Protect Yourself From Cyber Scams – Part 2

In our last post we looked at common web and phone based scams that I have seen personally, or have been targeted at a client.  Today we will examine other scams that are popular with cyber-criminals.

Some of these are targeted at specific industries or at people in positions of leadership or ownership of an organization or business.

  • Charity scams – This is usually a fake charity claiming to be collecting funds for a worthy cause or group.  Some common options:
    •  Wounded Veterans
    • Police, Sheriff, and Fire Departments
    • Natural Disaster Relief
    • Medical Research
    • Public Schools
  • Tax Prep – Usually targeted at accountants, tax attorneys, and tax preparers, the perpetrators are usually looking for access to tax filings and other client information.  Usually this happens by sending an email attachment containing a remote access Trojan horse, which provides remote access to their computer.
  • Secretary of State Scam – An email appearing to come from U.S. Secretary of State Rex Tillerson says you are owed a payment due to an FBI investigation.  You can receive this large payment if you send some personal information, bank account and routing number and an advance fee.  The government is going to send you money?  Really?
  • Cell Phone Porting Scam – Scammers collect enough information about you either directly or from online sources to convince your cell phone provider that your phone was stolen and your need the number ported to a new phone on a different carrier.  Then they can use your phone to access other accounts and personal information.
  • Payment Declined – Often associated with Netflix accounts, you will receive a fake email from a company saying your credit card was declined, and asking you to click a link, log in to your account, and re-enter your credit card information.  The perpetrator has your password and credit card information and can use it to male purchases on other websites.
  • Medicare Card Scams – Congress has instructed the SSA to replace Medicare cards with social security numbers with new cards using a different 11 digit number.  Scammers are calling and emailing to get these new numbers.

Remember – it is always about the money, so when you feel someone tugging on your wallet or pocketbook, this is your first clue this may be a scam.  I have a few rules that I follow to protect myself.

  • Be disagreeable – Never say yes, and be as skeptical and disagreeable as you can.  Often the caller will bail on the call before you do if you just provide a little resistance.
  • Give no information – They called or emailed you, after all, and you have no way to verify if their identity is authentic.  Do not confirm your name, it’s spelling, your street address, or anything else.
  • Do not click the link – Do not click on links in emails, or log in at web pages that the link takes you to.  Same goes for attachments.
  • No credit card purchase on unsolicited phone calls – I don’t care if it is a great deal for your local newspaper, a call from a charity, a tech support company.  The rule is:  if they called you, they DO NOT get your credit card number.  If they can’t send you a bill, too bad.

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.