Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Charityor Chicanery?
Thishasbeenayearfilledwith
naturaldisasters–tornadoes,
earthquakes,droughts,wildfires,
andfloods.Thedevastationto
livesandpropertyhasbeen
overwhelmingandmakesuswant
tohelpthevictims,frequently
throughdonationsofmoney.
Butbecareful:theFederalInternet
CrimeComplaintCenter(IC3)has
issuedanalertwarningyouthatbad
timesfrequentlybringoutbadpeople.
Whenyoumakeadonationtoacharity,
besuretoprotectyourselfbyfollowing
thesestraightforwardguidelines:
•Neverrespondtounsolicitedemail.
Deleteit.
•Beskepticalofpeoplerepresenting
themselvesasofficialsusingemail
tosolicitfordonations.
•Neverclickonalinkinan
unsolicitedemail.
•Becautiousofemailclaiming
tocontainpicturesinattachments.
Theattachmentsmight
containviruses.
•Donatedirectlytoknowncharities.
Ifyouarenotfamiliarwitha
particularcharity,theInternet
canprovideawealthofinformation.
Byusingthiseasystrategy,you
canensurethatyourhard-earned
dollarsaregoingexactlywhere
youwantthemtogo.
Fall2008
WhenU.S.legislatorsratifiedtheAnti-Spam
Actof2003,therewasanotableexclusion–
politicalcandidatesarestillallowedto
solicitcontributionsviaemail.Thisisa
mixedblessing.Itallowspolitical
candidatestoquicklyreachmillionsof
potentialcontributors,butitalsoprovides
agoldenopportunityforphishers.
Duringthe2000presidentialelection,phishing
wasstillinitsinfancyanditsimpactwas
minimal.Thenin2004,phisherstargetedthe
Kerry-Edwardscampaignbecausetheywere
activelyusingtheInternettocommunicate.
Oneoftheknownattackswasanemail
directingpeopletoaphonywebsitesoliciting
donations.Manypeoplewillinglyprovided
creditcardandotherpersonalinformation
thinkingthattheyweresupportingtheir
chosencandidate.
Inanotherscam,anemailrequestedthat
therecipientcallaspecific900numberto
discusstheissues.Thosewhocalledthe
numberwerebilledat$1.99perminute.
Neitherperpetratorwascaught.
Nowphishingattackshavegainedmomentum
andthe2008presidentialcampaignisa
well-stockedphishingpond!Herearesome
commonsensesuggestionstomakesure
yourmoneygoeswhereyouwantitto.
1. Ifyoureceiveanemailsolicitingadonation,doalittleresearchbeforeresponding.Bothcandidatesandphishersarecountingonyourimpulsiveness.
2.Donotclickonanylinkintheemailorviewanyattachments.Thesafestactionistocontactlocalcampaignheadquartersbytelephoneorinperson.Theycangiveyoutheofficialcampaignwebsiteaddress.
3.Beawarethatthereare“soundslike”webURLsthatcanbeusedforphishingexpeditions,somakesureyourepeatthewebsiteaddressbacktoverifyit.
4.Keepinmindthatyoushouldcontactthem.Donotrespondtoanunsolicitedtelephonerequestforacampaigncontribution.Unsolicitedcallscanbevishingattacks!
Theelectionpromisestobeanexcitingone
andweencourageyourparticipation–just
doitinawaythatprotectsyourpersonal
financesandinformation!
PhishingontheCampaignTrail
Protectingyourselfagainstphishingattacksisreallyquitesimple.
1. Make a call to verify information.Makesureyouusethephonenumberinyour
rolodex,notoneprovidedinasuspiciousemail.
2. Type it yourself. Don’tjustclickonalinkorcutandpasteitontoyourbrowser.
TypeyourtrustedURLyourselfandyou’llgettotherealdestination.
3. Beef up your security. There’snogoodreasonnottohaveanti-virus,anti-spam,and
spywaredetectiononyourcomputer.Thereareinexpensivesoftwarebundlesavailable
andevenfreeprogramsyoucandownloadfromtheInternet.
4. Read your bank and credit card statements. Takeaquickscanofyourstatements
assoonastheyarrive.Ifyouseesomethingsuspicious,it’smuchbettertocheckitout
soonerratherthanlater.
5. Recognize the Sharks. VisittheMaineAnti-PhishingCoalitionwebsiteatwww.noPhishing.org
forthelatestinformationonphishingattacksandlinkstohelpfulresources.
FiveEasyPieces(ofadvice)
TheOfficialNewsletterofnoPhishing.org
MEAPC.3120-13.noPhishingNewsletterIII v3.indd 1 8/15/08 3:13:37 PM
W H AT TO D O I F yO U S U S P EC T yO U ’ V E
• Immediately notify your bank.
Bepreparedtoprovidethebank
withasmuchinformationaspossible.
Theymayrequestthatyouforwardthem
thephishingemail.
• Place a fraud alert on your credit report
bycontactinganyofthethreeconsumer
creditbureausbelow.
– Equifax:1-800-525-6285;
www.equifax.com;P.O.Box740241,
Atlanta,GA30374-0241
– Experian:1-888-EXPERIAN
(397-3742);www.experian.com;
P.O.Box9532,Allen,TX75013
– TransUnion:1-800-680-7289;
www.transunion.com;FraudVictim
AssistanceDivision,P.O.Box6790,
Fullerton,CA92834-6790
Contactingoneofthesecompanies
automaticallyalertstheothertwo,who
willalsoplaceanalertintheirrecords.
Whenyoucall,aninitial90-dayfraudalert
willbeplacedonyourcreditreportanda
freecopyofyourreportwillbesenttoyou.
Thefraudalertpreventsanynewaccounts
frombeingopenedinyournamewithout
permission.Aftertheinitialfraudalerthas
expired,ifyou’vefiledapolicereportyou
canrequestanextended7-yearfraudalert.
Toobtainanextendedfraudalert,youmust
providethecreditbureauswithacopyof
yourinitialpolicereportandanyother
fraudreportstheymayrequire.
AsofFebruary,2006,Mainebecameone
ofseveralstatestoallowconsumersto
“freeze”theircreditreports.Withcertain
specificexceptions,asecurityfreeze
prohibitsacreditbureaufromreleasing
yourcreditreportoranyinformation
fromitwithoutyourexpressauthorization.
Thefreezegoesintoeffectfivebusiness
daysafterthecreditbureauhasreceived
yourletter.Aftertenbusinessdaysfrom
receivingyourlettertoplaceafreezeon
youraccount,thecreditbureauwillsend
youaconfirmationlettercontaininga
uniquePIN(personalidentificationnumber)
orpassword.KeepthisPINorpasswordin
asafeplace.Ifyourcreditfilesarefrozen,
evensomeonewhohasyournameand
SocialSecurityNumberprobablywould
notbeabletoobtaincreditinyourname.
Asecurityfreezeisfreetoidentity
theftvictimswhohaveapolicereport,
investigativereport,oracomplainttoa
lawenforcementagencyconcerning
identitytheft.
Toplaceafreeze,youmustwritetoeach
ofthethreecreditbureaus.Creditbureaus
chargea$10fee,unlessyouareavictim
whosendsacopyofyourpolicereport,
investigativereport,oracomplainttoa
lawenforcementagencyconcerning
identitytheft.
Here’swhatelseyoushoulddo:
• File a reportwithlocallawenforcement.
• Review credit card or bank statements
tomakecertainallactivitywaslegitimate.
• Formoreinformationonidentitytheft,
visittheFTCIdentityTheftwebsite.
http://www.ftc.gov/bcp/edu/microsites/
idtheft
Protect yourself!
Thiscomprehensivewebsitehasa
wealthofusefulinformationtargeted
atprotectingyouandyourpersonal
informationfromphishingattacksand
identitytheft.Itincludescommonsense
suggestionsonhowtobestprotect
yourconfidentialinformation,
up-to-datereportsofscams,whatto
doifyouthinkyourinformationhas
beencompromised,andlinkstoseveral
otherhelpfulwebsites.There’sevena
fungamecalled“PhishingScams—
AvoidtheBait”whichtestsyourability
torecognizeaphishingattempt.
SponsoredbytheMaineAnti-Phishing
Coalition(MEAPC),thewebsitestrives
toprovidetimelyandusefultopics
foryourfinancialandcybersecurity.
Memberbanksworktogetherto
maintainthesiteandtocreateposters,
newsletters,andseminarsdedicatedto
increasingyourawarenessoftechniques
usedinphishingandotherscams.
Pleaseinvestafewmomentsofyour
timeexploringwww.noPhishing.org.
Itwillbetimewellspent.
B E E N P H I S H E D
ParticipatingBanksintheMaineAnti-PhishingCoalition
MEAPC.3120-13.noPhishingNewsletterIII v3.indd 2 8/15/08 3:13:43 PM