Learn About The latest Scams
Spear Phishing is a phishing attack that targets a specific person and often appears like a trustworthy source. The easiest way for cybercriminals to specifically target individuals is through the use of social media. Spear Phishing attacks on social media are often from fake accounts or real accounts that have been compromised by the cybercriminal.
In this scam, cybercriminals will utilize these accounts to impersonate that individual and target their friends or followers. This can be done by creating posts, starting a friendly conversation, and commenting on posts.
Once they gain your trust, they will send you links to downloads, maybe ask you to review some documents, or ask for monetary donations.
The popular option currently is asking someone to review a word document and to give them feedback. Once you open the document, it will ask you to enable macros. If you enable macros, your system will automatically download and install dangerous malware to your computer.
Tips to Stay Safe!
- Think about the usual conversation that person usually would have with you. Do they use proper grammar, ask you for favors, etc.
- Before enabling macros for a file, contact the sender via text or by phone call to verify who created the file.
- Always think before you click. Cybercriminals can use much more than links in emails to Phish for your information.
There is a new Facebook scam being used by fraudsters. Scammers are creating their own third-party Android applications (apps), which have allowed them to hijack over 10,000 Facebook accounts. Once you download one of these apps, they will display a familiar feature that says "Continue with Facebook login." Oftentimes, legitimate apps are integrated with websites like Facebook to make account creation a breeze. However, in these malicious apps, the link often leads to a phony login page created to steal your login credentials and more!
These applications are unique as they will open the official Facebook login page while still allowing the scammers to track your information. Once the scammers have your account credentials, they can use them to scam your friends/family, create false posts, and much more.
Here are some simple tips to stay protected.
- Although this has been primarily targeting Android users, this technique can be used on any device that downloads apps, including computers.
- Always check out the reviews, ratings, and comments on an application before downloading. Poor reviews can be a dead giveaway that an app is questionable.
- Only download apps from a trusted publisher. Since anyone, even scammers, can upload on the official app, it is important to only download trusted publisher's apps.
With things slowly starting to go back to normal, it is as important as ever to be conscious of new scams that look to take advantage of the pandemic. One scam in particular, 'Romance Scam,' has reached a record $308 million in losses in 2020, up 50% from 2019.
A 'Romance Scam' typically targets older adults in an attempt to fill a void in their life. The romance scammer will create a fake profile on a dating site, app, or just Facebook to build up a relationship with an individual. Often, the scammer will ask for money to come visit them or for money to help solve a life problem of their own. Romance scams are not just online, these can happen when older adults are socially isolated or dependent on others to assist them. It is important to be cautious as these people are often met at places such as church, community centers, or in social groups.
The Federal Deposit Insurance Corporation (FDIC) has worked to develop an award winning financial education curriculum, 'Money Smart for Adults.' The best part is that this is a free resource to stay alert of scams and increase your financial awareness.
You can learn more at Federal Deposit Insurance Corporation's website.
Criminal hackers and scammers have been sending fake coronavirus-themed emails, texts, and social media posts designed to trick people into opening attachments, downloading malicious software, or to get you to enter your personal information. Some messages have impersonated the World Health Organization and the Centers for Disease Control and Prevention.
Here are some tips to help you keep the scammers at bay:
Don’t click on links from sources you don’t know. It could download a virus onto your computer or device. Make sure the anti-malware and anti-virus software on your computer is up to date.
Hang up on robocalls. Scammers are using illegal robocalling to pitch everything from low-price health insurance to work-at-home schemes.
Don't respond to texts, emails or calls about checks from the government. Here's what you need to know about stimulus payments.
Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying that have information about the virus. For the most up-to-date information about the Coronavirus, visit the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO).
Ignore online offers for vaccinations. If you see ads touting prevention, treatment, or cure claims for the Coronavirus, ask yourself: if there’s been a medical breakthrough, would you be hearing about it for the first time through an ad or sales pitch?
Do your research when it comes to donations, whether through charities or crowdfunding sites. Don’t let anyone rush you into making a donation. If someone wants donations in cash, by gift card, or by wiring money, don’t do it.
Be alert to “investment opportunities.” The U.S. Securities and Exchange Commission (SEC) is warning people about online promotions, including on social media, claiming that the products or services of publicly-traded companies can prevent, detect, or cure coronavirus and that the stock of these companies will dramatically increase in value as a result
You can sign up for consumer alerts about scams from the Federal Trade Commission or report suspicious claims to the agency at ftc.gov/complaint. Stay up to date by visiting the FTC Coronavirus Advice for Consumers webiste page.
Card Skimmers - Tips You Need To Know
Learn how to spot and avoid the latest ATM scamming techniques.
The vast majority of ATM & Gas Pump transactions are conducted safely and securely, but ATM & Gas Pump fraud can and does happen. A common technique used by thieves to obtain your debit card information and PIN at ATMs & Gas Pumps is skimming. ATM & Gas Pump skimming occurs when thieves use hidden electronics or technology on ATM & Gas Pump machines to steal card info. With your card’s information in hand, scammers can empty your checking or savings account.
What To Look For
- Skimming Overlay Devices. These devices are placed over the card slot. When a card is inserted into the card slot, the device records the card’s magnetic strip data.
- Shimming technology. Thieves have more recently developed “shimming” technology, where they install a thin, card-size device with a microchip into the card slot. This device isn’t visible from the outside of the ATM/Gas Pump and steals information that allows the thief to clone your card.
- Keypad Overlays. These devices are placed over a keypad and can capture PINs as they’re entered.
- Tiny Cameras. Cameras are used in conjunction with the skimming or shimming device. The camera is placed in a location on the ATM or Gasp Pump to record the user entering the PIN. Some thieves even use cameras with thermal imaging to see the numbers and order in which you pressed them. These days, many skimming devices transmit information back to fraudsters using Bluetooth technology. However, it’s possible that some crooks could still be watching you enter your PIN with binoculars or by looking over your shoulder, so don’t let your guard down. Be especially wary of anyone offering to “help” you use the ATM. There are some precautions you can take to stay safe.
What You Can Do
- Use Your Eyes & Fingers. If something doesn't feel right, move on. Watch for signs that the ATM may have been altered. Does the ATM have parts that look crooked, misplaced or damaged? If you pull on the card reader, does it come loose? If you push buttons on the keypad, do they feel loose or spongy? These are all warning signs of potential tampering.
- Visit high-traffic and high-profile ATMs & Fuel Pumps. Avoid gas pumps that are out of sight of the clerk and ATMs in areas with little traffic. Scammers want to stay out of view when installing and collecting their technology.
- Cover your hand when entering your PIN. This should be done even if you don’t see anyone or anything suspicious. A hidden camera may be viewing the keypad even if you aren’t aware of it. You can also be sure to rest your fingers on the plastic keypad. This will obscure your PIN from thermal cameras.
- Pay inside, with cash or a card, rather than at the pump. There is less chance a fraudster placed a card skimmer on the payment terminal in front of the clerk inside the gas station or convenience store. However, it takes just seconds to place a skimmer on a card reader.
- Be observant of your surroundings. Stand directly in front of the ATM while using it and watch for anyone standing too close.
- Be wary of suspicious Bluetooth signals. You can download free scanning apps that detect suspicious Bluetooth signals and alert you to potential skimmers.
- Check your accounts regularly. There’s a chance you may not notice a compromised ATM/Gas Pump until your information has already been stolen. Regularly check your account statements and set up fraud alerts to be alerted of any fraud right away.
Caller ID spoofing is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Spoofing is often used as part of an attempt to trick someone into giving away valuable personal information so it can be used in fraudulent activity or sold illegally
Tips to Avoid Spoofing Scams
- Don't answer calls from unknown numbers. If you answer such a call, hang up immediately.
- If you answer the phone and the caller, or a recording asks you to hit a button to stop getting the calls, you should just hang up. Scammers often use this trick to identify potential targets.
- Do not respond to any questions, especially those that can be answered with "Yes" or "No."
- Never give out personal information such as account numbers, Social Security numbers, mother's maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
- If you get an inquiry from someone who says they represent a company or a government agency, hang up and call the phone number on your account statement, in the phone book, or on the company's or government agency's website to verify the authenticity of the request.
- Use caution if you are being pressured for information immediately.
For more information regarding Caller ID Spoofing, click here.
Staying Safe When Shopping Or Banking Online
Banking and shopping online are modern conveniences we’ve come to rely on to make our lives easier and more efficient.
We use our phones, computers and tablets, to manage everything from checking account balances, depositing checks and paying bills, to shopping for clothes and even groceries online.
While virtually anything can be done online in the blink of an eye, it is important to take a few extra minutes to protect yourself, and your money, from fraud or identity theft.
See our top 4 tips for keeping yourself safe online. Learn More.