Other Stuff to Know - 4
Avoiding Indentity Theft, Personal Fraud and Other Scams: “It’s Your Money”
Identity theft occurs when someone illegally obtains your personal and financial information for the purpose of using your identity to open new credit cards and other financial accounts to charge purchases or withdraw money with you being unaware of what is happening but ending up being responsible for these transactions. Often, multiple accounts are involved.
In 2021, approximately 42 million U.S. consumers lost a total of $52 billion through identity theft, a dramatic increase from the prior year. Unfortunately, identity theft is occurring more and more, plus the bad guys are growing increasingly sophisticated in how they use various methods of new technology to obtain your personal information through the Internet, including social media.
Today, most instances of identity theft take place in a low-tech manner when someone gets the details of your personal and financial information through obtaining it covertly at your workplace, raiding your mailbox or stealing your purse or wallet. Another common method is called “dumpster diving” where someone obtains cancelled bank checks, discarded credit card applications and bank, credit card and utility statements by going through your garbage.
An increasing amount of identity theft is now taking place on the Internet through a practice called “phishing” (pronounced “fishing”) where e-mails are used surreptitiously to obtain your personal and financial information. These e-mails are made up to look as if they are coming from a legitimate financial institution and give a phony reason for requesting you to provide personal information, such as your Social Security number, bank account number, credit card account number and birthday. In these e-mails, you are asked to click on a link that takes you to another official-looking site where you are requested to enter this information.
Another version of phishing is to send you a similar e-mail that is designed to look as if it originated from a company where you have an online payment account, such as PayPal. These usually say that you must provide certain personal information in order to maintain your account there. “Spear phishing” is when you receive an e-mail requesting personal information that appears to have been sent by someone in the human resources or payroll department of your own organization.
Criminals now use phishing attacks to install ransomware on your computer (or those of your organization’s computer network) that encrypt your data and freeze all the files on your computer. Typically, these exploits result in a demand for payment to give you the keys that restore your files. Hospitals, government departments, large law firms, corporations of all types and non-profit organizations have all suffered from such ransomware attacks. Avoid clicking on file attachments or web links in any e-mails from suspect or unknown users. Increasingly, hackers are directing their phishing at social media, taking advantage of the tendency for people to be much more trusting when they use their social media accounts on sites as Twitter and Facebook.
Take the following measures to protect yourself from identity theft:
- Never ever give out your personal or financial information online, including your passwords and PIN numbers, regardless of how legitimate the request appears to be or the source of the request even if the person is known to you. The same applies to revealing the answers to any personal verification questions applicable to any of your accounts. Banks, credit card companies and online payment organizations will never ask you to enter such information online.
- When someone you know well requests some personal information on the phone, always ask what this information is going to be used for and never disclose any passwords or PIN numbers to them. Turn down all phone requests for personal information from any outside organizations or unknown parties.
- Ignore any e-mailed threats of legal action that will occur if you fail to provide certain personal information. Similarly, disregard any requests for personal information arising from so-called “security compromises” or “security threats”. Also, do not fall for any offers of prizes or money that you will receive and “all you have to do is enter your personal data here”.
- Do not respond to any e-mails that appear to be a phishing attempt and immediately delete them. NEVER EVER click on any attachments or links contained in an e-mail you receive from an unknown sender. Hackers frequently will send out e-mails with an attachment or link that appear to be from a friend or relative but are actually a phishing attempt. If you were not expecting such an e-mail, check on the identity of the sender by clicking on the forward button. The safest way to know whether such a message actually came from your friend or relative is to forward it back to them using an e-mail address you know is correct, saying, "Did you send me this message and attachment?"
- If you receive a request for personal information from a company where you have an existing account or from within your own organization and you decide to follow up on it, look up the correct phone number to call to verify the request and to provide such information directly. Never just use the phone number contained in what might be a phishing e-mail as this phone number may also be part of the phishing scheme.
- When you want to conduct any financial transactions online or obtain account information there, always directly type the URL into the address/location bar of your browser or use your saved “favorite” or bookmark to access the organization’s website. Secure, encrypted sites are recognizable by the prefix ‹https:› in their Web addresses. Messages sent to sites only prefixed by ‹http:› are unencrypted and not secure. As a result, any personal information sent to them may be transmitted as clear text which is vulnerable to being intercepted.
- Before you go on to any of your online financial-related accounts or perform any financial transactions there, close any other websites that you have been using beforehand. After you have finished, always log out from your financial or payment accounts.
- Be especially careful about your personal information and sensitive passwords whenever you use any public access computers, including those at Internet cafes, libraries, schools and universities. Never conduct any financial business or check any type of financial-related accounts on such computers. The same cautions apply to when you are using your computer on wireless networks (Wi-Fi), such as those available in airports, hotels, train stations or Starbucks. In these situations, use the more secure Firefox or Safari browsers, rather than Internet Explorer for Windows. As soon as you are finished, turn off your computer’s Wi-Fi connection.
- Keep your computer files backed up on to an independent hard drive or on a cloud backup service. Plus, update your software on a regular ongoing basis. Many software updates are for security purposes.
- Always closely look over the monthly statements you receive from your bank and credit card companies to verify that all charges, checks cashed and ATM withdrawals are correct. Contact the financial institution right away whenever there are any discrepancies or you are unsure about the validity of a payment or charge.
- Refrain from posting any sensitive personal or work information on social media, including your birthday, home address or mother’s maiden name.
- Do not disclose personal and financial information of a sensitive nature (e.g., your Social Security number or bank account number) on any applications unless you have triple-checked how this information is going to be handled security-wise and confirmed that it is absolutely required, such as for income tax purposes by your current employer or a financial institution where you have an account.
- Once a year, order a copy of your personal credit report from one of the major credit bureaus so you can verify that everything is correct regarding your outstanding debts and the details of your existing financial accounts. It only costs a nominal amount to do so.
- Be cautious about downloading obscure, independent apps unless they have been recommended by a trusted source. Uncertified or unknown software is much more likely to facilitate hackers gaining access to your personal information. Recognize that popular apps from Facebook, Google, and Twitter already share your personal information and online history with third parties. Read the terms and conditions of apps to make certain they are acceptable before you download them, e.g., do you really want to use an app that can access all your contacts or track you geographically?
In the event you discover you are a victim of identity theft, act fast to call the police and the fraud departments of your bank, credit card company, any online payment companies you use, and any other companies where you make regular monthly payments, such as utilities. Keep a log of all the parties you report this matter to, any promised action on their part, and the date and time of each call.
Also, contact the fraud departments of the major credit bureaus to let them know what has happened. Order a copy of your personal credit report from one of them so you can check it over ASAP and get back to all of them about any discrepancies. In most cases, your bank and credit card company will ultimately reimburse you for any losses as long as they are not able to prove that you have been negligent in disclosing your personal information.
The most common instances of personal fraud are when someone makes unauthorized purchases on your credit card account or withdraws money from your bank account without your permission using a stolen ATM card and PIN or a forged personal check. Other instances of fraud occur when you are induced to make a donation, investment or payment on the basis of false claims and information.
Stolen personal information used to commit fraud against you can be obtained by hackers breaching your computer with viruses, keystroke loggers or spyware that exploit weaknesses in software without your knowledge. Such infections often occur when you are using public access computers.
Hackers also gain access to your computer through “phishing” when you are careless and gullible in responding to unsolicited e-mails by opening links or attachments on them as requested. Sometimes, these e-mails are made up to look as if they are coming from legitimate financial institutions. These ploys enable hackers to harvest the existing data on your computer or log keystrokes as you enter passwords, credit card numbers and bank account numbers. They also often damage your computer’s filing system and slow down its functionality.
Here are some steps to take to minimize your exposure to personal fraud as well as to reduce the piracy of your personal information:
- Keep your computer’s browsers and operating systems updated on a regular basis and install anti-virus software. It is also probably worthwhile to consult a knowledgeable technician about the need to install other security software on your computer, including possibly a firewall and anti-spyware. This will vary depending on the make of your computer and its operating system.
- For greater security, use alphanumeric (with both letters and numbers) passwords that contain a minimum of six characters, have both lower and uppercase letters, and include at least one symbol whenever you are permitted to do so. This will make your passwords extremely difficult to hack. Avoid using obvious passwords such as your birthday or the names of your children and pets. The same goes for not using any dictionary words by themselves. Refrain from storing your passwords online. Also, do not write your passwords down anywhere near your computer or store them in a place where they can be easily found.
- Use different PINs for different cards and different passwords for different accounts. For example, do not use the same password for any Social Media Sites that you use for any financial-related online accounts.
- Keep your passwords and PINs totally confidential. Never disclose your passwords and PINs to anyone online or on the phone regardless of how urgent the request may be. Always be careful to shield the keypad by holding your free hand above the other whenever you are entering your PIN at an ATM or point-of-sale terminal, including at restaurants and stores, to prevent anyone from seeing it or a hidden camera nearby from recording it. ATM machines at airports, gas stations and malls are especially vulnerable to having an illegal skimmer installed to record your PIN and card number. Avoid using any ATM whose parts seems loose or have glue marks on them. Do not leave your cards unattended anywhere.
- Keep your passport, Social Security card and birth certificate together with a list of your bank account number, credit card numbers and drivers license number in a secure location at home where they would be difficult for someone to find. Do not carry your Social Security card, birth certificate or ATM receipts in your wallet.
- Try to obtain bank and credit cards that have a chip embedded in them whenever they are available. This new chip technology makes it impossible for anyone to create fraudulent duplicate cards and requires that your card stay in the terminal the entire time the transaction is being processed. Plus, you have to enter your PIN in most terminals in order for the transaction to be completed. This dramatically reduces the likelihood of you experiencing credit card fraud.
- Sign any new bank and credit cards as soon as you receive them. When you go out of town for any length of time, call your credit card company ahead of time so it can put the dates and places you are visiting on your file. Also, keep a record of the number to call to report the loss of your credit card if it happens when you are on a trip.
- Refrain from using your real name and address in online chat rooms.
- Never open attachments or click on links contained in an e-mail you receive from any person unknown to you.
- Play it safe and do not rely on the privacy settings on Social Media Sites to protect your personal information.
Elderly persons are especially vulnerable to fraudsters using personal information to ask for money via a phone call or e-mail, e.g., “Mrs. Smith, your grandson John Smith needs your help. He’s been arrested in Miami for drug possession. I’m prepared to act as his lawyer and I know the arresting policeman so I can get him to drop the charges but John doesn’t have any money to pay my $5,000 fees. Can you send me a money order for this amount and I’ll take care of everything? By the way, John does not want anyone telling his parents about this situation.” Such appeals are always bogus.
Another scam is to tell someone that you have won a large sum in a lottery or have inherited a significant amount from a long lost relative. All you have to do to receive this money is to send an upfront fee and your personal banking information so the amount can be deposited in your bank account. Warn your elderly family members that such scams are becoming increasingly common and urge them never to send money to any type of stranger or organization, regardless of what the circumstances are, without first discussing it with you.
There are literally millions of different scams that have been perpetrated over the ages. While scams come in all sizes, shapes and colors, they all have the same goal — to separate you from your money by taking advantage of your gullibility, lack of experience and yes, often stupidity. Many scams are disguised as “investment opportunities” that are presented to you through e-mail spam, unsolicited phone calls or newspaper ads.
These recommendations will help you avoid becoming a victim of some of the more common scams related to making investments:
- Before you commit to an investment, make the effort to become financially literate. In particular, you need to understand the principal characteristics of common shares, bonds, treasury bills and other debt-related securities, plus the risks associated with each of these.
- Any type of investment that promises an unusually high return or rate of interest is invariably bogus. Whenever you are presented with an investment opportunity that sounds too good to be true, you can count on it not being true. Be especially on your guard whenever you hear any of the words “guaranteed”, “risk-free”, “fantastic opportunity”, “time limited offer”, “you need to act now” and “just available for insiders”. The only guaranteed investments are bonds and treasury bills issued by major governments.
- Do not make any type of investment whatsoever through a stranger or someone that lives far away unless you know them extremely well. The more someone is pressuring you to make an investment, the more you should run the other way.
- Do not invest your money in high interest paying schemes that you hear about on the phone from strangers or find in unsolicited e-mails and newspaper advertisements. Even if you start to receive interest from such investments, you will be unlikely to recover your principal. If you want to invest money to earn interest, contact your bank or an established investment brokerage firm and ask, “Could you please tell me what investment instruments you recommend at this time that pay a reasonable rate of interest without much risk?” Many losses have been incurred by investors “reaching for a high yield” (i.e., rate of interest) on their investments.
- When you want to invest some money in the common share of companies to attempt to earn a higher return than what you would receive from interest payments, try to find a financial advisor at a well-established investment brokerage firm or a financial institution (such as your bank) who can help educate you about this type of investment. Stick to investing in common shares that are traded on one of the stock exchanges as opposed to making investments in private companies no matter how attractive they seem. Always ask ahead of time for the amount of commission that is going to be charged on each transaction. Often, this rate of commission is negotiable.
- Most private investment opportunities are usually accompanied by wildly optimistic financial projections and rosy predictions about the future performance of the business. Often, you will not be told about the company’s current problems and the difficulties it is going to encounter. Whenever you are making an investment that involves a meaningful amount of your money, you have to take the time to do your own independent assessment of the viability of the business, the challenges it faces and the reputation of senior management and the other owners. Frequently, people mistakenly make major investments based on less research than they do in purchasing a car.
- Do not make any investments based on the supposed fact that others of your religion, ethnic background or another related group are also doing so. This is called “affinity fraud” where gullible people make investments when they are told, “It must be a great investment as these persons you know are also investing in it.” Bernie Madoff took advantage of this ploy to swindle some $18 billion from investors.
Be extremely careful about investing in a business with a friend or associate, including those where you are going to be involved in running the business as a partner. While such situations are usually not scams, they often end in grief and disappointment. If you feel absolutely compelled to make this type of investment, make sure beforehand that the company is legally incorporated with a defined number of common shares constituting its equity and that a proper shareholders agreement is drawn up that offers you some protection in terms of your rights as an investor, including what happens if you and your partner end up having a major disagreement about the business. Always have an independent lawyer look over this agreement on your behalf. And, keep in mind that at some point in time you are going to want to exit from your investment. Think about how you are going to be able to do so.
Another source of common scams involves big ticket transactions, such as the sale of vehicles or the renting of apartments or houses, often listed in classified ads including Craigslist. To minimize your chances of getting ripped off in these situations, deal in person with local buyers, sellers and renters as opposed to someone in a far away location, especially those in another country.
Be extremely wary of any offers that are priced considerably below the current market if you are buying or renting, in other words that look too good to be true. If you are the seller, be on guard against receiving stolen or counterfeit money orders and checks, including bogus cashier checks. Ask your bank to verify their authenticity before you agree to accept them.
Always carefully check and note down the details of the identity of the person with whom you are dealing. If you are buying a vehicle, ask to see proper documentation on its ownership. In the case of renting a property, verify that the individual is legitimately representing the landlord.
One type of scam occurs when someone takes over an apartment when the tenant is away for an extended period and rents the property to multiple persons, securing a deposit and the first month’s rent from each of them. Usually, a tip-off of such a scam is when you are not asked to fill in a rental application or provide any details on your credit standing.
When the other party seems to be in a hurry to complete the transaction, this is often a sign that something is not legitimate. Another indication of trouble is when payment has to be wired to or from another country via Western Union or another money wire service.
An increasingly common scam is being committed by remotely located buyers who express an interest in purchasing your vehicle or other goods sight unseen, then “by mistake” send you a check or money order for much more than the price, and shortly afterwards ask you to wire the difference back. After you do so, your bank finds out that the check or money order you received is bogus and you are now responsible for making up the difference.
When you become suspicious about doing a transaction with someone, take steps to protect yourself and do not be hesitant about walking away from a deal if your instincts tell you that something is not right about it. After all, it’s your money.
You can obtain more information about protecting yourself from scams involving Craigslist at https://www.craigslist.org/about/scams.
Also see Keep Financially Fit
in the Citizen of the World Guide, What’s Really Important
MORE ARTICLES OF INTEREST