Don’t Be a Scam Mark When You Park

Don’t Be a Scam Mark When You Park


There are many routes to a ripoff, including several schemes that can occur when you park your car:

Fake fines. A longtime ruse, phony parking tickets have resurged in recent months. The “classic” con involves windshield-left violations that appear authentic. Thanks to inexpensive hand-held printers, scammers can produce on-the-spot thermal printouts that look like actual tickets produced by police-used machinery, either standalones or placed in brightly colored envelopes, purchased online, like those used by some law enforcement. Motorists who receive these phony tickets are usually directed to pay the fine at scammer-run websites that also appear authentic, where sensitive personal information including bank account details may be solicited. These websites could also harbor malware.

Joining these schemes is the latest ruse: Bogus emails received by residents in several states that falsely claim a newly issued or past-due parking or traffic violations. Usually spoofed to appear to come from a local police department or state DMV, this conning correspondence demands personal information, payment (often by credit card or prepaid debit card) and can include links or attachments that “direct unsuspecting users to a malicious download that may expose your computer to a virus,” warns the New York State Department of Motor Vehicles.

Before paying a parking ticket, verify its legitimacy by contacting the issuing agency – either calling or looking up its website yourself; don’t rely on what’s printed on tickets, and be suspicious of any website that doesn’t end in .gov or .org. Police don’t email citations (or news about them), so don’t risk malware by clicking on links or attachments.

Parking lot posers. It can cost a small fortune to park in the official lot of a stadium or other event venue, and that’s what helps those guys who eagerly direct you to a nearby lot to park at a fraction of the price. Some are legitimate, but others are there to collect your upfront payment, point you to a space, and then hit the road. Problem is you may not know the difference until after that ballgame or concert to find your vehicle gone. Reason: The parking lot poser took the money and ran – and the lot’s real owner called a towing company. If you don’t want to spring for “official” parking in designated venue-owned lots, ensure surrounding lots have signs of legitimacy – such as booths, uniformed attendants and real signs noting the name and phone number of the company versus “Park Here” painted on plywood.

Car rescue and repair ripoffs. Stranded in a parking lot? Before relying on the kindness of strangers, make sure a help-offering Good Samaritan isn’t angling for a quick payment to “fix” a problem he caused. Such malevolent mechanics typically wait in parking lots, looking for their top targets – women in their 70s and those whose vehicles have out-of-state license plates. After their prey parks, they disable vehicles by deflating tires or disconnecting wire or cables after popping the hood of older or unlocked vehicles…then offer help when their mark returns. Advice: Before accepting assistance, politely inform parking lot helpers that while you appreciate any assistance they can provide, you cannot pay for their services. The crooks will likely drive off, and if you’re not a member of AAA, realize that police can lend a hand, and many auto insurers and vehicle manufacturers (especially for newer models) offer emergency roadside assistance.

Home heists help. Parking lots at movie theaters and shopping malls can help burglars pull off a successful heist. How? After waiting until a car’s occupants go inside, they can break into cars specifically to get addresses from vehicle registrations and auto insurance cards. Knowing they at least a two-hour window of opportunity (at least for movie-goers), these crooks then drive off to burglarize the victims’ homes. Although this isn’t how most home burglaries occur, it does happen. To prevent potential problems, keep your address-revealing documents and GPS in a locked glove compartment, hidden under a seat or truck wheel well, or carry these items with you.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.



Source link

Most Likely to Be Scammed? Not Seniors, but Millennials

Most Likely to Be Scammed? Not Seniors, but Millennials


Gray-haired folk have long held “most scammed” status, but it may be time to pass on that unfortunate legacy. While the retirement-aged are targeted most often, increasing data shows that it’s millennials — our children and grandchildren ages 18 to 35 — who are most likely to lose money to fraudsters. Consider these recent findings:

Phone scams. About 1 in 10 American adults lost an estimated $9.5 billon to phone scams last year. Leading the pack were millennial men between ages 18 and 34, who were three times more likely to be victimized than the overall population, reports mobile communications company Truecaller, which offers a spam-blocking phone app. Its Harris-conducted survey of 2,000 adults finds that 33 percent of male mills report losing money to phone scammers; that compares to just 3 percent of males between ages 55 and 64 and 1 percent of men 65 and older. Meanwhile, some 11 percent of female millennials got duped, four times the rate of women 55 and older.

IRS imposter scams. Among the scariest and most successful phone scams: calls from self-described IRS agents threatening arrest, property seizure or deportation. Although millennials are less likely than Gen Xers (born between 1965 and 1984) or boomers (born 1946 to 1964) to receive tax scam calls, they are six times more likely to reveal credit card and Social Security numbers and other sensitive information, finds another just-released survey of 1,000 adults. Roughly 17 percent of millennials confessed that they had forked over ID theft-worthy details to mystery callers who could cite the last four digits of their Social Security number (as tax scammers often do), compared to only 3 percent of Gen Xers and 2 percent of boomers.

Job scams. Overall, about 1 in 6 job seekers have been scammed while searching for work online, and the highest gotcha rate is among that generation considered the most tech-savvy — millennials. In a 2015 survey of 2,600 American adults, job-search website FlexJobs finds that 20 percent of millennial job seekers got scammed, compared to 13 percent of those in their 60s.

Tech support scams. Millennials, especially men between 18 and 35, are the most often targeted and leading scammer-paying victims tricked by phony pop-up ads or alerts warning of a crippling computer virus. The top danger zone to snag most-duped male mills in these tech support scams: porn websites.

Everyday fraud. In its own research of more than 2,000 adults last year, the Better Business Bureau finds that some 30 percent of those between ages 25 and 34 lost money to scammers; it’s only single digits among those 55 and older.

What explains these trends? As experts continue to study the “whys,” the leading theories:

  1. We’re better prepared. Older is wiser — at least when it comes to recognizing that we’re vulnerable to scams. And heeding news, advice and warnings by AARP’s Fraud Watch Network and others, we are better able to spot scams and act accordingly. Tracking some 30,000 consumers targeted in different schemes, the BBB finds that nearly 9 in 10 seniors recognized the scam in time, with only 11 percent reporting they lost money. Millennials, meanwhile, lose money three times more often, likely being duped because they are clueless or could care less about educating themselves to prevent scams.
  2. Millennials think they’re invulnerable. Ask mills to describe the typical scam victim and their usual reply: an elderly, naive woman with less income and education. (The reality is younger college graduates have the highest gotcha rates.) While scam-savvy oldsters know that anyone is vulnerable, some researchers believe that millennials are most likely to have an “invulnerability illusion” — the belief that other people are more vulnerable than themselves. That mindset leads to more impulsive decision-making.
  3. They overuse and overtrust technology. Raised with the internet and cellphones, the average millennial, studies say, spends about 18 hours per day using some type of digital media. Because they are so familiar and comfortable with technology, defenses (and common sense radar) can take a back seat. Compared with other age groups, millennials are more likely to be careless with their tech — such as not using passwords to lock computers and cellphones and accessing financial accounts and doing online shopping on risky public Wi-Fi.
  4. They overshare. Tweets about breakfast. Selfies over lunch. Millennials love to share their lives online with who-knows-who, and that often includes details best kept private — names, birth dates, likes and dislikes, and other personal information that could be used for identity theft and scam-targeting sucker lists. Promise them a prize or other “tangible benefits,” and the majority of millennials willingly share their personal information with even unrecognized online askers. And guess which age group, says online security firm Norton, most likely willy-nilly shares their computer and cellphone passwords? No surprise (again): those between 18 and 34.

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: iStock/Zinkevych

Also of Interest

 

See the AARP home page for deals, savings tips, trivia and more.



Source link

From Pop-Up Warnings to $9 Million Payout: Inside the Tech Support Scam

From Pop-Up Warnings to $9 Million Payout: Inside the Tech Support Scam



How do scammers reap more than $9.5 million with phony pop-up ads or blinking alerts warning of a crippling computer virus or security problems?

Their scareware success usually starts with “malvertisements” (malicious online advertising intended to damage or disable computers), which are designed to trick their prey into believing the bogus bug and calling a designated “support line” for help. It usually ends with a victim-made call lasting 17 minutes and a request for an average $291 to supposedly “repair” the feigned problem.

And the intriguing in-betweens? It’s all part of a new study, reported as the first analysis of its kind, by researchers at the National Security Institute (NSI) at Stony Brook University, who spent eight months studying the tactics of tech support scammers.

First, they built a tool — ROBOVIC, short for Robotic Victim — to automatically crawl the web to find the scammers. After collecting some 25,000 domains and thousands of phone numbers used in these schemes, the three researchers made 60 calls to various scammer-provided numbers displayed in pop-up warnings, posing as recruited “victims.” What they learned:

  • To spread malware that generates the bogus pop-up warnings — sometimes disguised with a Windows blue-screen background to make it more believable — fraudsters obtain thousands of low-cost domain names, such as .space and .xyz (which, after .com, .net and .org, is the fourth most-registered global top-level domain name on the internet).
  • Most scammer-run domains have a life span of only 11 days, with about half of scam domains operating no longer than three days. Con artists frequently use URL shorteners, to better hide on legitimate websites.
  • In addition to bogus warnings, these scams sometimes use intrusive programs and other techniques so computer owners can’t close their browsers or leave the “Call this number” page.
  • Of some 5 million pages visited, ROBOVIC discovered about 22,000 tech support scam pages hosted at roughly 8,700 domains. With previous research on fake antivirus scams indicating about 2 percent of targets fall for such ploys, the researchers estimate that each domain generates $2,000 per day.
  • Once targets call, swindlers usually follow a script. First, they say they need to learn more about what could have caused the alert, leading prey to a designated website to “run tests.” There, a remote administration tool is loaded so scammers can access their computers. Asking would-be victims about recent usage, they offer “all is not lost” assurances to incentivize callers to pay for bogus repair services.
  • In backtracking the scammers’ connections to their PCs, the Stony Brook team determined that the overwhelming majority of these con artists (some 85 percent) operate in India. About 10 percent work in  the U.S., and about 5 percent in Costa Rica.
  • Although 15 telecommunications providers were used, more than 90 percent of scammer-controlled support-line numbers were routed through four VoIP services — Twilio, WilTel, RingRevenue and Bandwidth.
  • Scammer call centers employ an estimated 11 tech support fraudsters.
  • Prices for rip-off repairs ranged between $70 and $1,000, but the average price was $291. All told, the research teams estimated that $9.7 million in profits were made from these scams.
  • The bottom line, according to lead researcher Nick Nikiforakis: “Don’t trust what your browser tells you about the safety and security of your system. People need to understand there’s no legitimate scenario where your computer will start beeping and ask you to call a toll-free number.”

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo credit: iStock/daboost



Source link

Smart Moves to Hack-Proof Your “Smart Home”

Smart Moves to Hack-Proof Your “Smart Home”


With innovative and in vogue “smart home” devices, you can control your home’s lighting, temperature, sprinkler system, door locks, TV, even dinner…all with a smartphone app. Maybe that’s why these high-tech household helpers are already in millions of American homes – with predictions that by decade’s end, some 50 billion household devices will be connected to the internet via the user’s home Wi-Fi network.

But these gizmos, part of increasingly popular Internet of Things technology designed to help homes operate more easily and efficiently, also bring risk. Millions have already been hacked, used for nefarious purposes ranging from screaming obscenities at a baby to being enlisted as soldiers in a botnet army that, temporarily knocked  offline top websites including Amazon, PayPal, Netflix and Twitter, as demonstrated last October in what some experts believe was a “test” cyber attack to gauge vulnerabilities.

And the more connected you home is, the better chance cyber crooks can use those devices to track your movements or remotely access your home computer and smartphone to glean email, banking and online shopping data. Your defense:

Change default passwords. Make sure you don’t use the manufacturer’s default password on your router or any smart home device. Most people never change those typically weak, factory-issued passwords – and that’s why so many devices, including routers, printers and cameras, were enlisted for the October attack. Each device should have a unique (and strong) password. A password manager can help: Popular versions that use cloud technology include LastPass, Dashlane and 1Password; apps on your computer’s hard drive include RoboForm, Password Safe and KeePass.

Create separate Wi-Fi networks. You want one for your computers and another for smart home devices. Many routers have a guest network option, which you can use for smart devices. Or you can purchase a separate internet connection for the new-fangled gizmos, or split an existing internet connection using a virtual local area network (with help from a tech-savvy buddy or Geek Squad-type business).

Stay “updated.” Promptly download legitimate updates when you receive a legitimate prompt for your connected device. These can improve function, and include patches for newly discovered security vulnerabilities.

Disable unnecessary features. Deactivate functions you don’t need – especially cameras and microphones, which are hackers’ most favored exploitable features.

Use multifactor authentication. Many smart home device apps offer two-step authentication that users can opt into under “settings.” In addition to your password (something you know), this second layer of protection could be a security key or a one-time code sent to your cellphone (something you have).

Don’t use public Wi-Fi. Turn off the “automatically connect” setting on phones and don’t access device apps in airports, coffee shops or other vulnerable locations.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: iStock/faithiecannoise

 

 



Source link

Beware of These “Last-Minute” Tax Scams, Even if You Already Filed

Beware of These “Last-Minute” Tax Scams, Even if You Already Filed


As the April 18 filing deadline looms, a new wave of tax scams is heating up. Whether you’ve already filed your 2016 return – and especially if not – here’s how to protect yourself from these “last-minute” schemes currently making the rounds:

Don’t trust “update” requests. One popular phishing ploy this time of year involves emails supposedly from tax software providers such as TurboTax or TaxACT. They request users to “update” their information. “These ruses generally urge taxpayers to give up sensitive data such as passwords, Social Security numbers and bank account or credit card numbers,” warns the IRS. In addition to emails, beware of similar “update” requests by phone or text supposedly from tax software providers, banks and credit card companies.

Step lightly on TAP requests. Another info-phishing con: Emails that promise a refund that supposedly come from the Taxpayer Advocacy Panel. While TAP is an authentic volunteer board that advises the IRS on taxpayer issues, it doesn’t deal with refunds, or even have access to any taxpayer’s personal and financial information, notes the agency. There emails are from scammers phishing for SSNs and financial account information.

Know the drill. Tax-related correspondence is mailed; the IRS and other tax agencies do not initiate contact by phone, text or email. In the 2016 season, the IRS saw a 400 percent uptick in phishing and malware attempts, most commonly scam emails claiming information or a problem related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information. These fakes include an attached link, which can harbor malware, that leads to an IRS-mirroring website run by scammer. Note the tinkered address such as “irsgov” (without the dot between “IRS” and “gov”), irs.net, or a similar variation.

Meanwhile, the IRS imposter phone scam is alive and well, preying on taxpayers including recent immigrants. In addition to the usual ploy – threats of arrest, deportation or property seizure over an allege debt – a new spin has IRS imposters promising a refund, a move to trick targets into sharing private information. If the phone isn’t answered, the scammers often leave an “urgent” callback request. Ignore it, instead calling the IRS at 800-829-1040.

Choose preparers to not lose. Good luck finding a preparer this late in the game, but if you’re still looking, some tips to finding one who’s reputable (if only for next year): Check this IRS directory for credential preparers, and here for organizations provided free help. The AARP Foundation’s Tax-Aide program offers free, individualized tax preparation for low-to moderate-income taxpayers at more than 5,000 locations nationwide. If your adjusted gross income was less than $64,000 last year, you qualify for the IRS Free File program. Beware of preparers (especially with temporary storefronts or conduct business at your home) who promise overly generous refunds, want you to sign a blank return, say that fees are based on the size of your refund claim “secrets” loopholes.

Accountants under attack. Let your numbers-cruncher know of these schemes against them: In a new scam, the IRS reports that fraudsters pose as a client (namely, you), asking tax preparers to make a last-minute change to their refund destination, often to a prepaid debit card. Tax preparers are urged to verbally reconfirm information with clients should they receive last-minute email request to change an address or direct deposit account for refunds.

Another scheme: Emails to tax preparers that warn they need to update or access to their own tax preparation software via a bogus “unlock” link that leads to a fake web page, asking for their user name and password so cybercrooks can access client information. Ruses also include other tax prep provider-posing ploys and attempts to steal data such as PTINs, EFINs or e-Service passwords.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

 

 

 



Source link

Why and How College Students are Scammed

Why and How College Students are Scammed


College students are ideal victims for identity theft, with clean or still non-existent credit histories ripe for exploitation…and often clueless to their risks and value to scammers.

They are more likely to boast birth dates and other personal nuggets on social media that can be pieced together by Facebook-trawling identity thieves. Use public Wi-Fi for risky online shopping, banking, and to access email. Open links that hide computer malware touting free music and games, information-requiring surveys and prizes, or intriguing text messages and emails.

If they have credit, it’s usually free of problems being jointly held or otherwise supervised by a parent; if they don’t, even better for scammers to use their identities to open fraudulent accounts for credit cards, loans and utility service. In between classes and keggers, few college students check their credit reports, explaining why those 18 to 24 take five times longer than other age groups to detect identity theft that’s already occurred – and that discovery is often made when they apply for car loans, mortgages and post-degree jobs.

How are college students scammed? The top ruses targeting your children and grandchildren include:

Fake employment. In the latest, fast-growing scheme, scammers place advertisements for phony job opportunities (often administrative work) on college employment websites, and/or recruit students via hacked school email accounts, warns the FBI. Gleaning Social Security numbers, bank account details and other sensitive information, “hired” students (often interviewed in nearby hotel lobbies or other non-workplace locations) are paid with counterfeit checks, instructed to deposit them and wire-transfer a portion to a provided vendor under the guise of job-necessary software or other equipment. Students lose the money wired, any funds drawn from the bogus deposit, and their bank account could be frozen. Plus their SSN and other valuable info is in enemy hands.

Pay now imposters. Using caller ID spoofing to make calls appear to be from the IRS or school financial aid office, scammers phone those with student loans threatening dire consequences – including arrest or non-graduation – unless they immediately pay a non-existent “federal student tax” or other bogus fees. Again, scammers make a quick buck and glean personal details for possible identity theft.

Scholarship and grant scams. These services claim to have lists of “secret” or “guaranteed” awards for current and future college students, or will provide no-fail help with paperwork. They demand upfront fees and then don’t deliver. The better route: Get reputable scholarship info for free at websites like FinAid and FastWeb, or directly from individual colleges.

 

False freebies. From must-have gizmos touted in surveys and bogus social media giveaways to free-trial offers of acne creams, gym memberships and you-name-it, expect attached strings, such as having to provide ID-worthy personal details, credit cards and hard-to-cancel memberships.

 

Credit card cons. Offers are all over campus and the internet, but beware. Plastic pitched heavily to college students often have sky-high interest rates and/or annual fees. Others are from identity thieves who merely pose as credit card companies. When shopping for credit and prepaid debit cards, stick with recognized and reputable names; run from anything with an APR near or above 25 percent or an annual fee of $30 or more.

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: Martin Dimitrov/ iStock

Also of Interest


See the AARP home page for deals, savings tips, trivia and more.



Source link

Pin It on Pinterest