EverSafe Scam Watch
Protecting Your Financial Health
Beware of Scammers who Pretend to Work for Amazon
Even before the pandemic, we were getting more and more comfortable with the ease of shopping from home. This year, it has been a lifesaver to order goods online, especially for older consumers.
But fraudsters know that. They have devised ways to trick online consumers out of their savings. Don’t let them trick you.
AARP reports that criminals who say they work for Amazon and other trusted brands are reaching out to online shoppers with phony stories that are designed to capture their personal financial data. In one case, scammers claimed to work for Amazon’s Security Team. Another pretended to work for “Apple Mobile Support.”
In this scheme, consumers may get an email warning that suspicious activity has occurred on their Amazon account. Consumers are then urged to click on a link and provide data, which fraudsters use for identity theft. Victims are often pressured to send money with gift cards.
The good news is that common sense and caution can protect you. Don’t automatically trust a phone number or website. Don’t send money, if you have doubts. Make sure you’re dealing with a safe email address. You can always request more information to confirm that you are connecting with Amazon or another legitimate supplier.
According to Amazon, the following guidelines can help you avoid frauds that aim to exploit your online shopping trips:
- Do not do business with a seller that directs you away from Amazon. A legitimate Amazon.com seller transaction will never occur outside of Amazon.
- Do not send money to a seller who claims that Amazon will guarantee the transaction and refund your money if you are not satisfied with the purchase, or hold your funds in escrow.
- Do not respond to an Internet or phone offer that you aren’t sure is honest.
- Do not make a payment to someone you don’t know or whose identity you can’t verify.
- Do not respond to emails that ask you to provide or confirm account information, such as your e-mail address and password combination. Amazon employees will never request that information.
- Do not make a payment to claim lottery or prize winnings, or on a promise of receiving a large amount of money.
- Do not make a payment because you are “guaranteed” a credit card or loan.
RISK FACTOR: Your Home Office
More Americans are not only working from home but enjoying it. In fact, more than half—three in five of those who work remotely—say they wish to continue working from home when the health crisis is finally over, according to the Gallup poll. This long-term trend provides a growing opportunity for scammers. A recent survey by IBM should be a wakeup call for workers and their employers. The poll of more than 2,000 Americans who now work remotely highlights a lack of protections against cybercrime, and a lack of guidance from their employers. This matters for employees, their companies and the consumers who trust them. For example, customer service representatives who formerly worked under careful supervision in call centers may now be managing personal customer data from their homes. Among the findings: Overconfidence is a risk. More than nine in 10 remote workers expressed confidence in their employer’s ability to secure personal information. Yet half are using their personal laptops—often with no new tools for security or special training in how to safeguard data. Companies lack data-protection policies. More than half of those surveyed knew of no new company policies for secure handling of customer data. Home devices may be unprotected. More than 50 percent of remote workers are using personal computers, and 61 percent said that their employers had not provided tools to protect them. Passwords can be a vulnerability. More than one in three remote workers—35 percent—are re-using passwords and have received no guidelines on password management. Many companies can do more to keep data secure as remote work proliferates. We urge employees to be aware of the risks, take the steps they can, and remind their employers of potential dangers. * * * * Scams, elder fraud and identity theft have all gotten a boost in the pandemic. We need to work together to safeguard people’s savings (and not only their identities) and stop exploiters in their tracks.
How to Protect Your Kids Online
With millions of children passing their days at home instead of in school buildings, their online devices can be a crucial source of social connection and entertainment. But smartphones, video games, laptops and tablets can also connect kids with scammers.
Identity thieves may consider children to be valuable targets, because it may never occur to anyone to check whether kids’ names are being used to open credit cards or make large purchases. It’s a good reason for parents to talk with children about not sharing personal information with strangers, including those who may target them online.
“A lot of kids right now are spending more time online, so you want to make sure that there are adequate security mechanisms and that your passwords are up to date,” said West Virginia Attorney General Patrick Morrisey. “Also, talk to your kids about the potential for abuse of social media. A lot of people are going to try to befriend a child online, lure them in, and get them to give their password or some personal, identifiable information.”
Morrisey offers the following suggestions to keep kids safe from online identity theft:
- Lay down ground rules as a protective measure.
- Warn children that private information should not be shared on websites.
- Caution children against downloading games or apps from third-party sites. It’s also a good idea to have an adult approve any downloads.
- Maintain strict privacy settings on Facebook and other social networks.
- Consider keeping an eye on your child’s identity—with a monitoring service that can send you notifications if it’s compromised.
TIP: Use Two-Factor Authentication When You Can
Why not make it harder for the bad guys? Two-factor authentication lets you do just that.
All this technical term really means is that you have an extra layer of security before anyone can access one of your accounts. It means that if a scammer somehow gets hold of your password, that’s not enough info to log in.
You’ve probably used two-factor authentication many times, even if you don’t realize it. Say you are trying to log in to one of your accounts, but you must first agree to receive a code on your smartphone and send it back before you are allowed in. That’s a common example of two-factor authentication. Technology also is enabling authentication through unique physical traits, such as your fingerprint or retina.
While this technology does not shield you 100 percent from scams, it makes it much harder for criminals, who would rather devote their time to easier targets. Whatever the precise method of authentication, two-factor (or even stronger, “multiple factor”) verification gives meaningful, added protection.
Be aware that even when two-factor authentication is not required, you often may be able to turn it on. Just go to the security settings of an account, including social media, and enable it.
It always makes sense to guard against fraud.