Posts by xmisupport

PRIVACY: Should You Unsubscribe From Spam Texts and Emails – Or Not?

How many emails do you receive in a typical day? If you are like most people, the answer is probably, “Too many!” Some are emails you want, others you no longer find useful and some are just plain spam. Obviously, the ones you want to receive are not a problem, but what can you do about the others? First let’s define what “spam” is. Spamhaus defines it this way, “Spam is an issue about consent, not content. Whether the Unsolicited Bulk Email (“UBE”) message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant – if the message was sent unsolicited and in bulk then the message is spam.” That means that if you subscribed to an email newsletter or agreed to receive sale notices from an online retailer those messages are not spam, even if they are no longer of interest to you. If you are receiving such emails from reputable organizations and want them to stop, clicking the unsubscribe link is the way to go. You should not, however, mark these emails as spam. Depending on your email service, marking legitimate emails as spam may affect how the email service treats them and people who want to receive them may find the messages directed to their spam box instead of their inbox. So what about the stuff you didn’t ask for and do not want in your inbox? You can’t stop spam. Anyone who has your email address can send email to you. And blocking an email sender seldom works as the spammers use lots of random email addresses to send their junk to you. Unsubscribing is not a good idea in these cases, as all this does is confirm to the spammers that they are sending to a valid address. They will send more spam or even sell your email address as a live address. Although you can’t stop spam, you can manage it. Spam filters are an important tool in keeping spam out of your inbox and relegating it to the junk or spam folder, where it belongs. Most email platforms use some kind of spam filtering, but none of them are perfect. You will have the occasional spam message slip through or even some false positives, where messages that are not spam get sent to the spam folder. You can train your spam filters and improve the results by marking messages that are improperly filtered. The best thing to do is take steps to keep your email address from falling into the hands of spammers in the first place: Do not post your email address publicly on websites, social media or other places.Do not respond to spam by unsubscribing or clicking on a link in the email.Disable images on email going to your spam folder. (When the image is accessed, it is like clicking on a link in an email and lets the spammers know they have a live one.)Do not give your email address to just anyone. When dealing with a new company, use a “throw-away” email address. Of course, another source spammers use to harvest email addresses are those emails your Aunt Bea sends of cute kitten pictures that she cc’s to everyone on the planet. You can ask Aunt Bea not to do that, but chances are she is going to keep right on sending them anyway. So, have a throw-away email for Aunt Bea to use,...

read more

Gift Cards Are Still a Favorite of Scammers

Your friends and family members may love receiving gift cards, but scammers love them, too. Gift cards are the preferred currency for many criminals as they can easily be converted to cash. And, once the scammers have the numbers off the cards, it is unlikely that you will be able to recover your money. There are many scams where the bad guys will ask for payment via a gift card. They include: imposters claiming to be from the IRS or a utility company, “tech support” asking ask you to pay to repair your computer, callers claiming to be family members needing cash for an emergency, someone buying something from you who sends a check for more than the purchase price and asks for a refund of the difference by gift card and many more. (Spoiler alert: The ones who overpay by check sent a worthless check.) The nature of these scams can vary, but there is one universal truth: If someone is asking you to pay with a gift card of some kind, it is a sure sign of a scam. One scam that is popular right now involves a scammer pretending to be representing a religious leader. The scammer asks people to send gift cards for a good cause and will often use the name of a local pastor or other known religious leader. The scammers act fast to drain the gift cards as soon as they can, but if you act quickly after realizing you have been scammed you may be able to recover at least some of your money. Immediately call the company that issued the gift card (you can find contact information for many of the gift cards most popular with scammers, here) to report the fraud. Even if you are cautious and believe that you and your family members are unlikely to fall for this type of fraud it is important to stay vigilant as scammers use sophisticated persuasion techniques to try to separate you from your money. Educate yourself, your parents and other family members that government agencies and others will never ask for payment by gift...

read more

CRIMEWARE: Cybersecurity While Working from Home

More employees than ever are working from home, and 85% of Chief Information Security Officers (CISOs) said that they had to sacrifice cybersecurity to quickly enable them to do so. Cybersecurity vendor Netwrix announced this and other findings from a June 2020 survey conducted to determine how organizations are responding to the work-from-home changes brought by the pandemic. Other findings include: 25% reported suffering a ransomware or other malware attack during the first three months of the pandemic; 47% were able to spot it in minutes. Though only 14% of organizations encountered data theft by employees, 66% are anxious about this scenario, compared to just over half pre-pandemic. 63% reported an increase in the frequency of cyberattacks and 60% found new security gaps as a result of the move to remote work. The most common threats experienced since the transition to remote work share a human factor: phishing (48%), administrative mistakes (27%) and improper data sharing (26%). “Many companies were caught unprepared when cities and states issued mandatory stay-at-home rules,” said Barbara Rembiesa, president and CEO of the International Association of IT Asset Managers (IAITAM). “Now, the rubber is going to meet the road when those companies, which are struggling not to be crippled by COVID-19, try to keep the cash flowing by having employees at home call or email for credit card information, print out invoices on untracked home computers, and send them out on personal Wi-Fi networks.” A study by cybersecurity firm Tessian found that 52% of employees cut corners and engage in riskier online behavior when working remotely. Distractions and pressure to get their work done quickly are affecting how people work. At a minimum, employees working from home should observe these eight best practices for working remotely: Avoid public Wi-Fi. If you must connect from a public location, use personal hotspots or a VPN. Keep work data on work devices. It is unlikely that your personal devices have the same levels of security as those maintained by your company IT department. By using your personal devices on your company’s network, you may be putting the integrity of the company network at risk. When working near others, block the sight lines so they cannot see your screen. A few bits of information captured while looking over your shoulder may be all a bad guy needs to hack into your personal or business accounts. Encrypt sensitive information in emails and on your device. Encryption keeps unauthorized persons from intercepting and reading your data. Lock your doors. Part of data security is keeping your devices physically secure to prevent theft. Never leave your devices or laptop in your car. That includes the trunk. Thieves can quickly strike if you step away. Don’t use unknown thumb drives. Hackers are known to drop thumb drives near companies they are trying to attack, knowing that some employees will pick up the malware-loaded drives and use them, giving the hacker access to the company’s data. Use a USB data blocker when charging your device at a public charging station. It is best not to use a public charging station but, if you must, use a data blocker to prevent possible theft of your data or installation of malware on your device. Working from home due to COVID-19 presents both risk and opportunity for employers and employees. It is likely that we will see new technologies develop that will minimize risks while taking advantage of the opportunities. In the meantime, following smart security protocols will go a long way toward maintaining your organization’s...

read more

SCAMS: COVID-19 Scams

Every newsworthy event becomes a hook for scammers who want to get our money or our personal information, and scammers have eagerly taken advantage of the confusion, concern and even panic surrounding the Coronavirus (COVID-19) pandemic. The scams being put forth are similar to past frauds, but with a Coronavirus spin. Scammers may approach potential victims via telephone, text or email, or even in person. The specifics of the scams are unique to the pandemic, but underneath the Coronavirus sheep’s clothing the scams themselves are the same wolves we have seen for many years. Some of the most common COVID-19 scams include: Telephone scams telling Medicare recipients they qualify for testing and asking for their SocialSecurity Number and other personal information Scammers asking for donations to fake charities Scams related to potential government payments to businesses and consumers The Identity Theft Resource Center offers these tips to avoid common COVID-19 scams: Go to the source. If you are unsure if something is legitimate, go directly to the company or agency that would be responsible.  Do not rely on the contact information in the communication you received. An email or phone call asking for a Social Security number, driver’s license number, credit card number or bank account information is probably from a scammer. Social media messages claiming to be from the government for anything regarding COVID-19 are likely scams. Report it to the social media platform and block the sender. The government does not contact individuals through social media. COVID-19 phone scams are running rampant, promoting everything from COVID-19 testing to government benefits to bogus “cures” for the virus. Don’t answer calls from unfamiliar numbers and do not return calls from voicemails unless you are certain of the caller’s identity. If you are not certain if a call is legitimate, look up the actual number for the alleged caller and call them back. Keep your wits about you and review these tips as needed to help ensure you do not fall prey to the latest iterations of...

read more

MyIDMatters Content for Issue 43, Q1 2020

View document here.

read more