Posts Tagged: ‘yahoo’

Scam of the day – January 7, 2013 – Most dangerous websites

January 7, 2013 Posted by Steven Weisman, Esq.

Phishing is the name of the scam whereby you are lured to a phony website that appears to be legitimate, however when you click on links in these phony websites, download material from these websites or provide information to these websites, you put yourself in danger of identity theft or of downloading dangerous keystroke logging malware that can steal all of the information on your computer including credit card numbers, your Social Security number, passwords and various account information.  In addition, you may unwittingly have your computer taken over as a part of a botnet (for more information about botnets, check out other postings on scamicide.com or in “50 Ways to Protect Your Identity in a Digital Age”) whereby your computer is made part of the botnet circulating scams around the world.

TIPS

Recently Trend Micro issued a list of the most common websites that were the subjects of phony phishing websites during the past month.  The top ten websites of which you should be particularly wary of to make sure that you are dealing with the legitimate company are:  PayPal, Wells Fargo, Visa, Citibank, Bank of America, Aol, Yahoo, Hotmail, Gmail and Mastercard.  Things to look out for to avoid phishing websites are when you are directed to a website through an email that does not refer to you by name or if the email contains spelling errors or poor grammar that may indicate the email is coming from a foreign scammer (or a poorly educated American scammer).  A good rule to follow is to not click on links in emails or text messages to go to a website.  If you consider the email or message worth following up on, go to the website of the legitimate company by typing the URL that you know is correct into your browser.

Scam of the day – July 21, 2012 – LinkedIn class action

July 21, 2012 Posted by Steven Weisman, Esq.

Following up on the “scam of the day” of July 13th which dealt with data breaches at Yahoo, LinkedIn and others, you should be aware of a class action that has been filed in the U.S. District Court for the Northern District of California on behalf of all LinkedIn users.  According to the lawsui,t LinkedIn violated its own user agreement as well as industry standards by not fully encrypting its users’ personal information and by failing to store that information on separate servers from users’ passwords.  Additional allegations of lax security were also made.  I will keep you informed as to the progress of this class action.

TIPS

Don’t merely depend on the companies with which you do business to protect your personal information.  You should do the best you can to keep your information secure online.  Don’t store your credit card numbers on the websites of companies with which you do business online.  Put a credit freeze on your credit report to keep it safe even if a company with your information is hacked.  Don’t give out your Social Security number unless you absolutely must and use different and complex passwords for every company with which you do business online so that if one company is hacked, the identity thief does not have your password for everywhere else.

Scam of the day – July 14, 2012 – More Yahoo dangers

July 14, 2012 Posted by Steven Weisman, Esq.

Data breaches such as occurred this week with Yahoo, which shockingly did not even encrypt the data of its users often lead to even more scams through the use of the email addresses of the hacked individuals to send out phishing emails to unsuspecting victims who see an email from a trusted source that may contain a link that they click on to and unwittingly download malware such as keystroke logging programs that can steal all of the information off of your computer, such as your Social Security number, passwords, credit card numbers and more.  The risk of these types of phishing scams always increases following a large data breach such as the recent Yahoo, Formspring and LinkedIn data breaches.

TIPS

Always check with any website or company that will have information about you as to their own security.  Also do not store credit card numbers with companies that you do business with online.  It may be convenient for you to do so, but it exposes you to greater risk if there is a data breach.  Finally, never click on any link in an email even one from a friend until you have confirmed that it is legitimate by contacting the friend directly to make sure that it was he or she that sent it.  And even then you may wish to consider where they got the link to make sure that they are not unwittingly passing on malware to you.

Scam of the day – July 13, 2012 – Yahoo data breach and how to protect yourself

July 13, 2012 Posted by Steven Weisman, Esq.

Data breaches are a fact of modern digital life.  This week hundreds of thousands of Yahoo users had their usernames and passwords stolen from one of their databases and just within the past month social network sites Formspring and LinkedIn had their databases hacked into resulting in the loss of personal information of millions more people.  It is important to remember that your own personal security is only as safe as the company with the weakest security that holds your information.  But there are things you can do to protect yourself.

TIPS

Do not give your Social security number to companies that request it unless you truly legally must do so.  Your Social Security number is the key to identity theft and can provide access to to your credit report which in turn can provide an identity thief with access to your credit.  Use complex passwords and use different passwords for each of your accounts so that if a breach occurs, not all of your accounts are in jeopardy.  It is easy to pick  a passowrd with numbers and letters and just vary it slightly from account to account.  Put a credit freeze on your credit report so that even if someone gets your Social Security number and name, they cannot get access to your credit report. With a credit freeze, you credit report can only be accessed through a PIN that you keep private.

Scam of the day – June 28, 2012 – New phony government website scam

June 28, 2012 Posted by Steven Weisman, Esq.

As I recently indicated in a recent “scam of the day,” technologically savvy scammers have used their knowledge of the algorithms used by Google, Yahoo, Bing and other search engines to have the phony websites of the scammers come to the top of the list when you look for a legitimate website.  Recently in North Carolina, Lloyd Scher wanting to renew a driver’s license went online to get the phone number of the Deparment of Motor Vehicles of North Carolina and the search engine took him to a scammers website where he would have been charged for getting free forms.  Fortunately, Scher recognized that it was a scam and did not fall for the scam.

TIP

Whenever you go to a government website, it should end with “gov.”  This particular website ended with “com.”  Don’t provide personal information on line unless you are sure that the website is legitmate and never provide information that you think the website should not need.  Also never provide personal information unless the domain name starts with “https.”  The key is the letter “s” which indicates that  the information you provide is being encrypted.  Trust me.  You can’t trust anyone.  Just because a search engine brings up a website does not mean that it is legitimate.