Recent & Popular Scams

Equifax Data Breach

Equifax has reported a data breach which has exposed non-public consumer information.  As a courtesy to our customers,  please see the Equifax Notice to Consumers that provides additional information. Consumers may also visit The Federal Trade Commission (FTC) website page for more information about this breach.

Hurricane Phishing Scams

The Department of Homeland Security warns users to remain vigilant for malicious cyber activity that may use Hurricane releif as a method to exploit consumers. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to a Hurricane, even if it appears to originate from a trusted source. Fraudulent emails will often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations commonly appear after major natural disasters.

They encourage users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

  • Do not follow unsolicited web links in email messages.
  • Use caution when opening email attachments. Refer to the US-CERT Tip Using Caution with Email Attachments for more information on safely handling email attachments.
  • Keep antivirus and other computer software up-to-date.
  • Refer to the Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
  • Review the Federal Trade Commission information on Charity Scams.
  • Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.

Telephone Tech Support Scams

Cybercriminals often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you're using. Once they've gained your trust, they might ask for your user name and password or ask you to go to a legitimate website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable. Do not trust unsolicited calls. Do not provide any personal information. If someone calls you and is claiming to be tech support do not purchase any software or services from them. Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer. Never provide your credit card or financial information to someone claiming to be from tech support.

E-mail Account Compromise

E-mail Account Compromise (EAC) is a sophisticated scam that targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. In EAC scams, criminal actors use social engineering or computer intrusion techniques to compromise the e-mail accounts of unsuspecting victims. In many cases, a criminal actor first gains access to a victim’s legitimate e-mail address for reconnaissance purposes. The criminal actor then creates a spoofed e-mail account that closely resembles the legitimate account, but is slightly altered by adding, changing, or deleting a character. The spoofed e-mail address is designed to mimic the legitimate e-mail in a way that is not readily apparent to the targeted individual. The criminal actor then uses either the victim’s legitimate e-mail or the spoofed e-mail address to initiate unauthorized wire transfers. To help protect yourself, do not open e-mail messages or attachments from unknown individuals and be aware of small changes in e-mail addresses that mimic legitimate e-mail addresses.

Gift Card Scams

Has someone asked you to go get a gift card to pay for something? Lately, people have been asked to pay with gift cards – by a caller claiming to be with the IRS, or tech support, or a so-called family member in need. If you’ve gotten a call like this, you know that the caller will then demand the gift card numbers and PIN. And, poof, your money is gone.

Scammers are good at convincing people there really is an emergency, so lots of people have made the trip to a box store or convenient store to buy gift cards to send these callers. And scammers love gift cards – it’s one of their favorite ways to get your money. These cards are like giving cash – and nearly untraceable, unless you act almost immediately.

So here’s the most important thing for you to know: anyone who demands payment by gift card is always, always, always a scammer. Try this gift card buying exercise out at home – especially when anyone asks you to pay with a gift card:

Q: Should I buy an iTunes, Google Play, Food Lion, Acme, Walgreens, BestBuy, Amazon, CVS, Rite Aid or ANY OTHER gift card for someone who demands payment? For any reason?

A: NO.

Gift cards are for gifts, not payments. If you’ve bought a gift card and lost money to someone who might be a scammer, tell the company who issued the card. (The contact info might be on the card, but might require some research) Call or email iTunes or Amazon or whoever it was. Tell them their card was used in a scam. If you act quickly enough, they might be able to get your money back. But – either way – it’s important that they know what happened to you. And then please tell the FTC about your loss. Your report helps them try to shut the scammers down.

Gmail Update Phishing

Many phishers actively target Gmail users and attempt to steal their credentials. Phishers will often say that you need to update your Gmail account information or your account will be suspended. The link provided in the email will appear to be https://accounts.google.com, but in reality the link will take the user to a site controlled by the phisher. Beware of these types of emails, and always double check that the URL in the address is what you expect before entering personal information or passwords. If you have Gmail, consider turning on two-step verification to add an extra layer of security to your Google Account.

Dorkbot

Dorkbot is a botnet used to steal online payment, participate in distributed denial-of-service (DDoS) attacks, and deliver other types of malware to victims’ computers. According to Microsoft, the family of malware used in this botnet “has infected more than one million personal computers in over 190 countries over the course of the past year.” Dorkbot-infected systems are used by cyber criminals to steal sensitive information (such as user account credentials), launch denial-of-service (DoS) attacks, disable security protection, and distribute several malware variants to victims’ computers. Dorkbot is commonly spread via malicious links sent through social networks instant message programs or through infected USB devices. To protect yourself you should use and maintain anti-virus software. You should also change your passwords often.

 

How Can We Help Toolbar Button
Easton, Maryland
65° F
18° C
Sunny
SW at 13 mph
0 mm
83%
16 km
1014 mmHg
0%
Sunday
82°
28°
59°
15°
Sunny
SSW at 20 mph
Monday
66°
19°
50°
10°
Partly Cloudy
WNW at 22 mph
Tuesday
59°
15°
42°
Sunny
NW at 14 mph
Wednesday
57°
14°
43°
Partly Cloudy
NW at 18 mph
Thursday
59°
15°
39°
Sunny
S at 13 mph
Change Location