Posts

There’s no limit to the many ways a scammer will try to separate you from your money. One of the most common tactics is a phishing attempt, which happens when someone contacts you via phone, text, or email with a legitimate-looking request. Many of these attempts copy a well-known business’ logo, web address, email domain, and other realistic features.

Email phishing attempts are so common you may not even notice any more if you get several of them a day. Many spam filters have gotten good at catching them, but the ones that slip through into your inbox can look pretty convincing.

The goal of a phishing attempt is pretty straightforward: just click the link. That’s usually all the scammers need you to do. From there, it will either install harmful software on your computer that lets the scammer snoop around, or it will take you to a fake website where you must input your sensitive information: either way, the scammer benefits.

A new twist on these messages actually offers you money for clicking, though. The email contains a very common, official-looking receipt for a purchase you made via PayPal. When you scroll through and think to yourself, “No! I didn’t buy a virtual reality gaming headset!” you’ll quickly see the numerous links and buttons to dispute the charge.

Think about it: how many real receipts have you ever actually received that say, “You didn’t make this purchase? Click here for a refund!” What kind of company puts three or four refund offers on your receipt?

Not a real company, that’s for sure. The scammers are just after your clicks in order to move forward with their next malicious steps.

Instead of falling for it, scroll up to the top of the email and hover your mouse over the sender’s name. Their email address should pop up. Pay close attention to the letters if it still looks like a real email address, and notice subtle changes, like the letter O is actually a zero or a letter L is actually an uppercase I. Once you’ve figured out it’s a fake—or even if you’re still not convinced—exit out of the email and go to your actual PayPal.com or Amazon.com account, for example, and look into it. You’ll most likely see that you have not made a purchase.

But just in case… what if there really is a purchase for something you didn’t want? That email still can’t help you, but the customer service reps can. Use the contact information listed in the verified email to get in touch with someone who can help.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next: “What to do When Your Passport Number is Breached”  

Labor Day is just around the corner, and perhaps no one is looking forward to the long weekend more than scammers and identity thieves. The three-day holiday lends itself to a wide variety of ways to steal your money, your personal data or both, so it’s important to brush up on how to spot a possible scam in order to avoid it.

Travel Scams

This particular holiday is traditionally a time for families to take one last quick getaway for the season. In 2015, travel and road service organization AAA said that an expected 35.5 million Americans travel over the three-day weekend. Unfortunately, another statistic can put a damper on those plans: according to the Better Business Bureau, vacation scams cost U.S. consumers around $10 billion per year.

While the internet has grown into an excellent resource for finding steep discounts and bonus packages on travel, accommodations and meals, it’s also a snare that can lead straight to a scammer. It’s important to be on the lookout for flashy pop-up ads, awkward or incorrect wording and spelling in emails or deals that are so cheap that they’re not believable. Remember, just clicking a link and looking into some of these deals can have repercussions if the website the scammer created installs malicious software on your computer.

Play it safe and only use trusted companies to book your hotel, flight or other vacation needs.

 

Skimming

Thieves can insert skimming film into the card reader of a gas pump, point-of-sale system, even a restaurant payment card machine, and that film can nab all of the account information off your card. It’s then transferred onto a blank magnetic stripe card and used in physical locations (which will not necessarily trigger a “suspicious purchase” alert from your card since the card was present at the transaction). You need to be on the lookout for this common holiday travel pitfall, even if your travel plans don’t take you any farther than the local lakeside or park.

If a gas pump or POS payment machine looks tampered with, you might consider using a different pump, going into the store to pay or even using a different payment method. If you’re eating out and the server has to leave with the card to make payment, you could also fall victim to skimming. It’s always a good idea to look over your account statements routinely, but especially after any kind of holiday or major event.

 

Shopping Scams

Are you staying home this year? Labor Day might be a great time to take advantage of a number of sales and discount specials, but buyer beware, phishing emails that offer you massive discounts can redirect you to phony websites. Once there, you enter your personal information and payment card account, only to have it stolen by a scammer.

Fortunately, many retailers—both physical and online—advertise their upcoming holiday specials in advance. If you’re buying a high-end item, you should have plenty of time to look for the best deal and find the most reputable retailer.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The Harm in Hoaxes on Social Media

For years, fraud experts have warned consumers about phishing attempts that try to steal money and identifying information. As people have become more aware of the threat, scammers have had to up the stakes in order to trick users into downloading malicious content to their computers or hand over their sensitive information.

One common approach is the “there’s something wrong with your account” email. These messages appear to come from a well-known company. It might claim your account has been suspended due to strange activity, an order you placed (or possibly didn’t place) is not shipping due to a problem with your credit card, or any other plausible scenario. The goal is to get you to click the link and submit personal information, such as login credentials, passwords or credit card info.

So how is a company supposed to inform you when there really is an issue with your account? A good example may be the one below:

The email informed the recipient of the need to take action on their account by exiting the message and logging in to the account themselves. Rather than the common ploy of having the victim click a button that supposedly redirects to their account, this message plays it safe: Leave this email, go to your account, login for yourself, and make sure your information is accurate.

Also, further below, there is a support number to call for help. That can be indicative of a scam, though, so beware; numerous scams have included phone numbers to call that simply redirect to the scammers, so anyone receiving this email should verify the phone number before calling. However, the information the recipient needs is laid out quite clearly in the email, and hopefully, no further support is even required.

At first glance, this email could look and sound just like any other phishing email, but the difference is in the action the recipient is to take. Instead of falling into a potential trap, the reader is only told to do the very same activity they would do if they had not received the message, namely, log into their account and make sure their profile is up-to-date.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.