Although the election season is over, that hasn’t stopped scammers from trying to steal personal and financial information using political angles. In my case, it’s been calls that start with what appears to be a message from former President Barak Obama. Suspecting a scam, I simply hang up.
My instinct has been validated by a recent alert from the Better Business Bureaus (BBB) about this very scam. In their alert, BBB warns consumers that these calls start either with a recorded message that sounds as if it’s from former President Obama or former Secretary of State Hillary Clinton (bbb.org; “Just Hang up on Phony Fundraising Calls”).
Since I always hang up, I didn’t know the other useful information in the BBB alert. They warn that consumers who press the button to speak with a donation agent are likely going to be asked for credit card and other personal information that will be used in future scams. Once they get this information, the scammers can use it for fraudulent charges and, even more serious, for identity theft purposes.
Consumers should just hang up on these calls. Anyone wanting to make a donation of any sort should contact the organization directly. That way, a good deed will go to the intended organization and not help scammers.

The April 18th tax filing deadline is just over a month away. So it seemed liked a very good time to remind consumers that this is another time of year when there’s a spike in the number and variety of scams trying to get personal and financial information.

I’ve posted articles over the years about the various types of tax and tax return phishing scams. This year, I want to make sure consumers know about the newest helpful information that can be found on the IRS website (irs.gov). Consumers should check this site to get the latest updates on IRS and tax-related scams.

There are several links with specific information that consumers will find very helpful. The “Tax Time Guide” provides an array of tax return guidance.  Under the “Scams” link, consumers will find timely updates under the “Tax Scams/Consumer Alert” heading.

Consumers will benefit from reviewing these IRS guides and updates. It only takes a few minutes and can help consumers take pro-active steps to help avoid ID theft and other tax-time related scams.

 

It is very frustrating to realize that data aggregators collect more personal information about all of us than we know. What’s equally frustrating is trying to figure out what, if anything, can be done to minimize the exposure individuals have since data aggregators are not transparent about the ways in which these troves of personal information are used and to whom they are sold or with whom they are shared.

That situation makes Fahmida Y. Rashid’s recent article on this very issue so valuable. Ms. Rashid is a Senior Writer for InfoWorld and she’s written an article outlining the time-consuming steps that consumers will have to take to try and reduce, if not totally eliminate, their data held by data aggregators (“How to scrub your private data from ‘people finder’ sites; February 23; http://www.csoonline.com/article/3173231/security/how-to-scrub-your-private-data-from-people-finder-sites.htm).

As Ms. Rahshid explains, data aggregators will say that they are collecting this information for such neutral or positive purposes as background checks. However, as she notes, these volumes of personal data present rich opportunities for identity theft, stalking and other negative purposes. She then provides a great service of laying out the steps that are entailed and the kinds of personal information and documents that someone will need to have assembled prior to beginning the opt-out process.

As Ms. Rahshid writes, these processes require patience and advance planning because they are multi-stepped. Consumers who might be interested in starting the opt-out process should read her article to gain a full understanding of what doing so will entail. Suffice it to say, the data aggregators don’t make it easy.

Due to a technical error, this update was published yesterday without the body of the blog.

——————————

I previously shared Brian Krebs’ story about a major data breach at numerous hotels under the InterContinental Hotels Group (IHG). Mr. Krebs reported that on Friday, February 3rd, IHG confirmed that the breach had happened at 12 hotels around the United States. As he reported, IHG said the data that was stolen is from credit cards used at the restaurants and bars at these hotels but not from credit cards used at the front desks of the hotels.

Mr. Krebs has included a list of the 12 hotels in his article which I urge everyone to read since the IHG parent company includes Holiday Inns among many other brands (https://krebsonsecurity.com/2017/02/intercontinental-confirms-breach-at-12-hotels).

Anyone who has stayed at one of the listed hotels needs to be extra diligent in checking credit card statements for any suspicious activities.

Due to a technical error, this update was published yesterday without the body of the blog.

——————————

I previously shared Brian Krebs’ story about a major data breach at numerous hotels under the InterContinental Hotels Group (IHG). Mr. Krebs reported that on Friday, February 3rd, IHG confirmed that the breach had happened at 12 hotels around the United States. As he reported, IHG said the data that was stolen is from credit cards used at the restaurants and bars at these hotels but not from credit cards used at the front desks of the hotels.

Mr. Krebs has included a list of the 12 hotels in his article which I urge everyone to read since the IHG parent company includes Holiday Inns among many other brands (https://krebsonsecurity.com/2017/02/intercontinental-confirms-breach-at-12-hotels).

Anyone who has stayed at one of the listed hotels needs to be extra diligent in checking credit card statements for any suspicious activities.

 

 

The University of Texas at Austin created the Center for Identity (CID) several years ago. It’s a very creative enterprise that pulls together faculty, staff, ideas and projects that cut across departments as well as drawing in people outside the university. Full disclosure: I’ve attended and spoken at a few of the CID’s Global Privacy Summits and found them to be among the most innovative conferences.

CID has recently pulled together several resources that I want to share with you. They’ve developed the CID ID Protection toolkit that is well written with concrete, practical tips. The toolkit can be found at: https://identity.utexas.edu/toolkits/id-protection-toolkit.  It’s worth taking a look at CID’s other tips and projects as they are doing research on “real world” privacy issues. That general site is: https://identity.utexas.edu.

 

Netflix users need to read David Bisson’s article about the credit card phishing scheme that’s been unearthed. His excellent article can be found on Graham Cluley’s website. That link is: https://www.grahamcluley.com/netflix-users-targeted-credit-card-phishing-scheme/.

This is a “must read ASAP” for Netflix users so that their financial information isn’t captured and used by the scammers behind this latest phishing scheme.

 

I’ve written before about ransomware which is an especially vicious attack by thieves and scammers. They capture a consumer’s computer, infect it and then demand payment before the consumer can regain use and/or control of it. There are differing views on what a consumer should or shouldn’t do if she finds herself in this terrible situation.

Graham Cluley has posted an excellent article by David Bisson on what a consumer should and should not do when confronting a ransomware situation. I strongly encourage everyone to read Mr. Bisson’s article since he provides a well thought out approach which is helpful to know about before trying to undo this type of terrible dilemma. The article can be found on Mr. Cluley’s website at: https://www.grahamcluley.com/how-to-respond-to-a-ransomware-infection/.

I hope no one ever needs this information but better to be educated about it then trying to figure it out when hit with a ransomware infection.

Bah humbug! 2016 is ending with more bad news about data breaches — this one involving a major hotel chain. Brian Krebs just reported about a possible credit and debit card breach at one of the brands operated by the Inter-Continental Hotels Group. He was alerted by security experts about a pattern of fraudulent credit and debit card transactions particularly with cards used by consumers at Holiday Inn and Holiday Inn Express at U.S. locations (https://krebsonsecurity.com/2016/12/holiday-inn-parent-ihg-probes-breach-claims/).

This is very worrisome as Mr. Krebs reports since the Inter-Continental Hotels Group is the parent corporation for over 5,000 hotels in the United States and around the world. Some of their other brands include Kimpton Hotels, Crowne Plaza and the Inter-Continental Hotels.

Mr. Krebs notes that consumers whose credit and debit cards are fraudulently used are not responsible for those charges but consumers must report such unauthorized transactions ASAP to their respective credit and debit card companies.

So anyone who’s stayed at a Holiday Inn or Holiday Inn Express — or any other the other Inter-Continental Hotels Group brands — must be vigilant about checking bank and credit card statements.

I’ll end 2016 on a possibly foolishly optimistic note — here’s hoping 2017 brings better protections for consumers and fewer privacy and data breaches.