8 Ways To Spot A Job Scam

Young woman looks at a job sheet while verifying information on her smartphone.If you’re in the market for a new job, or you’re looking for extra part-time work, be careful. The Federal Trade Commission (FTC) is warning of a surge in employment scams of every kind. Victims might have their accounts emptied, their identities stolen, or they may even find themselves facing jail time for money laundering charges.

Protect yourself from employment scams by holding up any job you’re considering against this list of red flags:

1.) The job pays very well for easy work
If a job description offers a high hourly rate for non-skilled work with no experience necessary, you can assume it’s a scam. Legitimate companies will not overpay for work that anyone can do. Carefully read the wording of the job pitch. If the deal sounds too good to be true, it probably is.

2.) The job description is poorly written
Scrutinize every word of the job description. If it’s riddled with typos and spelling mistakes, you’re looking at a scam.

3.) They need to hire you NOW!
If a “business” claims the position needs to be immediately filled and they’re ready for you to start working today, assume it’s a scam. Most legitimate businesses will need time to process your application, properly interview you and determine if you are indeed a good fit.

4.) The business has no traceable street address or real online presence
If you’ve spotted a position on an online job board, your first step should be researching the company. Google the company name to see what the internet has to say about them. If you suspect a scam, search the name with words like “scam” and “fraud” in the search string. Look for a brick-and-mortar address, a phone number and a real online presence. If all you find are help-wanted ads and a P.O. Box, move on to better job leads.

5.) You need to share sensitive information just to apply
Does the “job application” you’re looking at seek sensitive details, like your Social Security number and/or a checking account number? Such information should not be necessary just to submit an application. You might even be innocently asked to share details you think are minor, like your date of birth, name of your hometown, first pet’s name or your mother’s maiden name. Of course, these are all keys to open up access to your passwords and/or PINs.

There’s no surer sign you’re dealing with crooks than being asked to share information that practically guarantees you’ll be scammed.

6.) You need to pay a steep fee to apply
Some legitimate companies charge a nominal application fee for hopeful employees. However, if the fee is absurdly high, or the company asks you to cash a check for them and then refund it, you’re being scammed.

7.) There’s no business email
Some job scammers will impersonate well-known companies to look authentic. For example, you might think you’re applying to an off-site job at Microsoft. You’ll be told to email your resume to JohnSmithMicrosoftHR@gmail.com. Your red flag here is the email address: The domain is generic. If the “recruiter” genuinely represented Microsoft, the email address would be something like JohnSmith@HR.Microsoft.com.

8.) The “recruiter” found your resume on a job board you never use
If the “recruiter” claims they’ve picked up your resume on a job board you don’t remember visiting, it’s not your memory failing you. Job-scammers often scrape victims’ personal details off the internet and then pretend to have received a resume. They’ll know you’re looking for a job, and they’ll know enough about you to convince you they’ve got your resume, but it’s all a scam. If someone contacts you about a position you’ve never applied for, or claims to have found your resume on a job board you’ve never visited, run the other way!

As always, practice caution when online. Keep your browser updated and strengthen the privacy settings on your social media accounts. When engaged in a public forum, don’t share information that can make you vulnerable, like your exact birthdate or employment history. Never wire money to people you don’t know well or agree to cash a stranger’s check in exchange for a commission. Above all, keep your guard up when online and use common sense: When in doubt, opt out!

Your Turn:
Have you been targeted by a job scam? Tell us about it in the comments, below!

SOURCES:
https://www.consumer.ftc.gov/features/scam-alerts

https://www.job-hunt.org/onlinejobsearchguide/job-search-scams.shtml

https://www.whatismybrowser.com/guides/how-to-be-safe-online/why-should-i-update-my-web-browser

Simple tips for protecting your parents from financial fraud

daughter helping elderly father check his account onlineAccording to the Federal Trade Commission, older adults are disproportionately affected by fraud.

Whether it’s a phony phone call, phishing scam, or mail fraud, seniors often become targets for scammers who perceive them as easy marks.

While you alone can’t put an end to this shady illegal activity, you can empower you parents with the knowledge to keep themselves—and their finances—safe.

Remind them about “stranger danger”
Your parents probably taught you the concept of “stranger danger” at an early age—and for good reason. Don’t interact with suspicious people. It’s an important lesson that’s relevant to adults as well as children.

If someone you don’t know asks for personal information, it’s probably a scam. Remind your parents to never give out credit card or account information, passwords, or social security numbers unless they can verify the identity of the person or business making the request.

Add their number to the Do Not Call List
When you add your phone number to the The National Do Not Call Registry, the government informs telemarketers not to call you.

Unfortunately, unscrupulous organizations and scammers ignore the registry and may continue to harass your parents, but they should see a reduction in unsolicited calls and text messages from those who abide by the law.

Give them a crash course in online literacy
If your senior parents use technology but aren’t completely familiar with how scams work online, they might not understand what to click and what to avoid.

Spend some time going over how to navigate the internet safely. Most importantly, explain email phishing. Emphasize that they should never click links in unsolicited emails from people or companies they don’t know.

If they use social networks like Facebook, warn them not to share anything too personal as scammers might use this information to impersonate friends or family members online.

Used with permission. © 2019 BALANCE. All rights reserved.

Tax Scams 2019

Each year, the IRS publishes the “Dirty Dozen,” a list of 12 scams that are rampant during that year’s tax season.

This year, the IRS is cautioning taxpayers to be extra vigilant because of a 60% increase in email phishing scams over the past year. This is particularly disheartening, since it comes on the heels of a steady decline in phishing scams over the previous three years.

Typically, an email phishing scam will appear to be from the IRS. Once the victim has opened the email, the scammer will use one of several methods to get at the victim’s personal information, including their financial data, tax details, usernames and passwords. They will then use this information to steal the victim’s identity, empty their accounts or file taxes in the victim’s name and then make off with their refund.

Scammers have several means for fooling victims into handing over their sensitive information. The most popular tax-related phishing scams include the following:

  • Tax transcript scams
    In these scams, victims are conned into opening emails appearing to be from the IRS with important information about their taxes. Unfortunately, these emails are bogus and contain malware.
  • Threatening emails
    Also appearing to be from the IRS, these phony emails will have subject lines like “IRS Important Notice” and will demand immediate payment for unpaid back taxes. When the victim clicks on the embedded link, their device will be infected with malware.
  • Refund rebound
    In this scam, a crook posing as an IRS agent will email a taxpayer and claim the taxpayer was erroneously awarded too large a tax refund. The scammer will demand the immediate return of some of the money via prepaid debit card or wire transfer. Of course, there was no mistake with the victim’s tax refund and any money the victim forwards will be used to line the scammer’s pockets.
  • Phony phone call
    In this highly prevalent scam, a caller spoofs the IRS’s toll-free number and calls a victim, claiming they owe thousands of dollars in back taxes. Those taxes, they are told, must be paid immediately under threat of arrest, deportation or driver’s-license suspension. Obviously, this too is a fraud and the victim is completely innocent.

If you’re targeted
When targeted by any scam, it’s crucial to not engage with the scammer. If your Caller ID announces that the IRS is on the phone, don’t pick up! Even answering the call to tell the scammer to get lost can be enough to mark you as an easy target for future scams. If you accidentally picked up the phone, hang up as quickly as possible.

Similarly, suspicious-looking emails about tax information should not be opened. Mark any bogus tax-related emails that land in your inbox as spam to keep the scammers from trying again.

If you’re targeted by a tax scam, report the incident to help the authorities crack down on these crooks. Forward suspicious tax-related emails to phishing@irs.gov. You can also alert the Federal Trade Commission at FTC.gov.

Protect yourself from tax scams
Stay one step ahead of scammers this tax season by being proactive. Protect yourself with these steps:

File early in the season so scammers have less time to steal your identity, file on your behalf and collect your refund.
Use the strongest security settings for your computer and update them whenever possible.
Use unique and strong passwords for your accounts and credit or debit cards.
Choose two-step authentication when conducting financial transactions online.

Remember, the IRS will never:
Call about taxes owed without having first sent you a bill via snail mail.
Call to demand immediate payment over the phone.
Threaten to have you arrested or deported for failing to pay your taxes.
Require you to use a specific payment method for your taxes.

Ask you to share sensitive information, like a debit card number or checking account number, over the phone.

Be alert and be careful this tax season and those scammers won’t stand a chance!

Your Turn:
Have you ever been targeted by a tax scam? Share your experience with us in the comments.

SOURCES:
https://clark.com/personal-finance-credit/taxes/beware-of-these-common-irs-scams/

https://www.google.com/amp/s/www.forbes.com/sites/kellyphillipserb/2018/12/04/irs-warns-on-surge-of-new-email-phishing-scams/amp/

https://www.businessinsider.com/irs-phone-scam-what-to-do-if-you-get-scam-call-2018-2

All You Need To Know About Facebook’s Latest Bug

Young black woman scrolling through an app on her smartphone in a cafeWith its wide range of features, easy-to-use interface and streamlined access, Facebook is the darling of the social media age. It helps people stay connected with family and friends, allows new relationships to blossom and creates a culture of community for new and established businesses alike.

However, in December, Facebook announced its internal team found a photo API bug in its platform which may have exposed the unshared photos of 6.8 million users. As the latest in a stream of publicized security issues, this breach has the public confused and worried about their privacy.

Read on for all you need to know about the recent Facebook bug.

What happened because of the photo bug?
According to Facebook’s policy, apps linked to Facebook are only allowed to access photos that users give them permission to view, such as those posted on their Facebook timeline. The recent bug, however, may have allowed third-party apps to access loads of other pictures without their user’s knowledge and permission.

An estimated 1,500 apps built by 876 developers were affected by the bug. All of these apps are approved by Facebook, and were authorized by users to access their photos.

The photos breached include those shared on Facebook Stories or Marketplace as well as photos that had been uploaded but weren’t yet posted on Facebook.

The bug was active from Sept. 13 to Sept. 25, 2018. Although, Facebook waited to come clean about the breach in mid-December, 2018.

What steps has Facebook taken to fix the bug?
Facebook fixed the bug as early as Sept. 25 and has openly apologized for the breach. They have promised to let app developers know which of their users have been affected by the bug so they can take steps on their own. Facebook has also claimed to be working on strengthening their platform’s privacy to prevent future photo leaks and security breaches.

When asked why the social media giant did not inform the public about the bug immediately, a Facebook representative told CNN Business, “We have been investigating the issue since it was discovered to try and understand its impact so that we could ensure we are contacting the right developers and people affected by the bug. It then took us some time to build a meaningful way to notify people, and get translations done.”

Despite the statement, the jury remains out on whether Facebook has really taken the responsible course of action after the bug was discovered.

What does the bug mean for impacted Facebook users?
Having your unshared photos posted on public forums can lead to a host of safety issues. Thankfully, no crimes have been linked to the photo leak to date, but crooks can use revealing photos to stage a home robbery or worse. For reasons such as this, it’s always best to use the strongest privacy settings on your social media platforms and to be super-careful about which apps you allow to access your photos.

To be extra careful and keep yourself safe in the event of security breaches like Facebook’s recent photo bug, never post pictures that are too revealing about your personal life and your financial situation.

How can I check if my photos were leaked?
Facebook has issued an official alert to all affected users with clear steps for protecting their photos. The alert directs users to a Help Center Page where they can check if they’ve used any apps affected by the bug and get instructions on how to proceed from there.

Facebook also advises users to log into any apps they use to share photos and check which ones are accessible. If you’re worried about an app’s privacy, log into Facebook’s Manage Your Apps page and contact the app developer directly to inquire about the accessibility of your photos.

Facebook’s latest security breach may have impacted millions of users, but with the proper reactive steps and an eye toward a more secure future, it can help the social media giant and all its users practice stronger security measures and protect their privacy against potential breaches.

Your Turn:
Have you been impacted by Facebook’s latest breach? Share your experience with us in the comments below.

SOURCES:
https://betanews.com/2018/12/16/facebook-photo-api-bug/

https://www.google.com/amp/s/amp.cnn.com/cnn/2018/12/14/tech/facebook-private-photos-exposed-bug/index.html

https://www.geek.com/tech/facebook-photo-bug-how-to-check-if-you-were-impacted-1766300/

https://www.google.com/amp/s/www.cnbc.com/amp/2018/12/14/facebook-bug-exposed-photos-from-up-to-6point8-million-users.html

Credit Card Fraud In Fives

Businessman enters credit card number on a laptopNo one wants to be the victim of credit fraud. Aside from the stolen money you may never recover, victims of fraud can be faced with an enormous hassle. That hassle involves the closing of accounts, putting a fraud alert on your credit and a huge ding on your credit history, which can be difficult to fix.

Whodunnit? When we’re talking about credit card fraud, everyone’s pointing fingers at everyone else.

Consumers tend to blame the credit card issuer, but the vulnerability usually lies with the point-of-sale terminal. Tampering with a credit card reader takes just a few minutes and can be done with an inexpensive device that’s available on Amazon. In addition, there are lots of other ways your information can be skimmed, none of which point to a security deficiency with your credit union or credit card company.

Thankfully, there are steps you can take to prevent and recognize credit card fraud before it happens. Read on for all you need to know about credit card fraud in 5 lists of fives.

5 ways your card can be frauded

  1. It’s physically lifted from your wallet.
    The old-fashioned pickpocket is still a very real threat. Invest in a secure wallet and/or purse and always keep your card inside.
  2. A restaurant or bar server skims it.
    When you hand over your card to a dishonest server at the end of a meal, you give them a few minutes to skim your card while it’s in their possession.
  3. A terminal you use is compromised.
    Payment terminals can be tampered with and rewired to transmit your information to scammers. This is especially common in pay-at-the-pump gas stations.
  4. An online breach puts your information on the black market.
    After a company you use suffers a breach, your personal information may be up for sale on the dark web.
  5. Your computer’s been hacked.

Once a scammer gets inside your computer, they have full access to all of your sensitive data.

5 signs a terminal’s been compromised

  1. The security seal has been voided.
    Many gas stations have joined the war against credit card crimes by placing a security label across the pump. When the pump is safe to use, the label has a red, blue or black background. When it’s been breached, the words “Void Open” will appear in white.
  2. The card reader is too big for the machine.
    The card reader is created to fit perfectly on top of the machine. If it protrudes past it, it’s likely been tampered with.
  3. The pin pad looks newer than the rest of the machine.
    The entire machine should be in a similar condition.
  4. The pin pad looks raised.
    If the pin pad looks abnormally high compared to the rest of the machine, the card reader may have been fitted with a new pin pad that will record your keystrokes.
  5. The credit card reader is not secured in place.
    If parts of the payment terminal are loose, it’s likely been compromised.

5 times you’re at high risk for credit card fraud

  1. You lost your card.
    If you misplaced your card – even if it was eventually returned to you – there’s a chance your information has been skimmed.
  2. You’re visiting an unfamiliar area.
    When patronizing a business in an unfamiliar neighborhood, you don’t know who you can trust.
  3. A company you use has been breached.
    If a business you frequent has been compromised, carefully monitor your credit for suspicious activity.
  4. You shared your information online with an unverifiable contact.
    If you’ve willingly or unwillingly shared sensitive information online and you’re not certain of the contact’s authenticity, you’ve likely been frauded.
  5. You downloaded something from an unrecognizable source.
    Have you accidentally downloaded an attachment from an unknown source? Then your computer has likely been compromised and you’re at risk for credit card fraud.

5 ways to protect yourself against credit card fraud

  1. Check all card readers for signs of tampering before paying.
  2. Never share your credit card information online unless you’re absolutely sure the website you’re using is authentic and the company behind it is trustworthy.
  3. Check your monthly credit card statements for suspicious activity and review your credit reports on a frequent basis.
  4. Use cash when patronizing a business that’s in an unfamiliar area.
  5. Don’t download any attachments from unknown sources.

5 steps to take if your credit card has been frauded

  1. Lock the compromised account.
    Dispute any fraudulent charges on your compromised accounts and ask to have them locked or completely shut down.
  2. Place a fraud alert on your credit reports.

  3. Consider a credit freeze.
    This will make it impossible for the scammer to open a line of credit in your name.
  4. Alert the FTC.
    Visit identitytheft.gov to report the crime.
  5. Open new accounts.
    Begin restoring your credit with new accounts and lines of credit.

At [credit union], we’ve always got your back! Call, click, or stop by today to ask about steps you can take to protect your information from getting hacked.

Your Turn:
Have you ever been a victim of credit card fraud? Share your story with us in the comments.

SOURCES:

https://www.thebalance.com/how-credit-card-skimming-works-960773

https://www.thebalance.com/more-at-risk-of-credit-card-fraud-960780

https://www.makeuseof.com/tag/credit-card-fraud-works-stay-safe/

http://gizmodo.com/home-depot-was-hit-by-the-same-hack-as-target-1631865043

Why Do I Spend So Much When Shopping Online?

Man opening a package from an online retailerQ: I’m really trying to stick to a budget this holiday season, and I’m doing most of my shopping online. It should be easy to stay on track, so why am I constantly going over budget?

A: Both online and in-store shopping can tempt you to overspend, but the internet is particularly designed to help you lose track of your dollars.

More and more people are choosing to hit the web instead of the mall for holiday shopping. The internet definitely wins for convenience. Since there are no crowded malls, no long lines and no crabby cashiers, it’s much more enjoyable. Plus, you get to shop in your PJs. Can it get better than that?

Shopping the old-fashioned way, though, is not without merit. When purchasing items that need to fit right or that you may need immediately, you might want to head to the mall or local small business. You might even save money that way.

If you choose to do most of your holiday shopping on the internet, though, it’s good to understand why we tend to overspend online.

Why we spend more online
Here are 10 ways online retailers push us to overspend:

1. They push products strategically.
The first few products you’ll see when you visit a retail website aren’t necessarily the hottest-selling items; they’re just the stuff the company needs to get rid of most urgently. Most people, though, will assume the products on the site’s homepage are the most popular and will quickly drop one or two of these items into their cart.

2. They offer free shipping—with a minimum purchase.
Don’t think the retailer is being super-generous when they offer to sponsor the shipping costs if you spend $50 or more. They’re only luring you to spend more. And it works: Most people choose to fill their carts with stuff they don’t need just to avoid paying the shipping fee.

3. They make it super-easy to check out.
Websites make their checkout process ridiculously easy just to keep you buying. If your info’s been saved on the site, you can order your whole cart within minutes. The quicker you make those purchases, the less time you have to rethink them and opt out.

4. They offer spending-based discounts.
Online retailers often offer discounts after you’ve reached a certain spending threshold. Just like the free-shipping minimum, these conditional discounts manipulate you into spending more just to qualify—even if you won’t save any money at the end of the day.

5. They change their prices without rhyme or reason.
Online retailers constantly adjust their prices according to consumer and market behavior. This tactic, known as “dynamic pricing,” is designed to draw you back to the site again and again just to check the going price. It also prompts you to buy before the price rises again.

6. They use anchor pricing.
Retailers want you to believe you’re getting a great deal. They frequently employ “anchor pricing,” or placing items with inflated price tags right next to one you’re looking at now to make your desired item look less costly.

7. Their ads stalk you.
Online retailers target you with ads based on your search history. They know what you’re into and they can even determine your style.

8. They have lenient return policies.
Online retailers purposely have looser return policies than their brick-and-mortar counterparts. They know you’ll consider these policies when making your purchase and that you’re more likely to buy something online if you can easily send it back to the store.

9. They have a virtual checkout aisle.
If you think you’ll save big by shopping online because you won’t be tempted to grab all those goodies that the brick-and-mortar stores have lining their checkout aisles, here’s a reality check: Retailers are smarter than that. They’ve discovered a way to create a virtual checkout aisle, full of last minute add-ons that go well with the stuff you’re buying. It’s all designed to make you drop another item or two into your cart before you realize your total is way above your planned budget.

10. They stay in touch.
That subtle email reminder that you still have items in your cart is really just a nice way of nudging you back into. buying mode. Fact is, it works. When retailers send you emails with headlines that scream about “Today Only!” and “Free Shipping on Every Order,” they get your attention. And your money, too.

Spending less online
Should you ditch the on-the-couch shopping and camp out at the mall until the holidays?

You don’t need to be extreme and do all your shopping IRL this year. By educating yourself about the most common manipulative tactics that online retailers use, you’re already better equipped at handling them. You can also follow these tips to keep your online spending to a minimum:

1. Shop with a list
Yes, just like the one you scribble before heading to the grocery. Don’t just have a look around your favorite sites. Decide what you want and need to purchase before browsing, and do your best to stick to your list.

2. Set a time limit.
When there are no store closing hours to curtail your shopping trip, you can easily lose track of the time, which can trigger overspending. Plus, the internet is designed to keep you engaged, and one click leads to another. Give yourself a reasonable amount of time to shop, and once time’s up, snap your laptop shut.

3. Never pay full price.
Don’t check out without doing a quick search for coupons and discounts on sites like RetailMeNot.com and CouponCabin.com.

4. Don’t twist yourself into a pretzel to qualify for free shipping.
Don’t buy stuff you don’t need just to avoid a dreaded shipping fee.

5. Shop early.
You’ll find it easier to stick to your budget, and to avoid the free shipping trap, when you shop early. Plus, many e-tailers offer free shipping with no strings attached as long as you don’t mind waiting a bit for your stuff to show up.

With awareness and careful planning, you can stick to your budget this holiday season—even when shopping online.

Your Turn:
Do you spend more when shopping online or in-store? Tell us all about it in the comments below.

SOURCES:

https://www.google.com/amp/s/www.cnbc.com/amp/2017/05/18/you-might-be-spending-twice-as-much-money-as-you-think-online-shopping.html

https://www.google.com/amp/s/www.recode.net/platform/amp/2018/6/8/17441288/internet-time-spent-tv-zenith-data-media

https://apparelmag.com/holiday-trend-continues-consumers-will-do-more-shopping-online-vs-store-season

https://www.everydollar.com/blog/online-vs-in-store-shopping

https://www.google.com/amp/s/kdvr.com/2017/12/04/do-you-spend-more-when-shopping-online/amp/

https://www.google.com/amp/s/amp.businessinsider.com/sneaky-ways-online-retailers-get-you-to-spend-more-2016-5

How To Create And Keep Strong Passwords

Woman holding tablet in lap browsing a website.Your passwords are the keys to your life. And when it feels like there’s another big security breach every week, you want to be sure those passwords are strong and safe.

Follow the 6 steps below for super-strong passwords that will keep scammers guessing.

Step #1: Choose a password manager
The best way to ensure your passwords are secure is to use a password manager like 1password, Lastpass or Keepass. These services generate encrypted passwords for every website you use. You will then create one master password to use for logging into all of your accounts.

Step #2: Create an unbreakable master password
This code can open up every password of yours to potential scammers; so be extra careful about choosing one that is virtually unbreakable. Follow these rules for a strong password:

  • Make it long. Many sites require a password that is a minimum of 8 characters long, but a 12-character password is even stronger.
  • Be creative. Avoid using names, places and recognizable words, since these are easily cracked.
  • Mix it up. Vary your capitalization and the kinds of characters you use, switching back and forth from letters to numbers to symbols.

You can run your password through an online password checker like the one on OnlineDomainTools.com to test its strength. Once you’ve created a super-strong master password, work on memorizing it. Write it down and then rip up the paper as soon as you’ve memorized it.

Step #3: Update all your passwords
Next, sync all the websites and accounts you use with your password manager. Follow the guidelines on your password manager for this step, as they differ with each service.

When you’re through, you’ll only be able to log into these sites with your master password.

Some sites employ outdated systems that won’t work with a password manager. For these sites, you will need to use different passwords. You can slightly amend your master password for these sites or create new ones using the guidelines above. Use a different password for every site.

Step #4: Use two-factor authentication
Add another layer of protection by choosing two-factor authentication whenever you have that option.

Step #5: Be careful with security questions
Security questions are extremely insecure; anyone can Google the answers. If all a scammer has to do to retrieve your password is answer a security question, the strongest password is worthless.

Treat security questions like passwords. Never answer them truthfully. Instead, make up mnemonics or nonsensical answers that are difficult to crack, but easy for you to remember.

Step #6: Don’t let your browser or phone “remember” your passwords
Keep your passwords in your head and not on your devices. Otherwise, you’ll be in deep trouble if your computer or phone is swiped.

Your Turn:
What’s your best tip for creating a super-strong password? Share it with us in the comments.

SOURCES:
https://www.google.com/amp/s/lifehacker.com/how-to-create-a-strong-password-1797681069/am

https://lifehacker.com/four-methods-to-create-a-secure-password-youll-actually-1601854240

https://www.pcmag.com/article2/0,2817,2407168,00.asp