Money Credit and You© Latest News and Information

National Cyber Security Awareness Month: Top 4 Cyber Scams

National Cyber Security Awareness Month: Top 4 Cyber Scams

October 24, 2014

October is known as National Cyber Security Awareness Month and Unlock Your Wealth Radio is highlighting the top four cyber scams that could be affecting your money. Continue reading and become aware of these scams and the fraudsters who are looking to steal your financial and potentially personal information.

National Cyber Security Awareness Month

Let’s take a look at four of the top recent cyber scams affecting your money:

1. Fraud Alert: Online Debit & Credit Scams are on the Rise

Online credit and debit card fraud is on the rise come October 1 of next year. By that time retail establishments should be able to accept new credit and debit cards that have a chip embedded and require the use of a PIN when making purchases at the checkout counter. The idea is to make the cards smarter and help financial institutions to better detect fraudulent usage. The requirements of a PIN will strengthen a layer of identification and protection that can deter such fraud.

So, how do we know that this effort to increase security at the point of sale is going to actually drive online fraud? Entrepreneur answers, “because we already saw it happen in Europe.”

EMV-Card-1In 2002, European financial institutions starting rolling out these very same cards and point-of-sale terminals. We call this technology EMV (Europay, MasterCard and Visa). Financial institutions intend to make EMV a global standard for authenticating credit and debit card transactions using integrated chip technology.

This technology has now been partially or fully deployed in about 14 countries and regions, including most Asian Pacific nations, all of Europe, most of Latin America and the Caribbean. Every country and region in which EMV has been deployed has seen a corresponding surge in online fraud.

Four years after beginning the deployment of cards and new point-of-sale terminals, about 99 percent of businesses and consumers were utilizing EMV. No doubt the cards were effective at cutting offline abuse. Before EMV, Europe saw fraud losses in stores of about 13 basis points of net sales. After EMV, the offline fraud rate plummeted to just 3.5 basis points, according to Douglas King in the study, “Chip-and-Pin: Success and Challenges in Reducing Fraud.”

Credit cards chained up with padlockHowever, the online world was a fraud nightmare. Online credit and debit card fraud rates more than doubled from the pre-EMV days. Read more HERE!

 

When EMV technology was established, the crooks also started targeting debit cards over credit. Most debit cards use the magnetic stripe and therefore behave like credit cards without the chip and pin, making it easier for fraudsters to exploit both offline using the swipe and online using the debit card number.

Some will probably ask why online retailers don’t just require a PIN for all purchases as in-store clerks do with EMV. There might be a time when we see more of that kind of adoption here in the U.S. than we’ve seen in other countries that saw this surge in online fraud, even as offline fraud declined. However, putting any barrier to check out in the ecommerce world means a lot of full shopping carts that never make it to purchase.

Read this entire article HERE!

2. Backoff Malware Breach Continues

(Forbes) – Data breach has now hit six large companies, including top franchises Kmart, Dairy Queen and JP Morgan Chase. Recently Dairy Queen announced that 400 store locations had been compromised by Backoff malware. This seems to be an ongoing battle with hackers, and your personal finances.

Here is the latest report on data breaches, according to Forbes:

Dairy Queen – Dairy Queen confirmed that nearly 400 Dairy Queen locations (and one Orange Julius location) were compromised by Backoff malware in August. When news of a potential breach first broke in August, Dairy Queen denied the the breach initially but then began an investigation. The investigation revealed that the attackers used compromised account credentials from a third party vendor to get into Dairy Queen’s systems. Customers’ names, card information, and expiration dates were all accessed in the breach. Dairy Queen now believes that the malware has been contained, and the company’s website lists all affected stores as well as the dates of the attack.

JP Morgan Chase  – Last week, JP Morgan Chase confirmed that 76 million households and 7 million small businesses were impacted in a data breach in June and July.  JP Morgan says that financial data—including account numbers, passwords, dates of birth, Social Security cards—was not accessed in the breach. Customers who use Chase.com, JPMorganOnline, Chase Mobile or JPMorgan Mobile may have had their contact information accessed, including names, addresses, phone numbers and email address. Unlike in many breaches, JP Morgan Chase says customers don’t need to change passwords, monitor their credit, or get new credit cards, but the bank is warning customers to be wary of phishing attempts following the breach.

AT&T An employee accessed personal information belonging to approximately 1,600 AT&T customers in August, Reuters reports. AT&T informed these customers in a letter that their Social Security numbers, driver’s license numbers, and internal AT&T information were all potentially compromised by the employee, who has since been fired. AT&T is offering free credit monitoring services to customers, and recommends they change their account pass codes.

Other recent breaches include Kmart, PF Chang’s,  Home Depot, Touchstone Medical Imaging, Flinn Scientific, Michaels, and Neiman Marcus.

Read more on this article HERE!

3. 4 Ways Crooks Cash In On Your Personal and Financial Data

We’ve all heard about the massive data breaches and who’s at risk, what was taken and the fraud prevention services offered, but just how do these thieves convert that stolen data into cash?

Fox Business reports that it’s not so easy being a data crook. The processes criminals have to use to turn your information into money are specialized and complex.

Whether they are after a new line of credit or a spending spree, those looking to turn your sensitive information into an income have options. These are four of the favorite ways crooks turn your data into their cash.

1: Selling information on the black market

Once a cybercriminal, or a group, has a mass of stolen information they have to move quickly in order to make a profit and that often starts by going to an illegal online marketplace.

The black markets are well established, operating both nationally and internationally, and can cater to the needs of whatever type data criminals have to offer, whether it’s financial, identity, or credential-based information.

Credit card data markets in particular are set up for high traffic flow and quick processing, according to John Biggs, an editor for the information technology website TechCrunch.

“You can share millions of credit cards in a second,” he said. “It used to be a trickle, now it’s a torrent.”

Prevent this from happening to you by following the advice HERE!

2: Counterfeiting cards

In this scenario, all a crook needs to access and spend your money is the information stored in the magnetic strip on your debit or credit card.

This information, also known as track data, is transferred to any card with a magnetic strip using equipment that only costs fraudsters about $100.

More on this HERE!

3: Performing online commerce transactions

One example of a card-not-present fraud is the use of e-commerce sites such as eBay and Craigslist to make online transactions that result in a clean profit for the cybercriminals. Targeted e-commerce schemes accounted approximately 54% of cases last year, according to the 2014 Global Security Report by the data security company Trustwave.

To cover their tracks and successful get away with this type of scam, thieves often take out employments ads in their community looking for an assistant whose job is to act as a third party shipping and receiving destination. In exchange for their work, the assistants typically receive a small percentage of the criminal’s final profit.

Once that third party is established, the process can begin.

“Let’s say I’m a criminal, I have a stolen credit card, go to eBay, find an iPad and buy it with that card,” Tjiputra said. “I then have it shipped to my assistant’s home address and at the same time I put another advertisement on eBay selling that iPad for what appears to be a very attractive lower-than-market-value price, like $250.”

But there’s a catch…Unlock Your Wealth Radio reveals it HERE!

4: Opening new accounts

Exact card and bank account numbers are temporarily useful, but the more personal information a fraudster can get about you, the deeper and more inconspicuous damage they can do.

“Personal information is the holy grail,” Tjiputra said. “Social Security number and date of birth can get you anything — car loan, house mortgage, credit cards, you name it. Cellphone numbers, addresses and account passwords are even more helpful when all added together.”

Fraudsters know it, too. Nearly half of all 2013 data thefts did not involve payment card information, according to Trustwave’s report.

In addition to lines of credit and loans, criminals can also open utility accounts, such as electricity, cellphones or satellite TV, using your information without you, or anyone else, even knowing.

By putting their own addresses and contact information on the new accounts, cyber criminals can get away with spending the fraudulent lines of credit and using the services until the next time to check your credit report.

More on this story HERE!

4. OG&E Warns of Scam Calls 

OGE – A Muskogee business owner recently reported a phone scam and wants to warn other business owners, a media release states.

The scammer called the owner of the Sweet-n-Sassy Café and Bakery, 126 S. Main St., posing as an OG&E customer service representative collecting on a past due bill.

The caller threatened the business with disconnection if the bill was not paid right away. The owner contacted OG&E to confirm that her bill was current. When she informed the scammer of this, he hung up immediately.

“We’re getting a number of these complaints, and we want our customers to be aware of the scam,” said Kathleen O’Shea, manager of corporate communications for OG&E.

The best option for detecting a scam phone call is to hang up with the caller and contact OG&E about your account status. Another way to detect a scam call is to ask the caller to provide the account number and ask for the amount due (often a scam artist won’t have that information).

OG&E mails two separate notices prior to electric service disconnection: a 10-day notice and a 48-hour notice. The notices explain the reason for the disconnection, the total amount past due and the date when service may be disconnected if payment arrangements have not been made. OG&E also calls the customer with a 48-hour notice and another call is made the day before the service disconnection. OG&E’s Disconnection Policy can be found at OGE.

Customers can contact OG&E Customer Service from 8 a.m. to 5 p.m. Monday through Friday at (800)272-9741. Customers also can check account status online at oge.com.

Are you a victim of fraud or money scam? Share your story with us on the Money Credit and You Facebook page!