Recognizing Different Types of Imposter Scams: Part 2

CSIDImposter scams – when criminals disguise their true identity, pretending to be someone trustworthy in an attempt to obtain money from their victims – can happen anywhere, and to anyone. Imposters go to great lengths to appear real and manipulate their victims, and we’re not seeing any sign of these scams slowing. In order to combat this growing trend, the Federal Trade Commission recently released educational videos and articles to help consumers and businesses alike avoid some of the most common imposter scams facing us today. We took a look at a couple of scams last week – the second of this two-part series discusses the others: grandkid and online dating scams.

Grandkid Scams
This type of scam happens more commonly with the elderly, taking advantage of the bond between a grandparent and grandchild. However, anyone can be affected. Typically, the scammer will give you a call, claiming to be a grandchild or another family member, asking for money to get out of an accident or other fabricated incident.

Before you reach for your wallet, try to determine if the call is legitimate. Contact the person claiming to call directly. You should also check in with someone who knows the person, like a sibling, parent or friend. Don’t send money unless you’re positive the person calling is indeed who they say they are.

Online Dating Scams
In today’s digital world, more and more relationships are being formed via online dating sites. In many cases, relationships begin to develop online before ever actually meeting in person. The lack of face-to-face interaction is a perfect opportunity for a scammer to strike. Perhaps they’ll have a sick relative, or their car is just giving them all sorts of trouble, or they’re late with their rent. It’s a different excuse every time, with all requesting the same thing: money.

If you do suspect someone of attempting to scam you, report it at FTC.gov/imposters. Have you been a victim of a scam? Join the conversation on FacebookTwitter and LinkedIn.

By | July 14th, 2016|Malware and Scams, Online Safety|0 Comments

Recognizing Different Types of Imposter Scams: Part 1

CSIDImposter scams – when criminals disguise their true identity, pretending to be someone trustworthy in an attempt to obtain money from their victims – can happen anywhere, and to anyone. Imposters go to great lengths to appear real and manipulate their victims, and we’re not seeing any sign of these scams slowing. In order to combat this growing trend, the Federal Trade Commission recently released educational videos and articles to help consumers and businesses alike avoid some of the most common imposter scams facing us today. The first of this two-part series takes a look at some of the most prevalent: IRS and tech support scams.

IRS Imposter Scams
Tax season is already a stressful period for many, and it’s made even worse by imposters pretending to be someone they’re not. We’ve discussed various types of tax fraud in the past, but an IRS imposter scam is a bit different. A scammer will send an email, text or call claiming you owe taxes, or there that there is an issue with your return, and can even rig your caller ID to look official. These are alarming messages for anyone to receive, and a scammer could take advantage of your anxiety to extort money.

Before panicking, remember this: the first method of contact from the IRS is always via a letter in the mail. If you’re receiving a message in any other format, especially if it’s suggesting paying with a debit card or wire transfer, it’s likely bogus.

Tech Support Scams
With how much time we spend on the Internet, it’s possible we may have picked up a computer virus along the way. Scammers know this, and may pose as a tech company to warn you about a potential infection.

These scammers come with varying intentions. They may want to sell you useless software services, steal your credit card number, or get access to your computer to install malware. If you receive a call or an email like this, take a moment to stop and think. Never give control of your computer or your credit card information to anyone that contacts you out of the blue.

We’ll cover two additional imposter threats in an upcoming blog post. Meanwhile, if you do suspect someone attempting to scam you, report it at FTC.gov/imposters. Have you been the victim of a scam? We’d love to hear from you – join the conversation on FacebookTwitter and LinkedIn.

By | July 8th, 2016|Malware and Scams, Online Safety|0 Comments

Cybersecurity in 2016: Reflections on the First Half of 2016

CSIDWith July just around the corner, it’s hard to believe we’re already halfway through 2016. Throughout the last six months we’ve seen some major cyber security incidents make headlines. According to the Identity Theft Resource Center, since January 1, 2016, there have been a staggering 500 breaches, with over 12.8 million records exposed. The breaches span the verticals of financial services, business, education, government/military, and government/healthcare. If things continue tracking this way, we may very well surpass last year’s total of 780 breaches.

The heaviest hit sector this year was the business sector, coming in at 46.5% of all breaches. Some of the bigger breaches in this category were caused by phishing attacks. In one case, a scammer impersonated the company’s chief executive officer and asked for employee payroll information. The email was not recognized as a scam and as a result, personal information about some current and former employees was disclosed.

This underscores something we have stressed time and time again on this blog: the importance of education at the business and consumer levels. While cyber criminals continue to develop new skills, we’re seeing the same techniques being used in attacks. According to Gartner’s recently-released security predictions, “through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year.”

The good news about this is that protecting our identities is largely in our hands. By creating long, strong and unique passwords across accounts, being careful about what and where we click, keeping an eye on any suspicious activity, and enlisting the help of a third-party monitoring service, we can stay one step ahead of cyber criminals.

When it comes to reversing the trend of growing breaches, we all play a role. How are you committing to safe cyber practices for the rest of 2016? Share with us on FacebookTwitter and LinkedIn.

By | June 30th, 2016|Data Breaches, Industry News|0 Comments

Celebrating 10 Years of Identity Protection

CSIDCSID started in 2006 with four founders. We now have more than 180 employees, offices in four different locations around the globe, and our products and services are being offered in multiple languages on multiple continents. As I look back on the past 10 years, there are two principles we’ve put front and center at CSID that I am particularly proud of and that have enabled this incredible growth: our innovation and our company culture.

In the past 10 years, we have redefined what the identity protection industry is. We don’t like seeing instances of identity theft. We don’t like seeing headlines about large-scale breaches. But we are pleased to bring to the table a number of innovative solutions that help address these growing issues. We have helped millions take a proactive approach to monitoring their identities and personal information through our technologies; and we have helped thousands get their lives back after becoming a victim of identity theft or fraud.

This innovation wouldn’t have been possible without the incredible team we have at CSID. We have an environment that fosters creativity and collaboration. We work hard to attract the best talent in Austin, the US and the world. Employees may come for the job, but they stay because they enjoy the culture, the opportunities and the people they work with. I know I do.

For the past 10 years, we have been motivated to be the best at what we do. We will approach the next 10 years with the same mentality. And we will have a lot of fun while doing it.

By | June 24th, 2016|Company News|0 Comments

National Internet Safety Month: Staying Safe While Traveling

CSIDJune is National Internet Safety Month, which began in 2005 in order to raise awareness around the need for online safety, especially among children and teens. In honor of Internet Safety Month, this week we’re taking a look at keeping your information secure while traveling.

But before you pack your bags, it’s important to understand that summer travel, and any travel, can put a target on your back for cyber criminals. Fortunately, there are some easy tips you can follow to keep you secure no matter where you go:

Be mindful of what you bring
While you may need to bring your license and passport if traveling abroad, keep other personally identifiable information (PII) at home. There is no need to bring things like your Social Security card, bank account statements or medical documents. These documents can be easily traced back to you, and if you misplace them during your travels, it can put you at risk for identity theft.

However, things you should keep with you when you travel are your personal devices. Avoid the urge to check larger devices in your luggage. While a laptop or camera may add a bit of bulk to your carry-on, it’s worth having the peace of mind of knowing the location of these items that store your data at all times.

Avoid using public Wi-Fi
Avoid purchasing flights or accessing sensitive websites (like your bank account) on any device while connected through public Wi-Fi or unsecured networks Also, remember to turn off your phone’s auto-connect Wi-Fi feature during your entire trip. When you’re at the airport, in a café, at a bookstore, or other similar places, using public Wi-Fi can increase the risk of signal sniffing and identity theft.

Be in the moment
Resist sharing your vacation on social media while you’re away from home. Posting a photo of your latest zip lining adventure may make your friends jealous, but it also alerts criminals that you’re not at home. To prevent a break-in from an opportunistic criminal, wait until you return before sharing your photos. Don’t worry – your friends will still be envious of your trip.

Have more traveling tips to share? Join the conversation over on Facebook, Twitter and LinkedIn, and check out our blog post on loyalty reward program scams for more traveling advice.

By | June 23rd, 2016|Online Safety|0 Comments

National Internet Safety Month: Creating a Conversation at Home

CSIDJune is National Internet Safety Month, which began in 2005 in order to raise awareness around the need for online safety, especially among children and teens. In honor of Internet Safety Month, this week we’re diving into how to start a conversation with your family around Internet security.

Late last year, it was reported that teens spend nearly nine hours every day in front of some form of media channel. Pew Research Center also recently found that, “… aided by the convenience and constant access provided by mobile devices, especially smartphones, 92% of teens report going online daily — including 24% who say they go online ‘almost constantly.’”

With so much time spent online it’s clear that, perhaps more than ever before, parents need to start a conversation around Internet security with their children.

What dangers may be associated with so much time spent online? One that may not be immediately obvious is the growing trend of child identity theft. As adults, we know using the Internet comes with certain risks, but parents often do not realize that their children face these same risks while online. This is especially troubling considering young people are already much more vulnerable to identity theft: children are 35 times more likely to have their identities stolen than adults. In our 2013 survey on the subject, CSID found that 52 percent of parents are not taking measures to prevent the misuse of their child’s online information.

These statistics underscore the importance of starting a conversation with your children about online risk. Here are some pointers to get started:

  • Talk to your child about privacy: Teach your child what types of information should be kept private, and talk to them about the importance of guarding this information, both online and in person. Remind them that they should check their social media privacy settings every few months to make sure their information stays private.
  • Teach your child to recognize scams: Fraudsters can send texts or emails that look like they’re from a familiar source –tricks which young people are especially prone to falling for. Tell your kids not to click on links or respond to messages that ask for personal information.
  • Educate your child around password best practices: Encourage kids to create long, strong and unique passwords, especially for their social media accounts. Strong passwords should be a cryptic combination of upper and lowercase letters, numbers and special characters.
  • Ask about your child’s gadgets: Have your child show you their gadgets – gaming console, cell phone, computer, tablet – and familiarize yourself with them. Use this time to recognize the unique risks, and opportunities for to bolster security on each device.

Have more online privacy tips to share? Join the conversation over on Facebook, Twitter and LinkedIn, and check out our blog post “5 pieces of information kids should not share online” for more child identity theft protection tips.

By | June 17th, 2016|Industry News, Online Safety|0 Comments

National Internet Safety Month: Gaming and Hacking

CSIDJune is National Internet Safety Month, which began in 2005 in order to raise awareness around the need for online safety, especially among children and teens. In honor of Internet Safety Month, let’s hone in on the gaming industry, one area in particular that has caused a huge growth in the popularity of hacking.

More than ever before, we’re seeing less skilled, younger individuals getting involved in cybercrime. Attacks no longer require years of experience and an advanced technical background. Tools to carry out sophisticated attacks are now easily assessable, easy-to-use and affordable on the dark web. Just three years ago, a majority of cybercriminals were in their late teens or early twenties. Now, we’re talking about nine and 10-year olds, which are being introduced to hacking at an early age. How are youngsters hearing about the dark web, then? One answer: video games.

Popular games are attracting a younger and younger demographic. When kids sit down to play a game, everyone gets competitive. Some have started to hack accounts in order to come out on top. This is where kids begin to be exposed to the illegal world of the dark web. Take Distributed Denial of Service (DDoS) booting services, which have grown in popularity. These DDoS services allow an individual to take control of another individual’s IP address to knock them out of a computer game. And, it doesn’t stop there.

Before gaming gets out of hand, parents need to play an active role in their child’s online safety. First, they need to start thinking about technology or the Internet as a place that’s integrated with our daily lives, not a separate world. Stay up-to-date on the latest technology your child engages with, like gaming consoles or a hot new app. For some of these video games, the age requirement is 18 years and old, where young children are being exposed to potentially harmful environments. Parents should be held accountable for keeping their children safe.

If kids are gaming maliciously, parents must be on the lookout and be willing to start conversations around the real consequences of criminal activity. That’s where we can truly begin cutting down on cybercrime among the younger generation. Want to join in on the gaming conversation? Share your thoughts on Facebook, Twitter and LinkedIn.

By | June 10th, 2016|Online Safety|0 Comments

Passwords Going the Way of the Dinosaur?

CSIDWe have discussed passwords many times on this blog and how poor password habits, such as easy-to-guess logins and reusing passwords across multiple accounts, can easily lead to identity theft and fraud. Password management can be difficult – we get it – and so does Google.

At this year’s Google I/O conference, the company announced Trust API, a new feature that will be available to Android developers by the end of the year that uses a combination of biometrics to create a “Trust Score.” The API uses biometrics such as your location, typing cadence, and facial recognition to determine if you are who you really say you are. If the Trust Score is over a certain number, the device will automatically log you in – no password or pin needed. If the Trust Score falls below a certain threshold, a password and two-factor authentication may be required.

Consumers often use easy-to-guess passwords and reuse them across multiple sites because they simply don’t want to remember multiple passwords. The same goes for two-factor authentication. Most consumers don’t turn on two-factor authentication because they want to access sites quickly, without the added step of entering a pin or answering a question. People want ease of use. We explored the issue in a 2012 survey that found that 61 percent of respondents reused passwords across multiple sites and 44 percent changed their passwords once a year or less. Despite the many high profile breaches over the past four years, it doesn’t seem like password habits have improved. Identity and access management firm, Gigya, conducted a similar survey last month and found that 56 percent of respondents used passwords such as names and birthdates, and only 16 percent created a unique password for each of their online accounts.

But are consumers ready to embrace biometrics such as location tracking and typing cadence? We’ll have to wait and see. The fact remains that our current password system has a lot of flaws and it is going to take a combination of consumer education and new technologies to reduce the impact of stolen and hacked passwords on consumers and businesses.

What are your thoughts on Google’s Trust API? Share with us on our social – on Facebook, Twitter and LinkedIn.

By | June 3rd, 2016|Industry News, Online Safety|0 Comments

Memorial Day Bargain or Scam? Tips for Secure Online Shopping

CSIDNational holidays are a time to get together with family, enjoy some time off, and relax. Unfortunately, they’re also a gold mine for cyber criminals. With Memorial Day almost upon us, retailers are promoting their special offers for the holiday weekend. To keep your online shopping deals from turning into a hacker’s opportunity to steal, here are some security best practices to keep top-of-mind:

  • Update your devices. Any device you use for shopping should have the latest security software, operating systems, programs, and applications. Just as you update your computer, make sure to do the same for your tablet, smartphone, or any other device you use to make purchases. In addition, avoid shopping on any device while connected through public Wi-Fi or unsecured networks.
  • Know your merchant. When making online transactions, make sure you’re dealing with a reputable site and take a careful look at the website’s URL. A good indicator that the retailer is legitimate and has a secure payment portal is if your web browser’s address bar displays a closed, green padlock.
  • Be aware of phishing scams. Email phishing scams are always a threat, but be especially wary during peak shopping seasons. Be aware of any misspellings in communications and “too good to be true” deals from a retailer. When in doubt, just go to the site directly by typing in the URL to your browser. Make sure to delete any suspicious emails and mark them as “spam.”
  • Protect your personal and financial information. Be aware of the information that is being collected to complete your purchase. Only fill out what is required and understand the merchant’s privacy policy – know how your information will be stored and used for current and future purchases.
  • Keep track of payments. Keep records of your online transactions and monitor your bank and credit card statements to make sure there are no fraudulent purchases. Credit cards are often the best option for online purchases because if there is any suspicion of fraud, your creditor can investigate and remove the charge if it is indeed fraudulent.

For more online security tips, be sure to follow us on Facebook and Twitter. Stay safe out there and have a great long weekend.

By | May 27th, 2016|Identity Protection, Malware and Scams|0 Comments

Social Media Dos and Don’ts

CSIDMost of us use multiple social media platforms every day to connect with our friends, family and coworkers. While these platforms allow us to feel closer to our followers near and far, it is not without risk. Malicious online criminals may target social media profiles to make use of our life’s most private details.

Check-ins at our favorite restaurants, vacation flight details and even selfies can reveal more than we originally intend. The same information we share on Facebook, Twitter and LinkedIn can be manipulated to access private accounts, create fraudulent identities, threaten our reputations offline and more.

Before you click, tweet or type your next update, make sure you are protecting your information:

DO: Create a long, strong and unique password for your social media accounts. Strong passwords should be a cryptic combination of upper and lowercase letters, numbers and special characters. Do not use the same password and login combination across multiple accounts.

DO: Use two-factor authentication on social accounts. Many sites, including Facebook, allow users to enable this second layer of protection on accounts. For Facebook, when logging in to a new device, you’ll need to use your password and enter a timed PIN that is sent to your phone. Other accounts may require biometric information, like a fingerprint. This helps further safeguard your information and accounts.

DON’T: Don’t share location details. Sharing information like your home address in your social networking profile or checking-in at a restaurant can put you at risk for identity theft, or worse, alert criminals to your whereabouts. The same goes for sharing details of when you are not at home, like posting photos while on vacation.

DO: Keep your social apps updated. The latest versions may fix bugs and help keep your identity secure. For extra ease, consider turning on automatic updates.

DO: Re-examine your privacy settings on all social accounts. Social platforms are constantly tweaking their privacy options and policies. What you think is being shared with just your friends may be reaching a much larger audience, including strangers. Check your settings every few months to make sure your information is as private as possible.

DON’T: Don’t post harmful comments online. Think about the impact of your words. Post about others as you want them to post about you. Remember, your comments and posts live long after you’ve deleted them.

DO: Delete old apps and profiles on social media sites you no longer use. This often goes beyond deleting an app from your home screen. Follow their instructions online to make sure all your information is removed.

DO: Read the news and stay up to date on social media platforms, privacy policies and news. Check trusted websites for the latest information.

DON’T: Don’t take cyberbullying or cyberstalking lightly. Both of these issues can affect the self-esteem of users of all ages. Parents, create a conversation with your children and teenagers about the dangers of online harassment. If a situation arises, talk to your children, their school and even law enforcement if necessary.

What are your social media best practices? Share with us on our social – on Facebook, Twitter and LinkedIn.

By | May 19th, 2016|Online Safety|0 Comments
Load More Posts