Online shopping

December – Scams & Hoaxes

December – Scams & Hoaxes

The last month of 2014 has arrived. December is full of joy because the holidays’ spirit is around all month. There is a long break from classes and its Christmas time! Unfortunately, this is also the reason why it’s become scamming season as well. The generous nature of these holidays makes all of us the perfect target of scams and hoax.

From emails to ads and websites, there all kinds of scams and hoaxes infesting the Internet’s waters. Falling for any of them is as easy as one click away. The only way to stay safe is by being cautious whenever we navigate the Internet and by keeping updated about all the new scams and hoaxes that emerge. Scammers like to take advantage of the generous spirit of this giving season to trick us into clicking into malware, identity or personal information theft, fake gift cards, and all sorts of scams. 

Helping you stay safe online is RIT Information Security Office´s responsibility, it’s a full-time job that we take very seriously, which is why during this whole month, including the break, we will be giving away information and security tips about scams and hoaxes through all of our social media gadgets. We encourage you to be extra cautious during this season, so that your joyful mood is not ruined for Christmas!

The following tips will help you prevent falling for cyber-traps:

  • Be very suspicious of emails from people or businesses you don't know, especially those that promise money, good health or a solution to your problems.
  • Remember that while banks never ask for confidential information via email, scam and hoax emails are intended to trick you into disclosing personal information such as bank account details, passwords or credit card numbers.
  • Scammers put a lot of time and effort into making emails and websites look real. Be skeptical always and pay attention to anything that looks suspicious.
  • Unless you applied for a “lottery” or are participating in any contest, -and even if you have-, it’s VERY unlikely that you won. Be careful with scams emails that claim you have been selected as a “WINNER”.
  • Beware of shipping notification emails that contain attachments or links; it could be a scam, especially if you didn’t order anything.
  • Never reply to an email or pop-up message that requests your personal or financial information, don’t click on the links in the message either, or paste them into your Web browser. Simply ignore and erase those messages.
  • If you get a notice from an “official” from a foreign agency or government with an offer to transfer a commission into your bank account in exchange for assisting them with transferring a large sum of money, it is probably a scam.
  • Scams don’t just appear in online forms, you must also be careful with bogus security products. Never let someone who calls you, mess with your computer. 
  • Some scammers send Online Extortions threatening the recipient to kill them if they don’t pay a large sum of money to the sender, who claims to be a hired assassin. The FBI advises against replying and recommends just deleting the email.
  • Research any charities before donating to make sure it’s actually going where it says it is.
  • There are many fake mystery shopping opportunities out there. A legitimate one will not ask you to pay an application fee or to deposit a check or wire money to someone else.
  • There are some legitimate free e-book offers like Amazon’s free Kindle books, but there are also many free e-books out there filled with spam links and malware designed to catch your credit card information. Stick with e-book sellers and authors you already know, advises the Better Business Bureau (BBB).
  • During this giving season you will probably be doing a lot of online shopping. Check out our tips for safe online shopping and banking: http://www.rit.edu/security/content/safe-online-shopping-banking
  • Keep updated with the latest Internet scams and email hoaxes so you don’t become a victem: http://www.hoax-slayer.com/latest-information.html
  • Check McAfee’s 12 scams of the holidays http://blogs.mcafee.com/consumer/12-scams-of-holidays

 

Follow us on all of our social media accounts for more tips and information:

Facebook: RIT Information Security / Twitter: @RIT_InfoSec / Google+: RIT Information Security Pinterest: RIT InfoSec Instagram: @RIT_infosec 

No-Click November

No-Click November

It’s November again. Cyber Security Awareness month (October) just passed but that doesn’t mean that we don’t have to keep practicing all the online safety tips we learned; quite the opposite actually, now that we have gotten more informed about online security, we must implement those tips daily and share our knowledge with everyone that surrounds us.

This year is coming to an end, yet new security exploits show up every day to attack the cyberspace. Holidays are coming, and NOW is as good a time as ever to learn/review security tips regarding where we “click”. Even the most security savvy are prompt to distractedly click here or there and fall for a scam before even realizing it. During this month, we will be sharing tips through all of our social media gadgets, to properly prepare you to enter the Internet battlefield, a place full of web links, attachments, and tricky “click-here’s”.

The amount of people who go online everyday only gets bigger and bigger, and so does the time they stay online. Phishing attacks and identity theft attempts are a threat to us most of the time we are navigating through the cyberspace, which is why we should stay protected always, and since the internet is a shared resource, our duty is also to create awareness and make sure others stay secure as well.

From malicious links send through email, to suspicious attachments and even “x” (cancel) buttons in ads and popups, the possibility to fall for an attack is just one click away. And the best way to protect yourself is being vigilant where you navigate, and take every precaution possible.

This month we also have Computer Security Day (Nov. 30th). This is a great month to remind you to keep your computer and information safe. Learn how in our Securing Your Computer section.

Tips to help you identify when not to click:

  • Don’t simply trust information from sources you don’t know. If you have to click a link, cut and paste the information into the browser to make sure it’s a legit site.
  • Make sure you know where short links are taking you to. A good way to find out is by copying and pasting them into a "link expander" such as KnowURL.com or LongURL.org
  • Before clicking on links on emails, especially if you don’t know the source, rest your mouse (without clicking) on the link and make sure the address is the same one typed in the email.
  • Try to always investigate the source of a link before clicking it. Don’t trust what comes to you from strangers.
  • Beware of scammers in popular websites. In some sites like Pinterest, you might click on someone’s board and realize that it takes you to a complete different address than what the pin was about. Be cautious when clicking on other people’s content.
  • Be careful with websites that demand you to download a video codec or software to view something. It will most likely lead you to download malware.
  • Read before you click. If you don’t find the terms and conditions worth reading, then don’t put your security at risk agreeing with them.
  • We recommend you enable site checking and add an anti-phishing toolbar to your browser. These last ones help detect and may block known phishing sites.
  • Just because a friend posts or "likes" a shared link it doesn’t mean that it is safe to access, hackers often disguise links as interesting content to get to you, but this malware will likely affect your computer or mobile device in many of harmful ways.
  • We often ignore pop ups reminding us to update our computer security software. In this case, DO click, as soon as you can. An important part of staying safe is keeping them up to date.

 

The online shopping boom aroused by Black Friday also makes this month appropriate to share security tips so you can protect yourself from false special sales and ads that try to trick you into believing that they are leading you to get a great deal. If it sounds too good to be true, it probably is. Listen to your instincts! 

Check our Online Shopping tips and follow us on all of our social media gadgets for daily tips and information.

Facebook: RIT Information Security / Twitter: @RIT_InfoSec / Google+: RIT Information Security Pinterest: RIT InfoSec Instagram: @RIT_infosec 

Watch out for Good Ol’ Scammer Claus: Practice safe shopping online this holiday season

Watch out for Good Ol’ Scammer Claus: Practice safe shopping online this holiday season

(revised from an article written in the RIT University Magazine by Ben Woelk)



Consumers spent more than $46 billion shopping online last holiday season and will spend even more this year. According to Internet Retailer, this year’s online spending is estimated at $54 billion, and, “This holiday season will mark the fourth consecutive year of e-commerce spending growth.” To cyber criminals, more spending and the busy-ness of the season means more opportunity for identity theft and fraud.

As you begin your shopping, follow these guidelines to help ensure that you don’t become a victim.

  1. Make sure you’ve protected your computer. According to a survey by the National Cyber Safety Alliance, most home computers aren’t as well protected as their users believe. We recommend that you make sure your home computer meets the requirements of the RIT Desktop & Portable Computer Standard, especially updated anti-virus, before going online.

     
  2. Know from where you’re buying. Plug the website name into a search engine. What kinds of consumer reviews are returned?
  • Understand the seller’s return/exchange policy before buying.
  • Check the seller’s privacy policy to understand how they will protect your information.
  • If you’re shopping on an auction site, check the seller’s feedback to see what kind of experience others have had.

     
  1. Know what you’re buying. Don’t fall for a deal that looks too good to be true. Extremely low prices could be an indication that the item is a counterfeit. The website may also harbor malware that could attack your computer.

If you’re making several purchases, try to combine them in the same order if possible. It saves the amount of transactions you have to make and may also save you money on shipping costs.

  1. Only send your private information using secure web forms. Make sure the address bar begins with either shttp or https.
  • Look for a padlock or an unbroken key on your web browser to confirm that the site is secure. The padlock will be located at the left end of the address bar or in the bottom right part of the browser window.
  • Don’t respond to requests for private information. No legitimate retailer will ask you to submit private information by e-mail. Never give out bank account numbers or Social Security numbers online or in response to an e-mail.

     
  1. Use a secure payment method. Find out if your financial institution offers one-time use “virtual credit cards” or “temporary account numbers.” These use different numbers than your regular account and expire after a set time period. Credit cards offer the most protection. Federal law limits your fraud liability to $50 for unauthorized transactions. MasterCard and Visa offer zero liability for most debit transactions as well. If you’re not using a credit or debit card, don’t use cash or wire transfers. Use a money order or cashier’s check instead, since these methods are much easier to trace if something goes wrong.

     
  2. Keep a paper trail. Print copies of all of your orders and receipts as well as e-mail correspondence and product descriptions. Monitor your bank account and credit card statement after your transactions for any suspicious activity.

     
  3. If you suspect something is wrong: Contact the seller and inform them of the problem. Contact your financial institution or credit card issuer immediately to freeze your account(s). If necessary, file a complaint or identity theft report with the proper authorities:

 

For more information on safe online shopping, visit our Safe Online Shopping and Banking page and the following Web sites:

  1. NYS Attorney General’s Office: http://www.dhses.ny.gov/ocs/
  2. FTC: http://www.onguardonline.gov/articles/0020-shopping-online
  3. Staysafeonline.org: http://www.staysafeonline.org/stay-safe-online/protect-your-personal-information/online-shopping
  4. Safeshopping.org: www.safeshopping.org/

 

Subscribe to RSS - Online shopping