Scam Alert: How to Spot a Bogus Job

Posted on July 27, 2021July 26, 2021 by Bev O'Shea

Lots of us grew accustomed to commute-free jobs during the pandemic and are hoping to find a way to continue to work from home. Scammers hoping to capitalize on that are taking elaborate measures — as far as fake interviews and background checks — to get people’s personal data and/or money.

Lilly Gallaher of Pleasant Valley, New York, applied for several jobs online last year. After a brief online interview process, she appeared to land a position with McKesson, a large distributor of pharmaceuticals and medical supplies. Gallaher was told she’d receive a check to cover her purchase of a computer workstation from its Venmo store. The procedure seemed odd, but she was reassured by the company’s size and reputation. Then the check bounced.

Another Venmo user noticed the transaction and let her know they’d been similarly scammed. When “McKesson” asked for her Social Security number, she refused to give it and reported the scam. Gallaher estimates she lost about $850.

According to the FBI, 16,879 people reported being victims of employment scams in 2020. Looking back, Gallaher says she ignored red flags because she felt assured by a known name and reputation. McKesson now has a “recruitment fraud alert” webpage warning about the scam.

How work-from-home interview scams hook victims

According to the FBI, the newest scams typically work like this:

Criminals create a domain name similar in appearance to a legitimate company. They may add a space or flip a digit in the URL — a change so small it’s likely to be overlooked.
Next they post job openings on job boards, directing applicants to the spoofed sites.
People applying either on job boards or the fake sites get an email requesting an interview, which is conducted remotely.
Applicants are told they got the job or are finalists.

After that, what happens can vary, but it tends to involve victims unwittingly revealing their Social Security and bank account numbers to criminals, losing money or unknowingly becoming involved in money laundering.

Know the signs

Job scams have long been a problem, but cloning websites and conducting fake online interviews is newer, says FBI Special Agent Jeanette Harper of El Paso, Texas.

Harper says college students and others with little experience with job interviews and offers are especially at risk.

To them, it may not seem odd to be asked for a driver’s license number early in the employment process or to be asked to pay for a background check. Other signs that could suggest a scam:

Interviews conducted by teleconference using email addresses rather than phone numbers.
Requirements that applicants purchase startup equipment from the company, sometimes specifying payment in the form of gift cards.
Requests for bank or credit card information, or other sensitive personal information.
Job postings that do not also appear on genuine company websites (type in the company URL yourself; don’t follow a link).
Requests that you pay for lists of job openings before they are published.
A request that you send money or packages overseas (it may be money laundering).

Even if you don’t hand over your Social Security number, your resume and list of references have value to an identity thief, says cybersecurity expert Adam Levin, host of the “What the Hack?” podcast and author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves.”

Bits of information are “tiles in the mosaic of your life that an identity thief needs to effectively present themselves as you.” Even if you figure out it’s a scam and don’t lose a penny, you can’t retrieve the information, Levin says.

Another hallmark of a scam is a higher-than-expected salary for a relatively low-skill job. Recently, a Reddit poster warned about a Facebook ad for “ramp attendant jobs” paying $40 an hour. The ad assures would-be applicants that the messages being exchanged are encrypted and 100% safe. The employer is supposedly “Breez Airlines.” (Breeze Airways actually does exist.)

“Bad actors have scoped out these companies,” Levin says. “So many companies make available who works there and the kind of employees they are looking for.” That means the name of the person sending you an email may well match an actual person at the company. A cloned website can make it even harder to tell if a job is legit. Your best bet is to call the company, using contact information you looked up yourself and were not provided, and ask HR to confirm the opening you are applying for before you share any information.

Getting an offer quickly should also make you suspicious, Levin says. An on-the-spot offer might mean you are a target, not a potential employee.

Finally: “Trust your gut and ask questions,” Harper advises. Don’t ignore the feeling that something’s not right.

What to do if you think you were scammed

Whether you are applying for online jobs or not, your best protection against identity theft is a credit freeze. If someone has your Social Security number, a credit freeze can help keep them from opening new credit accounts using your personal data.

If you have given out credit card or bank account information, contact the issuer or financial institution as quickly as you can. Ask how you can limit the danger, whether that’s getting an updated credit card number or opening a different bank account.

You should also report an online job scam to the FBI’s Internet Crime Complaint Center at ic3.gov. The more information you are able to provide, in terms of names, emails, texts and the like, the better.

The article Scam Alert: How to Spot a Bogus Job originally appeared on NerdWallet.

Image from: 123rf.com

Image ID: 51883925

13 Ways to Leave Scammers Empty-Handed This Holiday Season

Posted on December 17, 2020December 16, 2020 by Bev O'Shea

We’re primed to get suckered this holiday season. Tight budgets, wishful thinking that we can get a screaming deal if we hurry, and plain old impulsive spending are a dangerous mix. Scammers know this.

One example: Clicking an online ad, maybe for an ornament featuring a Santa with twinkling eyes and a smile hidden under a cloth mask, may put you at risk for identity theft — or maybe just for a bad deal.

Kathy Stokes, AARP’s director of fraud prevention programs, says she once bought “the funniest T-shirt from a Facebook ad. It never came.” That was before Stokes began working in fraud prevention.

So how do we prepare for battle? Three ways: Protect our mobile devices, recognize and avoid risks, and guard against identity theft.

Make your mobile device safer

Your device is only as safe as you make it. Avoiding free Wi-Fi at coffee shops and other public places is a good first step, but also:

1. Secure devices with a difficult-to-guess password and/or biometrics. If you can use a fingerprint or facial recognition to sign in, that’s best. If two-factor authentication is available, use it.

2. Heed notifications to update your software. Many times, updates improve security. This is true whether it’s your operating system, virus protection or an app.

3. Use a virtual private network. A VPN gives you an encrypted “tunnel” when you use public Wi-Fi. Protecting a device isn’t expensive — you can protect several devices for less than $10 a month. There are also free VPNs offered online. But Adam Levin, the author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves,” recommends sticking with the ones that charge, because of the risk that free ones will collect your data. Failing that, he recommends using your phone as a hot spot or using your provider’s closed cellular network.

Be careful when shopping online

Stokes and Levin agree that using a credit card is essential when shopping online. A debit card withdraws your money immediately. But you can dispute a credit card charge and not have to pay while it’s being investigated.

Slow down and be careful. Stokes says duplicated or spoofed websites can take advantage “when you get a text or you get an email and you get excited because it’s this thing you really wanted to buy and you can get it really cheap — and you just click and go and you don’t look for any red flags.”

Other safeguards:

4. Use a virtual wallet if the site allows it. Card numbers are encrypted, meaning your actual card number is not shared when you make a purchase.

5. Go to the source. Don’t click on ads on social media or even in texts or emails. Some are scams. If the retailer is new to you, Stokes recommends checking carefully for contact information and for return and refund policies.

6. Be cautious. When going to a site, type the URL carefully, then double-check, advises Levin. “Typo-squatters” have sites that are almost indistinguishable from the real ones.

7. Don’t open attachments. The exception is if you are expecting an attachment from someone you know. Spoofing is sophisticated; the sender may not be who you think it is.

8. Use retailer apps. Your payment information is better protected that way. If you regularly buy from a particular retailer — or will this holiday season — go ahead and download the app, Stokes advises.

9. Use strong passwords. Using a password manager app can set complex passwords and remember them for you. If a retailer website offers to store your payment information, decline. The less information you rely on others to protect, the better.

Guard against identity theft

Holidays are big for identity thieves because criminals “are geniuses when it comes to taking a situation and radically turning it to their benefit,” says Levin, who is also the founder of CyberScout, a company that offers identity protection and fraud resolution services.

Add to that the loneliness of the pandemic. “People are desperate to get a phone call from anyone,” Levin says, and may be more willing to talk.

Protect yourself from identity theft with these tips:

10. Don’t give your card number if you get a call or email to “confirm a purchase.” Real credit card issuers do not need it. If you think a retailer might be trying to contact you, initiate the call or send the email using contact information that you look up yourself.

11. Don’t respond to an email “double-checking your address” for a package delivery. That may be a scam, Levin says.

12. Sign up for text alerts when your credit card is used. Levin advises setting the purchase amount very low; identity thieves may test a stolen card number with small purchases.

13. Check to see if you have free or discounted ID theft insurance available. You can’t entirely eliminate your risk, and it’s easier to recover from identity theft with help. An organization you belong to, your employer or your insurer may offer free or deeply discounted protection. Failing that, you can consider buying some.

Bev O’Shea is a writer at NerdWallet. Email: boshea@nerdwallet.com. Twitter: @BeverlyOShea.

The article 13 Ways to Leave Scammers Empty-Handed This Holiday Season originally appeared on NerdWallet.

Image provided by 123rf.com

Image ID: 102569587

Stop Doing These 4 Things Online — Immediately

Posted on November 5, 2019October 18, 2019 by Alice Holbrook

If you’re like many people, you might sign up for an online account at your gym, download the local movie theater’s app and share a cat video on Twitter all before 9 a.m. — and all without thinking twice. But when navigating the internet, security experts say, a little bit of deliberation often pays off by keeping your data more secure.

“We all have day jobs, but to a hacker, we are their day jobs,” says Adam Levin, former director of the New Jersey Division of Consumer Affairs and founder of CyberScout, which helps individuals and businesses deal with cybersecurity threats. “It’s not a fair fight.”

This National Cybersecurity Awareness Month, here are four routine things to stop doing online — and a few alternatives from cybersecurity experts.

1. Recycling passwords

Study after study shows that a majority of people reuse passwords across sites. This lets a hacker who uncovers your password in a data breach of one site easily use it elsewhere.

But what to do when everyone from your dog groomer to your grocery store wants you to create a login? Doug Jacobson, director of Iowa State University’s Information Assurance Center, recommends separating accounts into security tiers. The most sensitive — such as your financial accounts — should all get a unique, robust password. Slightly less sensitive accounts can share a set of strong passwords, and the least crucial, ones with little or no personal data attached, might share the same password.

To create a solid password, Levin suggests choosing a phrase that would be tough for others to guess and changing key characters: making an “o” a zero or turning a 1 into an exclamation point. You can also use a password manager, such as 1Password or LastPass, to create and store strong passwords that are random character strings.

2. Granting all the permissions apps request

Many apps ask for access to certain aspects of your phone’s data when you download them. And while it’s understandable that Google Maps wants to know your location, says Kurt Rohloff, director of the Cybersecurity Research Center at the New Jersey Institute of Technology, other apps have less transparent intentions when collecting your data.

Your data might be used simply for marketing purposes, but unless you’ve done a deep dive into who’s making all your apps, it’s better to be cautious. Apps should have “the bare minimum [information] they need to provide services,” Rohloff says.

If you’ve already given an app too much access, try adjusting its permissions in your phone’s settings, Rohloff says. For directions, click here if you have an Android, and here if you have an iPhone. And if that breaks the app, find an alternative.

3. Oversharing on online account applications

You probably know the pitfalls of posting vacation updates — hello, burglars — or giving your Social Security number just because a form has a blank for it. Any personally identifying information you disclose that falls into the wrong hands can “[give] hackers a pathway into your life,” Levin says.

When creating an online account, Jacobson says, “Give them only the information that has the star by it,” indicating a required field. “You don’t need to fill out your full profile.”

And you need not always be truthful, either. For example, you can supply a fake mother’s maiden name or high school mascot for security questions, Levin says. “No website is going to conduct a national security clearance to see if you are who you say you are,” he adds.

4. Trusting appearances

Scam emails don’t always come complete with typos and graphics from 1997 to tip you off. In fact, Jacobson says, he recently received an email from a hacker masquerading — somewhat convincingly — as his boss, asking for money. These messages can also harvest your account information or install malicious software on your computer.

“Always independently confirm who that company is or who that individual is through another source,” Levin says. That might involve calling the supposed sender to confirm the request. Make sure to use a number you know is safe — for example, one you find on your bank’s own website as opposed to clicking through the email.

And if you’re ever entering payment information, look for the padlock symbol on your browser window. “What the padlock ensures is that the website you typed in is the one you went to … and the communication is encrypted,” Jacobson says.

Being cautious keeps you safe

Pausing to consider your clicks definitely makes the internet less convenient. But when you receive services for free online, Jacobson says, “you typically are paying for them with your information.” That doesn’t mean you have to delete all your accounts, but you should ask yourself if the service you’re receiving is worth the information you’re giving up.

Luckily, for most people, identity theft is a crime of opportunity, Jacobson says. So taking even small steps to safeguard your data can make you a less tempting target.

“Generally, my attitude about this is, something is better than nothing, and small things are better than no things,” Rohloff says.

The article Stop Doing These 4 Things Online — Immediately originally appeared on NerdWallet.

Image provided by 123rf.com

Image ID: 95041372

Will You Be a Scam Artist’s Next Target?

Posted on August 22, 2019August 21, 2019 by Liz Weston

Believing that fraud can’t happen to us — because we’re too smart, logical or informed — may make us more vulnerable. Successful scam artists skillfully overcome our defenses and get us into emotional states that override logical thinking, says Kathy Stokes, AARP’s director of fraud prevention programs.

“Scammers call it getting the victim under the ether,” she says.

Various studies have tried to identify characteristics that make people more susceptible to fraud. But that can create a “blame the victim” mentality and give the rest of us a false sense of security, she says.

“I’d say the majority of people are unwittingly deceived through no other reason than the criminals are good at what they do,” Stokes says.

Scam artists go where the money is

Research is mixed on whether older people are more likely to be defrauded than younger ones. One thing is certain, though: Older people are more likely to have money. People 50 and older control 83% of the wealth in the U.S.

One way to protect that money is to cut down on our exposure to sales pitches, fraud experts say. AARP studies have found investment fraud victims were more likely than other investors to respond to sales pitches delivered by phone, email or television. They also were more likely to send away for free promotional materials, enter drawings, attend free lunch seminars and read all their mail, including advertisements.

To reduce your exposure to potential scams, consider the following steps:

Put yourself on the federal Do Not Call list.
Sign up for a telephone call blocking system, such as NoMoRobo, and let unknown callers go to voicemail.
If you give out personal information, be sure you know who you are giving it to, and why they need it.
Don’t make investment decisions based solely on a phone or email pitch or an ad.

Overconfidence increases our risk

Overconfidence can lead people to trade too aggressively (convinced that they can beat the market), put off saving for retirement (convinced they can catch up later) and ignore warning signs of fraud (convinced that they can’t be victimized).

The risk may increase with age. Studies have found that our financial decision-making abilities peak by our early 50s and decline, sometimes precipitously, after that. But our confidence in our abilities doesn’t drop — in fact, many of us become more self-assured.

“So as we age, this gap grows between actual and perceived ability to make good decisions,” says Chris Heye, co-founder of Whealthcare Planning, a site that helps older adults and financial advisors plan for age-related changes.

Seniors who got answers wrong on a financial literacy quiz, but who were the most confident they answered correctly, were more likely to be victims of fraud, according to a study by researchers at DePaul University and the Rush University Medical Center.

People of any age can combat overconfidence by getting a second opinion on financial decisions from a trusted advisor or money-smart friend. As we get older, it can also make sense to consolidate our accounts so there are fewer to monitor and switch to investments that require less hands-on management, such as target date mutual funds.

Loneliness can be expensive

The Federal Trade Commission says romance scams cost people more money than any other type of consumer fraud in 2018. Reports of these scams more than doubled between 2015 and 2018, while reported losses more than quadrupled to $143 million.

The scams often start via dating apps, social media or email. The con artists pretend to have a lot in common with their victims, then build trust over many weeks or even months before asking their targets to reveal personal data or send money for an “emergency.”

Once again, the young and old alike can be defrauded. One 90-year-old victim met a man via email who, many months later, told her he needed help with a business deal. She sent him eight infusions of cash, draining her $500,000 life savings.

“She sent all that money, and the only reason she knew that it was a scam was that he didn’t show up on Christmas Day like he said he would,” Stokes says.

A reverse-image search using TinEye or Google Images may show if an imposter is using someone else’s photo, while sites such as Romancescams.org keep track of known scammers’ email addresses.

But perhaps the best inoculation against being defrauded is to talk to someone you trust about the situation before you send any money. That could be enough to bring you out from under the romantic ether.

This article was written by NerdWallet and was originally published by The Associated Press.

Photo From: 123rf.com

Photo ID: 74763815

The article Will You Be a Scam Artist’s Next Target? originally appeared on NerdWallet.

How Not to Be a Knucklehead on Venmo

Posted on July 12, 2018July 10, 2018 by Alice Holbrook

Venmo takes the anxiety out of splitting brunch and utility bills. With a linked bank account and someone’s username, you can send and request cash in a few taps. But some wonder if the app makes it a little too easy for people to hit each other up for money.

Just ask Soham Maniar of Houston. He was hosting a friend for a weekend, and the two took an UberPool to dinner. Later, Maniar was surprised to receive a request for $2.85, his half of the ride cost.

“When someone is nice enough to host a friend or guest, it doesn’t mean you have to give them something in return, but I think in a world without Venmo, that friend would not have asked me for $2.85 in cash after I got out of a cab,” Maniar says.

You can take advantage of Venmo without ticking off your friends with these simple tips from Maniar and others.

Try not to sweat the small stuff

“Anything under $20 with friends I usually never charge,” Maniar says. “And if someone did something nice for me, I try and return the favor when it makes sense.”

There’s no right threshold. After all, if it’s almost payday and you have a $30 bank balance, covering a co-worker’s coffee might not be in your budget. “It’s not nickel-and-diming if [the amount] does make a difference,” says Erin Lowry, author of “Broke Millennial.”

But if you can afford it, consider springing for small items once in a while. When Maniar treats, he says, “I like to assume they’ll treat me for something in return in the future. It probably evens out.”

Reciprocity is key, though. If you notice that one of your friends tends to take advantage, “you need to have a conversation,” Lowry says — in person. “Don’t Venmo them for the last six years of your friendship.”

Don’t stealth-charge

Venmo and other peer-to-peer payment apps let you request money without asking first — even without a username, which you can find with the app’s search function — but that doesn’t mean you should. Establishing how you’ll split the bill (or that you’ll split the bill) ahead of time helps avoid annoyance later.

“Unless we’ve spoken about sharing a cost, don’t expect a Venmo request from me for splitting it,” says Stefanie O’Connell, a finance blogger. And “don’t send me a Venmo for the guacamole you offered me a bite of,” she adds.

Spell it out

Use the memo field to add detail about the request, especially when you’re splitting multiple bills. (Emoji not required.)

“Before sending someone a request for money, you should clear it with them, including what it’s for and what they should expect to pay,” says Elaine Swann, a lifestyle and etiquette expert.

After a weekend trip, a simple note, such as “Hotel $100, gas $40, dinner $30” can take the stress off your recipient, particularly if you’re requesting a large chunk of money.

Make your transactions private

You can control who sees your transactions on an individual basis or set a default for your account: private or friends only. If your friend’s account is wide open but yours is locked up, the app will honor the more restrictive setting, according to Venmo’s website.

To privatize your feed, open your Venmo menu, scroll down to “settings,” and then click on “privacy.” Be sure to click “save” when you’re done.

For O’Connell, privacy is important on the app. “Who owes me money and who I owe is nobody’s business but our own,” she says.

It’s like real life — but (hopefully) better

Does Venmo actually make people ruder? Or is it just another way to demonstrate rudeness? It’s a chicken-or-egg argument with no easy answer — but some suspect it’s more often the latter.

“If you’re a jerk, you’re probably going to be a bigger jerk [on Venmo],” Swann says.

Lowry agrees: “If you’re somebody who remembers that four years ago your friend borrowed money for coffee and never paid you back, you’re going to use Venmo that way,” she says.

The good news is that if you’re considerate about money outside of the digital world, you’re well on your way to being considerate about Venmo. Think of it as a tool for payment, not a substitute for communication, and soon you’ll be splitting brunch without provoking a single eye roll.

The article How Not to Be a Knucklehead on Venmo originally appeared on NerdWallet.

Image by ammentorp via 123RF

3 Steps to Strong Passwords You Can Remember

Posted on November 28, 2017November 16, 2017 by Spencer Tierney

Passwords are the house keys to your online accounts, and when they’re hacked, intruders can break in and wreak havoc.

To create strong passwords, you have to strike a balance between making them difficult for others to guess and making them easy enough for you to remember. Many people favor simple ones at their own risk: “123456” and “password” have remained the two most common passwords for six years, according to password security company SplashData.

Unlike many other security measures on websites, a password is one you have full control over. And given that over 1,000 data breaches happened in 2017 alone, according to the Identity Theft Resource Center, it might be time to strengthen your passwords. Here’s how.

How to make a foolproof password

1. Start with a sentence

Despite the “word” in “password,” it’s better to think of starting with multiple words. Some websites require only six or eight characters for passwords, but that doesn’t mean it’s a recommended length.

When it comes to passwords, “longer is better,” says Richard Crone, a payments expert and CEO of Crone Consulting LLC. “And the way to do that is to use a sentence structure.”

Pick a sentence that’s memorable but doesn’t have details that relate too closely to you. Avoid using birthdays or the names of pets or family members, and feel free to be creative. Here’s an example: “cats do not like cucumbers.” Then, take out the spaces, “catsdonotlikecucumbers.”

“It’s really the length and the unrelatedness that gives you the best protection,” Crone says.

2. Avoid using real words

Change how your sentence looks by removing all the vowels, or only use the first one or two letters of each word. Don’t use dictionary words, which makes your password easier to guess.

The previous example becomes “cadonolicu” if you’re using the first two letters of every word in that sentence.

3. Mix in numbers, symbols and uppercase letters

Bring in a variety of characters to your password. Some websites have minimum requirements so you need to use at least one capital letter, one lowercase letter and a number. You might have to add a symbol like a period or exclamation point, too. As you mix it up, don’t repeat letters, numbers or symbols right next to each other.

By capitalizing some letters, replacing the “l” with an exclamation point and turning an “o” into a zero, the sample password becomes “CaD0No!icU.”

Use a password manager

The steps above help when you’re creating one really strong password, but remembering a dozen or more such passwords might make your head spin. That’s why you might want to consider using a password manager such as LastPass or Dashlane. There are free options, but some features are available only for purchase.

Think of a password manager as a bank vault that creates and stores long and complex passwords so you don’t have to. The only password to know is the one that unlocks the vault. Once you type that one, you can log into whatever online accounts you decide to keep on the password manager.

If you don’t use an online password manager, consider writing down complex passwords and storing them in a safe place such as a locked cabinet at home or in an encrypted file on your computer. These passwords should be difficult to access as well as to guess.

A password is “like scrambled eggs,” Crone says. “The more you fluff it up and spice it up, the better.”

The article 3 Steps to Strong Passwords You Can Remember originally appeared on NerdWallet.

7 Ways to Protect Your Identity While on Vacation

Posted on July 27, 2017July 6, 2017 by Margarette Burnette

Summer vacation season is here, and if you’re traveling far from home, you probably want to do all you can to make sure your wallet or purse doesn’t end up in the wrong hands. But according to a recent Experian ProtectMyID survey, 30% of travelers have experienced identity theft while away from home or know someone who has.

It’s best to take steps now to keep control of your sensitive information. Here are some ways you can take to protect yourself on your next trip.

1. Sign up for bank fraud alerts.

Gary Devan of San Diego says he signed up to receive texts from his financial institution so that he’d be immediately notified of unusual or suspicious activity in his accounts, like unusually large purchases.

“If alerts are available on your accounts, you can receive them even while on vacation,” he says.

Devan has good reason to want to avoid an account breach — he happens to be the chief information officer where he banks, Mission Federal Credit Union. He hasn’t experienced any noteworthy issues, but says the fraud alert service gives him peace of mind while traveling.

2. Be careful surfing on public Wi-Fi spots.

Hackers may be able to access public networks and see any information you send over them, including bank account numbers, logins and passwords, says Jason Glassberg, co-founder of Casaba Security, a computer security firm in Redmond, Washington.

Glassberg suggests skipping Wi-Fi while traveling, unless you use a virtual private network. “If you don’t have a VPN, stick with a cellular signal, as it’s much safer,” he says. “For a laptop, you can hotspot your phone to connect over cellular.”

Cellular text-messaging and VPNs are good alternatives, but the reality is, you may still choose to use public networks to surf the Web, especially if you’re not sending sensitive data over Wi-Fi. If that’s the case, it’s a good idea to set your device to forget that network when you log off. That way, it won’t automatically log back on to it the next time you go online.

3. Install phone-tracker software.

If your device goes missing, you may be able to use “find my phone” or similar software to pinpoint its location and retrieve it. If that’s not possible, some apps could erase all the data on the device, so it won’t get into the wrong hands. Another way to help prevent data theft is to lock the screens on your electronics.

4. Keep your purse or wallet secure.

If you carry a handbag, try to keep it in front of you, so it’s not an easy mark for thieves. If you have a wallet, try to secure it as well. “I keep mine in a zipped pocket or travel pack,” Devan says.

Another idea is to wrap the wallet in a rubber band or other coarse material so that it won’t easily slide out of your pocket. In addition to securing your belongings, it’s also a good idea to be aware of your surroundings and try not to become distracted.

5. Be careful around ATMs.

“Look at them before you swipe. Check for loose housing, exposed wires, bulkiness and anything that looks out of ordinary,” Glassberg says. Those are all signs that a thief may have installed a skimmer on the machine, which could lift the data from your card, he says. Also, try to use a bank branch or merchant you trust when withdrawing cash.

6. Watch out for fake front desk calls.

Say you’re staying in a hotel and someone calls your room, says he’s from the “front desk” and needs to verify your credit card number. Don’t think you have to share your information immediately. You could say you’ll call back and then hang up. Then, you can call the front desk using the number you have in your records and ask the staff if they really need this information. If not, you may have just avoided an identity theft attempt.

7. Leave your important financial files at home.

Social Security cards as well as credit and debit cards that you don’t plant to use on the trip can stay behind. The fewer sensitive documents you have, the fewer chances that they could be stolen.

Despite your best efforts, if you find that your identity has been stolen, it’s important to report it quickly to your financial institutions and the local police.

Your summer vacation should be a time for relaxation, so take steps now to avoid crossing paths with a thief or hacker. By using these tips, you could lower the odds of having your identity stolen and boost your chances of having more fun in the sun.

Margarette Burnette is a staff writer at NerdWallet, a personal finance website. Email: mburnette@nerdwallet.com. Twitter: @margarette

This article originally appeared on NerdWallet.

Image by Maksim Kostenko via 123RF Copyright: <a href=’https://www.123rf.com/profile_maximkostenko’>maximkostenko / 123RF Stock Photo</a>

How to Monitor Credit in (Exactly) 250 Words

Posted on May 9, 2017April 25, 2017 by Bev O'Shea

Why should I monitor my credit? Regularly checking your credit reports and credit scores can help you catch and fix errors or detect identity theft. It also lets you see progress as you improve your credit.

Who needs to do it? Everyone, even people with no credit activity. If someone has your Social Security number, he or she may have applied for credit in your name.

How do I start? Get your free annual credit reports from the major credit-reporting bureaus, Equifax, Experian and TransUnion. Access them on AnnualCreditReport.com.

What am I looking for on my reports? Make sure:

Information is accurate and up to date
Accounts listed are actually yours
No one else’s information has gotten mixed into your file

What if I find errors? You can ask the credit bureaus to correct them.

Then what? Once you’ve made sure the credit bureaus have correct information, keep an eye on your credit score and watch for new information on your reports. You can use a personal finance website that offers free credit scores and credit report information, such as NerdWallet. Some credit card issuers also offer free scores.

What do I watch for with my score? Make sure good credit habits are accurately reflected. Paying on time and whittling down balances should build your score. A big swing you don’t expect could indicate identity theft.

How often can I check without hurting my score? As often as you like. Checking your own credit does not affect your score.

Bev O’Shea is a staff writer at NerdWallet, a personal finance website. Email: boshea@nerdwallet.com. Twitter: @BeverlyOShea.

The article How to Monitor Credit in (Exactly) 250 Words originally appeared on NerdWallet.

8 Brilliant Security Tricks to Use Against Credit Card Fraud

Posted on April 6, 2017March 16, 2017 by Elyssa Kirkham

Scammers are continually finding new and clever ways to get at your financial data. So if you want a good defense against credit card fraud protection, it’s time to build up a good offense.

“Protection against credit card fraud begins with common sense,” says Lee Munson, a security researcher at Comparitech.com. “The most obvious thing cardholders can do is think about who they are sharing their card data with and how.”

Essentially, cardholders need to use credit cards safely and actively manage their sensitive data to block hackers and thieves. Here are eight clever ideas to prevent credit card fraud in today’s world of breaches, hacks, and data thefts.

1. Approach ATMs with caution

Before you use an ATM, check that no one is watching you first. Then, obscure the number pad when entering the PIN attached to your debit card.

You also have to watch out for card skimmers around ATMs. They have become a common way for fraudsters to get your card information, and thieves often install them on ATMs. Try jiggling the card reader firmly to check for a disguised card skimmer. Additionally, visit ATMs from a trusted bank when possible since these get inspected more frequently for tampering.

“ATMs should always be scrutinized before use to ensure the card slot has not been tampered with by a device that can read all the data on a card inserted into it,” Munson says

2. Black out your CVV number

If you can, try and limit the information listed on your card.

“Obfuscating the three-digit CVV number on the back of the card is also a secure option, though possibly one for the more paranoid,” Munson says.

Still, it couldn’t hurt to scratch off or black out the CVV or security number on the back of the card. This could make it harder to misuse card information if it’s stolen, or by taking pictures of it. Just make sure you memorize it first.

Also, add a note to “see ID” next to the signature line on your credit card. This should prompt a cashier to double-check your identity. And it gives three points of verification: your name, photo and the signatures on your driver’s license and credit card.

3. Keep your card in sight at all times

“Cardholders should ensure they do not allow their cards to leave their sight,” Munson says.

Restaurants are a common source of credit card theft because your card is handed over and the payment is processed out of sight. Or you might be asked to hand over your credit card to open a tab at a bar.

“There’s always the chance of someone snapping a photo of your card to sell or make a purchase – they even have the CSV,” says Jonas Sickler, marketing director for safety site ConsumerSafety.org. Servers also might alter the tip you write on the receipt to commit theft.

“A safe alternative would be to pay the food bill with cash,” Sickler says in order to avoid these issues. Tableside point-of-sale systems are also a more secure option.

If you do end up paying with a card at a restaurant, always verify that the transaction amount posted to your account is correct.

4. Double-check account transactions

In fact, you should make it a habit to regularly check transactions on your credit and checking accounts against receipts. This will help you notice and report fraudulent charges right away – so you won’t be responsible for them.

“Look for irregular transactions and notify your bank immediately if you see something suspicious,” says Sage Singleton, security expert for SafeWise.com, a home security comparison site. The sooner you catch an error the easier it is to prevent identity theft and avoid losses, she adds.

Many credit card issuers and banks also have a security alert function that notifies you via email or text when any purchase is made. “[Setting this up] is an easy way to keep track of your spending and be notified immediately if something is wrong,” Singleton adds.

5. Choose hard-to-guess PINs and passwords

For debit or chip-and-PIN credit cards, your money is only as secure as your PIN.

Therefore, make it hard to guess. Avoid common PIN patterns like using sequential numbers (1234) or repeating numbers (1122). Don’t rely on easy-to-find personal information like a birthday for your PIN.

Similarly, passwords for financial accounts should be hard to guess.

“Don’t use the same password for every account and create strong, unique passwords,” Singleton advises. “Hackers are extremely tech-savvy and can crack weak passwords (like your maiden name, birth date or anniversary) and access your information easily.”

6. Fake your security question responses

On top of creating secure passwords and PINs, you can also use security questions to help secure your account.

However, hackers can often track down answers to common security questions like “What is your mother’s maiden name?” or “What is the name of the street you grew up on?”

When setting up security questions, try to select an obscure question you wouldn’t expect even a friend to be able to guess. That’s because, unfortunately, identity thieves are often people we trust.

And if there’s no such question available, give a fake answer to the security question. Or treat it like another password and “use a random string of characters as the answer instead of submitting any meaningful information,” suggests Wired.

Just don’t get lazy. Setting easy-to-guess lies like “I don’t know” or “I don’t have one” as security question answers can actually make your account less secure.

7. Protect sensitive data on devices

But your credit and debit card data aren’t just stored on your cards – they can also be found in your smartphone or laptops. That’s why it’s important to protect your phone and computers with secure passwords.

You should also watch out for the networks you use.

“If you’re on a public wifi network, you should never log into private accounts, including social media or bank accounts,” Sickler says. “Don’t make any purchases either, because hackers can literally capture your information right out of the air.”

If you use a shared wifi network, even if it’s with roommates, look into setting up a virtual private network (VPN).

“A virtual private network (VPN) is imperative if you use credit cards online,” says Mike Baker, founder of cybersecurity provider Mosaic451. “VPN networks are designed to encrypt information before it goes through a network, thwarting potential attacks and making online purchases safer.”

8. Only shop online through secure retailers

Online retailers can also be a point at which hackers will try to get at your credit card information.

“When shopping online always be careful to make sure you are on a secure website,” suggests Alex Reichmann, CEO of security device company iTestCash. Therefore, if it’s a retailer you don’t recognize, do a little research to ensure it’s a legitimate merchant.

“It is also an extra protection if the website you are shopping on is SSL-secure which prevents fraudsters from interfering with the websites transactions,” Reichmann adds.

“For an added layer of security, consider a virtual credit card or even from independent services like PayPal,” Baker suggests.

Stay vigilant against credit card fraud

Your identity is key to your financial world, accounts, and credit history. “It is vital to take every precaution to safeguard your identity,” Singleton says.

With advances in payment technologies, credit card fraud is easier than ever to perpetrate. But you also have more tools and strategies at your fingertips to protect yourself.

The article 8 Brilliant Security Tricks to Use Against Credit Card Fraud originally appeared on studentloanhero.com.

Don’t Fear Your Mobile Wallet

Posted on March 30, 2017March 10, 2017 by Lauren Schwahn

Smartphones have replaced lots of other accessories: cameras, flashlights, calculators. But many people are still reluctant to swap the wallets in their pockets for their digital counterparts.

A key reason consumers are hesitant to adopt mobile payments like Apple Pay and Android Pay, surveys say, is fear over security: High-profile retailer data breaches have made buyers wary of sharing credit card information. But while there’s cause not to rely 100% on your mobile wallet just yet — lack of widespread acceptance by merchants, for one thing — security concerns shouldn’t be holding shoppers back, experts say.

“I think some people get nervous about this idea of ‘This thing is sending telepathic waves to that machine to say that I’m paying,'” says Mark Ranta, head of digital banking solutions at ACI Worldwide, a payment systems company.

But your mobile wallet is arguably the safest way to pay, and it offers a few benefits to boot. Here’s why this payment method is worth considering.

It’s safer than you think

Contactless payment services can offer more security than cash or traditional card usage.

“You never have to take out your credit card or debit card, so there’s a lot less chance of someone seeing it,” says Jason Chaikin, president of biometrics security company Vkansee. “For every transaction, [mobile wallets] create a random, one-time number — a transaction token — and even if someone was able to know that number, it’s not valid later.”

Samsung Pay, Android Pay and Apple Pay each use this process, called tokenization. Although you load your card into the payment app, the actual card number is not shared with the merchant when you pay. Rather, a temporary code is issued in its place, similar to the way EMV chip cards work. EMV credit and debit cards have chips that create a unique code, or cryptogram, when inserted into a merchant’s payment terminal. However, the card is in view while the terminal reads the chip.

Mobile payments provide security measures on top of existing bank protections that chip cards can’t match. Full card numbers are not displayed in mobile wallet apps, and users are able to authorize payments with their fingerprints, which can protect your card information in the event your phone is stolen.

It’s convenient — when available

Services like Apple Pay let users add multiple cards to their phones or smartwatches, theoretically giving them the option to leave overstuffed wallets and purses at home.

But consumers don’t entirely trust mobile wallets partly because availability is limited, says Ranta. Not all cards and loyalty programs are compatible with the payment services, and some stores are not equipped to take mobile payments. Establishments such as bars and restaurants may accept only cash or plastic. Apple Pay has the highest retailer acceptance rate among the mobile payment services, at 36%, according to survey data from the retail consulting firm Boston Retail Partners.

“We’re still very much in the early stages of this,” Ranta says. “At the end of the day, you’re still kind of stuck in this merchant acceptance problem of a two-sided equation. It’s still that awkward, ‘Do you accept it?’ and if [not], then you’ve got to find an alternative way to pay or just walk out of the store.”

But when shoppers can use their mobile wallets, it can mean saving precious time at the register. A common complaint among dissatisfied chip-card users is the slow transaction process, as shoppers wait for the EMV terminal to complete the transaction. Mobile payments can be a quicker alternative. Users open a payment app and hold their device over a terminal; a fingerprint or PIN verifies the purchase.

Shopping online can be faster, too. For example, Apple Pay and Android Pay are accepted on certain websites and in apps like Airbnb, allowing shoppers to make purchases without entering card information — or keeping card numbers on file, which may assuage data-breach fears.

And like some bank apps, a mobile wallet saves your recent transaction history for reference, with the added benefit of allowing you to see all activity in one place even if your cards are from various banks.

You won’t miss out on rewards

Mobile credit card payments function just like regular credit cards. As long as your card is compatible with the service, you’ll continue to earn your usual rewards, like travel points or cash back.

Mobile users can add certain retailer loyalty cards to Android Pay and Apple Pay wallets to seamlessly earn store-specific points. Samsung Pay accepts most membership cards.

Samsung also has its own loyalty program, Samsung Rewards. In addition to credit card rewards, members earn points for Samsung Pay purchases; the points are redeemable for rewards like gift cards and fitness trackers.

Mobile payment still has far to go before shoppers begin leaving their old wallets at home. As technology advances, Chaikin says, innovations and improvements in security will likely make the process more comfortable and accessible for consumers and retailers alike. “Our mobile phone revolution is really just at the tipping point.”

Lauren Schwahn is a staff writer at NerdWallet, a personal finance website. Email: lschwahn@nerdwallet.com. Twitter: @lauren_schwahn.

This article was written by NerdWallet and was originally published by The Associated Press.

Image by Dmitriy Shironosov via 123RF

Copyright: <a href=’https://www.123rf.com/profile_pressmaster’>pressmaster / 123RF Stock Photo</a>