Category: online security

5 Amazon Scams You Need to Know About

by Advantage One, posted in App Reviews, Lifestyle, online security, security, Tips & Best Practices, Uncategorized

When it comes to convenience, service and sheer scope of products, nothing beats Amazon. The world’s largest and most popular online marketplace is the 21st century shopper’s go-to for virtually any product under the sun. Unfortunately, though, Amazon is also rife with scammers. Here are five Amazon scams and tips from the e-commerce giant for protecting yourself from falling victim to these schemes.

  1. Update your order

In this scam, a shopper places an order on Amazon and waits for it to arrive. Before it shows up at their doorstep, though, they receive a phone call or written notification via email or text message, informing them that there is an issue with their account. It further claims that the customer must update or confirm their information before they can receive their purchase. The contact may ask the target to re-share their payment information or other personally identifiable information (PII). Often, the target believes the request is legit and willingly shares this information.

Don’t get scammed: If you’re asked to update your payment information and/or something seems off, go directly into your Amazon account and check the “Your Orders” section. If you aren’t prompted to update your payment method on that screen, the message you received is from a scammer. Amazon will never ask for payment over the phone, by text or via email.

  1. You’re owed a refund

In this scam, a target receives a text or email stating they’ve been overcharged for a recent Amazon purchase and are owed a refund. The target is directed to call the provided phone number. When they call, an alleged Amazon rep will ask to be granted access to the target’s computer so they can issue the refund. Unfortunately, doing that will give a scammer direct access to the victim’s computer and financial accounts. 

Don’t get scammed: Any notification from Amazon will be available on the company’s website. If you are owed a refund, you’ll find all the information you need to know within your secure account.

  1. Off-platform payments

In this scam, a target finds a product they’d like to purchase on Amazon. However, when they try to complete the transaction, the seller asks them to follow a link for an off-platform payment, usually via a P2P payment platform like Zelle or Venmo. While these platforms may be secure, completing the purchase off Amazon’s site or app means losing all purchase protection that Amazon provides. The customer will also likely end up with a faulty product, or no product at all. 

Don’t get scammed: Authentic Amazon sellers will never ask for payment outside the actual Amazon site. 

  1. Amazon Prime Video scams

In this scam, consumers looking to set up Amazon Prime Video on their SmartTV are lured into bogus sites by clicking on pop-up ads including keywords like “Set up Prime on TV”. The fake sites look identical to Amazon’s SmartTV setup page, so the victim believes they’ve landed on the correct page. The target will be asked to enter Amazon’s six-digit code on their TV and then call the phone number the site provides. Once on the phone with a victim, the scammers will direct them into sharing the two-factor authentication code that was sent to their device via Amazon. Unfortunately, if the target complies, they’ll be giving a scammer access to their Amazon account. Don’t get scammed: Never share your passwords, authorization codes and/or login credentials over the phone. If you need to set up Amazon Prime Video on your SmartTIV, visit

Amazon’s website directly and follow the instructions here. It’s also good to know that all legitimate Amazon websites have a dot before “amazon.com,” such as “pay.amazon.com”. Any link to a website that contains the words “amazon” but does not follow this rule is a scammy site.

  1. Mystery boxes, prizes and crazy-low deals

Here, a scammer tries to snag a victim by offering something that sounds too good to miss. Of course, it’s also too good to be true. The scam may take the form of a “mystery box” sold on Amazon, prizes the target has randomly “won” or deals that practically give the item away. In each of these cases, the victim receives a message allegedly from Amazon, claiming they’ve won a prize. It may also promote a mystery box sale or a once-in-a-lifetime deal. The victim will be directed to click a link or call a number to receive the prize or item. Of course, doing so will lead them right into the hands of the scammer, who will ask for their PII, or download malware onto their computer. 

Don’t get scammed: Never follow a seller’s directions away from the actual Amazon site. Also, if something seems too good to be true, it likely is.

Stay alert and follow the tips mentioned here to enjoy shopping on the world’s largest marketplace without compromising on your safety.

TikTok Inspo: Can you scam us? Impersonate an Amazon scammer using one of the schemes described above or another one you’ve come across. Catch us in your scam … if you can!

AI Fraud and How to Protect Yourself

by Advantage One, posted in online security, security, Tips & Best Practices

Artificial intelligence (AI) is revolutionizing the way we live and work. Unfortunately, though, it’s also revolutionizing the way scammers con unsuspecting victims into sharing their personally identifiable information and their money. Here’s what you need to know about AI fraud and how to protect yourself.

What is AI fraud?

AI fraud is the use of artificial intelligence to deceive or defraud individuals or organizations. When using artificial intelligence to pull off a scam, fraudsters use AI algorithms to create convincing fake identities, manipulate social media, generate realistic fake images and videos (AKA “deepfakes”) and more. The scammers then create fake social media profiles and email addresses using these bogus identities and footage. Often, they’ll pretend to represent celebrities or other famed personalities for soliciting money and information. 

In another form of AI fraud, scammers use social engineering tactics to trick people into giving them their personal information or money. They may create fake websites or emails that appear to be from legitimate sources, such as financial institutions or government agencies, and ask people to provide their personal information or login credentials.

AI fraud is especially dangerous because its sophistication makes it difficult to detect. Thanks to AI technology, scammers appear to be legitimate, increasing the likelihood that people will fall for their scams.

Types of AI Fraud

AI fraud is executed in several forms, including:

  • Phishing
  • Identity theft
  • Deepfakes
  • Fake news
  • Social media manipulation
  • Chatbot scams
  • Fraudulent financial advice

Each type of AI fraud has its own unique characteristics and risks. 

Red flags

Are you being targeted by AI fraud? These red flags may be your first clue of an AI scam:

  • Multiple unsolicited emails and/or text messages
  • Being asked to provide personal information or login credentials by an unverified contact
  • Unusual and/or unexplained activity on your social media accounts
  • Receiving financial advice that seems too good to be true

If you notice any of these signs, it’s important to be cautious and investigate further. If the contact claims to represent a government agency, do not engage. Reach out directly to the agency that supposedly contacted you to see if the communication is legit. Follow the same steps if you’ve been contacted by an alleged representative of Advantage One Credit Union and something about the interaction has set alarm bells ringing in your head. It’s always better to be on the safe side when it comes to your personally identifiable information and your money. 

Protect  yourself

You don’t have to wait to be targeted by AI fraud to protect yourself from falling victim to these scams. Keep your money and information secure by following these precautions at all times:

  • Never share sensitive information online with an unverified contact.
  • Always check the URL of each landing page when banking online or using another platform to share sensitive information. Look for the “s” after the “http” and the padlock icon, as well as the correct spelling of the company’s website to ensure you haven’t been lured into a look-alike scammy site. 
  • Use strong, unique passwords across all of your accounts. 
  • Keep your device’s security on its strongest setting.
  • Be wary of messages from celebrities asking for money or information.
  • Use updated antivirus software on your personal devices.

If you’ve been targeted

If you suspect you’ve been the victim of AI fraud, it is important to act quickly to mitigate the damage. First, contact Advantage One Credit Union at 734-676-7000 to let us know your information has been compromised. Similarly, reach out to your credit card companies to let them know about the fraud. Next, report the fraud to the FTC so they can take appropriate measures in catching the humans behind the bot-generated scam. 

Finally, you’ll also want to change your passwords and login credentials and consider a credit freeze. Finally, if your identity has been stolen, reach out to identitytheft.gov to learn your next steps.

AI fraud is a growing concern, but there are steps you can take to protect yourself. Follow the tips outlined here and stay safe.

TikTok Inspo: Can you scam us? Use the info in this blog to impersonate an AI fraudster in a 15-second video.

How Can I Tell if My Computer Has a Virus?

by Advantage One, posted in online security, security, Tips & Best Practices

Q: My computer has been acting strangely, and I’m worried it may be infected with malware. How can I tell if my computer has a virus?

A: Computer viruses can be a nightmare for anyone, whether they use them for work or personal use. If you think your computer may have a virus, it’s essential to know how to identify it and take necessary steps to protect your device and data. Let’s explore the common signs of computer viruses and ways to prevent them from infecting your computer.

Sluggish performance

If your computer is suddenly operating in slo-mo, it may be infected by a virus. Computer viruses typically utilize a computer’s processing power to perform malicious activities, such as sending spam emails or mining cryptocurrency. If you notice any significant changes in your computer’s performance, investigate further.

It’s important to note that another possible cause for sluggish performance is a nearly-full hard drive. If your computer’s slowed down significantly, check how much free space you have left on your hard drive. If your hard drive is almost full, delete any unnecessary files and programs to free up space. If your computer is still running slowly after freeing up space, it’s time to run a virus scan.

Pop-up ads

If your computer starts displaying pop-up ads while you’re browsing the internet or using other programs, it’s a sign that it may have a virus. Pop-up ads can be annoying and may lead to malware installation or other malicious activities.

If you’re seeing pop-up ads, avoid clicking on them and run a virus scan as soon as possible. You can also install an ad-blocker extension on your web browser to prevent pop-up ads from appearing in the future.

Strange, new programs

If you notice new programs on your computer, and you do not remember installing them, it’s possible that your computer has a virus. These programs may be malware designed to perform malicious activities, such as stealing your personal information or encrypting your files. 

Uninstall these programs immediately and run a virus scan.

Sudden crashes and freezes

If your computer is crashing or freezing frequently, it may indicate that it has a virus. Viruses can overload a computer’s resources or modify critical system files. This can lead to frequent crashes and freezes. 

It’s essential to run a virus scan if you’re experiencing frequent crashes and freezes. Additionally, make sure to keep your operating system and other software up-to-date to prevent vulnerabilities that can be exploited by viruses.

Strange network activity

A virus may be using your computer’s network resources to perform malicious activities, such as sending spam emails or performing DDoS attacks. If you notice unusual network activity, such as your internet connection slowing down or unusual data usage, it’s possible that your computer has a virus. Run a virus scan and check for any unusual programs or processes running in the background.

Changes to browser settings

A computer virus may modify your browser settings to redirect you to malicious websites or display more ads. If your web browser’s homepage or search engine has changed without your consent, it may be an indication of a virus. Reset your browser settings to their default settings and run a virus scan. 

Missing files

A virus can delete or modify your files to perform malicious activities, such as stealing your personal information or encrypting your files. If you notice that some of your files are missing or have been modified without your knowledge, it’s possible that your computer has a virus.

Run a virus scan and backup your important files to prevent data loss.

My computer has a virus. Now what?

If a scan detects a virus, the antivirus software on your computer should guide you through your next steps. You’ll likely need to delete all temporary files on your computer, delete infected files and programs, and then restore your computer to an earlier backup. You may also want to reinstall your device’s operating system, though this may result in the loss of important files. 

How can I protect my computer from a virus?

Protecting your computer from viruses is essential to avoiding the hassle and potential damage they can cause. Here are some tips to prevent viruses:

  • Install antivirus software and update it on a regular basis
  • Avoid downloading files from untrusted sources
  • Don’t click on suspicious links or pop-up ads
  • Keep your operating system and other software up-to-date
  • Use strong and unique passwords across all your online accounts
  • Use a VPN if you access public Wi-Fi
  • Backup your important files regularly to prevent data loss in case of a virus attack

If any of the signs of viruses listed above show up while using your computer, run your device through a virus scan. Follow the prevention tips to keep your computer safe. 

TikTok Inspo: Help! My computer has a virus – or does it? Shoot a 15-second video to show us how to check if your computer’s been infected.

Beware of Celebrity Scams

by Advantage One, posted in online security, security, Tips & Best Practices

Celebrity scams prey on society’s trust in celebrities and the adulation many people have for the rich and famous. Unfortunately, celebrity scams are becoming increasingly common and can be challenging to spot. Here’s what you need to know about these scams and how to protect yourself from falling victim.

How the scams play out

There are several ways celebrity scams play out:

  • Online phishing schemes. In this ruse, a scammer pretends to be a celebrity to get personal information from unsuspecting victims. They may create fake social media accounts, send emails or even set up fake websites to get credit card numbers, account information and passwords. 
  • Fraudulent charities. Here, a scammer will create fake charities and use a celebrity’s likeness to solicit donations. They may also use the celebrity’s name to advertise non-existent events or products in support of this bogus charity. Of course, any money donated will go directly into the scammer’s own account. 
  • Fake autographs. In this variation, scammers attempt to sell fake autographs as authentic, often at a fraction of the cost of a real one. 
  • Bogus endorsements. In this scam, a scammer creates a bogus promotional post that appears to be from the celebrity to sell their own product.

Protect yourself

The best way to protect yourself from celebrity scams is to be vigilant. 

Do your research and make sure that every celebrity-endorsed social media post is legitimate. Be sure to verify a celebrity account before engaging with it. It’s also important to follow basic online safety rules at all times. Never share your credit card or account numbers with an unverified contact, and only visit secure websites.

When donating money to charity, even if it appears to be endorsed by a celebrity, it’s best to verify that it’s legitimate. You can look up the charity on a site like Charity Navigator or CharityWatch

Finally, when purchasing an autograph or buying a product that’s allegedly endorsed by a celebrity, verify that it’s legitimate. Use reputable dealers for autographs, as celebrities will never sell autographs directly to the public. If you believe a product is actually being endorsed by a celebrity, check out their account on another social media platform to see if they’re really promoting this product. 

Stay alert, and stay safe!

Your Turn: Have you been targeted by a celebrity scam? Tell us about it in the comments. 

Don’t Get Caught in a P2P Scam

by lweavermyaocucom, posted in online security, security

P2P platforms, like Zelle, Venmo and PayPal, have made life so much easier for many consumers. Paying your friend back for the $20 you borrowed while at the mall, splitting a meal and purchasing a shared gift are now as easy as a few quick screen swipes. Unfortunately, though, P2P scams are rampant and varied. Also, once money is transferred through a P2P service, it’s usually gone for good.

Here are six P2P scams to beware of:

  1. Mystery money

In this P2P scam, a stranger “accidentally” sends the target money and then reaches out to them, asking for their money back. The target will see these funds in their P2P account and willingly return the funds. Unfortunately, though, because this money was added to the target’s account using a stolen credit card or checking account, the platform will ultimately flag the transaction as fraud and remove the funds. If the victim already forwarded the funds to the scammer, the platform will hold them accountable for the funds and potentially block their account. 

  1. Hidden credit card fraud

In this P2P scam, a fraudster will purchase an item listed on Craigslist or a similar site using a P2P service. They’ll pick up the item, or have it shipped to their home, and they’ll never be heard from again. Meanwhile, the P2P platform will eventually recognize that the funds for the purchase were fraudulently sourced, and will take the money back from the seller. The victim will be left without the item – and have no money to show for it.

  1. Fake customer representative 

Customer rep scams are an old story, but their appearance in the P2P world is only as old as these payment platforms. In this scam, a target experiencing difficulty with a transaction on a P2P platform inquires about assistance on social media. A scammer sees that inquiry, and then reaches out to the target, claiming to represent the platform and offering their assistance. If the target falls for the ploy, they’ll be directed to a bogus support site where they’ll be asked to enter their account details or credit card info. This, of course, leaves them open to identity theft and financial loss. 

  1. Utility scams

Utility scams pulled off via P2P platforms follow the same script as the classic scam in which an alleged rep from a utility company reaches out to a target, claiming their service will be shut off unless a payment is immediately made. In this variation, the scammer insists on payment via a P2P service. Unfortunately, once the payment is made to this “service rep,” it can be impossible to reclaim the funds. 

  1. Password scam

In this P2P scam, an alleged representative of a credit union or bank will reach out to a target via text, asking if they approve a recent large P2P transfer from their account. The target will respond with a quick “no.” Next, the scammer will call the victim, again posing as a rep of their financial institution, and offer to assist them in reclaiming the allegedly frauded money. To do so, the scammer claims, the victim will need to share their Zelle login credentials. Unfortunately, if the victim shares the one-time passcode, the scammer will have the info they need to change the password and access the victim’s Zelle account. The scammer can now send themselves money through the victim’s Zelle account. 

  1. Bogus receipts

In this variety of a P2P scam, a scammer will insert themselves into a legitimate P2P transaction by digitally manipulating a screenshot to make it appear as if they have completed a part of an ongoing deal and insisting that you now owe them money. In truth, though, the transaction was never completed and, if you send the money, you’ll be sending it directly to a scammer’s P2P account.

Stay safe

Follow these rules when using P2P platforms: 

  • Only send and accept funds from people you personally know and trust. 
  • Always confirm that you’re interacting with the correct person by verifying their phone number at every stage of the P2P transaction process.
  • Call the P2P platform’s customer service number directly to resolve errors. Similarly, reach out to Advantage One Credit Union directly if you receive notification of an allegedly frauded account. 
  • After completing a P2P transaction, check your checking account to confirm you’ve actually received the promised funds. 

P2P services are enormously convenient, but each transaction carries the risk of fraud. Use the tips outlined here to stay safe from P2P scams. 

Your Turn: Have you been targeted by a P2P scam? Share your experience in the comments. 

Device Advice: How to Keep Your Phone Safe from Fraud

by Advantage One, posted in online security, security, Tips & Best Practices, Uncategorized

Smartphones are the millennial’s answer to the disorganized life. You can buy practically anything with just a few swipes, schedule your appointments and store all your photos and home videos in this one, convenient location. [You can also manage your accounts, check your balance and deposit checks through Advantage One Credit Union’s mobile banking app and/or website]. Unfortunately, all of that convenience comes at a price: Your mobile devices pose an inherent risk to your security if they fall into the wrong hands. The good news is, there are ways to protect your phone and your information from fraud. 

Here are 6 tips for keeping your device safe and secure. 

  1. Keep your phone locked

If your entire life is on your phone, you run the risk of giving up complete access to your identity if your phone is stolen or misplaced. The best way to prevent this from happening is to have a lock on your screen. Opt for a physical lock if possible, such as fingerprint or face recognition; meaning no amount of automated password inputs can open your phone. Consider installing a tracking device/app on your phone as well to help you locate it and retrieve or erase the data if it gets misplaced. Finally, adjust your phone’s lock settings so the screen automatically locks after the shortest amount of time being idle.  

  1. Choose strong, unique passwords across all your devices and apps

Passwords should be a blend of letters with varied capitalization use, numbers and symbols. Be sure to use a different password for each of your devices, apps and other online accounts, and to change up your passwords approximately every six months. Don’t store the info for all your passwords in one location on your phone or have your device “remember” your passwords. If you find it challenging to recall all your passwords and login credentials, you may benefit from a password manager like Sticky Password or LastPass

  1. Browse safely

Follow these rules for safe online browsing:

  • Look for the padlock icon and the “s” after the “http” in the URL of each landing page you visit to ensure it’s a secure site.
  • Never share your personally identifiable information (PII) with an unknown contact.
  • If an alleged representative of Advantage One Credit Union reaches out to you regarding an issue with your account and you’re unsure of whether this contact is legit, reach out to us directly through a secure channel to confirm your suspicions.
  • Don’t store your credit card info in online shopping accounts. 
  • Keep your security settings current.
  • Avoid clicking on pop-up ads or links in emails from unverified senders. 
  1. Use secure Wi-Fi

The first thing many people do when they sit down in a restaurant, at a bar, or almost anywhere, is search for free Wi-Fi access. It’s an easy way to save on data, so why not? Simply put, using public Wi-Fi makes you vulnerable to hacking. It’s best not to use public Wi-Fi at all, especially when banking online. To keep your device safe while using public Wi-Fi, connect to a virtual private network (VPN). Changing your virtual network will protect your location and sensitive information from scammers. In addition, be sure to keep your own Wi-Fi locked to prevent strangers from accessing your network. 

5. Encrypt your data

Your phone stores loads of your PII, which can make you vulnerable to identity theft if it’s stolen or misplaced. Protect your information by encrypting all sensitive data on your phone. Most phones have encryption settings, which you can enable easily. 

To encrypt data on an Apple device,  go to the settings menu, choose “Touch ID & Passcode” from the pop-up menu and follow the prompts to unlock your phone. When you’ve gained access, scroll down until you see the words “Data Protection”. If this feature is not enabled, enable it now. Your data is now unreadable. 

If you own an Android phone, charge your phone at least 80% and unroot it. Next, go to your security settings and choose “Encrypt Phone” from the menu. Encryption may take an hour or more.

  1. Install antivirus software on your phone 

The same antivirus programs that protect your laptop can also keep your phone secure. Check out security programs for phones, like McAfee or Norton 360. Antivirus software will provide your phone with protection from security breaches and attacks from scammers. 

If you believe your device has been compromised, and/or you’re vulnerable to identity theft, notify Advantage One Credit Union immediately. Alert the FTC as well.

Smartphones bring a lot of convenience into our lives, but they carry an inherent security risk. Use the tips outlined here to keep your device safe from fraud.

Your Turn: How do you keep your device secure? Tell us about it in the comments?

All You Need to Know About Credit Card Fraud and How to Protect Yourself

by Advantage One, posted in Lifestyle, online security, security, Tips & Best Practices, Uncategorized

With the advent of online commerce, credit and debit card fraud has exploded. In fact, according to data collected by the Federal Trade Commission (FTC), there have been 230,937 reports of credit card fraud filed in the first two quarters of 2022.

Unfortunately, credit card fraud can go unnoticed until it causes serious damage. Here, we’ve outlined what you need to know about credit and debit card fraud, how to protect yourself and what to do if you’re targeted. 

What is credit card fraud?

Credit and debit card fraud occurs when a scammer gains access to a victim’s card information and goes on to empty their accounts, commit identity theft and more. 

Card fraud can be pulled off in several ways:

  • Card skimming involves a scammer tampering with an ATM or payment terminal. The machine reads the victim’s card information and transmits this information to the scammer.
  • Brute force attacks occur when a scammer employs an auto-dialer to access the card numbers issued within the target’s bank identification number (BIN). The scammer can perform an infinite amount of guesses until they land on the card’s expiration date, security code and other numbers.
  • Online phishing is implemented through insecure links embedded in emails or online ads, or through bogus surveys, solicitations, job offers, dating profiles and the like. The scammer uses these means to gain access to the victim’s credit or debit card information.

Protect yourself

Fortunately, there are measures you can take to protect yourself from credit or debit card fraud. Follow these tips to stay safe:  

  • Monitor your accounts. Check your checking account and credit card statements frequently so you can spot the first signs of fraud.
  • Sign up for alerts. Many issuers will send you texts or emails when new charges post to your account or card-not-present transactions take place. These alerts can help you spot credit card fraud more easily.
  • Use strong, unique passwords across all your accounts. It’s also a good idea to change your passwords approximately every six months.
  • Choose zero liability. If possible, choose a card with zero liability protection so you won’t be held accountable for any fraudulent charges made on your card.
  • Shop with caution. Only shop reputable sites and avoid clicking on pop-up ads or links in emails from unverified senders. To confirm a site’s security, look for the padlock icon and the “s” after the “http” in the URL. Avoid storing your credit card information in online shopping accounts. Finally, make sure the security settings on your devices are updated and choose a VPN (virtual private network) when using public Wi-Fi.
  • Keep your cards close. Keep your card tucked into your wallet or purse. If you use a cardholder on your phone case, keep your phone in a safe place and make sure the card numbers are not easily visible. It’s also a good idea to put your card away right after completing a purchase. 

If you’re targeted

If you believe your credit or debit card has been frauded, take immediate steps to mitigate the damage. First, let the credit card company know about the fraud. Similarly, if your debit card has been frauded, let Advantage One Credit Union know as soon as possible. Your old card will be canceled and you’ll be issued a replacement card immediately. You may also want to consider placing a credit freeze on your accounts as well to prevent the scammer from taking out a loan or opening another account in your name. 

Will I be liable for the fraud?

Taking immediate action upon the event of fraud is critical to your recovery. Under federal law, credit card holders are only liable for up to $50 in fraudulent charges. Debit card holders, on the other hand, only enjoy the same cap on their liability if they report the fraud within two days. Upon failure to do so, they may be held accountable for up to $500 if the fraud is reported within 60 days of occurrence. If they miss this deadline as well, they will be liable to cover the entire fraudulent charge to their account.

The good news is most credit and debit cards issued through major payment networks, like Visa and MasterCard, offer zero liability policies and other consumer protections. Read the fine print in your card agreement carefully to familiarize yourself with your responsibilities.

Credit and debit card fraud can devastate a victim’s financial health and leave them with huge bills to pay. Follow the tips outlined here to stay safe.

Your Turn: How do you protect yourself from debit and credit card fraud? Share your tips with us in the comments. 

All You Need to Know About Cybersecurity

by Advantage One, posted in Lifestyle, online security, security, Tips & Best Practices, Uncategorized

Cybercrimes are increasing exponentially by the year. Unfortunately, developments like the pandemic, the growth of cryptocurrency and the increase in online working and shopping have created a target-rich environment for cybercriminals. In fact, according to Cybercrime Magazine, cybercrime will cost the world $10.5 trillion annually by the year 2025. 

The best way to protect yourself from cybercrimes of any kind is by being aware of common warning signs as well as keeping your systems and devices secure. High levels of cybersecurity are employed at all times on the internet to keep websites–as well as power grids, water systems and more–running and free of malicious activity. As a private consumer, you can also utilize cybersecurity on your own devices, albeit on a smaller scale. In honor of Cybersecurity Month, let’s take a closer look at this essential toolset and how to best harness it for your protection. 

What is cybersecurity?

Cybersecurity refers to the protection of all online devices, networks, data and electronic systems from attacks by hackers, scammers and cybercriminals. 

There are several major categories of cybersecurity:

  • Network security is the practice of securing a computer network from intruders who commit crimes via targeted attack and/or malware. 
  • Application security focuses on protecting software and devices from threats. 
  • Information security protects the integrity and privacy of data.
  • Operational security includes handling and protecting data assets. 
  • Disaster recovery and business continuity include the ways an organization responds to an actual or potential security breach.
  • Cloud security refers to creating secure cloud applications for companies that use cloud service providers, like Google, Amazon Web Services, etc. 
  • Identity management and data security protects processes that enable authorization and authentication of legitimate individuals to an organization’s systems. 
  • Mobile security protects data that is stored on mobile devices from threats like unauthorized access, device loss or theft, malware and viruses. 

Types of cybercrimes

Cybercrimes can be divided into several categories:

  1. Cybercrime includes criminals acting alone or in groups who target systems for financial gain or to cause disturbances.
  2. Cyber-attack will often involve groups of criminals gathering information for political reasons.
  3. Cyberterrorism is the act of hacking electronic systems with the intent of causing panic or fear.

Methods of cybercrimes

All forms of cybercrimes threaten cybersecurity in some way. Here are some of the methods cybercriminals use to wage attacks: 

  • Malware. This threat includes ransomware, spyware, viruses and worms. These can install harmful software, block access to computer systems or provide scammers with access to data.
  • Trojans. This attack tricks users into thinking they’re opening a harmless file when, in reality, they’re installing a backdoor that provides cybercriminals with unauthorized access. 
  • Botnets. This attack is conducted via remotely controlled malware-infected devices and is usually deployed as a large-scale attack. Compromised computers are integrated as part of the botnet system to further spread the attack.
  • Adware. This threat involves a potentially unwanted program that is installed without the user’s permission and automatically generates unwanted online advertisements.
  • Phishing. This attack is employed via email, text or social media message to trick the target into sharing sensitive information. Often, the tactic will also lead to the installation of malware.
  • Man-in-the-middle attack. In these attacks, a hacker will insert themselves into a two-person online transaction. The hacker will then steal data and/or login credentials.

How can I protect myself against cyberattacks?

Fortunately, there are lots of preventative measures you can take to protect your information and your money from cyberattacks: 

  1. Update your software and operating systems. Accept every update you are offered because these will provide the strongest and most current protection.
  2. Use anti-virus software. This software will detect and remove threats in real-time. 
  3. Use strong, unique passwords across all your online accounts. Be sure to vary your use of capitalization, symbols, letters and numbers. For optimal security, switch up your password every six months.  
  4. Never open email attachments or click on links from unknown senders. These can automatically download malware onto your device.
  5. Avoid using unsecured public WiFi. Using unsecure networks leaves you vulnerable to attacks.

Cybersecurity is a crucial component of modern day digital safety. This guide can help you learn how to utilize this essential toolset for your personal security. 

Your Turn: How do you utilize cybersecurity to protect your information and your money from cybercrimes? Share your best tips in the comments.

Beware of Digital Kidnapping

by Advantage One, posted in Lifestyle, News & Events, online security, security, Tips & Best Practices, Uncategorized

Most parents warn their kids against taking candy or accepting a ride from a stranger, but there’s a digital equivalent to conventional kidnapping that is unknown to many people. Digital kidnapping happens when a crook takes control of a target’s social media profiles and holds them until a ransom is paid. It can also involve “kidnapping” photos that are posted on social media pages. Here’s what you need to know about digital kidnapping and how to protect yourself from falling victim. 

How the scams play out

In a digital kidnapping scam, a hacker or ring of scammers will take control of one or more of a target’s social media profiles. The target will be effectively locked out of their own social media accounts and will be unable to access or update them. Once the scammer has control of the profile, they’ll contact the target, demanding a hefty ransom in return for access to the account. They may even threaten to post damaging or humiliating content on the social media profile unless the ransom is paid.

In another version of this scam, hackers will “kidnap” a photo of a child or baby off an unsecured social media account. They will post these photos in their own accounts, using the picture-perfect moments to create a fantasy world of their own. In a creepy twist of reality, they’ll pretend these are snapshots of their own family. They may use this fake world to help them create an imaginary escape, or to draw traffic to their own public accounts. Sometimes, they’ll utilize these photos to help build a bogus story, such as a baby being put up for adoption, or a charitable fund to benefit a child whose parents are struggling financially. Unfortunately for the actual parents, it can be months or years before they find out that their child’s picture is splashed across a public account with thousands of followers. 

If you’ve been targeted

If you believe you’ve been targeted by a digital kidnapping scam, there are steps you can take to mitigate the damage. First, alert the company that owns the social media platform to let them know your account has been compromised. They’ll likely have specific instructions for you to follow to ensure your account remains safe. They may even advise you to close the compromised account and open a new one. Next, tip off the Federal Trade Commission (FTC) and local law enforcement agencies which can help you determine whether it makes sense to pay the requested ransom. Finally, clean up your accounts and make sure there is no identifying or potentially dangerous information being posted on a public forum.

Protect yourself

The best way to protect yourself from digital kidnapping is by keeping your accounts private and secure. Always choose the strongest security settings on your devices and opt for private social media accounts across every platform. This will limit your audience to by-invitation-only viewers while helping to keep hackers and creeps away. 

It’s also a good idea to be mindful of what you post, and how often you post it. Even when using the strongest security settings, sharing a picture online essentially means sharing it with the public. You never know who may be trolling your accounts or looking for pictures to “adopt” as their own. Think three times before posting a picture of your kids. Extra caution is advised for those with super-cute kids.

Finally, be sure to follow basic online safety rules to avoid giving a scammer access to your accounts. Use strong, unique passwords for each of your online accounts and change up your passwords every six months or so. Avoid using public WiFi unless absolutely necessary. Accept every security and software update offered for your device to keep them operating at optimal security. Finally, avoid sharing sensitive information with an unverified contact and never download an attachment or click on a link within an email from an unknown sender. 

Stay alert and stay safe!

Your Turn: Do you have a digital kidnapping experience to share? Tell us about it in the comments.

What is the Dark Web?

by Advantage One, posted in Lifestyle, online security, security, Tips & Best Practices, Uncategorized

Q: I’ve heard of the dark web, but I never understood what this term means. What is the dark web? How is it accessed? Is there any way to keep my information out of its depths?

A: The dark web is the deepest layer of the internet that isn’t visible to the average browser. Unfortunately, its name is a perfect description of its function, as the dark web is full of illegal activities and crimes. Let’s take a closer look at the dark web and how you can protect your information from being caught in its trap.

What is the dark web?

The internet has been likened to an iceberg. There is very little of it that is truly visible above the surface, but it is enormous, dark and deep underneath. 

There are three basic components of the internet: 

  • The surface web–this involves all websites and landing pages that can easily be accessed through popular search engines and by inputting a URL/address directly into a web browser address bar. 
  • The deep web–this includes private, but not invisible accounts, such as social media pages, retail accounts, membership websites, confidential corporate webpages, medical records and more. All content on the deep web is safeguarded by a paywall or sign-in credentials. Experts have estimated that up to 99% of the internet is comprised of the deep web. 
  • The dark web–the final layer of the internet can only be accessed by downloading special browsing software called Tor. Tor masks IP addresses and instantly renders all visitors anonymous. This is where scammers can buy and sell personal information including credit card numbers, checking account details, Social Security numbers, health records and more. 

Despite its name, not all of the activity that takes place on the dark web is illegal. The deepest part of the internet also provides a platform for communication and commerce among people living in countries that have heavy censorship over online activity. In addition, the dark web was originally used by the United States Department of Defense to communicate anonymously. 

Unfortunately, though, the dark web remains a hotbed of criminal activity. Loads of illegal trade takes place through the dark web, including drugs, firearms, counterfeit money, subscription credentials and personal information of thousands of targets. The inherent anonymity of the dark web allows hackers and scammers to roam free without fear of being caught.

How does the dark web work?

The dark web, and by extension the Tor browser, uses a technology known as “onion routing.” This technology uses multiple layers of encryption and redirection to assure anonymity for every browser. When a browser tries to access a site on the dark web, its information will be routed through thousands of relay points, making it impossible to identify and trace. 

How can I protect myself from the dark web?

It’s important to take preventative measures to protect your information from the dark web. Here’s how:

  • Enable two-step authentication on all online accounts. This includes accounts with access to sensitive information, as well as accounts that can be used to collect innocuous but potentially identifying information, like social media accounts. 
  • Consistently monitor your credit for fraudulent activity. Review your accounts at the end of each billing period and request an annual free credit report. Report any suspicious activity to your credit card company immediately. You can also ask the company to send you automatic alerts if there are any large purchases made or new accounts opened in your name.
  • Use strong, unique passwords for all your accounts. Vary your capitalization use, numbers, words and symbols. For optimal protection, switch up your passwords every few months. 
  • Never share your personal information with an unverified source. This includes an email from a contact you’ve never engaged with before, phone calls from an unknown caller and a downloaded link from a banner ad.
  • Run a dark web scan on your devices. This will tell you if your information is already on the dark web. If the scan is positive, reach out to your credit card issuers to discuss placing a fraud alert on your accounts and a credit freeze in your name. 

The dark web is fraught with danger and impossible to trace but there are ways to protect your information. Use the tips outlined here to stay safe.

Your Turn: Have you encountered the dark web? Share your experience in the comments.