Resource Center

PRIVACY: Should You Unsubscribe From Spam Texts and Emails – Or Not?

How many emails do you receive in a typical day? If you are like most people, the answer is probably, “Too many!” Some are emails you want, others you no longer find useful and some are just plain spam. Obviously, the ones you want to receive are not a problem, but what can you do about the others? First let’s define what “spam” is. Spamhaus defines it this way, “Spam is an issue about consent, not content. Whether the Unsolicited Bulk Email (“UBE”) message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant – if the message was sent unsolicited and in bulk then the message is spam.” That means that if you subscribed to an email newsletter or agreed to receive sale notices from an online retailer those messages are not spam, even if they are no longer of interest to you. If you are receiving such emails from reputable organizations and want them to stop, clicking the unsubscribe link is the way to go. You should not, however, mark these emails as spam. Depending on your email service, marking legitimate emails as spam may affect how the email service treats them and people who want to receive them may find the messages directed to their spam box instead of their inbox. So what about the stuff you didn’t ask for and do not want in your inbox? You can’t stop spam. Anyone who has your email address can send email to you. And blocking an email sender seldom works as the spammers use lots of random email addresses to send their junk to you. Unsubscribing is not a good idea in these cases, as all this does is confirm to the spammers that they are sending to a valid address. They will send more spam or even sell your email address as a live address. Although you can’t stop spam, you can manage it. Spam filters are an important tool in keeping spam out of your inbox and relegating it to the junk or spam folder, where it belongs. Most email platforms use some kind of spam filtering, but none of them are perfect. You will have the occasional spam message slip through or even some false positives, where messages that are not spam get sent to the spam folder. You can train your spam filters and improve the results by marking messages that are improperly filtered. The best thing to do is take steps to keep your email address from falling into the hands of spammers in the first place: Do not post your email address publicly on websites, social media or other places.Do not respond to spam by unsubscribing or clicking on a link in the email.Disable images on email going to your spam folder. (When the image is accessed, it is like clicking on a link in an email and lets the spammers know they have a live one.)Do not give your email address to just anyone. When dealing with a new company, use a “throw-away” email address. Of course, another source spammers use to harvest email addresses are those emails your Aunt Bea sends of cute kitten pictures that she cc’s to everyone on the planet. You can ask Aunt Bea not to do that, but chances are she is going to keep right on sending them anyway. So, have a throw-away email for Aunt Bea to use,...

read more

Gift Cards Are Still a Favorite of Scammers

Your friends and family members may love receiving gift cards, but scammers love them, too. Gift cards are the preferred currency for many criminals as they can easily be converted to cash. And, once the scammers have the numbers off the cards, it is unlikely that you will be able to recover your money. There are many scams where the bad guys will ask for payment via a gift card. They include: imposters claiming to be from the IRS or a utility company, “tech support” asking ask you to pay to repair your computer, callers claiming to be family members needing cash for an emergency, someone buying something from you who sends a check for more than the purchase price and asks for a refund of the difference by gift card and many more. (Spoiler alert: The ones who overpay by check sent a worthless check.) The nature of these scams can vary, but there is one universal truth: If someone is asking you to pay with a gift card of some kind, it is a sure sign of a scam. One scam that is popular right now involves a scammer pretending to be representing a religious leader. The scammer asks people to send gift cards for a good cause and will often use the name of a local pastor or other known religious leader. The scammers act fast to drain the gift cards as soon as they can, but if you act quickly after realizing you have been scammed you may be able to recover at least some of your money. Immediately call the company that issued the gift card (you can find contact information for many of the gift cards most popular with scammers, here) to report the fraud. Even if you are cautious and believe that you and your family members are unlikely to fall for this type of fraud it is important to stay vigilant as scammers use sophisticated persuasion techniques to try to separate you from your money. Educate yourself, your parents and other family members that government agencies and others will never ask for payment by gift...

read more

CRIMEWARE: Cybersecurity While Working from Home

More employees than ever are working from home, and 85% of Chief Information Security Officers (CISOs) said that they had to sacrifice cybersecurity to quickly enable them to do so. Cybersecurity vendor Netwrix announced this and other findings from a June 2020 survey conducted to determine how organizations are responding to the work-from-home changes brought by the pandemic. Other findings include: 25% reported suffering a ransomware or other malware attack during the first three months of the pandemic; 47% were able to spot it in minutes. Though only 14% of organizations encountered data theft by employees, 66% are anxious about this scenario, compared to just over half pre-pandemic. 63% reported an increase in the frequency of cyberattacks and 60% found new security gaps as a result of the move to remote work. The most common threats experienced since the transition to remote work share a human factor: phishing (48%), administrative mistakes (27%) and improper data sharing (26%). “Many companies were caught unprepared when cities and states issued mandatory stay-at-home rules,” said Barbara Rembiesa, president and CEO of the International Association of IT Asset Managers (IAITAM). “Now, the rubber is going to meet the road when those companies, which are struggling not to be crippled by COVID-19, try to keep the cash flowing by having employees at home call or email for credit card information, print out invoices on untracked home computers, and send them out on personal Wi-Fi networks.” A study by cybersecurity firm Tessian found that 52% of employees cut corners and engage in riskier online behavior when working remotely. Distractions and pressure to get their work done quickly are affecting how people work. At a minimum, employees working from home should observe these eight best practices for working remotely: Avoid public Wi-Fi. If you must connect from a public location, use personal hotspots or a VPN. Keep work data on work devices. It is unlikely that your personal devices have the same levels of security as those maintained by your company IT department. By using your personal devices on your company’s network, you may be putting the integrity of the company network at risk. When working near others, block the sight lines so they cannot see your screen. A few bits of information captured while looking over your shoulder may be all a bad guy needs to hack into your personal or business accounts. Encrypt sensitive information in emails and on your device. Encryption keeps unauthorized persons from intercepting and reading your data. Lock your doors. Part of data security is keeping your devices physically secure to prevent theft. Never leave your devices or laptop in your car. That includes the trunk. Thieves can quickly strike if you step away. Don’t use unknown thumb drives. Hackers are known to drop thumb drives near companies they are trying to attack, knowing that some employees will pick up the malware-loaded drives and use them, giving the hacker access to the company’s data. Use a USB data blocker when charging your device at a public charging station. It is best not to use a public charging station but, if you must, use a data blocker to prevent possible theft of your data or installation of malware on your device. Working from home due to COVID-19 presents both risk and opportunity for employers and employees. It is likely that we will see new technologies develop that will minimize risks while taking advantage of the opportunities. In the meantime, following smart security protocols will go a long way toward maintaining your organization’s...

read more

SCAMS: COVID-19 Scams

Every newsworthy event becomes a hook for scammers who want to get our money or our personal information, and scammers have eagerly taken advantage of the confusion, concern and even panic surrounding the Coronavirus (COVID-19) pandemic. The scams being put forth are similar to past frauds, but with a Coronavirus spin. Scammers may approach potential victims via telephone, text or email, or even in person. The specifics of the scams are unique to the pandemic, but underneath the Coronavirus sheep’s clothing the scams themselves are the same wolves we have seen for many years. Some of the most common COVID-19 scams include: Telephone scams telling Medicare recipients they qualify for testing and asking for their SocialSecurity Number and other personal information Scammers asking for donations to fake charities Scams related to potential government payments to businesses and consumers The Identity Theft Resource Center offers these tips to avoid common COVID-19 scams: Go to the source. If you are unsure if something is legitimate, go directly to the company or agency that would be responsible.  Do not rely on the contact information in the communication you received. An email or phone call asking for a Social Security number, driver’s license number, credit card number or bank account information is probably from a scammer. Social media messages claiming to be from the government for anything regarding COVID-19 are likely scams. Report it to the social media platform and block the sender. The government does not contact individuals through social media. COVID-19 phone scams are running rampant, promoting everything from COVID-19 testing to government benefits to bogus “cures” for the virus. Don’t answer calls from unfamiliar numbers and do not return calls from voicemails unless you are certain of the caller’s identity. If you are not certain if a call is legitimate, look up the actual number for the alleged caller and call them back. Keep your wits about you and review these tips as needed to help ensure you do not fall prey to the latest iterations of...

read more

MyIDMatters Content for Issue 43, Q1 2020

View document here.

read more

MyIDMatters Content for Issue 39, Q1 2019

View document here.

read more

Credit Freezes Are Now Free (Legal)

Consumers in most states were required to pay to put a freeze on their credit file, but as of September 21, 2018 it is now free. This article will explain what a credit freeze does, why consumers might choose a freeze and how to put freezes in place at the three major credit bureaus. Link: https://www.consumer.ftc.gov/blog/2018/10/new-credit-law-faqs Link: https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/ Link:...

read more

From the Internet of Things to the Internet of Bodies (Privacy)

“The line between human and machine is blurring — and creating new concerns about consumer safety and privacy rights,” says Mary Lee, a mathematician for the RAND Corporation. The Internet of Things (IoT) has seen us connecting everything from cars to toasters to light switches to the Internet. New medical devices connect our bodies to the Internet as well—creating the “Internet of Bodies.” Implanted devices not only monitor the functioning of a body, they have the potential to control it. Having your phone hacked could be annoying and expensive. Having your pacemaker hacked could be fatal. This article will explore the current state of the Internet of Bodies and what the future may hold. Link: https://motherboard.vice.com/en_us/article/gvyqgm/the-internet-of-bodies-is-coming-and-you-could-get-hacked Link: https://www.washingtonpost.com/news/theworldpost/wp/2018/10/15/health-data/ Link:...

read more

Agent Tesla Malware (Crimeware)

Keyloggers are nothing new, but Agent Tesla takes the capabilities of simple keyloggers to new levels. Among other capabilities, Agent Tesla can steal passwords from all major browsers, and capture snapshots of the victim’s keystrokes, their desktop, and pictures from their webcam at timed intervals. Although Agent Tesla has been around for a few years, there has recently been an increase in its popularity with more than 6,300 customers paying subscription fees to license the malware. This article will look at what Agent Tesla does and how it is spread. Link: https://krebsonsecurity.com/2018/10/who-is-agent-tesla/ Link: https://www.digitrustgroup.com/agent-tesla-keylogger/ Link: https://www.securityweek.com/new-agent-tesla-spyware-variant-discovered Link:...

read more

Soon, the Majority of Mobile Calls Will Be Fraudulent (Scams)

After analyzing more than 50 billion calls made to mobile customers over 18 months, technology company First Orion predicts that nearly half of all calls to mobile phones will be fraudulent in 2019 unless the industry adopts and implements more effective call protection solutions. Over the past year, First Orion’s data shows a drastic increase in mobile scam calls—from 3.7% of total calls in 2017 to 29.2% in 2018—and that number is projected to reach 44.6% by early 2019. This article will look at reasons for the surge in fraudulent calls, and suggest steps consumers can take to reduce the number of scam calls they receive. Link: https://firstorion.com/nearly-50-of-u-s-mobile-traffic-will-be-scam-calls-by-2019/ Link: https://www.aarp.org/money/scams-fraud/info-2018/scammer-calls-increasing.html Link: https://www.cnbc.com/2018/06/12/you-think-its-your-friend-calling-but-its-actually-this-growing-phone-scam.html Link:...

read more

How Scammers Gain Your Trust (Scams)

One reason scammers are so effective is that they are skilled at getting their victims to trust them and fall for their scams. However, consumers who know the signs of a scam are better prepared to resist. This article will discuss some of the common tricks employed by scammers and how consumers can protect themselves. Link: https://www.rd.com/advice/relationships/con-artists-win-trust/ Link: http://home.bt.com/tech-gadgets/computing/security/six-tricks-fraudsters-use-to-gain-your-trust-11364184899041 Link: https://www.ajc.com/marketing/things-scammers-tell-you/f1bIl7nvZa0pa14K07VmeN/ Link:...

read more

Biometric Privacy (Privacy)

Imagine not having to remember log in IDs and passwords, and using a fingerprint or retinal scan for all of your log ins. It is called biometrics, and it is already happening. For example, the newest iOS and Android phones use facial recognition to unlock the phones and authorize transactions. Although this new technology is convenient, it comes at a price. For biometrics to work there has to be a database of biometric scans to match against. That leads to questions about the security of stored biometric data. This article will look at the present and future of biometrics and the legal and privacy issues involved. Link: https://www.eff.org/issues/biometrics Link: https://computer.howstuffworks.com/biometrics-privacy.htm Link: https://privacypolicies.com/blog/privacy-policy-biometrics-laws/ Link: https://www.epic.org/privacy/biometrics/ Link:...

read more

Quarterly Newsletter:

Get Rid of Unused Apps (Privacy) The typical smart phone user has many more apps on their phone than they actually use. They download the hot new app, use it for a while, and then forget about it, leaving it to take up space on the phone. But filling your phone with unused apps poses more serious dangers than simply maxing out your phone’s storage. It can leave you open to cyberattacks, phishing, and scams. This article will discuss the dangers of keeping old, unused apps on your phone, and the best ways to clean up Android and iOS phones.          Link: https://www.kaspersky.com/blog/my-precious-data-report-one/14093/ Link: https://www.consumer.ftc.gov/blog/2017/12/get-rid-unwanted-apps Link: https://www.androidpit.com/android-apps-you-should-remove-immediately Link: https://www.popsci.com/delete-your-apps Link:...

read more

Podcast: Security Resolutions to Keep Your Identity Safe

The New Year is a perfect time for making resolutions. So while you are resolving to work out more often, eat healthier and get out of debt, take a few minutes to make and implement these simple resolutions that will help protect you from hacking and identity theft.

read more

Five Identity Theft Terms You Need to Know

Credit Freeze Credit Report Medical Identity Theft Phishing Synthetic Identity Theft

read more