Category Archives: Scams

Remove past geo-tags from your social accounts

In one of our recent tips we approached the dangers of real time check ins on social network.

If it’s too late for that and you already have tons of check ins from your home, you also have the option to delete previous history location.

In Facebook you’ll have to do that manually for all the photos you uploaded and turn off Location for future posts.

In Instagram, you can Remove Geo-tag for all your uploaded pics.

Keep those browsers up to date

Browsers are one of the most common security holes, if you don’t keep them up to date. And the same goes for the add-ons and plugins you installed.

Cyber crooks frequently scan websites and PCs for vulnerabilities, such as outdated software. They use those backdoors to penetrate your systems and infect you with malware.

Keep those browsers updated. If you have browsers plugins, go to their settings and choose either to “Ask to activate” or even to “Never activate”.

No real time check-ins

Never check in when you are leaving the house for longer periods of time (such as holidays).

That includes no posting of flight tickets and holiday pics – at least not while you’re still away from home.

Something so common and apparently innocent can turn into a nightmare. There were plenty of cases of people who checked-in from their holidays, bragged about the wonderful places they’re visiting, only to come back home and find out that their house became the target of burglars.

You never know who else can benefit from the information you are sharing. You can never fully control and restrict who’s watching your social networks posts.

Got tape? Stick it over your webcam

Put tape over your laptop’s webcam.

The FBI director does it. You should do it too, because you never know who’s watching you.

A few examples from the past years that might give you the creeps:

  • In 2009, a student sued his high school for taking photos of him through the laptop they provided him.
  • Miss Teen USA was photographed without her knowledge by an ex high school colleague, who infected her PC with spyware. In that case, the victim fought back and the man was sent to jail.

Avoiding technical support scams

Cybercriminals don’t just send fraudulent email messages. They might call you on the telephone and claim to be from Microsoft. They might also setup websites with persistent pop-ups displaying fake warning messages and a phone number to call and get the “issue” fixed. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:

  • Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
  • Convince you to visit legitimate websites (like www.ammyy.com) to download software that will allow them to take control of your computer remotely and adjust settings to leave your computer vulnerable.
  • Request credit card information so they can bill you for phony services.
  • Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

“Remember, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.”

Ransomware re-do? Back up your files.

Based on early news reports, it’s possible that another widespread ransomware attack is sweeping the globe. It may spread using the same vulnerability that the WannaCry attack used in May, or it may be a new virus. Either way, if organizations don’t patch their software, they’re at risk. It’s crucial to keep operating systems and other software up to date.

If you’re a computer user, what else can you do to avoid losing access to your data because of a ransomware attack? Back up your files! Here’s a lighthearted reminder that backing up your files is serious business.

Link: FTC

Avoid skimmers at the pump

Skimmers are illegal card readers attached to payment terminals — like gas pumps — that grab data off a credit or debit card’s magnetic stripe without your knowledge. Criminals sell the stolen data or use it to buy things online. You won’t know your information has been stolen until you get your statement or an overdraft notice.

Skimmers are nothing new, but technology has made them smaller and harder to find. Sometimes, they’re even hidden inside a gas pump.

Here are tips to help you avoid a skimmer when you gas up:

  • Make sure the gas pump panel is closed and doesn’t show signs of tampering. Many stations now put security seals over the cabinet panel. This is part of a voluntary program by the industry to thwart gas pump tampering. If the pump panel is opened, the label will read “void,” which means the machine has been tampered with.

Photo credit: National Association of Convenience Stores (NACS) and Conexxus

  • Take a good look at the card reader itself. Does it look different than other readers at the station? For example, the card reader on the left has a skimmer attached; the reader on the right doesn’t.

http://www.kamloopsbcnow.com/files/files/images/skimmer%20compared.jpg

Photo credit: Royal Canadian Mounted Police in Kamloops, Canada

You can try to wiggle the card reader before you put in your card. If it moves, report it to the attendant. Then use a different pump.

  • If you use a debit card at the pump, run it as a credit card instead of entering a PIN. That way, the PIN is safe and the money isn’t deducted immediately from your account. If that’s not an option, cover your hand when entering your PIN. Scammers sometimes use tiny pinhole cameras, situated above the keypad area, to record PIN entries.
  • Monitor your credit card and bank accounts regularly to spot unauthorized charges.
  • If you’re really concerned about skimmers, you can pay inside rather than at the pump. Another option is to use a gas pump near the front of the store. Thieves may target gas pumps that are harder for the attendant to see.

If your credit card has been compromised, report it to your bank or card issuer. Federal law limits your liability if your credit, ATM, or debit card is lost or stolen, but your liability may depend on how quickly you report the loss or theft. For more information, read Lost or Stolen Credit, ATM, and Debit Cards.

Consider placing a fraud alert or a credit freeze on your credit report. This requires businesses to confirm your identity before approving applications in your name.

If you think you see a scam, talk with someone. Your story could help someone avoid that scam. Then report it to FTC.

Scammers don’t really give refunds

The FTC has been cracking down on deceptive tech support operations that call or send pop-ups to make people think their computers are infected with viruses. Scammers ask for access to computers, then charge people hundreds of dollars for unnecessary repairs. In Operation Tech Trap, the FTC and its partners announced 16 actions against deceptive operations, and the FTC temporarily halted the operations of several defendants.

Recently, a woman who lost money to one of the defendants in the FTC cases got a call from someone who claimed to be with a company the FTC sued. (It was a lie. In reality, the company has closed.) He said the company wanted to give her a refund. He asked her to give him access to her computer, fill out paperwork and buy a prepaid card. She knew that didn’t sound right, so she didn’t cooperate. And she contacted the FTC right away.

We’re grateful for her call, and want to share this warning: If you lost money to a tech support scam or other fraud, you might get a call from someone claiming to give you a refund, or help you recover your money – but only if you give them personal information or some money. Those calls are scams. Don’t give out personal or financial information to anyone who calls you, and never give them access to your computer. And then report the call to the FTC.

Do a winter cleaning through your mobile apps

Take a quick glance over your mobile apps, see what you have installed there.

  • Remove any apps you haven’t been using – they are vulnerabilities for your security and privacy.
  • Revoke permissions for apps that require access to sensitive information – why would a flashlight app request access to read your messages, for example?
  • Keep your apps update – this lowers the chances for malware to take advantage of their vulnerabilities.

And remember to never install apps from anywhere else but the official app store. In Android, there’s a setting that also doesn’t allow apps from third parties to be installed.

Enhance your smartphone’s security & privacy

Never leave your mobile phone unattended, without a security password in place. Activate your smartphone to auto lock the screen after a short period of inactivity, like 15 seconds.

4 digit PINs are the easiest to break, so you should skip using those and instead set a good password, similar to those you use for your online accounts. That means it’s long, random, with mixed lower and upper cases, digits and symbols.

Or draw a pattern.

Or, even better, activate fingerprint authentication, if that’s available on your device. It won’t be a secret, as we leave our fingerprints everywhere, but biometrics are the hardest to replicate.