In the realm of internet activity, there are a lot of different ways that scammers and hackers can nab your personal information. All too often, though, the victim of the data theft accidentally does the dirty work for the scammer.

If a hacker can get you to click on a link and install a virus on your own computer, his job is done. All he has to do is sit back and mine your data, including your contacts list, your usernames and passwords, even stored information locked up in your documents, depending on the type of virus he sent you.

Given the threat of malicious software downloads, you’d think that people wouldn’t still fall for this tactic. Unfortunately, it’s all too common, and hackers are happy to up their game with new methods of encouraging you to fall for it. Whether it’s sending you an email that appears to come from someone you know (through either spoofing the sender’s account or hacking into their account), or trapping you with a text message from an unknown phone number that claims to include “crazy” pictures of you, there’s no end to their creativity in trying to phish you out.

But there’s another trick up the hacker’s sleeves when it comes to phishing, and that’s social media click bait. Click bait is a term that usually applies to “news” articles that are shared online. They might have scandalous-sounding headlines like, “You won’t believe what (insert celebrity name here) wore on the red carpet!” but the goal is simply to get you to click on the link. Typically, click bait is relatively harmless, other than making money for the website in advertising revenue every time someone clicks. The “bait” doesn’t have to be an article, though; it could just as easily be a post on your timeline or a private message with something enticing, like, “Check out these pictures of you from last weekend!”

A new study took a hard look at how easy it is for scammers to lure us in with phishing emails and click bait. In an experiment involving nearly 2000 email and social media users, the target groups were sent either an email or a social media message that offered them photos of themselves that someone had taken. The results were pretty surprising:

“In the first study, which addressed the targets by their first names, 56% of the email recipients and 38% of the Facebook message recipients clicked on the links… In the second study, where the first names were dropped but the specificity of the phishing message upped the curiosity factor, only 20% of email recipients clicked through, while the percentage of Facebook users who clicked went up to 42%.”

Unfortunately, the experiment concluded with a questionnaire for the test subjects and the results were puzzling. 78% of the respondents said they were unaware of the danger of clicking on an unexpected link. Even more interesting, the questionnaire asked the respondents whether or not they had clicked on the link. Only 20% in the first group had said they did, and 16% in the second group admitted it; of course, the researchers could track the links, and found that the numbers were actually 45% and 25%, respectively.

This lack of awareness coupled with an underlying understanding that we shouldn’t be clicking on messages we can’t verify is actually very telling from a security standpoint. It means that greater awareness of the threat needs to be shared, but also that many users understand there is some kind of risk, even if they don’t know what it is.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

Who doesn’t love the thought of discovering a little bit of extra money? Not enough to be categorized as a mega-millionaire—although that wouldn’t hurt too badly either, would it—but just a few hundred dollars? Maybe a couple thousand?

That’s the allure of inexpensive scratch off lottery cards. In locations that legally regulate and sell them, scratch off cards are an instant-gratification game. Instead of waiting a day or so for a giant jackpot, scratch off cards tell you immediately whether or not you’re a winner. Even better, depending on the amount of your winnings, you might get your money immediately from the cash register where you purchased the ticket. Walking into a store to pay for your gas and walking out with a few hundred dollars can be pretty enticing.

But there’s a new scam involving scratch off cards, and a lot of it hinges on how you received your card in the first place. While these could conceivably be for sale in some shady locations, they’re typically found as a free “take one” card located near free classified ads publications, free real estate magazines, and more. You take your free card, scratch off the numbers, and—what a surprise!—your numbers are a match. You’ve won a tidy sum of money, not enough to feel like a scam but just enough to make it worth your while, and you’re instructed to call the number on the back of the card.

The scam actually begins once you pick up the phone. Throughout the duration of the lengthy phone call, a call that’s actually rerouted so you end up paying long-distance charges, you’re led to believe this is a legitimate lottery and that your winnings are on their way. All you have to do is provide the right information in order to confirm you as a winner and send you your check.

Of course, there is no check. You’re not winning anything, but you are losing your personal identifiable information. If you’re lucky, you’ve only set yourself up to be targeted by telemarketers and spammers. If you’re not so lucky, you’ve just provided all of your sensitive data to an identity thief.

It’s fun to dream of quitting your job and retiring to your beach house, but it’s important to remember that you will never win a lottery or contest that you didn’t have to enter or purchased a ticket for. If anyone promises you free money, the only guarantee you have is that it’s a scam. More importantly, if anyone ever wants your personal information for any reason, think twice about turning it over in order to protect yourself and your identity.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

When disaster strikes, there’s often a heart-tugging sadness that comes from feeling powerless to do something useful. As distanced bystanders, we’re left reeling from the news footage of the horrific events, both man-made and natural, and thinking to ourselves, “If only there was something I could do to help.”

Fortunately, technology has empowered us to support people in their time of need. Charitable giving websites, crowdfunding campaigns, even the ability to text a donation for a specific cause and then pay it on the following month’s bill have enabled us to lend a hand when needed.

In the instance of the 7.0 magnitude earthquake that struck Haiti in 2010, nearly 3 million people were killed, injured, or left homeless. Relief efforts were mobilized within mere minutes. The Red Cross immediately set up a text-to-donate option, and more than $43 millioncame in via text.

Sadly, the same technology that lets kind-hearted people participate in helping out have also made it possible for scammers to bilk innocent, well-intentioned people out of their money. It can also be used to steal your personal identifiable information, something that’s far more valuable than a donation of a few dollars.

Only a matter of hours after the attack on the World Trade Center on 9/11, scammers were already soliciting donations for relief efforts, but pocketing the money. And it’s the same with nearly every high-profile incident that affects large numbers of victims.

So how are you supposed to help while still keeping criminals out of your wallet? By only working with trusted sources and legitimate agencies.

But authorities have already warned the public to be watchful of “disaster relief” scams that crop up online. There are genuine sources to send donations of money or supplies, and even applications to volunteer with the relief efforts in person. Considering how easy it is to set up a website and request donations, though, here’s a good rule of thumb. If you do not recognize the name of the charity that is soliciting funds, or if it’s a name that’s too “sudden” to be believed (something like, be cautious. Trustworthy charities will have long-standing reputations of meeting the government’s guidelines for a charitable organization, so other new sites should be treated as suspect.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530.

The infamous Nigerian prince emails have become so much a part of everyday society that they’ve actually turned into a pop culture joke. Unfortunately, that reality of email scams—many of them originating in Nigeria, hence the nickname, but in actuality coming from around the globe—is anything but amusing.

Nigerian prince emails actually have several different, more formal names. Sometimes called the “419 Scam” after the section of Nigeria’s criminal code that deals with fraud, or “Advanced Fee Scams” due to the fact that the victim pays money up front in exchange for promises of a greater return, these scams come in all shapes, sizes, iterations, and countries of origin.

With so many victims duped out of tens or even hundreds of thousands of dollars, what makes them even the slightest bit funny? It’s the unbelievable stories behind them, many of which detail outrageous scenarios in nearly incomprehensible English, all intentionally designed to attract only the most gullible of would-be victims.

While it’s hard for authorities to track down every single origin of every single internet scam, that doesn’t mean they’re not out there searching. And their efforts have paid off in a big way this month, as INTERPOL and the Nigerian Economic and Financial Crime Commission (EFCC) have tracked down and arrested a man who was responsible for more than $60 million in fraud and theft.

Along with an accomplice, the scammer known only by the single-name Mike ran an operation with as many as forty employees below him, all of whom were able to hack business email accounts and send out fake invoices to their customers and divert those payments to their own accounts. Their other tactic was “boss phishing,” or hacking a business email account and pretending to be the boss. They would then send instructions to an employee within the company, demanding sensitive information, the transfer of funds, or other fraudulent requests.

This is certainly not the first or the largest criminal to be snared through joint efforts of curbing internet fraud and crime. But the anonymous nature of this type of crime, coupled with the fact that all it takes is a computer and an internet connection, means criminals can be hard to identify and even harder to track down.

One thing that the public can do to help stem the flow of internet fraud is to stay on top of the latest scams and fraud attempts. While most users may have by now heard of the sad plight of thousands of Nigerian princes who need help moving their royal fortunes out of the country, new fraud variations come up every day. Boss phishing and text message “smishing” are new, for example, but old schemes like the lonely heart dating scams are still effective. Be aware of the threats to your identity and your funds, and help others understand the dangers of getting hooked by a scammer.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

The Rio Olympics are set to kick off, and sports fans around the world have their eyes set on South America. If you’re one of the lucky fans who’ve opted to travel to the country to watch the action up close, be prepared: the usual numbers of scams associated with any exotic locale will grow exponentially during this event.

There are literally dozens of scams that crop up in hot-ticket tourist destinations, and they can be grouped into different types. This link from contains details on more than forty different scams that might target travelers to Rio, but here are some general categories to watch out for:

  1. Travel Scams – It doesn’t matter where you’re headed, there’s undoubtedly a travel scam waiting to steal your money, your identity, or both. Many of the scams take shape before you ever even pack a suitcase, such as ones with bogus flights, fake hotel accommodations, or hefty fees that you wouldn’t have been charged if you’d used a reputable service.

Do your research before booking any travel, lodging, or ground transportation. Beware of “too good to be true” deals, or offers of free lodging and free car service. Remember that the location isn’t the problem, but the fact that scammers know you’re out of your element and more likely to fall for their schemes.

  1. Extortion Scams – There are so many different variations on extortion schemes, but they all have one thing in common: you’re going to be intimidated into forking over your money to clear up the confusion. Whether it’s a dropped item scam that makes it look like you’re responsible for damaging someone’s property, a money drop scam in which someone offers to split “found money” with you, or a scam in which someone argues that you received a service then didn’t pay for it, don’t fall for their intimidation tactics. If the scammer starts calling for the police, let them; in fact, encourage them to alert the authorities, or call for the police yourself.

Be warned though, there are scammers who pose as police officers and automatically take the scammer’s side, informing you that your ignorance of the country’s laws is at fault. When in doubt, contact the US consulate or embassy in the country where you’re staying. There are common reports of local police corruption or their willingness to look the other way when it comes to a foreigner being scammed. Do not let threats of physical harm or jail time coerce you into handing over money to make it all go away.

  1. Identity Theft Scams – Oddly enough, the very same scams that target your identity when you’re home are still viable in other countries. That’s why you have to be careful about using an ATM, paying at the gas pump or a payphone with your credit card, logging into your sensitive accounts over public Wi-Fi, and more.

Do your homework before you leave, and learn what technology steps you need to take while you’re in Rio (or any other country). Make sure someone back home has the right access to help you if an account problem comes up, such as knowing where your credit card information is stored in case your wallet is stolen or your account is compromised by a scammer. Make sure you monitor your credit card and bank account statements very thoroughly when you get home in order to spot any suspicious activity.

One of the most important things you can do to protect yourself from scams is to avoid looking “too much” like a tourist. Some things can’t be helped, like driving a rental car that alerts scammers to your traveler status. But other behaviors can make you seem like more of an easy target, so keep a low profile, keep an air of quiet confidence about you, and do your best to blend in with others.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

The ITRC recently released information regarding the best practices for parents when using a child ID kit. One of the questions we heard over and over was, “Are the companies behind this really scams, or are they just misinformed?” My response was that there are probably a blend of both, but that we at the ITRC had direct experience with a scam company in the southern California area.

A member of the ITRC team, and a mom, was concerned when she received a flyer from her child’s preschool regarding a company coming in to fingerprint the children and provide child ID kits. This company was engaging in all of the practices that we list as red flags in our scam alert…all of them.

As we reviewed the recommendations and service offerings for this company, we were dismayed at how they were taking advantage of parents’ natural fears while potentially creating massive identity theft vulnerabilities for their children.  Here are some of the things that tipped us off:

  • This company offers to digitize fingerprints and store them for parents, a service for which they did not list the cost; they simply recommended that parents call for a price quote. The company stated that they could provide the fingerprints directly to law enforcement in the event of an emergency, but according to my research and discussions with law enforcement personnel, this is something that parents can do themselves…for free.
  • This company offers to provide a wallet-sized copy of the scanned fingerprints so that parents can carry it around with them at all times, a service which costs $86. Apart from being an alarmist tactic that tricks parents into paying, if the parents’ wallet goes missing, so do the fingerprints. This poses an identity theft risk for the child.
  • This company also offers parents a digitized set of the child’s fingerprints on a thumb drive, and recommends that parents carry it on their key chain so it is with them at all times. Again, this is an alarmist tactic that puts your child’s identity at risk if your keys are lost or stolen.

Unfortunately, the list of red flags goes on. The ITRC brought this to the attention of law enforcement, who will do their job and investigate. Should they find evidence of a scam, they will bring those responsible to justice. We also feel it is important for the ITRC to do its job, which is to inform parents about how to determine if there is a need to establish a child ID kit for their kids, and if so, how to properly go about it.

This scam is real, and was happening right in our area. If it’s happening here, there’s an excellent chance that it is happening elsewhere.

Now that summer is here you may think this risk isn’t as great—school is out, after all. But during the summer months, our children attend alternate day care programs, summer camps, and a host of other enrichment activities. Scammers don’t care that school is out; they will go to those places as well. And if your care providers don’t know what to look for, they could be duped into helping scammers reach new victims. Don’t get me wrong, the professionals who engage these companies will almost always have good intentions, and think they’re doing something to ensure your child’s safety. Instead, it’s the scammers that we need to blame for taking advantage of those good intentions.

What can you do as a parent? Read the scam alert so you know what the red flags are. Understand how to determine if a company is a legitimate service provider or a scam (via this helpful fact sheet). And share this information with other parents, your school, afterschool programs, and daycare providers so they can make the right decision as well. In other words, the best thing you can do right now is to:Read it. Understand it. Share it.

Online dating has risen in both popularity and credibility in the past few years. What was once commonly seen as the last resort of desperate, lonely people has now become a high-dollar industry that helps people around the world find genuine relationships. Unfortunately, the rise of internet dating sites and their widespread acceptance means more and more scammers are using that approach to find victims.

There are a few ways that you can spot a scam before you become a victim, though. By being smart about protecting yourself and your information, you can keep a scammer at bay.

1. Too close, too soon – In any online relationship, be careful of individuals who want to take things a little too fast. It might be that they start using pet names, talk of long-term relationships, or insist on sharing personal details or photographs too soon. At the same time, if they are too quick to invite you to talk to them outside the dating platform—meaning your communications are not accessible by the site that connected you—be very concerned.

2. Phone is no guarantee – Believe it or not, there are customer service call centers that scammers can subscribe to in order to make phone calls to their victims. Just as a company can hire a phone service to take phone messages or handle customer service requests, scammers can hire shady phone services to pose as your new boyfriend or girlfriend on the phone. That’s why speaking on the phone is no guarantee that this relationship is valid.

3. Odd situations that prevent connecting – It’s inconvenient to have your new victim constantly harassing you just to talk about their day, which is why so many common romance scams involve individuals who are not near a computer during their jobs. What does that mean? Jobs like off-shore oil rig worker, long distance truck driver, and even worse, US soldiers deployed overseas are all common tactics for scammers. With so many victims to keep straight in their phony relationships, they can’t devote all their time to you; be careful of an online relationship involving someone whose job keeps them away from communication for days at a time.

4. And then the money request… – Inevitably, the real reason for the scam comes out: a request for money. It could be needing funds to come visit you, funds to keep their (non-existent) child out of trouble, a request for you to use “their” bank account to help them out of a bind, or even outright extortion if you’ve sent them compromising photos of yourself. No matter how it plays out, the ultimate goal in a romance scam is to take your money.

In any relationship, whether face-to-face or online, if you’re asked to hand over money or personal information without some form of legitimate, legal commitment, be careful. It should make you think twice, and make you cautious about the relationship as a whole. Don’t waste your time on scammers who want to cause you and your finances harm; just remember that there are real, viable relationships to be made online, and be smart about protecting yourself.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

If you own a phone, there’s a good chance you have to put up with the annoyance of unwanted callers. But it’s not just telemarketers interrupting your dinner or survey takers wanting to know your opinion on political topics anymore. The real danger of unwanted calls is in phone scams.

An estimated 89% of phone owners in the US receive unwanted calls each month, and the increasing problem of phone scams is only getting worse. According to one source, 11% of phone owners have fallen victim to a phone scam, and of those victims, 20% have lost as much as $10,000 as a result; 14% of the people surveyed receive more than thirty calls in a single month period.

So what do you need to know to be able to rely on your phone for communication and emergency access, but still avoid the threat? Here are a few helpful tips that will hopefully lower your chances of becoming a victim of fraud:

  1. Guard your info – Scammers operate off of different sources for your phone number. They may be Robocalling you, which means a computer is doing all the dialing, or they may have purchased lists of phone numbers from sources who got them either legally or illegally. Finally, they may simply be punching numbers at random, hoping to land on someone who will fall for their scheme. But think about this: if someone was legitimately calling you with an offer or with a warning about your account, wouldn’t they have your information already? Of course they would, so there’s no need to supply them with your personal data, especially things like your Social Security number, your birthdate, or your account number and password. Even if they tell you to verify your account information, don’t do it. After all, they called you. They should know who you are. Never give out your information to anyone who calls you. Even if they indicate there’s a problem with your account, hang up and call the company directly using a number you can verify—not the number the caller gives you, as this could lead right back to the scammers.
  1. Too good to be true, too scary to be real – One of the most common phone scams right now (33% of reported calls) involve people posing as IRS agents, claiming that criminal charges are being filed against you for failure to pay your taxes. The second most common phone scam right now is threats from credit card companies or loan companies, claiming you’re behind in your payments (31% of calls). That’s pretty scary stuff. However, the IRS doesn’t call people, it sends a mailed letter with instructions on what to do next; your credit card company will never call you and demand payment over the phone, although depending on the company you might receive a phone call simply informing you that need to address some concern with your account. At the same time, 27% of the reported phone scams involved lottery winnings or some form of sweepstakes winnings. Think about this: how many times have you seen news reports of a major lottery like the Powerball, stating that a winning ticket was sold but the winner has yet to come forward? It happens somewhat frequently. That’s because no one calls the winning ticket holder to inform him that he’s won. If you receive a phone call for a lottery or contest—especially one that you don’t remember entering—hang up…it’s a scam.
  1. Let it ring – With the increase in cell phone ownership and the numbers of people who rely on a cell phone instead of a primary house phone, avoiding a scam is easier than ever. Why? Because there’s no need to answer the phone! If you don’t recognize the number or if the caller ID indicates it’s from a city and state you’re not connected to, simply ignore it. Anyone who actually needs to get in touch with you will leave a voicemail, and if it’s your cell phone, the caller can opt to text you instead.

Just remember one crucial warning: even a text message isn’t necessarily safe. It’s an easy way to spread scams because it can be typed once and delivered to thousands of people instantly. It’s also an easy way to install a virus on your phone, so never click a link in a text message that you were not expecting.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

Just about every corner of the internet is filled with scams and fraud attempts, waiting to prey on gullible users. Fortunately, with better awareness and education, more and more people are able to spot these crimes and take action to avoid becoming a victim.

In this instance, one quick-thinking postal employee helped prevent a customer from falling victim to an electronics scam, despite his assurances that everything was legitimate and that his newfound work from home job was genuine. When a customer came into a Fresno, California, post office to mail several packages to international addresses, the employee became curious. She questioned the customer about what the packages contained, and why he was mailing them to those addresses. Fortunately for the customer, he was happy to explain about his new job opportunity rather than feeling put out by the slight intrusion.

That’s when the employee informed him that this was a scam. He told her no, that the company who’d hired him had already sent him a check to purchase the iPads and cover the shipping, along with a remaining amount as his payment. A quick call to his bank, though, confirmed the employee’s suspicions: the check he’d received was no good and his bank balance had not gone up.

Had the employee not been aware of the scam—or worse, had she not cared enough to ask why the individual was mailing iPads overseas—the victim of the scam would have lost out in a big way. Not only would he have bought high-dollar electronics and paid a lot of money to ship them to the thieves, he could then have faced additional overdrawn charges on his bank account. That could also have meant that any checks that bounced went unpaid, possibly resulting in late fees from the intended recipients.

In this instance, there was a happy ending (the victim could return the iPads for a refund), but for too many victims of this type of scam, the end result is far more upsetting. Apart from the lost funds and the feelings of being cheated, in some cases the victims actually continue the scam in the hopes that this will still turn out to be a legitimate job, since they can’t bring themselves to admit they were victimized. In extreme cases of scams like this one, victims have even been roped into receiving stolen goods, which can result in criminal charges for the victim.

It’s absolutely crucial that the public stays informed about scams and fraud, but also to keep in mind one universal adage: there is no such thing as free money. No one will pay you a legitimate income to do a task that can be done with little or no effort, and no one will hire you to do a job that requires almost nothing on your part. If anyone reaches out to you online for employment and cannot provide you with things like a physical address and documentation to report this “amazing” income to the IRS, then it is not a legitimate job offer. Walk away, before you become a victim.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.

Scammers love to go after senior citizens, for a variety of reasons. Fortunately, there are a growing number of resources available to help stop the spread of scams, and to help empower individuals to fight back without becoming a victim.

recent senior citizens’ symposium is just one example of the kinds of education and awareness that groups like the Federal Trade Commission and AARP are promoting. By combining forces to cover a wide variety of topics, the agencies are working to ensure that senior citizens are aware of the threat and know when to step away from a fraud attempt.

One very important aspect to the recent training was identifying the three major categories of scams. While these three types can impact anyone, they are especially important when talking about elderscam.

Fear – It’s sad to know that there are scams that play off of the victim’s fears, but that’s a very common tactic used to steal from seniors. Some very common fear-based scams include:

  • Threats from phony IRS agents who inform the victim he owes taxes or penalties
  • People who pretend to be kidnappers who’ve taken the victim’s grandchild
  • A person reportedly calling from the utility company, threatening to turn off the victim’s electricity for non-payment
  • A fake call from a bank or financial institution that states the victim has bounced checks and is facing prosecution

Sympathy – Many senior citizens live in less-than-lavish financial circumstances. Through careful savings and planning for retirement, a comfortable standard of living is the ideal. But too many individuals who worked hard to squirrel away money for their retirement are able to sympathize with those who are less fortunate, possibly because they themselves understand the rigid constraints of a fixed-income. For this reason, scammers target the elderly relentlessly with things like:

  • Fake charities or aide collections following a large-scale disaster
  • Requests for money to save a child’s life
  • Emails that claim the individual is stranded in a foreign country and needs money to get home
  • Lonely individuals claiming a desire for a romantic relationship

Greed – Like it or not, greed is a very real human response, and scammers are all too happy to feed that greed with phony offers at making free money. Even some people who should be trustworthy—like church officials or financial advisors—can end up being part of the problem and bilking seniors out of their money. Some common greed-based scams include:

  • Pyramid schemes that promise “easy money” after you submit your payment
  • Work-from-home jobs that don’t require you to actually do anything
  • Selling bogus memberships or financial planning programs that don’t offer any return
  • Emails from people who claim they have millions to share and just need your help processing the funds
  • Reshipping scams, in which the victim is unwittingly trafficking stolen goods

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.