Following the horrific events last week in Connecticut, a number of scammers have gone into high gear in their attempts to fleece a saddened and generous public.

The good folks over at the site Notb4Coffee have laid out a pretty good description of the activities of these scammers, and you might want to take a look at the laundry list of techniques.

Of course, the popularity of social networking has prompted malicious folks to set up faux pages in memory of many of the kids shot, in hopes of collecting “memorial donations” for their families and community.

Legit business can take a lesson from these scammers. The action of “liking” a page has benefits these folks are attempting to cash in on. Take this explanation from Technorati’s Shea Wong:

“Every time you like and share one of these images, the algorithm in the social media platform you are using assigns that image a level of importance – the more people who like and share, the higher importance that image has. That explains why sometimes you see the same image three or four times on your news feed. When people ‘like’ the page that created the meme (usually a name like “All The Newtown Babies Are Now Angels”), that page also rises through the algorithm rankings. The creator of the page then sells the page wholesale to the highest bidder in online marketer forums. The name of the page is changed (usually to a cheap product page) and your facebook feed gets flooded with sales spam.”

The post Online scams proliferate after Sandy Hook massacre appeared first on Finance Tech News.

And don’t think your bank will be responsible for covering the loss. Plenty of court decisions in recent years have found that it was the customer that broke security rules by ignoring warnings and guidelines about accessing accounts online.

It’s not very comforting to imagine that your accounts are being accessed and managed by staffers with the common sense of the Three Stooges, but you’d be wise to think of them that way when designing your risk management strategies for accessing accounts.

Consider this scenario: One of your finance staffers receives an email from your company’s bank, asking you to update account info. The request looks completely legit and stresses it’s urgent. Your staffer clicks the link …

… and you’ve just been phished!

Just last week Chase Bank and Bank of America had phony emails sent out supposedly in their names in attempts to capture sensitive account and personal info. So warned FraudWatch International. Unfortunately there are alerts like this almost every week. (Even PayPal was used to coax info out of folks recently.)

So how can you protect your company’s as well as customers’ and employees’ sensitive data?

Forewarned is forearmed. Check out the key features of today’s phishing attacks so you can tell your staff what to be on the lookout for.

An eye-opening example

There are two main types of phishing scams – often used in combination:

1. A phishing email where you are asked to click on a link, and
2. A phishing website where you fill in an online form on a phony page and submit your info.

Consider taking the recent Chase attack as an example to show staffers just how convincing these messages can be.

• The email address the scam was sent from: Chase Bank <onlineservice@chase.com>
• Subject line: Important Notice
• There were even ads for Chase cards on the side of the info – just like you’d expect to see on a communication like this.
• Recipients were told in a message bearing Chase’s official logo that the bank recently experienced a service interruption and would need users to verify info. Then people were encouraged to click a link that took them to another very official looking web page asking for everything from user ID and password to social security numbers and credit card info.

It’s easy to be duped. Crooks are now copying fonts and layouts from legit communications exactly. Some sophisticated scams even link to actual pages on banks’ websites to further increase credibility.

But you certainly don’t want any of your finance staffers to fall prey to phishing. A few tips to emphasize:

1. Never click on a hyperlink within an email. This is almost always a scam.
2. Watch for the “https” on the website. Don’t see it? That site’s not secure. (Of course seeing it isn’t a lock that you’re safe, but it helps.)
3. Stay updated on the latest scams. You can sign up for email alerts to get a heads up on the latest phishing scams so you don’t get blindsided. (FraudWatch International offers one; click here to sign up.)
4. Remind everyone: Banks don’t ask customers to update information this way. If your staffers get a request like this – no matter how authentic it appears – have them call their bank to verify it.

The post 4 online behaviors finance staffers must be warned about appeared first on Finance Tech News.

Is your organization’s IT team making sure employees are aware of the common types of social network scams? If not, they should be warning users about:

Ur cute. Msg me – Scammers have been using sexual solicitation for years. Often, these messages include scandalous pictures.

Secret details about Michael Jackson’s death – Everyone likes gossip and celebrity details, but these links lead to malicious sites or will install malware on the user’s computer.

I’m trapped in Paris! Please send money – Known as the 419 scam, hackers tap into Facebook accounts and message friends asking them for money.

OMG! Did you see this picture of you? – Facebook and Twitter are notoriously known for scammers posting this on peoples’ walls. Messages that ask intriguing questions often lead to a fake log-in screen, which steals usernames and passwords.

Tweet for cash! – Avoid any variation of this message that offers ways to make money.

Protect your family from swine flu – To trap unsuspecting users, spammers will use concerning worldwide topics to reel people in.

Mike Smith commented on your wall post! Reading posts and comments from friends is one of the major Facebook features. However, users should be warned not to click on this application with names like “Your Photos” or “Post.” These notifications link users to a site called fucabook.com, send them to a pseudo Facebook page, and ask them  to log on. When they do, the site steals their log-in information, and then spams their friends.

Test your IQ – Facebook users take quirky quizzes all the time, so it’s no wonder that many are duped by these IQ tests. One recent IQ test caused users to unwittingly subscribe to a text message service that cost $30.00/month.

Join State University’s Class of 2013 Facebook group – Oftentimes these groups are not started by colleges, themselves. Beware.

Pass this information along to members of your company, or anyone you know so they can avoid spam, viruses and malware.

For more information on social media scams, click here.

The post Common social networking scams appeared first on Finance Tech News.

A recent CIO.com story highlights some new e-mail scams out there today, which have taken steps beyond the usual Nigerian prince and pharmaceutical-selling scams.

One new tactic involves the scammers buying an item that victim as put for sale online. The scammer mails a check for more than the cost of the item, and asks the seller to wire the difference to correct the “mistake.” Then the seller’s bank sees that the check is a counterfeit and can’t deposit the money in the seller’s account.

Other scams lately have played off of current events, including one e-mail offering folks compensation because of the BP oil spill (of course, recipients were told they needed to send personal information to get the money).

You and your users can keep up on the latest scams by visiting the FTC’s OnGuard Online site. The government also asks that people forward all fraudulent e-mails to spam@uce.gov, so officials can keep up-to-date on new fraud tactics.

The post Would you fall for crafty new e-mail scams? appeared first on Finance Tech News.

The calls came into Skaggs Hospital in Branson, MO, offering them a “deal” on a new supply of toner. However, the price offered was actually three or four times what the supplies would normally cost.

Hospital officials said the scammers normally call employees with no experience making toner purchases. Often the caller will say he’s previously called the CFO, who said it’s OK for the employee to authorize the purchase.

Also, the callers try to justify the cost by claiming their cartridges have higher capacities and print more pages, when in reality, there’s nothing special about them.

To combat these so-called “toner pirates,” Skaggs’ purchasing coordinator Jeanette Ashord regularly sends employees e-mails reminding them not to authorize purchases from unknown sellers.

The post Companies targeted by office supply scam appeared first on Finance Tech News.

Although e-commerce is the fastest-growing segment of the North American economy, it’s also become one of the biggest feeding grounds for fraudsters.

CyberSource, an e-commerce payment management company that represents online Canadian and U.S. merchants, estimates that last year’s losses, when tallied up, will exceed $3.6 billion.

Although the percentage of online revenues lost to payment fraud has been declining over the last four years, to 1.4 %, CyberSource reports that total losses have been steadily increasing with the highest-risk category still international sales.

The folks at CyberSource also report that escalating levels of fraud involving debit cards has prompted Canada’s largest debit card network to begin embedding computer chips in its cards.

The chip cards, which began appearing last October, are already being used successfully in France, where debit card fraud has now dropped by eight per cent. It’s estimated debit card fraud in Canada runs at about $70 million a year.

Other fraud schemes to guard against: Scammers last fall began using the Better Business Bureau’s name to advise companies of alleged complaints against them. Target companies were offered an e-mail hyperlink to download a copy of the complaint. By doing so, the companies exposed themselves to computer viruses that helped channel their confidential business information to scam operators.

The post E-commerce fraud steadily increasing appeared first on Finance Tech News.

It was reported recently that folks who use Apple’s iTunes store to download music and other media are getting e-mail from fraudsters about updating account information.

The e-mail directs the iTunes store user to a phony iTunes site that looks like an Apple billing page. This is where the account holder is asked to update things like credit card and social security numbers, passwords and mother’s maiden name.

Those who’ve seen the phony site and bogus e-mails say the phishers seem to be pretty unsophisticated and the scam is fairly obvious to a sophisticated user. But younger customers could be fooled by the scam.

In the past, phishers and bot-net creators have ignored Apple software and systems in favor of others that have more users. It’s something of a testament to the growing popularity of Apple products and services that they’re now turning their sights on Macs and Mac-centric software.

Thanks a lot.

The post Phishers target iTunes appeared first on Finance Tech News.