Wi-ly Fi. Travelers often look for free Wi-Fi hot spots. Don't connect to a free network until you confirm it is legitimate and secure. You could be connecting to a scam network, opening up access to information you send over the internet, and possibly even to your credit card number, usernames and passwords. Don't bank or shop while connected to public or unsecured Wi-Fi. On a similar note, CNET recently warned that malicious QR codes are being used by scammers to connect with computers and smartphones. Cybersecurity experts say these QR codes have been found on parking meters, restaurant flyers and other places. If you scan the QR code to redeem an offer or access information, you might allow malicious links embedded with malware to be downloaded onto your phone, which, in turn, may allow bad actors to access your login credentials and payment card numbers you've saved at retailers' sites. The FBI offers some tips to protect yourself from malicious QR codes.
Ignore the spin. People are getting an official-looking letter from the "Records Division" at P.O. Box 2910, Kennesaw, GA 30156-9843, offering information about state "benefits" you might qualify for. It may look official, and even mention your specific state, but it's far from legit. Fine print in the mailing states: "Not affiliated with or endorsed by any government agency." This letter comes from a lead generator trying to collect and sell marketing leads for burial insurance companies. Don't fill out the form. Bury it in your recycling bin.
I owe you nothing. The wordy email carried the subject "Reminder. Pay the debt within two days." Inside, the sender warns "Here is the proof I hacked this email. Your password at the time when I got access to your email: XXXX." It was a very old username for an unimportant website access, and the recipient knew she'd only used it once. (Remember: Do not reuse usernames and passwords!) The strange grammar in the email shouted "scam," not to mention that it contained a false threat: "As a systematic adult websites visitor, you are the only one who is responsible for all the consequences of that." The emailer demanded $1,650 in Bitcoin, as "a considerably fair payment for all the hard work done by me." This email hopes to ensnare (the many) people who watch porn online, but that's just throwing spaghetti against the wall and hoping it will stick. Read the entire email here. Information from corporate data breaches--such as the infamous Equifax breach of 2017, in which millions of people's information was stolen--is traded on the "dark web," so change your login credentials frequently and use password management software to help you keep track of them.
I spy. A recent email reminded the recipient that "We have been trying to reach you in order to deliver your $750 Amazon Gift Card." The recipient recognized the hallmarks of a scam. When he "hovered" his mouse (do not click!) over the links in the email (a button titled "Accept Money" and the "unsubscribe" link) he saw a url that is often used to download malicious software, like spyware, onto the computers of people who click the links. There is only one response to such an email: Delete!
Negative exposure. There's a slew of documentaries about the terrible things that happen to people who are not careful online. (We're not blaming victims, but pushing for awareness that might help people stop themselves from doing regrettable things.) The Netflix series Web of Make Believe: Death, Lies and the Internet tells some awful stories, but the ones concerning young women caught up in a local sextortion scam was super ugly. They thought they'd found romance and did some silly things involving photos for the sake of love, and then were terrorized for it. The perp (quite the nasty little hacker!) was found, prosecuted and incarcerated. We won't spoil the story, but even if you don't watch, spread the word among young people you know not to "overshare" with people they meet online. And teen girls are just one target. The Federal Trade Commission is warning LGBTQ+ communities that evildoers are lurking on dating apps in the guise of potential romantic partners and urging the people they attract to share "explicit photos." Send photos and the blackmail begins, with threats of publicly posting your private chats and photos unless you send money (natch, using gift cards, wires or P2P payment apps). The FTC says (duh!) don't share sexy photos and other personal information with someone you just met on a dating app. And, it warns, "Don't pay scammers to destroy photos or conversations. There's no guarantee they'll do it." If you're a victim, file a complaint with the FBI Internet Crime Complaint Center (IC3).