SpireTech Blog - Tag: Scam
Avoid online scams by following these tips.
At SpireTech, our managed services clients often contact the helpdesk to determine if an email is fake or not. We thought it’d be helpful to put together a short instructional video to help you identify some common signs that an email is a phish or fake email.
While this doesn’t cover all the possibilities, we think it hits on the most common ones. Another thing we’re seeing occasionally is a real, targeted email to a client purporting to be be from an owner of the company or a vendor. Always pick up the phone if there’s any question on the validity of an email, and contact our service desk if you need help!
used with permission from Microsoft On the Issues, by Athima Chansanchai
And then, before you know it, responding to these warnings has delivered your passwords and personal information to scammers, your PC is under their control and now they’re extorting you by peddling bogus security software and services.
A new Microsoft survey of 16 countries released this month, focused on tech support scams and their impact on consumers, shows less people are now susceptible to these scams. And the percentage of respondents who’ve been exposed to them is decreasing. Overall, people are losing less money. This 2018 Global Tech Support Scam Research report follows an earlier one Microsoft released in 2016.
Just in time for October, National Cybersecurity Awareness Month, this research revealed consumers have developed a healthy skepticism about unsolicited contact from technology and software companies. Read more...
used with permission from FTC.gov., by Amy Hebert
Tech support scams, which get people to pay for fake computer help or steal their personal information, are convincing. You might already know the signs of a tech support scam, but do your friends and family? Here’s what they need to know now:
- Companies like Microsoft don’t call and ask for access to your computer. If you get a call like that, it’s a scam.
- Real companies also won’t ask for your account passwords. Only scammers do.
- Tech support scammers try to convince you they’re legitimate. They’ll pretend to know about a problem on your computer. They’ll ask you to open normal files that look alarming to make you think you need help.
- If you do need computer help, go directly to a person, business, or website you know you can trust. General online searches are risky because they might pull up another scam.
used with permission from FTC.gov., by Cristina Miranda
It’s enough to send shivers down anyone’s spine, but these chilling words are part of a new scam targeting men.
Here’s how it works. Scammers have been sending letters to men, demanding payments using bitcoin in exchange for keeping quiet about alleged affairs. The letter also explains how to use bitcoin to make the payment.
This is a criminal extortion attempt to separate people from their money.
If you — or someone you know — gets a letter like this, report it immediately to your local police, and the FBI.
Threats, intimidation and high-pressure tactics are classic signs of a scam. Learn how to stay ahead of clever crooks with these practical tips, and check out the ways you can keep your personal information secure.
used with permission from FTC.gov, by Colleen Tressler
Skimmers are illegal card readers attached to payment terminals. These card readers grab data off a credit or debit card’s magnetic stripe without your knowledge. Criminals sell the stolen data or use it to buy things online. You won’t know your information has been stolen until you get your statement or an overdraft notice.
Here are a few tips to help you avoid a skimmer when you gas up:
- Make sure the gas pump panel is closed and doesn’t show signs of tampering. Many stations now put security seals over the cabinet panel. If the pump panel is opened, the label will read “void.”
Photo credit: National Association of Convenience Stores (NACS) and Conexxus
- Look at the card reader itself. Does it look different than other readers at the station?
used with permission from FTC.gov., Lesley Fair
There’s been a lot of talk about “ping trees” and other activities associated with the lead generation industry. The FTC’s concern is that consumers don’t get ponged in the process. A proposed settlement gives a glimpse into how one lead generation company operated and offers insights for businesses about compliance considerations when the “product” in question is consumers’ personal data.
Arizona-based Blue Global operated at least 38 internet domains with names like 247loan.com, clickloans.net, onehourloan.com, and netloanusa.com. The sites offered services to consumers looking for anything from small payday loans to installment loans of as much as $35,000. Consumers completed online loan applications that required scads of personal information — the usual stuff, of course, but also bank routing numbers, driver’s license numbers, dates of birth, and Social Security numbers.
So Blue Global lent money to consumers? No, that’s not what was going on. Read more...
As some of you may already be aware of, there has been a large scale email phishing attack that impersonates a Google Docs request. Although it may appear that the email requests are coming from a known sender or domain, they are using techniques to spoof those addresses. These emails contain hyperlinks or files that contain Trojans, worms, or other malicious executable files that can hijack your system and potentially your network if gone unnoticed. Please take extra effort to watch for any emails you receive that might have a subject line “You have received a new document from firstname.lastname@example.org” with a sender of “Google Documents”, or unknown sender. If you do receive any emails that match this description, do not open any attachments or follow any links. If you have any concerns, or questions please reach out to our support team.
used with permission from the FTC, by Rosario Méndez
Lately we’ve been hearing about scammers who reach out to small businesses through Facebook messages. People have reported receiving messages on Facebook telling them that they’re eligible for – or that they’ve won – a business grant. If you get a message like this through your personal Facebook account or on your company’s page, don’t respond. It’s a scam. The government won’t contact you on social media to offer you money.
Some business owners responded to the messages because they appeared to be from a “friend.” Know this: scammers can spoof social media messages to make them look like they’re coming from someone you know or have done business with. Read more...
used with permission from Norton by Symantec, by Christina Schubert
There is a big demand for stolen identities in the underground economy. Criminal outfits specializing in identity theft will go to any lengths to get their hands on your information.
So what do these thieves do with your information?
Your personal information in the hands of these criminals means you are putting your finances and your reputation at risk.
It takes less than 30 seconds for a criminal to drain your bank account. They can run up your credit cards, open new credit card accounts, get medical treatment, the list goes on.
Sometimes a thief can file a tax refund in your name and get your refund. In extreme cases, a criminal can give your name to the police during an arrest. Read more...
used with permission from Norton by Symantec
Sophisticated cybercriminals have devised a way to steal email credentials that bypasses two-factor authentication security and doesn’t rely on otherwise easy-to-spot phishing methods. Here’s what you need to know to protect yourself from this email password stealing scam.
Who is affected?
Symantec researchers have found this scam largely targets Gmail, Hotmail, and Yahoo Mail users. However, everyone with an email account should be aware of how this scam works to avoid falling victim.
How does the scam work?
To initiate this scam, cybercriminals need to know the email address and associated phone number of the user. Both of these contact details can often easily be obtained. With this information handy, an attacker can then capitalize on the password recovery feature that allows an email user to gain access to their account by a verification code sent to their mobile. Read more...