cancel
Showing results for 
Search instead for 
Did you mean: 

A well timed email notice

Highlighted
Honorary Alumnus

A well timed email notice

US Department of Homeland Security US-CERT

National Cyber Awareness System:

 

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
11/30/2016 12:40 PM EST

Original release date: November 30, 2016

US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking sites may request support for phony causes.

To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, users are encouraged to take the following actions:

  • Avoid following unsolicited links or downloading attachments from unknown sources.
  • Visit the Federal Trade Commission's Consumer Information page on Charity Scams.

If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:

  • Report the attack to the police and file a report with the Federal Trade Commission.
  • Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
  • Immediately change any passwords you might have revealed and do not use that password in the future. Avoid reusing passwords on multiple sites.
7 REPLIES 7
Highlighted
Alum

Re: A well timed email notice

Hi Gwalk,

Thanks for sharing. It is definitely important to be vigilant during the holiday season. I know I am :-)

- Chris
Highlighted
Distinguished Professor IV

Re: A well timed email notice

I just found out that my folks got nailed.  They don't remain very vigilant about checking their balance and such regularly and found out today that someone had purchased upwards of $600 at Bon Ton.  The total was that much but they did it twice on the same day.   

They're getting new cards and hopefully their credit union will reimburse them (many banks and credit unions do up to a certain amount), but this is really irksome. 

We don't know exactly how their information was compromised, whether through their computer or just a number generator, but either way it's still disheartening that this sort of thing happens. 


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
Highlighted
Assistant Professor

Re: A well timed email notice

Sadly, the world we live in and older folks not that familiar with technology and the workings of the internet are even more vulnerable. Plenty of bad folks to go around both here and overseas. Sure hope they are able to recoup their money.
Highlighted
Distinguished Professor IV

Re: A well timed email notice

I'm going to be bringing their computer over here to run a lot of scans this weekend to make sure it is clean.  Not that this is sure to make some difference, nor that it had anything to do with this, but if there is even a one percent chance that they have some unwanted malware or virus on there, I want it gone.  I'm also going to make sure that all of their browser settings are correct and will make sure to install AdBlock Plus. 

I think their credit union probably will reimburse them, at least this time.  I actually had something similar happen to me twice years ago.  The difference, though, was that I was with HSBC at the time and they caught it due to the charges being different from my normal ones.  They stopped any further charges and called me.  They reimbursed me and sent me a new card.  The crazy thing about it, though, was that I was sent some of the things purchased.  Mostly beauty products.  LOL.   That was the first instance.  The second time it happened was the next year, but it was a lower amount, and the bank, of course, caught it again, called me, sent me a new card and reimbursed me again.   HSBC was good about fraudulent charges.

Electronic banking and shopping are great things, but there are definitely some drawbacks, and no matter how careful you are, they can still get you.  Even if you never shop online or use your card at a store or store ATM, and you get all of your cash directly from the bank without your card number being used by anything, EVER, including the bank's own ATM, and you pay all of your bills with money orders, they can still get you with number generators.  It's sad. 


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
Highlighted
Honorary Alumnus

Re: A well timed email notice

I never had any fraudulent Internet transactions but the wife had an issue with her Discover card. She handed over her card at Sears for a purchase and by the time we got home Discovers fraud protection service was on the phone.
We no longer do business at Sears.
Highlighted
Distinguished Professor IV

Re: A well timed email notice

Wow.  I bet the person at Sears that took the information was the one to actually perform the fraud.  I've seen newscasts about this very thing.  They write down the numbers or something and then use it.  Sears needs a better screening process and better monitoring of their employees that handle sensitive customer information. 

Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
Highlighted
Distinguished Professor II

Re: A well timed email notice

That stinks, Gabe. I hope they get their money back.   GWalk, I have read that internet transactions are much more secure than handing a credit card to a stranger who in many cases (such as in a restaurant) walks into a different room with it and does who knows what with the info.

As for better screening processes, YES.  At work we just had a spate of break-ins in offices during the holiday, with money taken and also electronics. The culprits?  Members of a security firm that the organization hires to work during holidays and weekends.