power as consumers.

Neilsen Study: African-Americans Are More Relevant Than Ever

But if you want to see a black person mad have them buy something and not get what they paid for! That’s why e-commerce credibility is so important when black people shop online. A funny thing about the African-American online shopper; we will do more research than other groups before we purchase. According to TheMinorityeye.com website 45% of black shoppers utilize the Internet early in their purchase process before we decide on a product or service. It takes black people longer to make a purchase. It means we are careful with our money. Do you need me to say it again?

Now we can talk about e-commerce credibility. Black people know the big names like Amazon, eBay, Macy’s, Walmart. But when you shop you will sometimes find a unique item or a special price for something. But is that website trustworthy? That’s the big question here. Here are ten steps you can take to protect yourself when shopping online

1) Know who you are dealing with –  The birth of the Internet and e-commerce resulted in a truly global market place. There is no where in the world you can’t shop. So your retailer may be in another country. Consider these things, is the name recognizable like Amazon.com or Walmart.com? These companies have solid reputations.  But sometimes you have to establish the identity of the smaller less known online retailers. So make sure to investigate the name and company registration details here in the U.S. Make sure you have a way to contact the company. Look for an an e-mail, postal address and telephone number and know definitely where the company’s headquarters is based. If you can’t find this information something is wrong. And test the companies response by sending them an email asking questions about their products or services. Did they respond quickly? Was the response acceptable and professional? And here is something else to look for, how is their English? Is it acceptable or poorly written with spelling and grammar errors. That’s a tip off that you need to investigate further. And finally check their online reputation by using the Better Business Bureau website. You can also visit websites like Scamadviser.com. This website allows you to enter the website address and get a fast review of the sites credibility.

2) Check their reputation –An online retailer may have a legitimate business but that doesn’t mean he has satisfied customers. Lets be real, some places will tell you all sales are final. And customer satisfaction is not a priority. So make sure you investigate the companies reputation thoroughly. Again the BBB is a good place to start. What is their return policy? Check online for customer feedback and issues. Are they rated highly by customers?

3) Understand billing, guarantees and delivery before you buy anything –  Be wary of hidden costs and payment details before sending credit card details. Keep an eye out for and calculate these costs into your purchase.

  • Packaging costs
  • Delivery costs
  • Know if you will be billed before or after the product or service is delivered.
  • Can you track the item from purchase to delivery to your door? This is crucial for more expensive items. The ability to electronically track your purchase adds to the companies reputation and credibility.
  • Does the product come with a guarantee against defects, functioning, appearance and quality?
  • What is the return policy? Throughly read the information on the site about cancellations, returns and refunds. Print a copy.
  • Who pays if the item is returned? Postage, fees etc.
  • If there is a cooling off  or grace period for expensive items. Some retailers will actually give you a ‘regret’ period, usually 48 hours, where you can cancel or return a really expensive purchase.

 4) Thoroughly review the site’s privacy and security policy. Reputable retailers are open about their data collection. Somewhere on the website they will outline exactly what data they collect from you and what they do with it. Many will display a web-seal of  approval or trust mark such as Trust-e that sets standards for the treatment of your information. Research this privacy policy to understand how the company will use your information after your purchase. Some companies will use your information to email you with updates, to inquire about your level of satisfaction, or offer you other products or deals. Some retailers also sell your information to third parties. That’s where your email spam comes from.  Ultimately you must decide what much information you are prepared to give. But the problem with that is that you do not always get that information upfront. Or you may have no choice in the matter. Except to shop elsewhere and that is definitely a powerful message. If you really want to make an impact simply email the company and tell the you didn’t buy from them because of their privacy policy.

5) Use only secure websites – Ok, your investigation is complete and you’re satisfied that the company you are purchasing from is legit. Now for the transaction.  You need to make double sure that your credit card data is processed using a secure connection. Commonly known as Secured Sockets Layer (SSL) this is the most commonly used form of encryption used online.  Your credit card data is encrypted by SSL and broken into small pieces so it cannot be read by a cyber criminal. To ensure that you are using SSL technology you need to check your browser for the following:

  • Your browser may be set to alert you that you are entering a secure area. Unless you are required to log in before shopping the secure area is the first page where you enter your personal information.
  • Look for the ‘https:’ on your browser URL address window. 

google-ssl-1319029457

That final “s” is telling you that the site is secure. But unless you were required to sign in from the beginning you won’t see the “s” until you are ready to complete your transaction. 

https-padlock-icon

  • Look for the little green padlock in the URL window. It should be locked or closed. If it is open then assume the site is not secure and don’t enter any data no matter how bad your want the product. Transmitting data over an un-secure connection is asking for trouble. Its called “being out in the open.”
  • Another symbol to look out for is the unbroken key. It also indicates a secure website. 

6) Attention to detail – Be sure to enter the correct information when submitting your order. An incorrect address, number of items or the wrong item code can cause some serious headaches. And that is not the way you want to test their customer service!  And make sure their math is correct. Check for hidden fees like re-stocking if you return the item. Look for convenience fees, unusual shipping fees and other sneaky charges some retailers attach to your purchase.  Double check this information before you click ‘buy’.  After you have completed the purchase start keeping records. Record your purchase details to include a receipt of the final price, email and credit card confirmations shipping details dates and times. If you can’t print them then do a screenshot of the information and save it or print that out. Remember, a paper trail is powerful tool. 

7) Use a credit card with online fraud protection. When all else fails its nice to know your credit card has a policy that protects your from online fraud. You can find the best credit cards for fighting fraud here. Make sure you read that policy and stick to it. It can save you from losing a lot of money. Many credit card companies offer protection against fraudulent purchases and includes coverage that includes online purchases. Check with your bank or credit card provider to see what protection you have. It may be time to switch to a safer card.

8) Use a good Phishing Filter –There are various phishing filters and some good ones are actually free. For Windows users there is Microsoft SmartScreen Filter for Internet Explorer. This software will alert you when it detects a suspicious website.

9) Be alert to email scams – Email scams are designed to gather personal information such as passwords and credit card details. These are known as phishing emails. And remember there is no software that can protect your from or detect a scam. Scammers send out millions of emails day after day hoping to snag unsuspecting or gullible victims. When they find one they immediately go after their confidential information often. These emails may mimic known retailers and look quite convincing. But keep in mind that legitimate companies, including all banks, never, ever send you an email requesting  login, password, or credit card details.  Don’t ever click on that link! Delete it and report it to your bank. If you have any doubts,  go to the website on your own by typing in the web address of the company. Again; do not click on that link. It may be malware or some other virus.

Being black and online requires you to be alert and knowledgeable. Don’t be somebody’s sucker when you shop online. Learn what you need to know to protect yourself because AACR rule #1 is; The only laws on the Internet are the ones you impose and enforce.

Now you know.

Newest Social Media Scams

Social media is where a lot of black people hangout online. Its the place to be online. But African-Americans need to understand that social media is the heart of scam country.The newest social media scams are constantly evolving and becoming either more sophisticated or more irresistible. You need to know what the latest scams are and how they work. CSO has published a slide show of the newest social media scams and how they work. After reviewing the list I found that a lot of them are really very typical and play on a person’s greed and desire to get something for nothing. Many work by urging the victim to act quickly. Please remember that if you think you’re gonna get something for nothing its you who may be left with nothing. There is no software that can spot a scam. Why? Because scammers work on the person and their weaknesses and not the technology. So no anti-virus, no anti-malware, no spam blocker is going to protect you. You need to know what to look for and control your desire to get something for nothing.

Now you know.

CSO 10 New Social Media Scams to Watch Out for.

Don’t Forget Cyber Security Even on Vacation

canstockphoto4560982Here is some news for you. Seventeen percent of African-Americans take one or more international trips a year. Consider that we spend $48 billion on travel in the United States alone. But black people need to be alert and don’t forget cyber security even on vacation. Taking the time to focus on your cyber security can mean enjoying your days on the beach or trying to get home with maxed out credit cards and empty bank accounts.  Hackers and identity thieves do what they do for one reason, money. So before, during and after that fabulous vacation you need to make sure you are aware and alert to the scams.

Right off the bat you need to be aware that a scam is always out there waiting for you. They begin even before you leave home. For example. We are all looking for the best price on everything. That includes airline tickets. One of the hottest scams running right now is the airline voucher scam. It’s one of Online Scam’s Greatest Hits and works like this. You search Craigslist for tickets to your chosen destination and you find a really good deal. That’s clue number one. The seller needs to sell them right away or they expire and he loses the money. That’s clue number two. And finally he asks that you use a wire transfer to send the money. That’s strike three and you lose. You learn all you need to know about this scam by clicking here.

And here is the latest you better know about. You are comfortable in your hotel room and enjoying your vacation. Now here is the scam. Someone calls the hotel and asks for room #1302. Lets say that’s your room. The operator connects the caller. You answer thinking it must be the hotel since anybody else would call your cell phone. If there is a caller ID it may show the call in coming from the hotel operator.

The next thing you hear is a person claiming to be the front desk. This voice tells you that there is a problem with your credit card and they need the number and the three digit verification code found on the back. Do I need to to tell you that your vacation ends right there if you surrender this information? That is everything a criminal needs to go shopping with your card.

This scam is working because people are too lazy to walk down to the desk to ask what the problem is. You and I both know that if there was a problem with your credit card you would not be in that room. Second, if you been in the hotel a few days then there is no problem and if there is then call your credit card company. You know your business and you know your money. So why would you listen to a voice over the phone? Because these scammers are very good and sound very professional. They can be very convincing. It can happen to you. If you get a call claiming to be from the front desk of your hotel then march your ass down to the front desk and deal with it in person!

Here is a few more steps I suggest black people to take when planning a vacation and also once you are on that fabulous getaway.

When booking your vacation

Before you leave home book your hotel room, beach houses or ocean bungalows first. And use a trusted website or travel agent. Forget using the website with the best deals. You’d be surprised how many people have lost their vacation money to a phony travel website. Or found the service just plain sucks for customer service. Do your homework! Read the reviews for the services you are going to use and re-confirm your booking; not through the website but call the hotels and airlines yourself.

Some people have time shares. Or you may use a friend’s time share. VRBO.com is an outstanding source on staying safe from scams when renting directly from property owners. As matter of fact  it’s a pretty good guide for renting from anyone. Here’s a short list:

  • Ask the owner for referrals from previous renters
  • A popular scam is the phony property owner scam. Check the property for a homeowners association and ask if the person offering the property is the owner or authorized to do so.
  • Ask what company provides professional cleaning services to the property and contact them or anyone else that services the property
  • Make sure you receive a rental agreement or contract specifying all the important terms of the agreement. Check dates, cancellation policy, fees, deposits,insurance, everything! Its your money and your vacation. Don’t play.
  • Use a credit card. Most cards have built-in protections for scams. There is no protection if you send cash or money transfer. And for the record, if the agency or person asks you to do a money transfer that’s a tip off to a scam.  You can also ask to place a deposit with the balance do upon check in.

Securing your devices

We love our devices so if you take one, or more, with you you need to install some form of anti- theft protection. For Android devices Lookout has a security app that works for Apple as well. And Kaspersky labs offers an anti-theft for Android. My best advice is to treat your devices like money. Don’t let it out of your sight! You can find more information at the Kaspersky blog on protecting your devices. Or read my book “Securing Your Digital World.

Write all your numbers down on paper and keep them in a safe place. There is no guarantee you will have internet access or that something won’t happen to your phone or tablet. Write emergency numbers down somewhere just in case. For example, a number of a close friend or relative in case of emergency, hotel number, flight reservation number, any number you may need. Don’t use hotel or public WiFi. Listen, hotels and resorts are hot targets for hackers and cyber thieves. Don’t believe me? Read this.

Finally, diversify your money. Don’t load up on cash. Keep a reasonable amount of cash with you. Have more than one credit card or debit card. And keep them separately. Whatever you are not using keep in the hotel room safe. If you lose one you can cancel it and go to the back up. Keep your passport in the safe as well unless you think you will need it. A good idea is to get a passport card with your passport. Now keep in mind that a passport card has limited use but should be enough in an emergency.

Now you know