Alerts & Notices
Phishing Scams Summer Edition
It might be time for Summer Vacation but the bad guys never take a break. During these summer holidays make sure you are still aware of all the possible scams out there.
These are some of the most recent Phishing scams emails you might receive :
- Microsoft/Office 365: Secure your Microsoft Email Now-This message spoofs Microsoft and advises users to reconfirm ownership of their account by clicking a malicious link.
- Outlook/McAfee notification and attempts to trick the user into clicking a malicious link to comply with their account requirements.
- Summons Notification: This shocking message informs the user they've violated a Federal Law and provides a malicious link that they need to click on to download more information.
- Western Union:Too many login attempts on your account. This message contains a malicious HTML file that is disguised as updated software and safety precautions the user must follow for security reasons.
- Message from Microsoft:Upgrade to our advanced secure server to prevent phishing attacks-this message contains a malicious link which the user is prompted to click on to migrate to a newer, more secure email platform.
- American Express: you have a new message-This message advises the user that their personal security key has expired and that they must verify their information by clicking on a malicious link.
*Always be cautious when opening emails from an unknown sender*
Google Docs Phishing Campaign
A Phishing campaign Involving Google emails accounts and Docs, is concerning and you need to proceed with caution. The emails appear to be a legitimate Google user inviting you to view a document or file. It is actually authorizing authentication to a malicious party to harvest your credentials.
When it comes to this scam, before clicking on the "Open" or "View" take these steps into consideration:
- Are you expecting email from this user, more specifically a document?
- Is this coming from a legitimate person?
- Does the Document have misspelled words/bad grammar within the subject line or the body
- Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently
- Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
- Before clicking on any e-mail please make sure you know who the sender is. As Always think before you click and be cautious.
Fake Check Scams
The Council of Better Business Bureaus released the findings of its BBB Scam Tracker Annual Risk Report in which they identified fake check and money order scams as the second riskiest scams in the U.S. and Canada.
The BBB warns that the scams take many forms, but the general premise is that scammers take advantage of consumers' lack of knowledge regarding check deposit and wire rules to con them trough over payment scams. The BBB advises consumers to be immediately suspicious of over payments, noting that checks can still bounce weeks after they have been deposited.
Ten Tips to follow:
- Never send money to someone you have never met face-to-face
- Do not click on links or open attachments in unsolicited email.
- Don't believe everything you see.
- Don't buy online unless the transaction is secure.
- Be extremely cautious when dealing with anyone you've met online.
- Never share personally identifiable information
- Don't be pressured to act immediately
- Use secure, traceable transactions
- Whenever possible, work with local businesses
- Be cautious about what you share on social media
Tips to Prevent Tax ID Fraud
With the 2017 Tax season upon us it is important to take some precaution to protect yourself from being affected by fraud. Here are some Helpful tips to keep in mind as you file for your taxes.
- File as soon as you can
- File on a protected WiFi network
- Use a secure mailbox
- File with someone you trust
- Shred what you don't need
- Beware of Phishing scams by email, text, or phone
- Keep an eye out for missing mail
If you believe you are a victim of tax identity theft or if the IRS denies your tax return because one has previously been filed under your name, alert the IRS Identity Protection Specialized Unit at 1-800-908-4490
you should also:
- Respond to any IRS notice
- Contact your bank immediately
- Continue to pay your taxes, even if you must do so by paper
Safe and Secure Online-Seniors
Learn how to be safe and secure while connecting with friends and family in this new digital age.
- Always think before you click.
- Make sure you keep your computer and software updated.
- Create Strong and unique passwords.
- Do not post sensitive information on social media sites.
- Know who you are speaking and connecting with.
- It is better to question what you see in e-mails and pop-ups.
- Be mindful of email and phone call fraud attempts.
- Like always "if it seems too good to be true, it probably is"
October National Cyber Security Awareness Month
The Following are some tips so you and your personal information is secure:
- Always be suspicious of unsolicited phone calls
- Never Open emails from unknown senders.
- Be careful, read the email and look for grammar errors and misspelled words.
- Install security software and keep it up to date
- Back up any data and scan your systems regularly
- Do not Post or provide personal information, such as addresses, phone numbers, social security etc.
- Make Passwords long and strong
- Always be smart about using your devices; do not connect to unknown WiFi connections.
IRS Phishing and Online Scams:
Please be aware a combination of calls, emails and text messages that appear to be from the IRS are going around. The IRS does not initiate contact with taxpayers by email, text, or social media. They are trying to lure people to a malicious website or to provide personal and financial information. Always know who your are speaking with or what sites you are clicking on.
- Don't Reply to unknown emails or text
- Don't open any attachments
- Don't click on any links
- Be Skeptical; it’s best to doubt the legitimacy of the call
- Always check the source
- Never send money to receive money
Malware affecting Microsoft Windows
New Malware Code Dridex is a bank credential-stealing malware. It's purpose is to infect computers and obtain user id's and passwords to enable withdrawals from victim's accounts. This is also known as a Banking Trojan. You can be affected by Dridex through phishing email messages. Be careful, these emails seem legitimate and entice you to click on a link which leads to a malicious file. Once your computer is infected with Dridex your information is vulnerable.
- Use and maintain anti-virus software
- Change your passwords frequently
- Keep your system up to date
- Always be cautious when opening emails from an unknown sender
A new series of Android vulnerabilities cause concern for users with versions 1.0 of the OS to the latest 5.1.1. Over 1 billion devices have been affected, and can allow an attacker to trick you into visiting malicious web sites. This is known as Stage-fright 2.0, and as of October 5th, Google said that they will be working on a fix and a new monthly Android security update.
- The linked article will provide additional details:
- As always be aware of open wireless connections and make sure you are connected through a secure connection, this can prevent attackers from intercepting an internet connection.
Below are some consumer tips when using government services or contacting agencies online:
- Use search engines or other websites to research the advertised services or person/company you plan to deal with.
- Search the Internet for any negative feedback or reviews on the government services company, their Web site, their e-mail addresses, telephone numbers, or other searchable identifiers.
- Research the company policies before completing a transaction.
- Be cautious when surfing the Internet or responding to advertisements and special offers.
- Be cautious when dealing with persons/companies from outside the country.
- Maintain records for all online transactions.
As a consumer, if you suspect you are a victim of an Internet-related crime, you may file a complaint with the FBI’s Internet Crime Complaint Center at www.IC3.gov.
Visit Colonial Federal's Privacy & Security page for security tips and your responsibilities.