Wheeling and Dealing on a New Car? Beware of Dealership Stealing

Wheeling and Dealing on a New Car? Beware of Dealership Stealing

Photo Credit: iStock/BrianAJackson

Notice all those recent TV commercials touting a “December to Remember,” “Employee Pricing,” “Year-End Sales Event” and other proclaimed deals on a new set of wheels?

That’s because it’s crunch time for dealerships to meet annual sales goals…just as winter weather and (other) holiday shopping can keep consumers off their lots. So now is when manufacturers and dealerships typically offer the year’s deepest discounts and most generous incentives, making December – and particularly its last two weeks – the very best time to buy a new car, according to experts.

But that doesn’t mean some car salesmen still won’t try to rip you off. So before heading to a dealership, check websites such as Kelley Blue Book, Edmunds and TrueCar to research incentives, rebates and prices in your area – including the invoice or “dealer’s cost” for your desired vehicle – and a ballpark selling price for any trade-in you may have. (Good sources for preowned cars also include AutoTrader and Cars.com.)

Then email several dealerships requesting their best “out-the-door” price (including taxes, tags and title) for the specific make, model and trim line of the vehicle for you seek. To avoid bait-and-switch scams, ensure that any particular cars advertised with a great price is still in its inventory (or another with the same trim and options is available), and that any manufacturer rebates and other incentives are not built into your starting price for negotiations. All the while, steer clear of these common tricks:

Focusing on monthly payments. This allows salesmen to meet virtually any monthly price you seek; they just extend the car loan, lowball your trade-in or play other shell games to make you think you’re getting a deal. Better: First dicker on a purchase price. Then handle your trade-in as a separate transaction. Only after doing both should you discuss and compare any loan rates and monthly payments at several dealerships, as well checking loan options with banks and credit unions.

Supplemental sticker swindles. Along with the official MSRP, you may find an additional window sticker listing charges of $595 or more for “Dealer Prep,” “Special Value Package” or simply labeled as ADP or ADM (which stands for “Additional Dealer Profit” and “Additional Dealer Markup”). These hefty prices usually involve little more than a couple of hours work “prepping” the vehicle by vacuuming its interior, washing the exterior, adding fluids, removing plastic from the seats, or perhaps a quick spraying to provide fabric protection or rust-proofing. Don’t believe claims these extra charges are mandatory; they can be waived – or at least credited in your negotiated price.

Trade-in trickery. Some salesmen will quote a low-ball price for your trade to determine if you’re sucker who bites. Others may initially quote an overly generous offer sight unseen to bait you to the showroom, and then renege that high-ball price in person, claiming your vehicle is in worse condition than expected. That’s why it’s wise to have – in-hand – realistic trade-in values based on condition and mileage (as well as year, make and model) from websites like KBB, Edmunds and AutoTrader. Again, negotiate your trade separately from the purchase price of the new car.

Post-sale packing. These tack-ons include unnecessary but expensive extended service warranties, GAP or credit insurance, “etching” the Vehicle Identification Number (VIN) onto windows, and sometimes fabric protection or rust-proofing not on supplemental window stickers. Most experts agree that extended warranties aren’t worth the money. GAP insurance is wise for some buyers, but shop around; dealers may charge twice as much as insurance companies for similar coverage.

Financing follies. Despite all those low-interest finance incentives, some dealers imply that certain buyers have worse credit ratings than they really do to trick them into a higher-rate loan. Others take it one step further: In the most common financing scam (known as “yo-yo” financing) some dealerships initially lead buyers to believe their loan application was approved – only to call back a few days later (after driving off the lot) to say that financing didn’t go through and a larger down payment or higher-rate loan is required to keep the car. Avoid these and other financing fleeces by knowing your credit score before car-shopping, and determine your qualifying interest rate by calling credit unions, banks or even a buying club such as Costco. If you do finance with a dealer, don’t sign anything with a “contingency clause” that stipulates the sale terms hang on the dealer getting the “promised” financing.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.


Source link

Deja Vu Deception: These Old Scams Resurface Again

Deja Vu Deception: These Old Scams Resurface Again

Photo Credit: iStock/SIphotography

Re-run ripoffs are nothing new; what’s previously worked for scammers will likely be successful again. And that holds especially true for these three long-time (and historically prosperous) ploys that have resurfaced with a vengeance:

Jury Duty Scam
Going strong for more than a decade, this telephone scheme has scammers posing as court employees or members of law enforcement ranging from local police to U.S. Marshalls. They say that you failed to appear for mandated jury duty – and as a result of that supposed no-show, you face immediate arrest.

These imposters are usually well-prepared – citing names and addresses of their targets (often pooled from public directories) and spoofing phone call-recipients’ caller ID to show phone numbers and names of a courthouse or law enforcement agency. “The scammers often provide information that seems very convincing, including the real names of federal judges or court employees, the location of the courthouse, and case and badge numbers. The victim has every reason to believe the call is legitimate,” notes a recent warning from the U.S. Attorney’s Office. “The caller then tells the victim they can avoid arrest by paying an immediate fine and walks them through purchasing a prepaid debit or gift card or making an electronic payment to satisfy the ‘fine.’”

What makes this scam especially dangerous: In addition to a quick payoff, sensitive personal information including your birthdate and Social Security number may be solicited for possible identity theft. What to know:

  • As with jury duty summonses, official “no show” notifications are delivered by mail. Phone calls won’t occur unless a jury duty summons was mailed but returned to sender because it couldn’t be delivered.
  • Police never give advance warning of impending arrest. Courthouse employees don’t call after-hours, while you’re eating dinner or preparing for bed. Only scammers do both.
  • A bona fide court will never ask for a credit or debit card number, wire transfers, or bank routing numbers over the phone for any purpose – including missing jury duty. Fines aren’t imposed until after you’ve appeared in court, given the opportunity to explain a failure to appear. 

Utility Shutoff Scam
In this swindle, fraudsters pose as local utility company personnel, claiming that electric, gas or water service to your home or business will be terminated within hours because of unpaid bills…unless the alleged tab is immediately paid (again, typically requested by prepaid debit card, gift card or wire transfer). The typical homeowner who takes the bait loses about $500 – nearly twice the amount of other phone scams – while some business owners have lost $10,000 or more.

These scams have gotten so common – breaking rip-off records last year and on track for another banner year this winter (this ploy peaks during the busy heating season) – that more than 100 utilities have formed Utilities United Against Scams to warn customers. As “live” phone calls remain the most common way to con, newer methods also include bogus emails, automated robocalls and even “on-site” scammers in rented uniforms seeking a quick payoff and/or home entry for possible burglary. What to know:

  • Before shutting off service, all utilities mail at least one written notice, providing you with several options to pay (online, return mail, phone, automatic bank draft or in person). None initiate the shutoff process with an unexpected phone call.
  • Like most legitimate businesses, utilities don’t accept gift cards and never require payment by prepaid debit card or wire transfer. Scammers prefer these methods because they are like sending cash.
  • Service on meters or inside the home is usually prearranged; if there’s a charge for work on customer-owned equipment, you’ll be billed by the utility – not asked for on-the-spot payment. 

Charity Scams
No surprise on the timing here: The lion’s share of all charitable donations in the U.S. – nearly $390 billion last year – is made in December. And that’s when scammers do a full attack to dupe would-be donators with a hard-sell and heartfelt scripts, typically made in unsolicited phone calls, but also front-door visits and email campaigns.

Some feign to be collecting on behalf of recognized groups, but more often use sound-alike names of legitimate charities or invent their own authentic-sounding organizations. What to know:

  • Listen or watch for imitative words, such as “National” being substituted for “American” in a well-known name. Mailed solicitations are less likely to be fraudulent than those by phone, email or front-door visit, so unless you dialed the call or previously provided your email address to that organization, don’t provide a credit card number over the phone or online. Also know that legitimate charities won’t specifically request prepaid debit cards or other scammer-preferred payment methods.
  • The most successful scams (read: hot-button hoaxes) targeting older Americans are phony charities claiming to benefit police and firefighters, military veterans, sick or needy children, or victims of natural disasters.
  • Before donating to any solicitation, check the charity’s name and reputation at Give.org, Charity Navigator, Charity Watch or GuideStar. You can also contact the agency in your state that regulates charities.


For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

 Also of Interest

See the AARP home page for deals, savings tips, trivia

Source link

AARP Announces 2017 State Capitol Caregivers and Super Savers

AARP Announces 2017 State Capitol Caregivers and Super Savers

In addition to advocating for older Americans in the halls of Congress, AARP staff and volunteers are working on the ground in all 50 states, Washington, DC, Puerto Rico and the U.S. Virgin Islands to make a difference in people’s lives through advocacy. This year, we have helped enact state policies to support more than 30 million family caregivers and provide thousands of workers with a new way to save for retirement.

Achieving these results took a lot of hard work and dedication from state legislators, governors and other elected officials. They worked together – often across party lines – to write, support, and advance commonsense policies that make people’s day-to-day lives a little bit easier and gives them more financial security in their retirement.

To recognize these elected leaders, AARP is proud to announce our fourth annual bipartisan class of Capitol Caregivers who fought to increase support for family caregivers and their loved ones along with our third annual bipartisan class of Super Savers who fought to help more Americans retire with confidence.

Capitol Caregivers
Every day, 40 million Americans help parents, spouses and other loved ones live independently at home, where they want to be. Family caregiving is a labor of love, to be sure, but it can also be a challenge. Care responsibilities can include providing transportation, cooking meals, managing finances, performing complex medical tasks, helping with bathing and dressing, and so much more. Sixty percent of family caregivers juggle full- or part-time jobs with their caregiving duties, and many are still raising their families.

AARP is fighting for commonsense solutions to make these big responsibilities a little bit easier—and we’ve seen real progress in states across the country.

AARP’s 2017 class of Capitol Caregivers recognizes 91 state legislators, five governors, one lieutenant governor, and one justice from more than 30 states, who advanced policies that:

A list of AARP’s 2017 Capitol Caregivers and the legislation they championed can be found here.

Super Savers
Today, 45 percent of working-age households have no retirement savings at all. At AARP, we believe everyone should be able to retire with confidence. That’s why we’re fighting for Work and Save plans that give more workers access to a payroll deduction retirement savings plan. Employees who are able to save for retirement out of their regular paychecks are 15 times more likely to save.

AARP’s third class of Super Savers includes six state legislators and two state treasurers who were integral to the passage of state-facilitated retirement programs in 2017.

A list of AARP’s 2017 Super Savers and the legislation they championed can be found here.

More work to do . . .
In 2018, AARP will continue to work with elected state leaders across the country to fight for the issues that matter to you and your families. To stay up-to-date on our progress, or get involved, sign up here.

More information
2014 Capitol Caregivers

2015 Capitol Caregivers
2016 Capitol Caregivers

2015 Super Savers
2016 Super Savers

Nancy LeaMond is AARP chief advocacy and engagement officer. She leads the organization’s Communities, State and National Group, including government relations, advocacy and public education for AARP’s social change agenda. LeaMond also has responsibility for AARP’s state operation, which includes offices in all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands.

You can follow her on Twitter @NancyLeaMond.


Source link

13 Simple Steps to Protect Your Privacy

13 Simple Steps to Protect Your Privacy

Photo credit: iStock/Natali_Mis

Simple steps can go a long way in protecting your privacy from prying eyes, including those belonging to on-the-lookout scammers. Some of the easiest and (usually) free safeguards to reduce your risk of scams, hacking and other dastardly deeds:

  • Password-protect every device you own – smartphone, PC, laptop, and tablet – with a PIN that isn’t among these commonly
  • used, and most-often hacked: 0000, 1111, 1212, 1234, 2580 (middle column of keyboard) or 5555. Also avoid your birthdate, birth year, and portions of your phone address, address or SSN.
  • Check if your email address was compromised in a data breach at https://haveibeenpwned.com. If you were poned, change that password used for that and other account.
  • Use a password manager to remember all your passwords in a well-protected digital space, generate new ones, and/or even automatically complete log-in fields; you only need to remember a master phrase. Some versions are free; those with top-line features cost upwards of $50.
  • On social media, taking surveys or even completing product and service forms, don’t share personal details including your birthdate, birthplace, phone number, family members, income, even hobbies. Even legitimate companies may share these ID theft-worthy nuggets with who-knowns-who. Never provide your Social Security number, even the last four digits, unless you initiate contact or it’s legally required.
  • Protect your Google, Yahoo or Outlook email (and other accounts) with two-factor authentication so any sign-in from a different device requires a second layer of security, such as a code texted to your phone. Check twofactorauth.org for websites that offer two-factor authentication.
  • Install the HTTPS Everywhere extension to ensure all your activity on major websites is encrypted and less vulnerable to hacking.
  • Visit optoutprescreen.com or call 1-888-567-8688 to get off mailing lists for pre-approved credit card offers, which can be stolen by identity thieves to get new cards in your name. Stop “junk” mail from direct-marketing mailing lists at dmachoice.org.
  • Mail outgoing payments from a secure USPS dropbox or the post office, not from your home mailbox. Try to retrieve incoming mail soon after its delivery – especially in coming weeks, when ID thieves can steal just-delivered tax-related documents.
  • Get and keep copies of your medical records – a binder works well – adding each new treatment and prescription. This way, you have paper proof (and better defense) if your records are stolen, altered, or used in medical identity theft that could compromise your own health care.
  • Review every Explanation of Benefits (EOB) statement from your insurer. Call about any appointment, treatment or prescription that wasn’t yours. Once a year, review all benefits paid out in your name.
  • Don’t choose “personal” password security questions – or if you do, provide false answers. With some online research, fraudsters can learn “Where were you born?” and “What’s your mother’s maiden name?” to access your account. Keep track of fabricated answers by setting up “accounts” in a password manager.
  • Consider how you pay. Credit cards offer the best fraud protection; with bank-issued debit cards, your out-of-pocket liability depends on when unauthorized charges are reported. Be suspicious of payment requests by prepaid, reloadable debit card or wire transfer; scammers prefer those methods because they are like sending cash – hard to trace and virtually impossible for consumers to get money back.
  • Don’t make photocopies of medical, tax-related or other sensitive documents from digital copiers at libraries or businesses. Information stored on their hard drives can be retrieved by ID thieves who purchase leased or discarded machines.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

 Also of Interest

See the AARP home page for deals, savings tips, trivia

Source link

Trouble from the Toy Box: Will that “Smart” Holiday Gift for the Grandkids be a Spy for Hackers?

Photo Credit: iStock/nd3000

If so-called “smart toys” are on the holiday wish list of the children in your life, know this: The FBI warns that such interactive, Internet-connected gifts could be compromised by cyber hackers – and advises that security precautions be taken before playtime begins.

Although the agency doesn’t identity specific risky products, “these toys typically contain sensors, microphones, cameras, data storage components, and other multimedia capabilities – including speech recognition and GPS options,” notes the FBI. “These features could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed.” They include dolls, stuffed animals, card packs, wrist bands and other playthings typically connected to the Internet, either directly through Wi-Fi or indirectly via Bluetooth to a smartphone (which, in turn, is connected to the Internet).

Among the concerns: Many smart toys, often intended to promote learning, have microphones that “could record and collect conversations within earshot of the device,” says the agency – including ID theft-worthy details such as the child’s name, address and birthdate. (Meanwhile, such details may be provided or required when creating user accounts.)

“In addition, companies collect large amounts of additional data, such as voice messages, conversation recordings, past and real-time physical locations, Internet use history, and Internet addresses/IPs,” says the agency. “The exposure of such information could create opportunities for child identity fraud. Additionally, the potential misuse of sensitive data such as GPS location information, visual identifiers from pictures or videos, and known interests to garner trust from a child could present exploitation risks.”

Some smart toys have already come under fire. Earlier this year, an Internet-connected doll called “My Friend Carla,” with an internal microphone, was banned in Germany. Meanwhile, an Australian security researcher reports that more than 2 million voice recordings were exposed via “Cloud Pets,” stuffed animals that allow parents and children to exchange voice messages. And last December, smart toy manufacturer V-Tech acknowledged that close to 5 million customer accounts were hacked via smart toys “Learning Lodge” and “Kid Connect,” allowing hackers to access children’s names, addresses, birthdates, chat histories and photos.

In addition to microphones, recording devices, cameras and GPS capability, other risks in Internet-connected smart toys include features such as speech recognition technology, speakers, and/or wireless transmitters and receivers. Also be mindful (and cautious) with products that request names, addresses, and other personal information when you register; have cloud connection capability (and remain connected to the cloud when the toy is turned off); and/or don’t include an End User License Agreement or identify its cloud storage provider.

As with other risk-posing “smart” devices in your home, here’s how to be smart with these high-tech toys:

  • Before buying, research the product for any reported security issues. Also look for certification or verification by members of the COPPA Safe Harbor Program (for Children’s Online Privacy Protection Act), an FTC-affiliated group.
  • Read the company’s privacy policy and user agreement. Find out where user data is stored (with the company, third party services or both), and research their reputations, especially in regards to cyber security.
  • Determine how (or if) you would be notified about a possible data breach or if vulnerabilities in the toy are discovered.
  • Only connect and use the toy on a trusted and secure internet access – not on public Wi-Fi.
  • Use a strong and unique PIN or password when connecting to a Bluetooth device. If the product comes with default password, change it.
  • Use encryption when transmitting data from the toy.
  • If the toy can receive software updates and security patches, ensure it is using the most updated version.
  • Make sure the toy is turned off when not in use, especially if the toys use microphones and cameras.
  • Be stingy with personal information when setting up user accounts. A teddy bear really doesn’t need to know your child’s last name, address or birthdate. Also teach young’uns to not “overshare” personal details when playing with or near the toy.
  • Turn the toy off when your children are not using it, especially if it has a camera and/or microphone.

For information about other scams, sign up for the
Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Source link

How to Spot Phishing Emails from “Trusted” Businesses

How to Spot Phishing Emails from “Trusted” Businesses

Photo credit: iStock/weerapatkiatdumrong

Year-round, all kinds of phishing attempts lurk in your inbox – from promises of massive wealth from self-described Nigerian princes (or their representatives) to threats of arrest or loss of benefits from supposed employees of government agencies that, in reality, never correspond via email.

But with the upcoming holiday shopping season – predicted to generate up to $682 billion in sales, including a record $107 billion in online purchases (14 percent higher than last year) – prepare for some of the most convincing cons angling for personal and financial information that could lead to identity theft.

That’s because they supposedly come from companies you know, trust, and likely rely on – especially this season: Online retailers, credit card companies, PayPal, banks, even airlines and delivery services like FedEx and UPS. Some bogus emails allege an “order confirmation.” Others claim a problem – say, your account was frozen, requires an update or verification, or there’s a shipping or delivery snafu. Others tout coupons, unbelievable discounts or freebies ranging from expensive iPhones to gift cards (often promised for completing a customer survey that could provide identity thieves and sleazy marketers with sensitive information best not shared).

All seek the same goal: To get you to reveal sensitive information – personal details, log-in credentials, account and credit card numbers – and/or click on an imbedded link or attachment that harbors computer-infecting malware. Here’s how to distinguish the bona fide from the bogus (even after the holiday shopping season):

  • A legit company knows its customers. True, so-called “spearphishing” emails and “artisanal” spam include your name, but those more personalized phishing attempts typically target workplace or social media accounts. Phishing emails related to holiday shopping and other seasonal activities are more likely to have generic greetings such as “Dear Customer” because they are blasted en masse. Legitimate messages from companies always include the customer’s name, account number (or at least a portion of it) and other specific-to-you information – and they won’t ask you to provide it.
  • Real messages focus on guidance, not getting. When legit companies email about issues or problems that need to be addressed, they instruct you to log-in into your online account or call their customer service phone number, and rarely (and shouldn’t) include a link promising “more details.” Only phishing scammers ask that sensitive information by provided via reply email, and tease to get must-know news in links rather than prominently display it in no-click-needed text.
  • Genuine messages don’t threaten. Scammers know that fear is a powerful motivator; above-board companies know it’s bad business. Threats, intimidation and warnings of dire consequences are the foundation of success for many fraudsters – such as claims your account will immediately be frozen or closed unless you immediately respond with money or sensitive information that real companies already have.
  • Actual companies don’t give away the store. Sure, they want your business, but legit vendors aren’t in business to lose money. Be suspicious of non-personalized messages promising freebies of high-priced items or travel excursions “just because” or sales of hot-selling merchandise for a fraction of the cost offered by competitors. If there truly is a giveaway or blowout sale, retailers will have full details on the website.
  • Authentic businesses are professional. They send emails from their own domain – companyname.com – not a free service like Gmail or Yahoo. (When in doubt of the sender, hover your mouse over the “from” address.) And they ensure their messages are grammatically correct, free of misspellings and “readable” to their customers. Because emailing phishers often operate overseas, their messages tend to be linguistically challenged, littered with Scammer Grammar, typos and note currency descriptions not commonly used in the U.S. companies – such as listing prices at $19.95 USD (for U.S. dollars).

For information about other scams, sign up for the 
Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

 Also of Interest

See the AARP home page for deals, savings tips, trivia

Source link

Pin It on Pinterest