Whoooo Are You? I Really Want to Know . . .

Identity thieves really want to know you – not so they can make friends, but so they can steal your money and other assets. They use “social engineering” to play on your normal courtesy and/or fears. Here are some of their tactics:

  •  One of our clients recently received a voice mail message saying they needed to call back immediately because the IRS was suing them.
    • The IRS will not call you with this kind of message, nor will they email you. They provide notices by snail mail – and if you receive one, you should contact Mize Houser’s technical tax services department as soon as possible so that we can assist you in handling the issue. For more information from the IRS about tax scams, click here.
  • A cybercriminal sent out an email supposedly from the IT department, telling employees their email service was being upgraded and asking them to log in through a link. As they did so, the cybercriminal collected their usernames and passwords.
    • Even if a message looks like it comes from a trusted source, if you’re not sure, don’t click on either attachments or links. Be on the lookout for grammatical errors, awkward writing, and poor visual design in emails. Typos and other errors are often the hallmark of fraudulent emails or websites.
  • You receive a Facebook notification that a friend’s birthday is today. The message includes a link that you can click on to offer your best wishes.
    • Never log into an account from an email. Your bank may send you alert emails, or LinkedIn, Facebook and other social media sites may send you notifications – but don’t access those sites from the email message. Take the time to go to the actual website and log in – the extra few seconds that takes could save you much more time than if you inadvertently downloaded malware onto your machine.
  • Your phone rings, and a friendly voice on the other end says he’s with Microsoft tech support, and they’ve noticed you may have fraudulent software on your computer. He offers to check on it for free if you’ll just allow him remote access to your computer.
    • If you’re not sure whether a phone call is legitimate, get the individual’s name and tell them you’ll call them back. Look up the customer service number independently – don’t call them back at the number they give.
    • Be absolutely certain anyone who has access to your computer is legitimate.
    • Never share your user ID or passwords with anyone.
  • Susan from Credit Card Services calls and wants to chat about how they can lower your rate.
    • Whether the phone call sounds legitimate or not, don’t respond to unsolicited requests for personal information such as your social security number, credit card number, bank account number, username, passwords, or debit card PIN.