Combating fraud is easy when you are fully aware of the types of scams out there and how to avoid them. To make sure you’re the first to know about new scams—or old ones with a new twist—be sure to sign up for Visa Fraud News Alerts. Visa will keep you up-to-date and at the cutting edge, ensuring the latest information and fraud-fighting techniques are always at your fingertips. Here are a few of the latest headlines:
Canadian Seniors Reeled In With A Phishing (Phone) Line
More and more Canadians are encountering various phishing scams where fraudsters attempt to trick them into revealing personal information such as their bank account numbers, passwords, payment card numbers or even their social insurance numbers. Like its sibling “phishing”, vishing is a new trend that uses phone calls to get such information. In fact, the word “vishing” is a combination of “voice” and “phishing.”
How It Works
Vishers use a recorded message system, an email, or sometimes a live person to tell you there’s been attempted fraud on your card. They instruct you to verify you are the owner of the card by providing your credit card number, expiration date, personal identification numbers (PINs) and more. These calls sound legitimate, but beware: fraudsters can easily trick your callerID to display a number that appears to be from a credible company.
A recent survey commissioned by Visa Canada reveals residents in Atlantic provinces receive the most home phone phishing messages and that they are the least likely to reply to messages urging them to 'act now.' However, vishing fraudsters are not targeting young digital natives as much as they are targeting a different demographic - seniors. It was also revealed 38 per cent of seniors are targets of receive vishing calls.
Indeed, recent media coverage mirrors this latter statistic as there has been a series of instances where seniors have been asked for their credit card information over the phone, with at least one senior reportedly defrauded of $10,000. Most seniors have reported aggressive callers claiming to be Visa representatives offering reduced credit card interest rates.
Seniors also seem reluctant to report when they have been victims of fraud. In an Ipsos Reid survey of 1,003 Canadians over the age of 50 who were vishing victims, it was found 20% of seniors did not share their vishing encounter with members of their family.
Catch A Phish
Authorities and Visa remind Canadians to not to give out any personal information over the phone. Banks already possess that information, which was obtained at the time the account was opened.
“In addition to knowing how to avoid a vishing scam, reporting a scam is equally as important because it means you are helping other consumers from becoming victims” says Gord Jamieson, Head of Risk Services and North America Acquirer Risk Services, Visa Canada. "We need to arm Canadians seniors with the knowledge and tools they need to recognize and report vishing," Jamieson says.
Tips To Avoid Being A Vishing Victim
Educating seniors about safe financial practices is an important part of fraud prevention. Here are some other simple tips to help Canadian seniors protect themselves and their personal finances:
- Always be cautious when asked for personal information over the phone if you haven’t initiated the call. Fraudsters often create a sense of urgency and their tone can be aggressive. If you are unsure about the legitimacy of the caller’s claim, call the number on your payment card. If pressed, hang up.
- If you have received a call from a Visa representative you believe to be vishing, please email Visa at firstname.lastname@example.org and describe your experience. Visa is unable to respond to each message but we do investigate each claim. You can also report suspected fraud to the Canadian Anti-Fraud Centre at 1-888-495-8501.
- And most importantly - never be embarrassed to talk to family, friends or your bank if you have questions or are worried you may have been the victim of fraud.
- How to Catch a Phish: Canadians' Encounters with Phishing Scams, Visa Canada Media Centre. February 24, 2014. http://www.visa.ca/en/aboutcan/mediacentre/news/how-to-catch-a-phish.jsp#.U5B1r_ldU9Y
- Seniors at Risk for Scammers Seeking to Snare Passwords, Visa Security Sense Canada - Fraud News. http://www.visasecuritysense.com/en_CA/fraud-news.jsp.
- Don’t Make a Scammer’s Vish Come True, Visa Security Sense Canada - Fraud News. http://www.visasecuritysense.com/en_CA/fraud-news.jsp.
- Brighton man loses money in credit card scam, Brighton Independent. May 15, 2014. http://www.insidebelleville.com/opinion-story/4521196-brighton-man-loses-money-in-credit-card-scam/.
- Police warn of phone scam, Bullet News Niagara. May 9, 2014. http://www.bulletnewsniagara.ca/index.php?p=Sections&id=1227.
How to Catch a Phish: Canadians' Encounters with Phishing Scams
Visa Canada survey reveals urgent prompts to 'verify user names and passwords' most convincing; shows two thirds of Canadians would report phishing scams if they knew how.
A survey commissioned by Visa Canada shows that 84 per cent of Canadians are being inundated with phishing scams, while less than half (48 per cent) report these scams to authorities. Of those who don't report, two thirds of respondents indicate they would if they knew how. The cross country survey examined Canadians' responses to phishing, or attempts to trick consumers into revealing personal information like bank accounts, passwords, card numbers, and social insurance numbers.
Click here to learn more!
Did that really come from Visa? Don't be fooled by these phishing scams!
Criminals are always looking for new ways to trick consumers into handing over their personal or financial information. A favorite fraudster tactic is to use the name of a recognized company or organization to gain consumers' trust. This tactic is known as "phishing" and can take many forms – an email, phone call, mobile text message or even a website.
Over the years, Visa has done a lot to earn consumers' trust. Now fraudsters are taking advantage of our good work by using our name and logo to prey on consumers – and that's not something we take lightly. We investigate all potential Visa-related phishing scams and work with anti-phishing organizations and law enforcement to alert web browser vendors of confirmed phishing attacks and help shut them down.
Consumers can help, too! Below we dissect and highlight several warning signs in four examples of recent phishing scams. If you suspect you received a Visa-related phishing attempt, report it to email@example.com for inclusion in our security analysis. By participating in our anti-phishing security efforts, you can help prevent other consumers from becoming victims.
Visa Email Phishing Scam: This popular scam masquerades as an email from Visa to trick consumers into providing their payment information.
Verified by Visa Email Phishing Scam: Verified by Visa is another Visa-brand that scammers like to use to trick consumers. Below is an example of a popular email phish that has circulated in recent months.
Visa Text Message Scam: We have read reports of scammers using text messages as another avenue to trick cardholders. When called, the phone number provided in the text prompts the consumer to walk through a series of steps to verify themselves or re-activate the card by entering their account information, PIN, expiration date and/or 3 digit CVV code.
Remember, phishing text messages may contain a link instead of a phone number – so be careful before clicking on any links if the text message is at all suspicious. Consumers can forward suspicious text messages to the short code 7726 (the numbers spell the word "SPAM").Text messages may also contain dangerous hyperlinks that can open in a mobile phone, so think twice before clicking!
Fake Verified by Visa Validation Prompt: This new scam targets consumers whose computers were previously hacked and have malicious code (malware) installed. When the consumer begins the checkout process for an online purchase, the malware is activated and presents a fake Verified by Visa prompt to phish the consumer's information. This attack is not common, but we want to raise consumer awareness. Consumers should be suspicious of Verified by Visa forms that ask for more information than usual. The following is an example of a suspicious Verified by Visa validation prompt during the checkout process.
Consumers should keep their antivirus software current and run checks regularly to minimize the risk of this type of scam. And, if you suspect your credit card data may have been compromised, contact the number on the back of your card.
Visa Canada finds younger Canadians taking risks with their financial information
A new survey released on Tuesday, February 26, 2013 by Visa Canada to mark the start of Fraud Prevention Month has uncovered a concerning trend among young people. A significant number of young Canadians who regularly post personal information on social network sites are putting themselves at unnecessary risk by mirroring similar oversharing behaviour offline with their payment card information.
Survey results found that almost half (45 per cent) of 18-34 year olds reported taking risks with their payment card information, such as loaning their card to someone or sharing their payment card information over email, phone or text. Individuals in this age group also reported the highest level of online sharing activities, including keeping an open profile on a social network site, posting to a social media site at least once a day, publically sharing photos, and posting their employment history online.
Among those aged 35 and older, a significantly lower number of respondents (32 per cent) reported taking risks with their payment card information. This group also reported less sharing of personal information online.
Survey results show that oversharing financial information can indeed leave individuals vulnerable to fraud. Among respondents who reported engaging in risky behavior, 43 per cent had experienced some form of payment card fraud. Conversely, among those who had not engaged in risky behaviour, only 19 per cent had been victims.
The survey also showed that few Canadians are taking simple steps to stay ahead of fraudsters. Just 10 per cent check their credit report on an annual basis, only 17 per cent have set up alerts to monitor card activity, and most surprisingly, less than half (41 per cent) report checking their payment card statement more than once a month.
To counter the culture of oversharing and help cardholders understand their role in preventing fraud, Visa Canada created an interactive ‘choose your own adventure’ video, designed to entertain and educate cardholders about the choices they make with their payment cards.
The video, “The Concert”, challenges participants to think about the choices they make around everyday behaviours with their payment card, and potential consequences. Available online at www.theconcertbyvisa.ca and on Visa Canada’s Facebook page, the video reminds cardholders that they, too, have a role to play in protecting their payment cards. To follow the conversation on Twitter use the hashtag #GuardYourCard.
About the Survey
Fabrizio Ward on behalf of Visa Canada conducted an online survey of major debit and credit cardholders. Interviews were stratified proportionately by geographic units to represent the national population of online cardholders. A total of 1,000 interviews were conducted from December 26, 2012 – January 2, 2013. The margin of error for this sample is plus or minus 3.1% at the 95% confidence interval.
Secure Holiday Shopping Tips
Canadian shoppers are certainly getting more comfortable shopping online. A recent survey conducted by Ipsos Reid for Visa Canada indicated that 10% more online shoppers planned to take advantage of Black Friday/Cyber Monday deals this year over last year. While Black Friday and Cyber Monday are now behind us, Visa data suggests that the busiest online shopping period is still to come. According to Visa, over the last 10 years, December 22, 23 and 24th have been the busiest online shopping days of the holiday season.
Whether you’re planning ahead or waiting until the last minute, take precautions when making online purchases to help ensure a secure shopping experience. Shop safe with these tips from Visa:
- Make sure your inoculations are up to date. Before you start shopping online, make sure your computer’s anti-virus software is updated. Take the extra time to keep cybercriminals from invading your computer or stealing sensitive personal information.
- Don’t forget to check your URL. Double-check the website’s URL before you enter any of your payment details. Be certain that the URL begins with “https://”. The “s” at the end of the “http” confirms that the site has a secure connection.
- Know who you’re dealing with. Shop at online stores you know and trust. Be cautious when visiting unfamiliar sites offering deals that are too-good-to-be-true.
- Look before you leap. Beware of phishing scams in all forms including email and unsolicited phone calls. You can learn some of the warning signs of a phishing scam.
- Check out what’s covered. When it comes to shopping online, there are choices for how you want to pay. When you are paying with prepaid, debit or credit cards, your card may include fraud protection. Check out what your cards offer by contacting your card issuer.
How We Help Protect Consumers in the Event of Third-Party Data Breach
When Visa becomes aware of a data breach at a third-party that handles payment card information, our first priority is to protect cardholders. We work closely with the breached entity and issuing banks in order to heighten monitoring of potentially compromised accounts and minimize fraud losses.
Knowing that your payment data may have been stolen is unsettling, but the good news is that in most cases stolen payment data is never actually used to make fraudulent charges. However, in the rare event that fraud does occur, we protect Visa cardholders through our Zero Liability policy, which ensures that you won’t be held responsible for that charge.
We have numerous layers of protections in place to help keep our cardholders safe, but cardholders can play an important role in their security, too, by regularly monitoring their accounts for unusual activity and reporting suspicious charges to their issuers.
For more information on what to do in the event you believe your payment data has been compromised, click here.
Stop fraudsters before they strike
March is Fraud Prevention Month and to help raise awareness, Visa commissioned a cross-Canada survey to find out what Canadians think about fraud. The results are in and reveal that Canadians of all ages have bad habits that put them at risk for financial fraud.
The survey found that young Canadians (aged 18-30) were the most likely to overshare personal information, with 32 per cent admitting to including their email address, home address, birthday, or phone number, on social networking sites – information that could potentially be used for identity theft and other scams. Young adults are also most likely to share their PIN (Personal Identification Number) and lend their credit or debit card to others.
Seniors (aged 66 and older) were the group most likely to keep their experiences with fraud secret from friends and family. Out of all Canadians surveyed, seniors were also the most likely to have sent their personal credit card information via email.
To better protect yourself from fraudsters, Visa recommends the following 10 tips for safeguarding your personal information:
- 1. Always treat your cards as if they were cash, and don't leave them in places where they are easily accessible to anyone.
- 2. Always report lost or stolen cards immediately to your bank
- 3. Always create a PIN that is hard to guess (e.g. not a birthday or phone number)
- 4. Always be cautious when asked for personal information over the phone when you didn’t initiate the call
- 5. Never share your PIN – not even with family, friends or caregivers
- 6. Never keep a written copy of your PIN in your wallet or purse
- 7. Never lend your credit or debit card to anyone, ever
- 8. Be mindful of how much personal information you are sharing on social media sites – anything from your phone number, home address and birthday can be collected without your permission and use fraudulently
- 9. Never agree to a “free trial” or “sample” without reading the terms and conditions. You may be agreeing to future monthly charges – which aren’t free
- 10. Never be embarrassed to talk to family, friends or your bank if you have questions or are worried you may have been victimized
For additional survey statistics, click here.
Keep Your Holidays Happy: Tips for smart, secure online shopping
As the weather turns colder and the roads get busier, many shoppers are choosing to stay in and log on to get their holiday shopping all wrapped up.
But just because you’re shopping from the comfort of your couch doesn’t mean you can afford to forget the common sense rules of online safety, such as safeguarding your personal information and avoiding suspicious websites, emails and promotions.
As Scott Boding, director of order screening at CyberSource, a Visa company, points out: "During the holiday season, you can be in such a rush and let your guard down…Because there's so much more purchasing taking place, it can become easier for a fraudster to blend in and slip through the cracks."
That being said, there are several simple and preventive measures consumers can take to stay safe. So go ahead -- put your feet up and enjoy a cup of hot cocoa as you finalize your gift giving…but keep these useful tips in mind to ensure a very, merry fraud-free holiday:
- Operating system patches are the latest security updates released by vendors such as Microsoft or Apple, designed to keep your computer protected from viruses, spyware, malware and hacker attacks and other online threats. Keep your operating system up to date by accepting patches sent out by trusted vendors, or by configuring your system to automatically update itself.
- Keep your computer’s virus protection up to date. Don’t let those subscriptions lapse!
- Create strong passwords that aren’t easy to guess (hint: avoid these top 25 worst internet passwords)
- Ignore emails from senders you don’t know, especially if the sender is requesting money or your personal information (passwords, PIN numbers, account information, etc.)
- Shop at stores you trust, and before entering your payment information, make sure the website URL begins with “https://” indicating a secure connection
And remember: in the unlikely case that fraud does occur, Visa’s Zero Liability policy means you won’t be held responsible for fraudulent purchases made with your card or account information. For more information visit www.visa.ca
Don’t Lose your Jingle this Holiday Season: Stay merry by remaining aware of discounted gift card scams
Black Friday and Cyber Monday are around the corner, meaning holiday shopping season has officially begun. Many consumers are pulling out their holiday lists – making this an opportune time to remind consumers that there are some gift card offers and “discounts” that they need to be wary of.
Gift cards are a great stress alleviator – a one size fits all solution that can save the giver from the headache of trying to guess exactly what a loved one wants this season. But before rushing out to stock up on these goodies, it’s important to remain on the lookout for gift card scams that can do a lot more than dampen your holiday spirit.
The Canadian Anti-Fraud Centre is warning consumers to watch out for discounted gift card scams that tend to surface at this time of year. Here’s what the scam looks like: a shopper responds to an ad on an online classified site for a gift card being re-sold at a bargain price. When the shopper tries to redeem the card value at the store, the card either doesn’t work or has no value remaining on it.
Fraudsters are becoming increasingly sophisticated in their ability to trick consumers. The best way to avoid scams this holiday season is to purchase a gift card directly from a reputable retailer or visit www.visaperks.ca to receive exclusive merchant discounts. If you’re going to take your chances and buy a gift card from a stranger, let your common sense prevail: if it’s too good to be true, it probably is.
Card Security Tips for the Savvy Summer TravelerWith the summer vacation season in full swing, it’s important to keep a few security tips in mind when it comes to travelling with payment cards. While most payment card transactions go through without problems, savvy consumers can help protect themselves from unauthorized purchases. Card security tips consumers should keep in mind while travelling include:
- If travelling outside Canada, make sure you call to inform the bank that issued your card which countries you will be visiting, and for how long.
- Check your cards - know your expiry dates, account balance and amount of credit available to you, so you won't be caught short with a card that expires while you're away, or not have enough credit to cover your trip expenses.
- Keep a copy of your bank's name, its customer service phone numbers, and your Visa account number in a convenient place – separate from your card. Toll-free numbers may not work internationally. If you don’t have the bank’s direct number, you can call Visa’s help line collect at 1-303-967-1096 or 410-581-3836.
- Report lost or stolen cards and/or unauthorized transactions to your financial institution issuer immediately.
- Limit the number of payment cards and other personal information that you carry in your wallet or purse while travelling.
- Be aware of your surroundings when entering your Personal Identification Number (PIN) at an ABM or at the checkout.
- Don't leave your cards in your car’s glove compartment. An alarming number of payment card thefts are from car glove compartments.
- Save and check all receipts against your statement.
Cyber Thieves Can Make Social Networking Risky Business
Social networking can keep us connected to family and friends and help us stay in touch with news in real time. However, today’s cyber criminals can view social networking sites as rich and valuable sources of personal data. Using crafty schemes, they can loot your private information piece by piece and gather enough data to raid your identity and online accounts.
Reduce your exposure. A few simple steps can minimize risk on social networking sites:
- Get familiar with privacy and security settings.
Security and privacy settings can limit access to your information. Become familiar with them and update them often. Be sure to opt out of sharing your data when you add new apps.
- Don’t give away your birth date.
The day, year and location of your birth can help an identity thief unlock your financial identity. Also, beware of giving away answers top common security questions such as your mother’s maiden name, high school or hometown.
- I’m in Hawaii – make yourself at home.
It’s better to post vacation photos after you return, rather than letting potential burglars know when your home is empty. And, think twice before publishing your home address on social networking sites.
- Don’t provide password clues.
Your social network profile can give away password clues such as your pet’s name or favorite football team. Your passwords should be unique and difficult to guess. For example, you could choose a password that doesn't contain a readable word, mix upper and lower case letters, or use a number or symbol in the middle of the word. Most importantly, don’t use the same password for every site you visit.
- Don’t friend strangers.
Be wary of friending people online you don’t know in real life, even if they seem to be connected to people in your network. Just because someone is connected to a friend of yours doesn’t mean he or she is trustworthy.
- Get familiar with privacy and security settings.
Charity Scams: Reach Out, Be Smart
A recent blog post on Forbes.com highlighted, sadly, that criminals have been quick to jump on the tragedy in Japan as an open invitation to commit fraud. People around the world have received spam and phishing attempts seizing upon the desire to help.
Some fraud victims have been lured to fake YouTube, CNN, Facebook, or Twitter pages that are really just Trojan horse efforts to infect computers with malicious software. As the Japan tragedy confirms, cyber crooks will stop at nothing and they have at their disposal a number of electronic tools to perpetrate their crimes to get personal data, financial information, credit card numbers and more.
We thought it the perfect time to review a few of our tried-and-true fraud-busting tips:
- Never click on an attachment or a link in an email you don't trust. Your computer could be infected with a virus or malware meant to steal your personal information.
- Block pop-ups, they are a popular tool for fraudsters as a portal into your computer. They can even push bogus pop-ups to you via legitimate websites.
- Never provide usernames, passwords, credit card numbers, bank account details, Social Insurance numbers, or other personal information electronically unless you initiated the communication.
- Especially for immediate tragedies, be vigilant and verify the legitimacy of the charities you are considering.
- Keep your virus protection up-to-date and install a spam filter and an anti-spyware program.
- Report any suspicious emails or other communications to the Canadian Anti-Fraud Centre at www.antifraudcentre.ca.
As Japan has reminded us, it is natural to want to help victims of natural disaster. Don't let fraud or identity theft add to your grief: follow these simple steps and you can be sure that your donation goes to those who truly need it, and not into the waiting hands of a criminal.
As always, you can visit VisaSecuritySense.ca to keep up on the latest fraud alerts and tips to make sure you stay fraud free.
Epsilon E-mail Security Breach
In a security breach, online marketer Epsilon has fallen victim to a hacker who gained access to client names and e-mail addresses from numerous well-known North American companies and institutions.
Luckily card fraud is not a primary concern with this compromise, but phishing and spamming could be. A criminal who now knows that you shop at a certain retailer can direct a very convincing phishing e-mail to you. The e-mail may seem more credible because you’re familiar with the supposed sender and it could reference your full name. This type of very directed phishing scam is called “spear phishing.”
Consumers should be on the lookout for spear phishing scams. If you receive a request by e-mail asking for personal financial information, please use utmost caution and assume that it is fraudulent. You can also get some great tips for avoiding "spear phishing" e-mails in this fraud alert we put out just a few weeks ago.
While Visa was not affected by the Epsilon incident, this is another opportunity to remind you that Visa never solicits or requests personal financial data by e-mail or phone.
As always, you will find lots of valuable anti-fraud and security tips, as well as all the latest security alerts, right here on VisaSecuritySense.ca. With a bit of vigilance and a few time-tested tips, you can help protect yourself from fraud before it happens.
Fraud Targeting Small Businesses
It is encouraging when anyone posts an opening for a job, especially when that poster is one of Canada’s hardworking small businesses—the backbone of our economy and the key to a robust recovery.
It is with appropriate concern then that we have learned that these small businesses are increasingly falling victim to fraud and scams, particularly when posting new job openings.
It starts like this: Your business posts a job opening online only to be targeted by cyber criminals who send emails and resumes laced with malware, viruses and other programs of ill-intent that destroy data, slow computers or, worse, steal valuable personal information from your business. Most recently, a new type of malware has been discovered that gives hackers direct access to banking information.
In another form of fraud targeting small businesses, business owners are receiving emails with cleverly disguised, exceedingly convincing phony receipts that mask malware. The malware infests your computer, scooping up valuable sensitive financial information and sending it to the criminals. This scam has been particularly effective on sellers in online marketplaces.
Beating these new types of fraud is not complicated. Vigilance is key. A few tips are all it takes to protect your small business from fraud. First, be sure virus scan software is on and up-to-date. To further protect your business, avoid online banking on the same computer you receive email job submissions.
With a few insights and some simple steps, Canada’s small businesses can be sure they don’t fall victim to fraud. Be sure to return to VisaSecuritySense.ca to stay on top of the latest fraud alerts and the easy tips you need to stay fraud free.
Did I Really Miss Jury Duty? (Or Was I Just the Victim of Identity Theft?)
Word is spreading of a new wave of an old sort of identity fraud. This type preys upon our collective civic responsibility. In this sting, a caller claims that you have failed to report for jury duty and that there is a warrant for your arrest.
The caller will likely claim your arrest is certain, but the matter can be resolved quickly over the phone...if you can just verify some personal information—your Social Insurance number, birth date and maybe even a bank or credit card account number. Fraudsters always seem to want the same data, no?
With this information, the criminal on the other end of the line can take your identity and use it get credit cards and loans, all in your name.
Reports of "jury duty scam" first surfaced in 2006 and seem to be on the rise again. Don’t be fooled when your caller ID says the call is from a local courthouse either. Fraudsters can easily fool caller ID using "spoofing" products that let them steal the identity of any phone number they want, just as easily as they would like to steal your identity.
But, what if I really missed jury duty? How will I know? If you suspect you are the target of a jury duty scam, don’t give out any personal information. Check that the call is legitimate by calling the courthouse yourself and speaking with a clerk.
Fraudsters are clever, to be sure, but they can always be undone by caution and due diligence on the part of well-informed people like you. To make sure you stay fraud free, be sure to visit VisaSecuritySense.ca frequently to keep up with the latest scam alerts and lots of helpful tips on beating card fraud and identity theft.
Seniors at Risk for Scammers Seeking to Snare Passwords
Canadians of all ages are logging on to computers in ever-greater numbers to conduct online banking and other financial transactions. In an Ipsos Reid survey of 1,003 Canadians over the age of 50, 16 per cent of Canadian zoomers and seniors say they have been the victim of payment card fraud, identity theft or a violation of financial privacy since they turned 50 years of age. One in five of these seniors did not share this violation with members of their family.
Educating seniors about safe financial practices is an important part of fraud prevention. The best way to fight fraud is with multiple layers of security. But while new technologies and solutions to help combat fraud are continuously developed, including Chip cards and Zero Liability, informed and alert consumers are the frontline of defense against payment card fraud and data breaches. Keeping your passwords safe is the number one way to keep your finances and personal information safe.
Here are some other simple tips to help Canadian Seniors protect themselves and their personal finances:
- Make sure your password is hard to guess, avoiding birthdays or phone numbers and never share your PIN or write it down on a piece of paper – committing it to memory is the best way to protect yourself
- Use protections like anti-virus software on your computers and refrain from posting personal information that can be used by criminals to guess passwords in any public forums, like Facebook
- Always be cautious when asked for personal information over the phone when you didn’t initiate the call
- Never agree to a ‘free trial’ or ‘sample’ without reading the terms and conditions. You may be agreeing to future monthly charges – which aren’t free
And most importantly - never be embarrassed to talk to family, friends or your bank if you have questions or are worried you may have been victimized.
Sniffing Out Charity Scams
A devastating earthquake. A flash flood. A tender plea to help a child in need. Some stories are almost beyond belief and the human tragedies are equally difficult to comprehend. Others tug at your heartstrings. But, believe it or not, there are scammers out there waiting for opportunities like these to prey on your emotions to get your personal data and steal your well-intentioned donations.
Though lots of charity and emergency relief websites are legitimate, many aren’t, and you need to know how to tell the difference. Even when the website is not a scam, a well-meaning donor must decide which organizations are the most efficient with their money and which are best able to respond meaningfully to the crisis at hand.
The safest and surest way to beat these web scams is to donate only to well known international relief organizations, like the Red Cross and others. However, if you find yourself considering a web donation to an organization you don’t know well, try to find out who is behind the site and carefully gauge their qualifications to solicit money.
If you can’t find out from the site who is running it, chances are that the owner is trying to hide something and it may not be legitimate. Then again, even if you determine the site’s owner, you must ask yourself if your donation is best spent with them, or with another, more qualified organization.
Regardless, all it takes is a little caution and a little research to avoid web scam altogether. To beat web scams during times of crisis and beyond, you can check out the many tips available from the Better Business Bureau.
Did You Order a Virus?
FedEx is warning about fraudulent e-mails claiming to be FedEx tracking messages. But instead of real shipping information, this attachment carries a nasty computer virus. Be sure to review the information from FedEx to safeguard your personal information.
Don’t Make a Scammer’s Vish Come True
Like its sibling “phishing,” in which a fraudster uses bogus emails and websites to trick you to enter valuable personal data and credit card numbers, vishing is a new trend that uses phone calls to get such information. In fact, the word “vishing” is a combination of “voice” and “phishing.”
Consumer Reports recently raised red flags about vishing—and a new variation via text messaging called “smishing”—in an article on its website.
Vishers use a recorded message system, an email, or sometimes a live person telling you there’s been an attempted fraud on your card and instructing you to call a third number to enter credit card numbers, expiration dates, personal identification numbers (PINs) and more. These calls sound legitimate, but beware: fraudsters can easily trick your callerID to display a number that appears to be from Visa. Before you know it your data, and soon your money, are gone.
Don’t make a scammer’s vish come true. Learn how vishing works and what to do any time a caller asks you for personal data such as social insurance numbers, dates of birth, credit card numbers, and more. Never give personal information to someone who calls you. Visa will never ask for your personal information, though we may call you to report suspicious activity on your account. Get an incident number, and then call back the number on your credit card, not the number the caller gives you. A few simple rules are all you need to beat vishing.
If you have received a call you believe to be vishing, please email Visa describing your experience at firstname.lastname@example.org. We appreciate your input sincerely. Due to the high volume of emails, Visa is unable to respond to each message individually. We do, however, investigate each claim fully to shut down fraud at the source. You can also report suspected fraud to the Canadian Anti-Fraud centre at 1-888-495-8501.
How to Deconstruct a Social Engineering Scam
Let’s say you are a fraudster who wants to illegally access someone’s bank account or credit card, which do you think is easier: trying to guess the password, or getting the owner to tell it to you? The answer, surprisingly, is the latter. Winning someone’s confidence and getting them to freely tell their private information is a scam known as “social engineering” by those who practice it. And it works all too well.
Social engineering is a con, an elaborate lie in which the scammer pretends to be someone they are not to earn trust and get valuable personal information over the phone or via email. Of all the types of electronic fraud, social engineering is, perhaps, the most difficult to discern. Anyone can be a victim; in fact, there is a social engineering technique known as “whaling”—a play on “phishing”—that targets high-level corporate executives. Even CEOs have been victims—the bigger the better. Other scammers have been known to pretend to be bank or Visa employees to glean information from unwitting customers.
Regardless of the ruse, the safest, surest way to beat social engineering is to never, under any circumstances divulge personal information over the phone or, especially, via email. Also, understand that no employee of Visa or your financial institution would ever contact you and ask for such information.
Bottom line: protect your information as if it were worth more than gold … because it is.
Protect Yourself From Online Tricksters'
Tired of being charged for things you didn’t think you signed up for? A tactic known as a “negative option” is sneaking into more and more online transactions.
In case you didn’t know, negative options occur when you accept an online offer, often for a free trial or product, after which you will be billed for a recurring monthly charge. Some merchants may hide these offers and charges in the fine print. Without a careful eye, you may sign up for a monthly subscription when you really thought you were getting only a free trial or a free product.
Visa, along with the Canadian Anti-Fraud Centre, has created some simple tips to help you spot deceptive free trial offers and how to deal with unauthorized charges.
In addition to helping you arm yourself against this practice, Visa is trying to help combat the problem on our end. We carefully monitor our payment network to identify excessive levels of reported cardholder disputes, which may signal the use of deceptive marketing practices. When we spot a problem, we require that a merchant’s bank work with the merchant to correct the problem and reduce excessive consumer disputes, or risk termination of Visa acceptance privileges.
How Not to Get Speared by Phishing
These days, more and more people communicates with their banks, credit card companies, and other financial institutions via email. This makes the potential for electronic scamming—also known as phishing—more likely. Most phishing is random. Scammers send out emails from a given bank or financial institution to a large group assuming that at least a few of the recipients will be customers of that particular bank and will respond.
As the public’s knowledge of phishing has become more sophisticated, so have phishers’ techniques. They are targeting emails and getting more clever, aiming for smaller groups or, even better, at single users. It is their precision that makes these emails so deceptive, and so successful. With a new technique, known as “spear phishing,” the scammers try to determine which bank or credit card company you use before sending their bogus emails. This targeting—or “spearing”—increases the apparent legitimacy of the request, and makes the phishing a little harder to spot by the consumer.
You can beat spear phishing, however. The first rule of electronic communication is that no legitimate bank or financial institution would ever ask you to “verify” your personal information via email. If you receive a communication from your bank or financial institution that you are unsure about, you can always call the phone number on the back of your card for more information.
If you receive an email you believe to be phishing, please let Visa know by forwarding it to email@example.com. We appreciate your input sincerely. Due to the high volume of emails we receive, Visa cannot respond to each message individually. We do, however, fully investigate each claim to stop fraud at the source.