Archive

Posts Tagged ‘scams’

5 Places to Never Use a Bank or Credit Card

September 18, 2015 Comments off

Contributed Article By: Shaun Murphy, CEO Private Giant

According to ConsumerCredit.com, 80% of consumers use their debit cards for everyday purchases like gas, meals and groceries instead of cash. While a card is more convenient to simply swipe through a machine versus counting out change and worrying if you have enough cash on hand to make a purchase, it is not always the safest way to pay. Cash cannot be traced to a bank account or to other personal financial information like a bank or credit card can.

Privacy and security expert Shaun Murphy, founder of Private Giant, has identified five places consumers should never use their bank or credit card in order to help prevent their identity from being stolen and to protect their personal information.

Here are the places you should think twice before swiping or entering those priceless digits:

1.) Online shopping sites that are not secure. Before you enter your credit or bank card information, look for the lock icon without any overlays. While you are checking out, you should see this icon in your web browser:

HTTPS - Secure Connection

Not either of these:

HTTPS-Bad1  or  HTTPS-Bad2

Some sites, Amazon included, will not show you a lock icon until you login to your account or begin the check out process. This means anyone can see what you are shopping for while you are browsing.

2.) Hidden / out of view terminals. A hidden terminal could be as simple as the gas pump furthest away from the center or an unattended station for automatic checkouts at the grocery store. These are sweet targets for credit card skimming devices that can sit there for months without anyone noticing.

3.) Cell phone charging stations. While it may sound convenient to swipe your card to charge your phone for free when the battery is nearly dead, but you should think again. Despite being ripe for credit card skimming or nefarious credit card information storage, these devices can also dump the information from your cell phone while charging! This attack method even has a cool name: Juice Jacking!

4.) Apps (desktop or mobile) that ask you for your credit card information outside of the normal app store. Chances are this is not a legit application, especially if it is threatening you (you have a virus, please deposit $10… or I’ve encrypted all of your files and I’ll unlock them for a price.)

5.) Services that claim to be free or a free trial but still need you to input a credit card before you can start using it. It is almost guaranteed that service is either going to scam you or sign you up for some paid service that will be impossible to cancel.

Now, if you are wondering how exactly you are supposed to pay for the services you need in situations like those listed above there are a few options. One of the easiest is to use your bank or credit card to buy one-time use/reloadable cards that do not have ties to your personal information. Just make sure when you are checking out at the store that you go to a clerk, not a self-checkout lane.

KnowBe4 Issues Alert: Social Engineering Threats Soaring

December 3, 2014 Comments off

KnowBe4Tampa Bay, FL (Dec 3, 2014) KnowBe4 issued an alert today warning of a recent spate of high profile social engineering attempts targeted at prominent businesses. One such attack includes high profile financial advisors, officers and deal makers, thought to be an attempt to gain a Wall Street edge. The FBI also alerted private sector companies that targeting of their networks is a significant threat as reported by Reuters lateMonday. Not to be left out, small business and consumers are being targeted with fake IRS agents looking for a little extra dough for the holidays along with an uptick in phishing emails posing as  Costco, Home Depot and a variety of shipping sources.

Stu Sjouwerman, KnowBe4 CEO said, “Hackers will use as many avenues to break in as they can dream up, but social engineering is one of the favored. We are hitting the season when online shipping is at a peak and employees become much more complacent. It is important to keep users alert and aware of how much a target they are, especially during scam season.” Furthermore, Sjouwerman warns, “I cannot think of a more urgent reason to step all employees through effective security awareness training to keep them on their toes with security top of mind.”

Similar to a magazine’s editorial calendar, hackers have a “scam calendar” that focuses on events and opportunities to take maximum advantage of unsuspecting users or lax employees. These malware campaigns don’t discriminate between home or office and use social engineering to trick users. Millions of such phishing emails are sent each day and just one user in a hurry clicking on something might take down a system or a company.

Sjouwerman offers this advice:

1) Be on the lookout for “Shipping Problem” emails from from FedEx, UPS or the US Mail, where the email claims they tried to deliver a package from (for instance Apple Computer) but could not deliver due to an incomplete address. “Please click on the link to correct the address and you will get your package.” If you do, your computer is likely to get infected with malware. Warn everyone in the family, especially teenagers.

2) Watch out for alerts via a TEXT to your smartphone that “confirm delivery” from FedEx, UPS or the US Mail, and then asks you for some personal information. Don’t enter anything. Think Before You Click!

3) Reiterating a warning KnowBe4 sent out a few weeks ago, there is a fake refund scam going on that could come from a big retailer. It claims there was a “wrong transaction” and wants you to “click for refund” but instead, your device may be infected with ransomware.”

If not a customer, KnowBe4 will allow IT managers to create a free account and send a simulated phishing test to 100 users to see what the Phish-prone percentage of your organization is.

For more information visit: www.KnowBe4.com

Additional links:
Reuters story: http://www.reuters.com/article/2014/12/01/us-sony-cybersecurity-malware-idUSKCN0JF3FE20141201
Social engineering: http://www.knowbe4.com/what-is-social-engineering/
Security Awareness Training: http://www.knowbe4.com/products/kevin-mitnick-security-awareness-training/
Ransomware: http://blog.knowbe4.com/bid/400080/New-Flavor-of-Ransomware-Is-More-User-Friendly

About Stu Sjouwerman and KnowBe4

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.

About Kevin Mitnick

Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.

Experimental Film Fest

A refuge for art house, avant-garde, experimental, exploratory, and silent cinematic creations

False Pretense Films

Films with a Twist

I'm Just Trying to Help

Helpful Hints, Tips, Tricks, and Info

5K a Day 2017

Our 2017 fitness goal

The securityNOW Podcast Show

Cybersecurity News and Interviews

LoneStarFreedomPress

Phoenix Republic - The Lone Star Gambit / Sovereign's Journey

%d bloggers like this: