October is National Cyber Security Awareness Month


President Obama designated October as National Cyber Security Awareness Month to raise awareness of threats to the data systems that have become part of our everyday lives and to encourage each of us to take steps to safeguard those systems.

We’d like to share with you a few recent scams and tips to help ensure that you, your identity and your money remain safe in this ever increasing technological world.

Watch out for text message scams. Con artists are trying to fool users into sharing personal information by sending text messages that look like alerts from banks.

How the Scam Works: You receive a text message that appears to be from a bank. It’s prompting you to update your profile and provides a link to a website. The link may even have the bank’s name as part of the web address. If you click on the URL, you will be taken to a form that looks like part of the bank’s website. The page will prompt to “confirm” your identity by entering your name, user ID, password and/or bank account number. Do not share this information! Sharing this information puts you at risk for identity theft.
Protect yourself from text message scams.

  • Just hit delete! Ignore instructions to confirm your phone number or visit a link. Some scam texts instruct you to text “STOP” or “NO” to prevent future texts. But this is a common ploy by scammers to confirm they have a real, active phone number.
  • Read your phone bill. Check your phone bill for services you haven’t ordered. Some charges may appear only once, but others might be monthly “subscriptions.”
  • Know your rights. Real commercial text messages must provide a free, easy way for you to opt out of future communication.
  • Know how to combat spam texts. In the US, forward the texts to 7726 (SPAM on most keypads). This will alert your cellphone carrier to block future texts from those numbers.
  • Watch out for lookalike URLs. Just because a URL has the name of a real company in it, doesn’t mean it’s legitimate. Anyone can register a subdomain (realcompany.website.com) or similar URL (realcompany1234.com).
  • Ask your phone carrier about blocking third-party charges. Mobile phone carriers permit outside businesses to place charges on your phone bill, but many carriers also allow you to block these charges for free.
A sophisticated new scam is targeting business and personal email addresses to initiate wire transfers. Scammers create email accounts nearly identical to an existing account and use that new account to confuse people into initiating transfers.

How the Scam Works: You are working for a business that deals with contractors or suppliers. One day, you receive an email that comes from your contractor, requesting to be paid by wire transfer. This is unusual, but you have a long standing relationship with this contractor, so you initiate the transfer. Watch out! The email may be a fraud. Scammers are hacking into email accounts and spying on messages sent by the account owners. Then they create a new, second account that looks very similar. It may differ by a single character. Con artists then use these new accounts to initiate wire transfers. In some case, the funds from the unauthorized transfers are sent to money mules located in the United States. These mules may be victims of employment scams. They may have no idea that their new “job” involves moving money for scammers.
Tips to protect yourself from this scam:

  • As always, be wary of suspicious emails. Do not open e-mail messages, click links or download attachments from unfamiliar senders.
  • Double check email addresses. Watch out for changes in e-mail addresses that mimic legitimate e-mail addresses.
  • Question changes to payment instructions. Contact the real vendor to check on the change.
  • Have a dual step process in place for wire transfers. This can include verbal communication using a telephone number known by both parties.
  • Know your vendors. Be aware of each company’s typical payment activity and question any variations.
Next time you call the customer service department of your credit or debit card, be sure to double check the number. Scammers are purchasing phone numbers similar to those of customer service lines and fooling card holders into sharing account information.

How the Scam Works: You have an issue with your credit card, so you search online for the card issuer’s phone number. You dial the number at the top of the search results and get a recorded message. It prompts you to enter your credit card number and other information. Don’t fall for it! Scammers are purchasing toll free numbers and promoting them though search ads and fraudulent websites. In a hurry, consumers simply dial the first number, not realizing it’s an ad placed by scammers. In other cases, scammers purchase numbers very similar to the real customer support line and prey on customers who misdial. This scam is not limited to credit cards; con artists are also pulling this trick with popular retail brands, as well.
How to avoid fake phone numbers:

  • Be wary of phone numbers in search ads. Frequently, the slots at the top and sides of search results are for sale. This means scammers can buy these spaces and use them to promote fake phone numbers.
  • Find the customer service number on your card. That is always your best first option for reaching your card issuer.
  • If you don’t have your credit/debit card handy, be sure to look on the company’s official website.
  • Try other ways to contact the company. If you can’t find an official customer service phone number, try contacting the company by other means, such as email or a live chat.