Beware The Blackmailing Scam!

man looking at laptop screen with hands at temples. Floating danger symbols all around himBlackmail and extortion are some of the oldest tricks in the book—and for good reason: They work. When a criminal threatens to share potentially explosive information with everyone they know, the victim easily panics and is willing to pay any price to protect their privacy and their pride.

In a fresh twist on this age-old crime, scammers have taken to the internet. Online blackmail is nothing new, but a fresh wave of these scams hit the web last month, and it’s already ensnared dozens. Learn how to spot these blackmailing scams and you’ll get to keep your privacy, and your money, too.

Here’s what you need to know about the most recent blackmailing scams.

How it works
The victim gets an email from an alleged hacker claiming to have cracked their passwords, broken into their computer and used their webcam to watch their online activity. They may threaten to reveal that the victim has been visiting disreputable sites or to use their personal information to empty their financial accounts. The scammer then shares a willingness to back off—for the right price, of course.

As proof that they are “legitimate” hackers, the scammers will share an actual password that the victim has used many years ago. They may even include the password in the subject line of the email to grab the victim’s attention and ensure they actually open the email. Often, they’ll also include other bits of stolen data in their message to appear authentic.

If you receive an email like this, don’t panic. There’s no professional hacker behind the scam, no one has watched your online activity, and there’s not much the scammer can do with the information they may have.

The inclusion of the password might give you a scare, but there’s a simple explanation for how the scammer got hold of it. Over the last decade or so, there have been lots of massive database breaches within major corporations, sites and retail stores like Yahoo, eBay, Target, Macy’s, Sony PlayStation and dozens more.

Thanks to these breaches, there are now huge amounts of personal data and passwords floating around the internet. This data can be easily nabbed by a partially skilled hacker or bought on the black market. Once a scammer gets their hands on a password, they’re free to exhort the victim to pay a steep price in exchange for their privacy or security.

How to spot the scam
Many potential victims recognize this scam for what it is as soon as the hacker claims to have dirt on them. For many others, though, the outdated password is their clue. However, for victims who have been using the same passwords for years, this old code might still be in use and the scam can seem legit.

Now that you are armed with the knowledge that this scam is making its way around the internet and may contain an actual password you once used, or that you may still use, you are already a step ahead. If you receive an email with your password in the subject line, stay calm. Simply ignore the message. Better yet, delete it from your inbox and give it no further thought.

How to protect yourself
There’s not much you can do about any bits of your sensitive data that may be loose on the internet. However, you can do your part to protect yourself from falling prey to this, or a similar scam.

Here’s how:

  • Update your passwords frequently and use strong, unique codes for each site you visit. You can use a password generator like 1password or LastPass to make this simpler.
  • Choose two-factor authentication when possible.
  • Never open emails from suspicious or unknown sources.
  • If you are targeted, alert the FTC at ftc.gov.

Don’t let those scammers fool you! Be alert, be aware, and learn how to spot these scams for what they are.

Your Turn:
Have you been targeted by a blackmailing scam? How did you spot the ruse? Share your experience with us in the comments!

SOURCES:
https://www.nytimes.com/2018/07/23/technology/personaltech/phishing-password-email

https://tech.co/online-scams-to-watch-out-for-2018-07

https://www.theguardian.com/money/scamsandfraud

Don’t Get Caught In A Free Trial Scam!

Four fingers pointing towards a free trial button on a keyboardYou know what they say: “If it’s too good to be true, it probably isn’t.” And yet, dozens of people fall for scams that promise them the moon — and they don’t realize they’ve been played until it’s too late.

Because of this truism, the Federal Trade Commission (FTC) is warning of an uptick in free trial scams. The scams come in several shapes and sizes, but most will look something like this:

You see an ad from Netflix or a cosmetic company saying you’ve been granted a temporary subscription to their service or product. They say it’s absolutely free. The only catch? There is none. They say that, anyway. That is until you’re asked to pay for hidden fees in addition to shipping and handling at a time when it’s too late to back out. Or, you might be asked to share all of your financial information even though you’re officially not obligated to pay anything.

In other words, there’s hardly a “free trial” that won’t cost you big.

In one such scam, a company aggressively advertised “free trials” for skin care products, dietary supplements and e-cigarettes on various popular websites. The lucky consumer would only need to cover the cost of shipping and handling and the product would be delivered – absolutely free!

Of course, the product wasn’t free and the unlucky victims sometimes paid close to $100 in fees before the first shipment was sent out. Worse yet, they were charged this same fee each month for the next year, with no way to back out of their contract until the 12 months were up.

In another scam with a similar setup, consumers were asked to share payment information for the $1.03 to cover shipping and handling for the “free” products. After their order was placed, another screen with a “Complete Checkout” button appeared. Shoppers who clicked that button unwittingly agreed to pay for monthly shipments of the product to the tune of $94.31 each month. And when that button was clicked, yet another “Complete Checkout” button appeared.

Again, those who clicked this button were subjected to a $94.31 charge each month. Consumers who’d taken the bait twice ended up with a total monthly charge of $188.62 – plus shipping.

In a third “free trial” scam, shoppers were lured into signing up for a 12-month trial subscription to a popular service, like Netflix, absolutely free. Unfortunately, though, the company advertising for the free trial wasn’t Netflix at all; it was a group of scammers. Victims were redirected to a new webpage where they were asked to share their sensitive information to qualify for the trial.

You can probably guess the ending: The scammer made off with the consumer’s information and emptied their accounts, went on a wild shopping spree or stole their identity.

Don’t let this happen to you! Here’s how to steer clear of free trial scams:

Do your research.
A quick online search of the company name with words like “scam” or “negative review” should give you a basic idea of what the business is all about.

Read the fine print.
Too often, there’s no way to refute charges relating to this scam because the consumer agreed to pay them. Don’t click anything without reading all of the terms and conditions attached to the offer. If you can’t find any, or you can’t understand them, opt out of the offer immediately.

Look for an exit strategy.
Is there a way to cancel the offer? Can you change your mind about the product? If you only have a small pocket of time to cancel the trial, you might be looking at a scam.

Always review your credit card and checking account statements.
This way, you’ll immediately spot anything suspicious and you’ll be able to determine if you can back out of a shady deal.

Never share sensitive information online.
Unless you’re absolutely sure you know who you’re dealing with, it’s difficult to know if a website is 100% secure.

Check URLs.
When signing up for a free trial, you’ll usually be redirected to a new site. Check the URL of the webpage and determine if it matches the company you are allegedly dealing with.
Ignore urgent calls to action. If an ad urges you to “Act now!” or claims an offer will expire momentarily, it’s likely a scam.

Read the fine print and only sign up for free trials that won’t cost you in more ways than you’d imagined.

Your Turn:
Have you ever been duped by a free-trial, or similar, scam? Share your experience with us in the comments.

SOURCES:
https://www.google.com/amp/s/www.lovemoney.com/news/amp/69117/netflix-free-trial-subscription-scam-warning-fake-1-year-offer-email

https://www.consumer.ftc.gov/taxonomy/term/858

https://www.consumer.ftc.gov/blog/2018/07/dont-let-free-cost-you

All You Need To Know About Smishing Scams

person using smartphone to send text messageText messaging has come under attack as one of the most vulnerable mediums for identity theft and more. Here’s what you need to know about an SMS message-based scam called “smishing.”

How it works
Smishing scams use text messages to establish contact with the intended victim to later access their personal information.

The scam begins with a supposedly urgent text appearing to be from the victim’s financial institution. The text may claim that the victim’s checking account is locked, or that there has been an unauthorized purchase charged to the victim’s account. The scammer will warn that immediate action must be taken.

The victim is then instructed to call a specified number and, upon doing so, will be asked to share their financial information. Once they’ve got their hands on this info, the scammer is free to steal the victim’s identity, empty their accounts or go on a shopping spree on the victim’s dime.

Who are the victims?
Smishing scams primarily target people who do their banking online, but fraudsters will use any cellphone number they can find. If you own a checking account and a cellphone, you are a candidate for a smishing scam.

Recognizing smishing scams
Your credit union will not alert you of a possible fraud or account lockdown via text; we prefer more personal means to help you know it’s us.

Also, the phone number the smishing text instructs you to call is not ours. You can reach us at 734-676-7000. If you’re told to contact us at a different number, it’s not us you’re calling!

You can also spot the smishing scam just by looking at the phone number. The text will often appear to come from a number that is obviously fake.

If you’ve been targeted
If you receive a suspicious-looking text, do not engage the texter! Jot down the scammer’s number and delete the message. Let us know about the smishing attempt, tell all your friends and alert the FTC.

If you’ve fallen for the scam and your accounts have been compromised, alert your credit card companies and be sure to let us know, too.

Protecting yourself
Always use two-factor authentication for banking app and sites.
Use strong and different passwords across your accounts and apps.
Ignore all text messages from unknown numbers.

Don’t let those crooks get their hands on your money!

Your Turn:
Have you been targeted by a smishing scam? Tell us all about it in the comments!

SOURCES:
https://www.usatoday.com/story/tech/columnist/saltzman/2017/07/03/delete-suspicious-text-messages-on-your-smartphone/439647001/

https://www.google.com/amp/amp.timeinc.net/fortune/2017/07/07/smishing-scam

https://money.usnews.com/money/blogs/my-money/2015/01/23/5-scams-that-target-your-bank-account

https://www.cnbc.com/2017/05/12/this-growing-fraud-will-drain-your-bank-account.html