Aug 14, 2017
IRS Scam Alert!
The IRS, state tax agencies, and the tax industry are warning industry professionals about a new, convincing phishing scam, capitalizing on the extension tax deadlines of Sept. 15 and Oct. 15.
The Internal Revenue Service issued a Security Summit Alert for tax professionals to beware of this new phishing email scam, which impersonates tax software providers. The message claims to offer software upgrades, and attempts to steal usernames and passwords to access the preparers’ accounts and mine sensitive client data.
“This sophisticated scam yet again displays cybercriminals’ tax savvy and underscores the need for tax professionals to take strong security measures to protect their clients and protect their business,” the IRS alert advised.
The latest email variation carries a subject line of “Software Support Update” and highlights an “Important Software System Upgrade.” The e-mail informs recipients that due to a recent software upgrade, the preparer must revalidate their login credentials. It provides a link to a fictitious website that mirrors the software provider’s actual login page. Instead of upgrading software, the duped tax professionals provide information to cybercriminals who use the stolen credentials to access the preparers’ accounts and to steal client information.
“This scam is targeting tax professionals and firms, attempting to steal highly sensitive client information, and, frankly, it’s not surprising,” Mike Wyatt, threat researcher, at San Francisco based digital threat management firm RiskIQ, said. He explained cybercriminals often leverage holidays, events, and other important dates in their threat campaigns, so it makes perfect sense to capitalize on the extended tax deadlines coming up. “Ultimately, getting people to click on their links requires social engineering, and leveraging themes and holidays is a reliable tactic for them.”
Kern Schools recommendations:
- When possible use Out of Band (OOB) authentication prior to clicking on any link or opening any attachment in an email. For example, if you get an email from someone you can call the individual or agency (but not with any information in the email) use the phone number posted on their web site. If you can confirm the email is legitimate then you can click on the link or open the attachment.
- Make sure you have antivirus protection and the software is updated with the latest threats.
- Slow down…ask yourself, why am I receiving this, is this the normal way I am contacted…the hacker always wants to create a sense of urgency for you to act quickly and try to address the issue or appear non-threatening…
February 10, 2017
Account Payoff SCAM
Alert for all Kern Schools Federal Credit Union Members!
What if someone came up to you today and said; “We can get you out of all your debt for a fraction of what you owe.” Or maybe “I can pay off all your loans today for only $1000.” Does it sound too good to be true…it probably is. Scam artists in the U.S. and around the world defraud millions of people each year by using the Internet to trick victims into sending money or giving out personal information. Scammers just want your money and access to your accounts. Be ALERT!
Never provide access to your accounts by giving someone your logon information. Common frauds include; tax filing, travel package, loans/credit, charitable, fake business or investment, and the list goes on.
USA.gov is a good resource for any questions about an offer you have to help with your loans. https://www.usa.gov/common-scams-frauds also check out these videos about common fraud schemes https://www.consumer.ftc.gov/blog/scam-money-runners?utm_source=govdelivery
November 18, 2016
Retail Apps Danger
Apple, Android, Chrome, Windows – does not matter – Fake Apps on Rise!
Exploitation— hackers see greater numbers of users downloading retailer apps for cost savings, deals and insider news. To take advantage of your interest, hackers are building apps that appear to be from retailers but they infect your device when downloaded. What to look for…
- Don’t just search app list, instead go to the website of the retailer to get a link to the legit app.
- Take a moment to check reviews, apps with few reviews or bad reviews are a big red flag.
- Be very judicious in deciding what app to download. Better safe than sorry.
- Give as little information as possible if you decide to use an app.
- Think twice before linking your credit card to any app!
Have a safe and happy holiday season…
Prevent Identify Theft
Here are a few basic steps you can take to avoid becoming a victim of identity theft and pretext calling. Identity theft is the fraudulent use of a person’s personal identifying information. Often, identity thieves will use another person’s personal information, such as a Social Security number, mother’s maiden name, date of birth, or account number to open fraudulent new credit card accounts, charge existing credit card accounts, write share drafts, open share accounts, or obtain new loans. They may obtain this information by:
- Stealing wallets that contain personal identification information and credit cards.
- Stealing credit union statements from the mail.
- Diverting mail from its intended recipients by submitting a change of address form.
- Rummaging through trash for personal data.
- Stealing personal identification information from workplace records.
- Intercepting or otherwise obtaining information transmitted electronically.
Click here to view further information.
Listed below are tips to protect yourself and your family from various forms of Internet fraud.
For information on the most common complaints and scams, see the annual reports of the Internet Crime Complaint Center, or IC3, a partnership of the FBI and the National White Collar Crime Center. Also see its information on Internet Crime Schemes and its Internet Crime Prevention Tips.
Tips for Avoiding Internet Auction Fraud:
- Understand as much as possible about how the auction works, what your obligations are as a buyer, and what the seller’s obligations are before you bid.
- Find out what actions the website/company takes if a problem occurs and consider insuring the transaction and shipment.
- Learn as much as possible about the seller, especially if the only information you have is an e-mail address. If it is a business, check the Better Business Bureau where the seller/business is located.
- Examine the feedback on the seller.
- Determine what method of payment the seller is asking from the buyer and where he/she is asking to send payment.
- If possible, purchase items online using your credit card, because you can often dispute the charges if something goes wrong.
- Be cautious when dealing with sellers outside the United States. If a problem occurs with the auction transaction, it could be much more difficult to rectify.
- Ask the seller about when delivery can be expected and whether the merchandise is covered by a warranty or can be exchanged if there is a problem.
- Make sure there are no unexpected costs, including whether shipping and handling is included in the auction price.
- There should be no reason to give out your social security number or driver’s license number to the seller.
Visit the FBI website for further tips on preventing Internet fraud.
Federal Trade Commission
How to Keep Your Personal Information Secure
Protecting your personal information can help reduce your risk of identity theft. There are four main ways to do it: know who you share information with; store and dispose of your personal information securely, especially your Social Security number; ask questions before deciding to share your personal information; and maintain appropriate security on your computers and other electronic devices.
Click here to visit the FTC website for further information.
External Bill Pay Options
Although there are several bill payment options available to our Members, as well as all consumers, Kern Schools does not endorse any services outside of DataNet online banking and DataMobile mobile banking.
Should you choose to use a bill payment service outside of DataNet and DataMobile, please be aware if payment(s) made are not presented to payees in a timely manner, you may be responsible for late fees. For this reason, Kern Schools strongly encourages our Members to research all bill payment service(s) prior to providing any account information.
Rather than using a bill payment provider outside of DataNet or DataMobile, Kern Schools encourages you to make all payments using our Bill Pay service. Doing this will help avoid late payments or fees.