Posts

Scammer calls citizen who just collected their stimulus check

How to Stay Protected Against Stimulus Check Scams

Stimulus Check Scams

President Donald Trump signed a Coronavirus Aid plan that would guarantee millions of Americans stimulus checks from the government.

Although many may see this as a positive, there are scammers looking to profit off this plan. Remember there is no sign-up required to receive the stimulus check. The process is automatic for all qualifying Americans.

How Will I Be Contacted?

The IRS always contacts taxpayers through traditional mail. Therefore, if you receive a phone call, email or text message from an “IRS official” stating you need to apply or register, it’s likely a scam.

The treasury department makes it clear on their website: “If you receive calls, emails, or other communications claiming to be from the Treasury Department and offering COVID-19 related grants or stimulus payments in exchange for personal financial information, or an advance fee, or charge of any kind, including the purchase of gift cards, please do not respond.”

How Much Will I Receive?

Americans will receive up to $1200 per person in the coming weeks and parents will receive an additional $500 for each child under 17 years of age.

Furthermore, the IRS clarifies that the agency will post any additional information when it’s available at www.irs.gov/coronavirus.

How Will I Get The Stimulus Check?

Those who file their tax returns electronically and provide the IRS with their bank information will likely get their payments earlier via direct deposit. Some 88% of individual returns were filed electronically in 2018.

Individuals who file their tax returns electronically get their payments earlier through direct deposit.

What if I Don’t Have Direct Deposit?

Those who did not provide the IRS direct deposit information on their 2019 or 2018 tax return will get that opportunity in a new government online portal. This way, citizens won’t have to wait for the check in the mail.

Paper checks are expected to take longer to arrive.

However, details about this online portal have not been released. Until the IRS releases an official web address and further guidance, don’t give out your personal banking information online.

What Types of Scams?

Scammers are taking full advantage of Americans’ financial vulnerability right now.

Details regarding the portal have not been made public, however. So, until the IRS releases more information on the website provided above, don’t give out any personal information.

Scammers target financially vulnerable people the most. The greater the desperation the easier it is to extort and manipulate them.

There have also been reports of fake checks going around. However, if one is informed they have a better chance of not falling victim to these scams.

How Do I Know I’m Being Scammed?

Any and all checks delivered by mail now are scams or fraudulent. It will take the government at least a few weeks to mail out considering the bill was only passed Friday, March 27.

Additionally, any check you receive in the mail that requires online verification or contacting a given number is also fake. Be skeptical of checks for odd amounts of money, specifically checks with a cent amount.

The government stimulus will be for an even amount of money regardless of the amount received.

What Kinds of Scams should I Expect?

Any emails with suspicious links, text messages or even voice messages you receive regarding payment is probably a social engineering scam. If you receive an email that fits the description above, don’t open anything. Simply file a complaint with the FBI or Federal Trade Commission.

This applies to businesses as well. If you are working remotely and find yourself reading an email regarding the stimulus check, contact your IT department immediately. It is always better to be safe than sorry.    

According to CNBC report, coronavirus phishing scams are rising.

The Federal Trade Commission and Federal Deposit Insurance Corp. issued warnings for Americans to be keep aware of cybercriminals who attempt to steal form users with COVID-19 related content.

Scammers work best when they hide behind legitimacy. Therefore, they use headlines, current events, trends and personal information to trick victims into giving up valued information.

Stoking fear and uncertainty is a tried and true method of manipulating a victim. Capitalizing on ignorance is the best method.

Those who don’t keep up with the news or are unclear about the specifics of the stimulus plan passed by President Trump’s administration are likelier to make a mistake than those who aren’t.

What Do These Attacks Look Like?

Scammers launch phishing attacks, through email and text to take advantage of those who have received checks. Often, these messages appear authentic, usually with a call-to-action such as “download our guide to using check” or “Get your money now, click here.”

If you are currently working remotely, contact your fellow employees, team members or IT department to verify any and all emails received. Have a strong cyber security plan in place.  There is strength in numbers and communicating doubts is the best way to deal with uncertainty.

Make sure you have a VoIP system in place to coordinate and communicate with your team, employers, or IT department at all times. This could be Skype, Zoom or any other online communication system.

Hackers are using this time of social distancing and isolation to their advantage, hoping that victims won’t verify the phishing emails they send out.

Having a reliable network of trusted experts or peers is good way to protect yourself from falling into one of these scams.

Top Security Tips for Safe Emailing

Not a day goes by without another phishing scam hitting the news. For many of us, these are just headlines. For the organizations and individuals affected however, a phishing attack can be disastrous. Phishing emails are increasing in frequency, sophistication and severity. How can you best stay protected?

Email threats

Criminals have realized that in order to steal money or information, you don’t need to rob a bank. A simple email will do the job just fine. Phishing emails have been used to steal huge amounts of money ($12 billion according to the FBI) and are responsible for countless data breaches, credential theft, ransomware attacks and other types of malware deployment.

What’s more, thanks to criminal activity on the Dark Web, it’s not only credit card details that are for sale – now full phishing kits are available, starting at around $25.

Most email threats fall into the following categories:

  • Simple scams
  • Phishing emails
  • Fraudulent emails

Simple scams: these range from the classic “you’ve won a competition” to “we’ve been recording you on your web cam” or “your account’s been compromised”. Generally, these are pretty harmless and easy to spot. They rely on emotions such as fear to trick a user into taking action.

Phishing emails: these are emails that purport to be from legitimate senders, yet are cleverly disguised fakes. They range from sophisticated Business Email Compromise (“BEC”) emails – where a fraudster targets someone specific in an organization pretending to be the CEO, for example – to more general emails pretending to be from Microsoft, Netflix, or any other well known organization.

These emails either get you to click a link or download a file – deploying malware onto your system – or direct a user to a fake website where they enter sensitive information.

Fraudulent emails: a subset of phishing emails, these emails target companies pretending to be from suppliers whose banking details have changed. Money is paid into the new account, and the fraudster rides off into the sunset.

Next, we’ll look at what exactly to look out for so that you don’t fall for any of these.

What to look out for

Here are the most important things to look for when checking if an email is legit:

Sender: start by looking carefully at the sender’s address. Not just who they say they are – but the actual address that the email is coming from. Check for any additional or missing letters (“@microsofts.com”), or even non-English characters that can be used to spoof well-known addresses. A common trick is the use of subdomains – don’t be confused by amazon.xyz.com.

Content: look out for anything that’s made to look urgent. Is the message addressed to you, or is it generic, like “Dear Sir” Mouse-over the links. Do they lead to the real company’s website? Asses what action the email is asking for: anything that requires you to “confirm your account” or “update your payment details” should be met with suspicion.

Be wary of any email that mentions voicemails that are waiting for you, or subscription details that need to be updated.

Advanced – header information: most popular email clients – including Gmail and Microsoft Outlook – let you see the original header information (in Outlook: File / Properties / Internet Headers). For more advanced users, going through these headers can give immediate clues as to whether an email is legitimate.

An important note: when it comes to emails, almost anything can be faked. When it comes to email phishing protection, a specific anti-phishing product is the best way to identify and stop phishing attacks. It’s also really important to stay aware, use a healthy dose of skepticism, and where possible confirm details with a phone call.

Staying Email Safe

By protecting your email, you’re taking a massive step in terms of keeping your entire organization protected against cyber threats.

A winning combination combines awareness, training, and tech-based solutions working together to keep you safe.

If you want to find out more about keeping your organization protected against cyber threats, don’t hesitate to get in touch.

A hacker trying to hack Nerds Support's website

Five Common Social Engineering Tactics

There is no denying that the internet has become an amazing extension of our world. However, with such new advances that have taken place recently, people can now do more good, or bad, than ever before. Unfortunately, there are people who have chosen to do harm and they are quickly learning how to take over companies through using the internet. These Social Hackers are different from your average hacker. While average hackers tend to take over company information through malware, these hackers are intent on using their charm and investigation skills in order to get company information from employees. These techniques are all part of a bigger company attack that is known as social engineering.

Social engineering is the practice of using company information on the internet and using it to manipulate employees to provide more company information that can be used to fraudulent purposes. In this blog, our Business Technology Solutions team will talk about the five most common practices that social engineers use.

Phishing

The idea here is to obtain information by trying to seem legitimate and creating fake sites that are clones of legitimate sites to retrieve passwords and other personal information. The social hackers use these methods for emails and social media as well. Some social engineers have multiple Facebook and LinkedIn accounts, all of which claim different identities. With these multiple identities, social engineers look through company and employee profiles in order to learn more information about you. They take the information that they know about you and use it to manipulate you into trusting them.

Pretexting

This system works by creating a sense of trust between the victim and the attacker in order to gain access to valuable company information. Social engineering attacks usually start over the phone, after the social engineer usually has found your social media and learned more about you. The social engineer begins to interact with the people on the front lines (such as the receptionist or the sales team). The social engineer uses the information they found online to their advantage. As they talk to the employee, they gain the employee’s trust so they can later use it to get to company information.

Baiting

Baiting is a technique that tricks people into giving company information. The most common way that a social engineer can do this is by creating an email that mirrors a typical company email and asking for something valuable, such as credit card information or a wire transfer. They can also pose as someone from a different company and use regular email phishing techniques to give your computer a virus. With this method, they can access your company information faster.

Quid Pro Quo

This social engineering technique is all about creating a sense that both you and the person contracting you will benefit from your interaction. This social engineering attack allows the hacker to hide under the guise of a company that they could have very easily made up. The social hacker could use their disguise either to ask you for company information directly, or to go inside the building.

Tailgating

Tailgating is the practice of following someone into a protected facility. The social hackers do this so that they may enter a protected facility without needing to show any form of identification. Someone can have more chances of tailgating if they start a conversation with a company employee while they are entering the building. The best way to avoid tailgating altogether is to make sure that company security verifies the identity of everyone who walks into the company facility, with no exceptions.

Protect Your Company With Business IT Support in Miami

The best way to protect your company from social engineers is to educate your employees about keeping company information safe. However, the best way to keep your company safe is to hire a knowledgeable & experienced IT Support team, like Nerds Support. Our IT Support Miami team has made strides in helping companies across South Florida stay secure. If you need any help making your company  safer, feel free to fill out the form here or call us at 305-551-2009.

A man looking closely at his emails to avoid phishing scams

Miami Phishing Emails and How Not to Get Ripped Off

There are many phishing email schemes in Miami that seem too good to be true. You might get an email or pop up as an advertisement, promising money or other luxuries. Then, as they expect, you go opening these without even thinking. Sooner than later, you might find that something horrible has happened to you, as a result of a scam.

You may have your identity stolen or money taken out of your bank account. But you also will experience an invasion of a malware that infects your computers. The truth is, you can never be too careful by having the proper programs installed.

Having your computer activity tracked is not unusual. It’s most likely to happen when you are using the internet. As a result, you could find more strange emails, bizarre ads or even worse.

The malware may also be starting back doors on your company. A hacker stealing company information is very common. So imagine if a hacker stole your company secrets and sold them to your competitors? What would happen in the event that they destroyed your backups?

One terrible instance of Phishing is when you click a link in an e-mail and your whole laptop goes black. Next, you get a message demanding a stressful fee before your files get deleted forever. This is a Ransomware attack and in 2017, attacks like these exploded into a full scale business model.

How to Avoid Miami Email Phishing Scams?

Nerds Support’s Email Protection team knows how important protecting your business can be. So it is important to know the common signs of phishing emails. Here are a few signs of phishing emails:

  • You do not recognize the sender’s email address
  • There are grammar and spelling mistakes
  • The email claims to be from a corporation
  • The email says you won a prize
  • You are required to give personal information
  • You are being asked to send money
  • There is a time frame in which you have to send your information

Using these tips will keep your company information safe, regardless of the email program you use. However, the best way to keep your information safe is by having a strong data protection plan. Nerds Support’s data protection plans are some of the best in South Florida. Our IT Support Miami specialists are always prepared to keep your business secure.

Clients who use our cloud are some of the most secure companies in South Florida. Our email servers filter through all the emails your company gets and throws away all the bad emails. That way, you only get emails that you need to make your business more efficient.

Nerds Support’s data protection team is also in compliance with the latest rules and regulations. With this, you don’t have to ever worry about company compliance. Nerds Support IT support Miami team will handle all that for you. That means, the only thing you have to do is keep your business profitable.

Looking for reliable IT security solutions in Miami? Contact Nerds Support!