Tag: online scams

The U.S. Is the Most Scammed Country In the World

by Advantage One, posted in Announcements, Lifestyle, online security, security, Tips & Best Practices, Uncategorized

A recent report by Social Catfish, an online investigation service, found that the U.S. is the most scammed country in the world. A staggering amount of money was lost to scams in 2022, and that number will likely continue to trend upward, thanks to newly available mediums for scammers, like artificial intelligence (AI). 

The good news is, with the right information, you can protect yourself from being part of next year’s scam statistics. 

Let’s take a look at some of the significant findings of the report, and how you can keep your money and your information safe. 

Who gets scammed the most?

With an astounding 466,501 online scams in 2022, the U.S. leads the world as the country with the most scam victims per year. The U.K., Canada, India and Australia follow as the respective second through fifth most-scammed countries across the globe. 

Of the 50 states, California had the most online scam victims in 2022, at 80,766, with an average of $24,921 lost per victim at a total loss of $2,012,806,866. Florida is next in line with 42,792 victims with an average loss per victim of $19,746. North Dakota takes the prize for the lowest number of scam victims, at just 703. It’s important to note that these are actual numbers and not percentages of each state’s population. Of course, more populated states, like California and Florida, have higher numbers of scam victims than more sparsely populated states, like Montana.

Among age groups, teens and children have seen the largest percentage increase in money lost. Victims in the under-20 age group lost $210 million in 2022, compared to $8.2 million in 2017. Seniors still hold the place as the most victimized group, though, with their overall losses totalling $3.1 billion. 

How much money was lost to scams in 2022?

A record $10.3 billion was lost to online scams in 2022, up from $6.9 billion in 2021. This represents an increase of 277% from $2.7 billion in 2017, according to the FBI Internet Crime Complaint Center. When including an estimate for unreported scam victims, the total money lost to online scams in 2022 jumps to a staggering $200 billion. In addition, the average loss per victim per incident was a whopping $12,859, which is up from $8,142 in 2021. 

The report also shows that 81% of romance scam victims do not come forward. As one of the most common scams, this means there are likely thousands more victims who are not part of the report.

Unfortunately, only 4.2% of stolen funds were recovered, the report shows. The FBI IC3 Recovery Asset Team was only able to recover $433 million of the $10.3 billion lost in 2022. This is largely due to the fact that the majority of scams originated out of the country and out of the jurisdiction of the FBI. 

Where are people getting scammed?

Social Catfish polled 5,500 online scam victims to identify the platforms and apps where people are getting scammed most often. The poll found that most online scams happen on Facebook (32%), Google Hangouts (16%), WhatsApp (16), Plenty of Fish (16%) and Instagram (14%). 

How to avoid scams

Keep your money and your information safe with these protective measures:

  • Keep the security on your devices at its strongest settings and updated with the most recent patches.
  • Never share personally identifiable information, including your Social Security number, banking details and credit card number, with an unverified contact. 
  • When interacting with a new online friend or love interest, perform a reverse photo search on any shared pics to verify their authenticity. 
  • Never click on embedded links or download attachments from emails sent by unknown contacts. 
  • Never wire money to an unverified contact. 
  • Use strong, unique and long passwords for each of your accounts. A password manager can help you generate and remember unbreakable passwords. 
  • Watch out for these red flags in websites, ads and emails: poor grammar and spelling, lack of a physical address and/or phone number, claims of being in the military and/or working overseas, demands to be paid by wire transfer, or in gift card or cryptocurrency and use of a URL that is very similar to a reputable company’s web address.
  • Report any scam and scam attempt to the FTC, IC3, FBI and your financial institution.

The statistics on scams may be frightening, but you don’t have to be the next victim. Follow the tips outlined above to stay safe. 

AI Fraud and How to Protect Yourself

by Advantage One, posted in online security, security, Tips & Best Practices

Artificial intelligence (AI) is revolutionizing the way we live and work. Unfortunately, though, it’s also revolutionizing the way scammers con unsuspecting victims into sharing their personally identifiable information and their money. Here’s what you need to know about AI fraud and how to protect yourself.

What is AI fraud?

AI fraud is the use of artificial intelligence to deceive or defraud individuals or organizations. When using artificial intelligence to pull off a scam, fraudsters use AI algorithms to create convincing fake identities, manipulate social media, generate realistic fake images and videos (AKA “deepfakes”) and more. The scammers then create fake social media profiles and email addresses using these bogus identities and footage. Often, they’ll pretend to represent celebrities or other famed personalities for soliciting money and information. 

In another form of AI fraud, scammers use social engineering tactics to trick people into giving them their personal information or money. They may create fake websites or emails that appear to be from legitimate sources, such as financial institutions or government agencies, and ask people to provide their personal information or login credentials.

AI fraud is especially dangerous because its sophistication makes it difficult to detect. Thanks to AI technology, scammers appear to be legitimate, increasing the likelihood that people will fall for their scams.

Types of AI Fraud

AI fraud is executed in several forms, including:

  • Phishing
  • Identity theft
  • Deepfakes
  • Fake news
  • Social media manipulation
  • Chatbot scams
  • Fraudulent financial advice

Each type of AI fraud has its own unique characteristics and risks. 

Red flags

Are you being targeted by AI fraud? These red flags may be your first clue of an AI scam:

  • Multiple unsolicited emails and/or text messages
  • Being asked to provide personal information or login credentials by an unverified contact
  • Unusual and/or unexplained activity on your social media accounts
  • Receiving financial advice that seems too good to be true

If you notice any of these signs, it’s important to be cautious and investigate further. If the contact claims to represent a government agency, do not engage. Reach out directly to the agency that supposedly contacted you to see if the communication is legit. Follow the same steps if you’ve been contacted by an alleged representative of Advantage One Credit Union and something about the interaction has set alarm bells ringing in your head. It’s always better to be on the safe side when it comes to your personally identifiable information and your money. 

Protect  yourself

You don’t have to wait to be targeted by AI fraud to protect yourself from falling victim to these scams. Keep your money and information secure by following these precautions at all times:

  • Never share sensitive information online with an unverified contact.
  • Always check the URL of each landing page when banking online or using another platform to share sensitive information. Look for the “s” after the “http” and the padlock icon, as well as the correct spelling of the company’s website to ensure you haven’t been lured into a look-alike scammy site. 
  • Use strong, unique passwords across all of your accounts. 
  • Keep your device’s security on its strongest setting.
  • Be wary of messages from celebrities asking for money or information.
  • Use updated antivirus software on your personal devices.

If you’ve been targeted

If you suspect you’ve been the victim of AI fraud, it is important to act quickly to mitigate the damage. First, contact Advantage One Credit Union at 734-676-7000 to let us know your information has been compromised. Similarly, reach out to your credit card companies to let them know about the fraud. Next, report the fraud to the FTC so they can take appropriate measures in catching the humans behind the bot-generated scam. 

Finally, you’ll also want to change your passwords and login credentials and consider a credit freeze. Finally, if your identity has been stolen, reach out to identitytheft.gov to learn your next steps.

AI fraud is a growing concern, but there are steps you can take to protect yourself. Follow the tips outlined here and stay safe.

TikTok Inspo: Can you scam us? Use the info in this blog to impersonate an AI fraudster in a 15-second video.

Beware of Digital Kidnapping

by Advantage One, posted in Lifestyle, News & Events, online security, security, Tips & Best Practices, Uncategorized

Most parents warn their kids against taking candy or accepting a ride from a stranger, but there’s a digital equivalent to conventional kidnapping that is unknown to many people. Digital kidnapping happens when a crook takes control of a target’s social media profiles and holds them until a ransom is paid. It can also involve “kidnapping” photos that are posted on social media pages. Here’s what you need to know about digital kidnapping and how to protect yourself from falling victim. 

How the scams play out

In a digital kidnapping scam, a hacker or ring of scammers will take control of one or more of a target’s social media profiles. The target will be effectively locked out of their own social media accounts and will be unable to access or update them. Once the scammer has control of the profile, they’ll contact the target, demanding a hefty ransom in return for access to the account. They may even threaten to post damaging or humiliating content on the social media profile unless the ransom is paid.

In another version of this scam, hackers will “kidnap” a photo of a child or baby off an unsecured social media account. They will post these photos in their own accounts, using the picture-perfect moments to create a fantasy world of their own. In a creepy twist of reality, they’ll pretend these are snapshots of their own family. They may use this fake world to help them create an imaginary escape, or to draw traffic to their own public accounts. Sometimes, they’ll utilize these photos to help build a bogus story, such as a baby being put up for adoption, or a charitable fund to benefit a child whose parents are struggling financially. Unfortunately for the actual parents, it can be months or years before they find out that their child’s picture is splashed across a public account with thousands of followers. 

If you’ve been targeted

If you believe you’ve been targeted by a digital kidnapping scam, there are steps you can take to mitigate the damage. First, alert the company that owns the social media platform to let them know your account has been compromised. They’ll likely have specific instructions for you to follow to ensure your account remains safe. They may even advise you to close the compromised account and open a new one. Next, tip off the Federal Trade Commission (FTC) and local law enforcement agencies which can help you determine whether it makes sense to pay the requested ransom. Finally, clean up your accounts and make sure there is no identifying or potentially dangerous information being posted on a public forum.

Protect yourself

The best way to protect yourself from digital kidnapping is by keeping your accounts private and secure. Always choose the strongest security settings on your devices and opt for private social media accounts across every platform. This will limit your audience to by-invitation-only viewers while helping to keep hackers and creeps away. 

It’s also a good idea to be mindful of what you post, and how often you post it. Even when using the strongest security settings, sharing a picture online essentially means sharing it with the public. You never know who may be trolling your accounts or looking for pictures to “adopt” as their own. Think three times before posting a picture of your kids. Extra caution is advised for those with super-cute kids.

Finally, be sure to follow basic online safety rules to avoid giving a scammer access to your accounts. Use strong, unique passwords for each of your online accounts and change up your passwords every six months or so. Avoid using public WiFi unless absolutely necessary. Accept every security and software update offered for your device to keep them operating at optimal security. Finally, avoid sharing sensitive information with an unverified contact and never download an attachment or click on a link within an email from an unknown sender. 

Stay alert and stay safe!

Your Turn: Do you have a digital kidnapping experience to share? Tell us about it in the comments.

What is the Dark Web?

by Advantage One, posted in Lifestyle, online security, security, Tips & Best Practices, Uncategorized

Q: I’ve heard of the dark web, but I never understood what this term means. What is the dark web? How is it accessed? Is there any way to keep my information out of its depths?

A: The dark web is the deepest layer of the internet that isn’t visible to the average browser. Unfortunately, its name is a perfect description of its function, as the dark web is full of illegal activities and crimes. Let’s take a closer look at the dark web and how you can protect your information from being caught in its trap.

What is the dark web?

The internet has been likened to an iceberg. There is very little of it that is truly visible above the surface, but it is enormous, dark and deep underneath. 

There are three basic components of the internet: 

  • The surface web–this involves all websites and landing pages that can easily be accessed through popular search engines and by inputting a URL/address directly into a web browser address bar. 
  • The deep web–this includes private, but not invisible accounts, such as social media pages, retail accounts, membership websites, confidential corporate webpages, medical records and more. All content on the deep web is safeguarded by a paywall or sign-in credentials. Experts have estimated that up to 99% of the internet is comprised of the deep web. 
  • The dark web–the final layer of the internet can only be accessed by downloading special browsing software called Tor. Tor masks IP addresses and instantly renders all visitors anonymous. This is where scammers can buy and sell personal information including credit card numbers, checking account details, Social Security numbers, health records and more. 

Despite its name, not all of the activity that takes place on the dark web is illegal. The deepest part of the internet also provides a platform for communication and commerce among people living in countries that have heavy censorship over online activity. In addition, the dark web was originally used by the United States Department of Defense to communicate anonymously. 

Unfortunately, though, the dark web remains a hotbed of criminal activity. Loads of illegal trade takes place through the dark web, including drugs, firearms, counterfeit money, subscription credentials and personal information of thousands of targets. The inherent anonymity of the dark web allows hackers and scammers to roam free without fear of being caught.

How does the dark web work?

The dark web, and by extension the Tor browser, uses a technology known as “onion routing.” This technology uses multiple layers of encryption and redirection to assure anonymity for every browser. When a browser tries to access a site on the dark web, its information will be routed through thousands of relay points, making it impossible to identify and trace. 

How can I protect myself from the dark web?

It’s important to take preventative measures to protect your information from the dark web. Here’s how:

  • Enable two-step authentication on all online accounts. This includes accounts with access to sensitive information, as well as accounts that can be used to collect innocuous but potentially identifying information, like social media accounts. 
  • Consistently monitor your credit for fraudulent activity. Review your accounts at the end of each billing period and request an annual free credit report. Report any suspicious activity to your credit card company immediately. You can also ask the company to send you automatic alerts if there are any large purchases made or new accounts opened in your name.
  • Use strong, unique passwords for all your accounts. Vary your capitalization use, numbers, words and symbols. For optimal protection, switch up your passwords every few months. 
  • Never share your personal information with an unverified source. This includes an email from a contact you’ve never engaged with before, phone calls from an unknown caller and a downloaded link from a banner ad.
  • Run a dark web scan on your devices. This will tell you if your information is already on the dark web. If the scan is positive, reach out to your credit card issuers to discuss placing a fraud alert on your accounts and a credit freeze in your name. 

The dark web is fraught with danger and impossible to trace but there are ways to protect your information. Use the tips outlined here to stay safe.

Your Turn: Have you encountered the dark web? Share your experience in the comments. 

8 Ways to Spot a Survey Scam

by Advantage One, posted in Announcements, Lifestyle, News & Events, online security, Reviews, security, Tips & Best Practices, Uncategorized

Survey scams are almost as old as the internet. They’re so prevalent, you can hardly spend an hour online without running into an ad for a “super quick” survey promising a reward for just a few minutes of your time. 

What actually happens, though, is that the scammer walks away with a free survey, or worse, your information and/or your money. The alert consumer can spot a survey scam easily, but fraudsters are unfortunately becoming more sophisticated at luring innocent victims into their schemes. 

Don’t get caught! Here are eight ways to spot a survey scam:

  1. You’re asked to pay to participate in a survey

Authentic survey companies need you – you don’t need them. There’s absolutely no reason to pay to take a survey of any kind. If you’re targeted by an ad asking you to take a survey and to pay for the privilege of doing so, don’t respond. 

  1. You’re asked to share sensitive information before you can take the survey

They’d really appreciate it if you could take this quick survey for them. They just need some information from you first, like your Social Security number, date of birth and maybe even your checking account number. If a survey company asks for anything more than basic information from you, sign out as quickly as you can. 

  1. They advertise on Craigslist and similar sites asking for your email address

“Survey companies” that advertise on sites like Craigslist asking you to share your email address are usually fronts for scam rings. They use the bogus surveys as bait so you will share your email address. Once they have this information, they’ll use it to spam you with scam emails, phishing schemes, malware or worse. Alternatively, they’ll sell your email address to another scam ring to be used for similar purposes. 

  1. They offer too much money

If a survey is offering you $100 for a 20-question survey that shouldn’t take you more than five minutes to complete, you can be sure you’re looking at a scam. No legitimate survey company is that desperate. The pay for authentic survey-taking is generally on a much more modest scale. 

  1. You’re directed to download attachments 

Any time an unknown contact asks you to download attachments to your device, be super-suspicious. More often than not, these are scams and the attachments are loaded with malware. Don’t respond to the offer, and if it was made via email, be sure to report the email address as spam. 

  1. They advertise aggressively

If the same solicitation for survey participation keeps popping up across your screen, you may be looking at a scam. Scammers tend to flood their targets with ads in the hopes that one of them will actually work. Similarly, if the survey offer is full of unbelievable testimonials of past

participants, you’re likely looking at a scam. Legitimate survey companies don’t need to try so desperately hard to get people to take their surveys. 

  1. They give you an hour to pre-qualify for the survey

Often, a survey company will want you to answer a few pre-qualifying questions to see if you fit their desired demographic. Scammers exploit the prequalification by having the target answer dozens of questions and then informing them they’ve run out of time and cannot participate in the actual survey. This is false, of course, and the questions the scammer just answered actually were the survey questions, only now they won’t be getting paid for it. Check to see if a survey has a time limit on the prequalification before you start answering questions. 

  1. They require an outrageous minimum before payment

Most legitimate survey companies require the survey taker to complete a minimum number of surveys before the first payment. However, scammers require their targets to take an unrealistic number of surveys before they receive their first paycheck. Often, the victim will just quit before they qualify for a payment and the scammers now have these completed surveys without paying anything for them. 

Survey-taking can be a great way to earn some pocket money, but survey scams are rampant. Follow these tips to stay safe!

Your Turn: Have you been targeted by a survey scam? Share your experience in the comments. 

Don’t Get Caught in a Vacation Rental Scam

by Advantage One, posted in Budgeting, Convenience, Lifestyle, News & Events, online security, Saving, security, Tips & Best Practices, Uncategorized

With prices rising on everything, including hotel stays, record numbers of vacationers are choosing to rent private homes or apartments on sites like Airbnb and Vacation Rentals by Owner (VRBO). Unfortunately, though, vacation rental scams are on the rise as well. Here’s all you need to know about these scams and how to avoid them.

How these scams play out

There are several variations of vacation rental scams. 

In one version, the vacation rental advertised on Airbnb, or on a similar site, does not exist or is in very poor condition. The scammer uses online images or doctored photos to create the bogus listing, and rounds out the ruse setup by creating several phony reviews. If a target falls for the scam and rents the “vacation rental,” they’ll be disappointed to arrive at the posted address on the listing and find that the rental does not exist or is quite run down. 

In another version, an individual rents a listing and receives a message from the renter just before their arrival about a last-minute plumbing emergency at the rental site. They’ll be directed to go to another rental instead. This substitute rental will be in far worse condition than the one the vacationer has actually rented. 

In yet another variation, a vacationer unknowingly books a rental on an Airbnb look-alike site. Scammers lure their targets toward these sites by utilizing “URL squatting,” or creating a site that has a similar URL as a well-known site, which in this case, is Airbnb. The fake website enables scammers to capture the payment information of their victims and use it to empty their accounts, or worse. 

In a more recent version of the vacation rental scam, criminals are exploiting people’s kindness and the war in Ukraine to con victims out of their money. Here’s how it works: Generous donors are booking vacation rentals in Ukraine without intending to actually use them as a means to get money to Ukrainians. Airbnb has been supporting this initiative by waiving all host fees for rentals in Ukraine. Unfortunately, though, scammers have been creating fake listings in Ukraine and simply using the money to line their pockets. 

Red flags

Avoid a vacation rental scam by looking out for these warning signs: 

  • The listing is relatively new, yet seems to have multiple reviews from alleged past guests. This is especially true if the listing is in Ukraine.
  • The listing is riddled with typos and spelling mistakes. 
  • The images of the listing look too professional and perfect. 
  • The pictures and description of the rental don’t match up to its price.
  • The URL of the listing site is not secure.
  • The owner asks you to finalize the reservation on a platform that is not the hosting platform.
  • The owner insists on being paid via prepaid gift card or wire transfer. 
  • The owner demands you share more information than they should need for you to reserve a rental. 

Protect yourself

Take these steps to protect yourself from a vacation rental scam:

  1. Check, double-check and triple-check the URL before booking a listing. Look for signs of a secure site, like the lock icon and the “s” after the “http”, and make sure you are still on the authentic host site, such as Airbnb.com, and that you haven’t been lured into a bogus look-alike site. 
  2. Verify that the street address of a rental does indeed exist. You can also Google the address to see if there are any images associated with the address outside the vacation rental site. 
  3. Do a reverse image search to confirm if the photos are doctored up or copied stock images.
  4. Never share sensitive information online with an unverified contact. 
  5. Use a credit card for all online purchases. 
  6. Do an online search of the owner and look for anything suspicious. 

Don’t let your dream vacation turn into a nightmare. Follow the tips outlined here and stay safe! 

Your Turn: Have you been targeted by a vacation rental scam? Tell us about it in the comments. 

Don’t Get Caught in a Shopping Scam!

by Advantage One, posted in Announcements, App Reviews, Budgeting, Checking, Convenience, Credit, Debit, Lifestyle, News & Events, online security, Saving, security, Tips & Best Practices, Uncategorized

Shopping in 2022 is worlds away from what it was at the turn of the century, or even just a few years ago. According to retail research firm, Digital Commerce 360, ecommerce sales surpassed $870 billion in 2021, a 50% jump over 2019. Online shopping is quick, easy and convenient. 

Unfortunately, though, when a lot of shopping moved online, it also ushered in a wave of scams that are often successful. Some of these scams can be difficult for the untrained eye to spot, and many offer no way for the victim to reclaim their lost funds. Here’s what you need to know to recognize an online shopping scam and avoid being the next victim. 

How these scams play out

There are several variations to the online shopping scam. 

In one version, a shopper will scour the internet for a specific item in their desired price range. They’ll find the item retailing on a site at an attractive price and then proceed to make the purchase. They’ll share payment information, input their delivery address and complete the transaction. Unfortunately, though, the item never arrives on their doorstep. Alternatively, a cheap knockoff of the product will arrive instead of the item they’ve purchased. When the buyer tries to demand a refund, they are unable to reach the seller. 

In another variation, a shopper finds an item online and tries to make a purchase. They’ll be asked to input sensitive information, such as a credit card or checking account number. At this point, the shopper will be unable to complete the transaction and will continuously run into errors on the site. However, the scammers now have their information and can proceed to empty the victim’s accounts, or worse.

In a third version of the online shopping scam, a seller clicks on an ad, or on a site that came up in a Google search for one of their favorite stores. They’ll proceed to make an order, not knowing they’ve actually clicked into a bogus look-a-like site run by scammers. The rest of the scam will follow one of the scenarios described above. 

Red flags

Watch for these warning signs that you may have stumbled upon a shopping scam:

  • Prices are too good to be true. If you find an online offer for a new iPhone retailing at just $450, you’re likely looking at a scam. 
  • The offer urges you to act now. If an offer warns that the bargain prices it’s offering won’t last until sundown, it’s likely a scam. 
  • The seller demands specific means of payment. If an e-tailer insists that you pay via prepaid gift card or wire transfer, opt out. 
  • The website is full of typos and grammar errors. If the site is badly in need of editing, it may be run by scammers. 

Stay safe

Follow these tips to keep yourself safe from online shopping scams:

  • Only shop on safe, secure sites. Check the URL for the lock icon and for the “s” after the “http”.
  • Check the URL for proper spelling of reputable sites. Make sure the URL of the site you’re on matches the authentic URL for that retailer and that you haven’t landed on a spoof site. You may want to save the genuine URLs on your computer for future use. 
  • Avoid clicking on high-pressure pop-ups and banner ads. These are often scams.
  • Pay with a credit card when shopping online. A credit card offers the most protection for your purchases. 
  • Never share personal information with an unverified contact. Don’t input your credit card number or account details unless you’re absolutely sure you’re dealing with a reputable website. 

If you’re targeted

If you’ve fallen victim to an online shopping scam, there are steps you can take to mitigate the damage. 

If you’ve paid via credit card, call the company to dispute the charge. At this point, you may want to consider closing the card and placing a credit alert and/or a credit freeze on your name. Next, alert the FTC about the scam. If the alleged retailer is on the BBB website, you can let them know, too. Finally, let your friends know about the scam so they know to be aware.

Stay safe!

Your Turn: Have you been targeted by a shopping scam? Tell us about it in the comments. 

Don’t Get Caught in a QR Code Scam

by Advantage One, posted in online security, security, Tips & Best Practices, Uncategorized

Scammers never take a break from dreaming up new ways to con people out of their money. Recently, they’ve even been hijacking QR codes to pull scams on innocent victims. Here’s all you need to know about QR code scams and how to avoid them. 

What’s a QR code? 

Before we can explore the details of these scams, let’s understand what a QR code is and how one works. A QR code, which is an acronym for “Quick Response code,” is a square barcode that can be scanned using a smartphone. It leads directly to a website or app. Businesses use QR codes for any number of reasons, from posting online menus, to scanning coupons, to processing payments and more. In the no-touch era following the coronavirus lockdowns, QR codes are more ubiquitous than ever.  

Ironically, QR codes should help prevent fraud, since they take the user directly to the desired site, leaving no room for misspellings or for scammers to lure victims to a bogus website that has a URL that is similar to the legitimate website. Unfortunately, though, scammers have found a way to weaponize QR codes, too. The technology necessary to create a QR code is not accessible for anyone, making QR code scams easy to pull off and difficult to identify. 

How the scam plays out

In a QR code scam, a scammer will replace a legitimate QR code with their own code. A target will then scan the code and make a payment for a transaction. Unfortunately, the target has sent their money directly to the scammer and has not made a payment for the transaction as they believe they have.

In a recent QR code scam, fraudsters replaced dozens of QR codes on public parking meters in San Antonio, Texas with their own codes. Drivers seeking to pay the meter costs scanned these codes and sent their payments to scammers. To make matters worse, many victims also unknowingly shared access to their phones with the scammers, setting themselves up for future scams as the criminals use the information on the phone to pull off additional schemes. 

How to avoid a QR code scam

QR code scams can be challenging to recognize. For this reason, the FBI has advised against downloading an app from a QR code and/or downloading a QR code scanner app. However, there are ways to keep yourself safe from these scams. 

When scanning a QR code, it’s a good idea to treat the link like any other email or text message. Proceed with caution and practice online safety measures as you would with any other online transaction. Check the source of the QR code and the URL that the code directs you to for common signs of a secure site, including a lock icon, an “s” after the “http,” and whether the URL matches with the URL of the intended site destination. 

If the webpage or app the code sends you to seems suspicious in any way, leave it. You can access the payment portal you need by visiting the app or website on your own. 

When using a QR code, look for these red flags that can indicate a possible scam:

  • The URL is different from the home site.The QR code is posted on a public sign or notice that seems to be tampered with.The site or app the code directs you to is full of typos. 

Knowing how to recognize a QR code scam can help prevent you from falling victim to this emerging and quickly growing scheme. 

If you were scammed

If you’ve used a QR code to pay for a transaction and subsequently received an email from the company claiming you’ve never completed the payment, or that the payment failed, you may be the victim of a QR code scam. Let the company know that its QR code has been tampered with and alert the FTC as well. 

Stay alert when using a QR code and stay safe!

Your Turn: Have you been targeted by a QR code scam? Share your experience in the comments. 

Don’t Get Caught in a Romance Scam

by Advantage One, posted in Lifestyle, News & Events, online security, security, Tips & Best Practices

Love is in the air, and that means scammers are out in full force trying to con love-seekers into giving up their hearts — and their money — for a love interest who doesn’t actually exist. Romance scams have been around for a while, and they’re unfortunately on the rise: a record  $304 million in losses related to romance scams was reported to the FTC in 2020, up by nearly 50% from 2019.

Here’s all you need to know about romance scams and how to protect yourself from getting your heart and wallet crushed by one of these schemes. 

How the scams play out

In a romance scam, a scammer will create a bogus profile on a dating site or app, or reach out to their target on popular social media platforms. They’ll strike up a remote relationship with the target and work to gain their trust. The scammer will claim they can’t meet their new “dating partner” in person, citing any number of reasons from serving in the military, to working on an oil rig, to being stuck overseas and unable to travel. 

After several weeks have passed, the scammer will invent a story aimed at persuading the target to loan them a significant amount of money. After several weeks have passed, the scammer will invent a story aimed at persuading the target to loan them a significant amount of money for any of these alleged costs, or a similar phony expense:

  • A plane ticket or other travel expenses
  • Emergency surgery or other medical expenses
  • Customs fees to retrieve a lost item
  • Gambling debts
  • A visa or other official travel documents
  • Bail for an arrest

Unfortunately, at this point in the relationship, the target may be in too deep to recognize a scam and will often part with their money. The scammer, of course, will ask for the funds to be given via prepaid gift card or wire transfer, making it nearly impossible to reverse the payment or trace its destination. Once the payment has been made, the scammer may disappear from the target’s life. They may try their luck again by asking for more money a few weeks down the line, repeating the scam until the victim finally grows suspicious. 

Red flags

Protect yourself from falling victim to a romance scam by looking out for these red flags when searching for a dating partner online:

  • The dating profile is too perfect to be true
  • When asked about an in-person meeting, the “date” is evasive 
  • The love interest seems super-eager to build a relationship

How to avoid romance scams

In addition to looking out for red flags when browsing online dating apps and websites, there are several steps you can take to keep yourself safe.

First, if a dating profile seems suspicious, do a reverse image search on the photo. If the photo turns up in another profile under a different name, or is revealed to be a stock image, you’re likely looking at the dating profile of a scammer. 

Next, you can look up the name on the profile with words that are relevant to their alleged background, like “US Army scammer” or “heart surgery scammer”. If the scammer has pulled off this scheme in the past, a search should bring up enough breadcrumbs to confirm your suspicions. 

Finally, never send a prepaid gift card or wire money to a contact you haven’t met. If asked to send funds to a love interest you’ve never seen in person, you’re probably being scammed.

If you’ve been scammed

If you’ve fallen for a romance scam and sent the scammer a prepaid gift card, immediately contact the company that issued the card and let them know about the scam. Some card issuers can refund the money spent on a fraudulent charge. It’s also important to notify the FTC at ReportFraud.ftc.gov. Finally, alert the customer service of the website or app where you met the phony single so they can take appropriate action. 

A new love interest is always exciting, but don’t let your feelings cloud your judgment. Stay alert when seeking a new dating partner through an online forum and stay safe!

Your Turn: Have you been targeted by a romance scam? Share your experience in the comments. 

Identity Theft: What to Know and How to Protect Yourself

by Advantage One, posted in Credit, Lifestyle, News & Events, online security, security, Tips & Best Practices, Uncategorized

We live in an increasingly digital world. People use devices and technology to shop for everything from groceries and clothing to furniture and electronics. We sign in to multiple websites and apps to communicate and share photos with family and friends, manage personal and business finances, plan vacations, and everything in between. While increased accessibility helps make so many activities quick and convenient, having so much of our personal information online leaves us vulnerable to cyber criminals who are eager to steal and benefit from our personal information. As the multitude of online services has expanded, so has the rate of fraudsters engaging in identity theft.

Data breaches within major companies have exposed hundreds of millions of consumers to hackers. In 2020 alone, the Federal Trade Commission (FTC) monitored almost 1.4 million complaints of identity theft, with over $3.3 billion stolen by identity thieves. Many scammers claimed to be officials from government departments and accessed victims’ pandemic unemployment benefits.

Cyber thieves who access one’s personally identifiable information (PII), such as birthdate, Social Security number, home address, driver’s license number, passport number and credit card or financial account information can use it to open new accounts, buy expensive items or pay their bills — and unsuspecting victims often won’t find out until weeks (or months) later. Often, it is only when (and IF) they closely read their account statements. The impact is not only the actual dollars stolen, but also hits to credit scores and time spent restoring security to one’s life and online footprint.

Identity thieves always evolve their tricks to disguise their efforts and access desirable information. They do “spoofing,” using phone numbers, or “phishing,” using email addresses, that look legitimate or seem connected to official agencies — such as the government, police or major companies from which you have likely made purchases. Variations may include sending voice or text messages or directing web surfers to websites for bogus products or services.

Credit cards are a bit safer than debit cards when it comes to fraud, as the Federal Fair Credit Billing Act protects consumers from liability in cases of credit card fraud over $50. However, as currency itself diversifies through the advent of cryptocurrency, some fraudsters are now demanding access to victims’ crypto accounts because it’s difficult to trace and helps them in evading law enforcement.

The age group most vulnerable to scammers is the elderly, as they are less likely to create strong online passwords and are less likely to be wary of prank callers posing as tax collectors or relatives purporting to be in dire financial straits. They also often provide extensive personal information to many doctors or caregivers, with access by many staff members at facilities.

But even those who consider themselves tech-savvy and invincible can fall prey to skilled scammers. Even a child’s information can be stolen, and parents may be unaware of that until many years later when trying to open or access accounts for them.

How to Avoid Identity Theft:

  1. Require a PIN or strong password to unlock devices and accounts, plus 2-step verification. Also, do not use the same password for multiple accounts.
  2. Always use updated security software (such as Norton) on your devices.
  3. Regularly sign in to online accounts to monitor transaction accuracy.
  4. Switch to paperless statements so there is less sensitive information in your mail.
  5. Put alerts on your financial accounts so you get reports for each transaction, or transactions exceeding a set dollar amount.
  6. Put a freeze on your credit report so others can’t open accounts in your name.
  7. Shred old documents, such as bank or credit union statements, tax forms and medical bills.
  8. File your tax returns early.
  9. Do not open emails, click on links or answer calls from suspicious addresses or numbers.
  10. Do not carry your Social Security card or documents including your SSN on them.
  11. Do not tell anyone your SSN by phone unless you are 100% sure who they are and why they’re asking for it.
  12. Do not use public Wi-Fi when making any financial transactions, such as online banking or shopping, or to check your email or browse social media.
  13. Do not leave personal information in your car, even if it is locked.
  14. Invest in an identity theft protection service (such as IdentityGuard or LifeLock) to monitor, detect and alert you about attacks on your identity or finances and reimburse you for losses.

If you are a victim of Identity Theft:

  1. Contact at least 1 of the 3 main credit bureaus: TransUnion, Experian, or Equifax.
  2. Report it to the FTC at www.identitytheft.gov or call 877 438 4338.

Your Turn: Which of these steps will you take to further secure your online identity?