Hurricane Harvey charity scams warning – National Consumers League

/in /by

92_donate.jpgWith heartbreaking images of the recent devastation in Houston, many consumers in the United States and around the world are reaching for their wallets to help. The inclination to send donations is generous and kind, but advocates know that con artists have long exploited natural disasters, and consumers must be careful in order to avoid sending money to scammers who pose as charities.

In the days following a natural disaster, our Fraud.org staff often hear from consumers about crooks’ attempts to take advantage of tragic events for their personal gain. After the September 11 terrorist attacks, Hurricane Katrina, and the 2010 earthquake in Haiti, we received reports of a variety of scams tailored by con artists to capitalize on the rescue efforts. Scams typically involve con artists sending out emails purporting to come from a known and respected charity such as the Red Cross or Oxfam International. Victims are then directed to a fake Web site made to look like a legitimate charity’s site, where they are asked to share personal information or donate via wire transfer, PayPal, or a bank account. The scammer then makes off with the donation, and no real funds are sent to support actual disaster relief.

“The continued tragedy of fraud perpetrated in the wake of such disasters is that charity scams not only rob the donors,” said John Breyault, NCL vice president for public policy on telecommunications and fraud. “They also divert contributions from legitimate charities, who are in great need for money and goods to assist those who need it most.”

Fraudulent charities use natural disasters like the one in Houston to trick people who want to aid the victims. If you’re not sure whether a charity is legitimate, follow this advice:

  • If you’re approached by an unfamiliar charity, check it out. Most states require charities to register with them and file annual reports showing how they use donations. Ask your state or local consumer protection agency how to get this information. The Better Business Bureau Wise (BBB) Giving Alliance also offers information about national charities. Call (703) 276-0100 or go to Give.org.

  • Ask for written information. Legitimate charities will be happy to provide details about what they do and will never insist that you act immediately.

  • Beware of sound-alikes. Some crooks try to fool people by using names that are very similar to those of legitimate, well-known charities.

  • Ask about the caller’s relation to the charity. The caller may be a professional fundraiser, not an employee or a volunteer. Ask what percentage of donations goes to the charity and how much the fundraiser gets.

  • Be wary of requests to support police or firefighters. Some fraudulent fundraisers claim that donations will benefit police or firefighters, when in fact little or no money goes to them. Contact your local police or fire department to find out if the claims are true and what percentage of donations, if any, they will receive.

NCL joins education campaign to help seniors safely buy drugs online – National Consumers League

/in , , , /by

counterfeit_Drugs_icon.jpgThis week, the National Consumers League (NCL) joined forces with the Alliance for Safe Online Pharmacies (ASOP Global), and the Center for Safe Internet Pharmacies (CSIP) in launching a campaign to educate seniors and their caregivers about the health and financial risks associated with buying prescription medicines from illegal or rogue online pharmacies.Over the last century, the number of Americans aged 65 and older has increased exponentially, and studies show that this trend will continue for the foreseeable future. While the elderly are living longer, many older adults depend on a multitude of prescription drugs to maintain their quality of life and to combat many of the problems that may arise with aging, such as chronic diseases. Approximately nine out of 10 older adults have at least one chronic disease, and nine out of 10 older Americans rely on at least one prescription medication on a regular basis. As adults 65 and older account for over one-third of all prescription medications and with many seniors living on fixed incomes, it is not surprising that they are looking for opportunities to purchase their necessary medications at cheaper prices.

Unfortunately, seniors are particularly vulnerable to unknowingly purchasing counterfeit drugs in an effort to find a more convenient and affordable means to obtain the medications they need. Of course, there are many online pharmacies that operate legally and are perfectly safe. However, there are many rogue online pharmacy sites that sell potentially dangerous, or even deadly, drugs that have not been approved by the Food and Drug Administration (FDA) for safety and effectiveness.

Many of these sites operate under the guise of being a legal, safe, and often cheaper alternative to purchasing a prescription from a retail or mail-order pharmacy. But in reality, they often sell drugs that contain the wrong active ingredient, the wrong amount of the active ingredient, no active ingredient at all, harmful ingredients, or even poisons. As an increasing number of older adults are being introduced to the Internet, it is important that they are educated on the risks associated with purchasing their prescriptions online.

To fill this knowledge gap, the National Consumers League is pleased to be collaborating with the Alliance for Safe Online Pharmacies and the Center for Safe Internet Pharmacies to not only educate seniors and their caregivers about online pharmacies, but also empower them to make safe and informed decisions when shopping for prescription drugs online. Counterfeit drugs have long been an area of great concern for NCL, and we are enthusiastic about contributing to this joint effort to keep older Americans safe online.

To stay safe, seniors and their caregivers should avoid websites that:

  1. Do not require a valid prescription.
  2. Allow you to buy prescription medications by simply completing an online questionnaire.
  3. Offer drastically discounted prices.
  4. Do not have a licensed pharmacist available for consultation.
  5. Do not display a physical street address.
  6. Offer to ship prescriptions from other countries to the U.S.
  7. Are not verified by the National Association of Boards of Pharmacy (NABP).

Consumers are encouraged to buy from sites ending in .pharmacy, which are verified by NABP. In addition, online pharmacies that display the VIPPS (Verified Internet Pharmacy Practice Sites) seal have successfully undergone NABP’s rigorous screening process.

For more information about illegal online pharmacies and counterfeit medicines, consumers should visit www.XtheRisk.com. For additional information on health fraud and tips on how to protect yourself from the dangers of counterfeit drugs, visit Fraud.org.

Tech support scammers dupe consumers – National Consumers League

/in , , , /by

sg.jpgEver heard of a tech support scam? Well, a very smart, savvy member of my family fell victim to one this week.My family member, who we will refer to as Sherry, was working on her laptop when she clicked on an ad. Clicking on that ad ending up installing malware on her computer, which then put up warning messages on her screen telling her that her computer was infected. A helpline phone number was displayed—appearing to be Microsoft tech support. Sherry, in a panic, called the phone number, which was actually a scammer. Unbeknownst to Sherry, she allowed him to remotely access her computer while she was on the phone with him. The scammer led Sherry to believe he was running a scan for viruses, but he was really scanning her computer’s information and possibly attempting to damage her hard drive so that Sherry would have to pay him money to “fix” it. Sherry’s computer, just like all of ours, is full of important work data, personal contact information, financial documentation, and more that we wouldn’t want anyone else to have access to. Before Sherry committed to giving this man her credit card information, a friend advised her to hang up with the scammer, shut her computer down, and disconnect it from the Internet.

From an FTC Post on tech support scams:

In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.

These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money.

This is exactly what Sherry experienced. Her scammer assured her that he was fixing her computer issues, while she asked several times if he was being honest. He responded, “You have to trust me.” Two days later, Sherry has been told not connect her computer to the Internet, which is vital to her work. She’s also waiting for the other shoe to drop – what happens when her friends start getting solicitations to help Sherry out of a travel jam and wire money to some phony address? Or who knows what other damage these scammers have done to her personal information linked to the laptop? There are many implications to this type of scam that can be very detrimental to one’s financial, work, and personal life.

So consumers, please, sign up for Fraud Alerts, which will warn you and your family on the latest scams. Read this Fraud Alert for more information on tech support scams. The more consumers know what to look for, the less likely you are to get duped. NCL’s Fraud.org is here to help! Microsoft also provides tips on how to avoid tech support phone scams here.

NCL #DataInsecurity Project – National Consumers League

/in , , , , , /by

databreach.jpgNCL recently debuted the first issue of The #DataInsecurity Digest, a twice monthly publication curated by NCL’s own, John Breyault, to deliver important consumer-focused data security news, policy and news analysis, and information about upcoming events directly to your inbox. Click here to subscribe.

In 2013, there were 614 data breaches that led to more than 550 million identities compromised. New data breaches means more identity theft and other fraud, and more consumers facing financial loss, great inconvenience, and a loss of trust in the marketplace. That is why NCL is working on the #DataInsecurity Project — to raise awareness about the need for reforms aimed at better protecting consumer data.https://www.youtube.com/watch?v=z6GD9UNbgAs&list=UUXfyCJGEBaMOTcf5l7W_GTg

Data breaches impact consumers, credit unions, banks, and retailers. Last December, the retail giant Target suffered a massive data breach that made national headlines. In the breach, as many as 110 million identities were compromised.

Take a look at the impact of just this single incident:

  • $200 million: the cost to credit unions and community banks for reissuing 21.8 million credit and debit cards
  • 1-3 million: the estimated number of cards stolen in the Target breach that were sold on the black market and successfully used to commit fraud
  • $18-35.70: the price per card stolen from Target and resold on the black market in the months after the breach

Shocking as these numbers are, they represent the fallout from just a single data breach. Data breaches are happening with frightening regularity.

Malicious hackers are going to continue to exploit existing weaknesses, and many businesses lack the incentive or ability to adequately protect their customer data against evolving threats. That is why NCL believes that consumers need to be proactive about protecting their own data and calling on policymakers for improvements.

The current landscape of protection for consumer data is woefully inadequate.

NCL’s #DataInsecurity Project is calling for reforms such as:

  • Creating a national data breach notification standard, modeled on strong state protections such as California’s;
  • Requiring businesses that maintain consumers’ personal data to protect that information via specific data security requirements;
  • Giving the Federal Trade Commission and state Attorneys General civil penalty authority to enforce violations of data security requirements;
  • Increasing civil and criminal penalties for malicious hacking;
  • Increasing efforts to enhance cooperation with international partners to bring overseas hackers to justice; and
  • Requiring retailers and banks to implement the highest level of security available to protect consumers’ payment data.

To promote these goals, NCL is taking its #DataInsecurity Project on the road to four states across the country, to meet with policymakers, industry experts, consumer advocates, law enforcement officials, and members of the academic and business community. The tour is designed to raise awareness about the frequency of data breaches and to encourage the adoption of comprehensive reforms so that consumers can be better protected.

As a part of the #DataInsecurity Project, NCL has also unveiled important new research by Javelin Strategy & Research investigating the impact of data breaches on consumer trust, on who consumers feel should be responsible for their data, and on current responses to data breaches. Check out NCL’s survey report.

You can get involved!

Help us send the message that the time for reform is now! Sign our petition to the White House calling on policymakers to step up and protect consumers’ data.

 

How many straws until the camel’s back is broken on data breaches? – National Consumers League

/in , , , /by

John BreyaultAnother day, another data breach. The data breach roulette wheel this times landed on health insurer CareFirst. Who loses? The 1.1 million consumers whose names, birth dates, email addresses and CareFirst subscriber ID numbers are now in the hands of cyber crooks.

First things, first, what’s the risk to consumers? The mostly likely effect is that consumer affected by the breach may be on the receiving end of convincing-looking phishing emails. These attacks are designed to trick consumers into clicking on links or attachments that install malware or send users to phishing websites. The phishing emails (and possible telephone calls) are likely to reference CareFirst in some way, and may even masquerade as notifications about the breach itself.

Bottom line: If you are a CareFirst customer, the first place you should be going to get reliable information about the breach and what CareFirst is doing about it is www.carefirstanswers.com. The website has been set up by CareFirst to give affected customers up-to-date information about the breach and what steps they can take to mitigate their risk, including taking advantage of free credit monitoring and identity theft protection CareFirst is offering via Experian.

With that out of the way, there are a number of key questions that regulators, legislators and advocates should be asking in the coming days and weeks.

First, why are health insurers being targeted? CareFirst is the third major health insurer to disclose a breach in the past six months. There are troubling signs that the breaches at Anthem in February, Premera in March and now CareFirst are part of a coordinated attack on U.S. health insurers, possibly by state-sponsored hackers. Regardless of the origin of the hack, it’s clear that medical information is especially lucrative for thieves. According to cybersecurity experts, stolen medical info is worth 10-20 times more than stolen credit or debit card data goes on the cyber black market. With 2.3 million Americans falling victim to medical identity theft in 2014, it’s not hard to see why medical information presents such an attractive target to cybercriminals

Second, why did it take 10 months to notify consumers? According to CareFirst, the intrusion into their network was first detected in June 2014 and “immediate action” was taken to contain the threat. However, it was not until April 2015 that the company discovered that the crooks had exfiltrated their systems with stolen data. With nearly 10 months lead time, cybercrooks had ample time to create mischief with the stolen data before CareFirst notified consumers. Why did it take so long to find out that data was actually lost?

Finally, would more stringent data security standards or data breach notification laws have reduced the risk of this breach? There is no way to make a system 100% safe from hacking. However, far too many companies only invest significant resources in protecting their customers’ data after a hack, not before. This leaves millions of consumers at risk of breach-fueled fraud as companies elect to invest elsewhere while they wait for a hack to force them to spend on data security. What kind of incentives and/or penalties should Congress and Executive Branch consider to shift the cost/benefit equation for companies towards spending on data protection before a breach? NCL’s 2015 Data Security Agenda is a good roadmap for policymakers looking for consumer-friendly answers to these important questions.

The CareFirst breach is yet another straw on the pile of reasons why consumers can’t wait on businesses to take care of the data security problem on their own. It’s time for leaders in Washington to step up and pass real data security reform before the next straw breaks the camel’s — and our — backs. In the meantime, here are tips consumers can use to reduce the risk of identity theft.

Bravo! FTC’s “Start With Security” initiative announces seminar on data security – National Consumers League

/in , , , /by

Federal Trade Commission Chairwoman Edith Ramirez this morning announced the next step in the FTC’s efforts to craft data security guidelines for businesses. As part of its “Start with Security” program, originally unveiled in March, the Commission will hold an initiative at the University of California on September 9. This follows on the heels of the February 13 Summit on Cybersecurity and Consumer Protection at Stanford University.NCL has long advocated for the FTC to take a leadership role in the federal government on data security and is very pleased about this announcement. We applaud the FTC for taking this step to improve data security and help businesses protect consumers.

While details of the September meeting aren’t yet fully known, we do know a few things about the Commission’s “Start with Security” program. At the IAPP summit in March, FTC Bureau of Consumer Protection Director said that the program’s goal is to provide businesses with resources, education and guidance on data security. Chairwoman Ramirez (who NCL will be honoring in October, incidentally) elaborated on this theme, stating that the initiative will be aimed at bringing together experts on data security to share best practices, particularly for small and medium-sized businesses.

The focus on data security at small-to-medium sized businesses is a logical choice for the agency. Its ongoing legal tussle with Atlanta-based LabMD illustrates challenges the Commission faces as it seeks to enforce data security obligations on small businesses. Such entities are often ill-equipped to adequately protect the growing amounts of sensitive personal information they are collecting.  This is an incredibly important issue. As NCL’s #DataInsecurity Report found, nearly 6 in 10 data breach victims indicated that their trust in retailers decreased following a breach. For a small business struggling to stay afloat, losing the confidence of customers due to a data breach can mean the difference between keeping the lights on and a “closed” sign on the front door.

So what can the Commission hope to accomplish at its September meeting? In the interests of promoting consumer data security, we propose that the meeting agenda cover some basic data security policy topics, such as:

  • Is there a sufficient flow of information and best practices on breach trends, emerging threats from hackers, etc. being shared by the FTC with business that are entrusted to store consumer data? If not, how can this improve?
  • The Online Trust Alliance estimated that 90% of data breaches in 2014 could have been prevented if basic security measures had been taken. With this in mind, how can businesses be incentivized to make sure they are taking the basic steps to protect their data?
  • Small and medium-sized businesses often lack the budget and/or expertise to craft robust data security protections, yet they are increasingly collecting large amounts of sensitive data about their customers. What requirements should be placed on a pizza parlor, for example, when it comes to data security?
  • We often hear that it’s not “if,” it’s “when” when it comes to data breaches at businesses. However, it seems that businesses, particularly small-to-medium sized businesses, aren’t prepared to protest against the data breach threat. Is this accurate? If so, what can the FTC do to change that mindset?
  • Government data security mandates can only do so much to create a climate where data security is taken seriously by business. What flexible, market-based incentives exist to promote data security? Is cyber-insurance the answer?
  • There is no shortage of cybersecurity firms offering high-priced solutions to small-to-medium sized businesses. Are there free or low-cost solutions that businesses can take today that will measurably reduce their data security risks (e.g. enable multi-factor authentication, create stronger passwords, encrypt sensitive data)?

The “Start With Security” initiative is a good opportunity for the FTC to promote solutions that businesses can take to reduce their data security risk. However, absent reforms in Congress to tackle tough issues like data breach notification and a comprehensive data security standard, education can only do so much. We hope that the Commission will use the September 9 forum to highlight the impact that breaches continue to have on consumers and businesses and to push Congress to pass real data security reforms.

Beware: Online pet adoption scams – National Consumers League

/in /by

92_puppy_sale.jpgBringing a new puppy or kitten home is right at the top of many consumers’ wish lists. Unfortunately, scammers know all too well how emotionally connected we can get to idea of adopting a cuddly ball of fuzz. Since the beginning of 2015, NCL’s Fraud.org has received a surge of consumer complaints about pet adoption scams. Learn how the scam works.First, a consumer searching for a pet sees a desirable animal listed for sale online, often on a classifieds website like Craigslist.org or Oodle.com. Next, the consumer reaches out to the prospective seller and expresses interest in acquiring the animal. After a consumer sends money to the alleged owner to pay for the pet, she is told that additional funds are needed to cover the cost of things like “a ventilated shipping crate,” “insurance,” or other reasons. Regardless of how much money is sent, the alleged seller will find new reasons to ask for additional payment. This continues until the victim, now often out hundreds or thousands of dollars catches on and stops sending money.

In reality, the entire act is a farce. The cute pet pictures that prompted the initial outreach by the consumer are usually simply pulled off the Internet and used to create attractive (but fake) listings. The alleged sellers don’t own any actual pets and are just out to milk victims of all the cash they can.

A Massachusetts woman we’ll call “Sue” (not her real name) recently sent us a complaint that is typical of this scam. Sue writes:

“I was looking to purchase a Yorkshire terrier puppy for my 2 little kids. I found one that I was really interested in. It was a 9-week-old female Yorkie. I emailed ‘the owner’ … The puppy was $500 and he told me that was already included with shipping and everything. He told me to put the $500 on a Reloadit card, which I did, and I gave him that. He sent me an email of a flight ticket, which I now know that it was not real because I called American Airlines and the flight ticket was a fake.

An agency started emailing me stating that I had to send them $970.00 for a ‘crate’ for the puppy to arrive to me safe while on flight due to the weather. I was told it was refundable when my puppy would arrive. I was told to send it by Western Union, which I did. Once that happened … I was asked to send $1,500 now for the pets insurance to get sent to me, which was also supposed to be refunded to me. I sent that money through MoneyGram. I was supposed to receive my puppy on March 7, 2015 in the morning and I never received the puppy.

Then I received another email stating I had to send ANOTHER payment of $760.00 to update her shots before she takes off. It was already sounding a little bit too good to be true to me but that’s when I finally realized that this was a scam.”

Fraud.org has received more than a dozen complaints about these scams so far this year. Consumers can see additional examples of these scams at the ASPCA’s Pet-Related Scams website.

It’s easy to get emotionally attached to the idea of acquiring an adorable new pet. Consumers in the market for a new furry friend, can protect themselves by following these safe pet-buying tips:

  1. Never send money for a pet purchase unless you have seen the animal in person (as opposed to simply online).
  2. Beware of any seller who says she’s located out-of-town (or worse, overseas). Dealing with local sellers is usually the smart move.
  3. Requests for payment via wire transfer (Western Union or MoneyGram) or prepaid debit card (Green Dot MoneyPak, Reloadit, or similar cards) are often a red flag for potential fraud. Payment sent via these methods is practically the same as sending cash.
  4. Consider adopting from a local shelter instead of a private seller. There’s likely to be a lower cost to obtain the pet, and you’ll be dealing with a reputable non-profit organization.
  5. Do your due diligence on the seller BEFORE sending money. Ask for detailed information on the seller, including full name, phone number and mailing address. Search online for information on the seller. If no information comes up in the search, or you see negative reviews, it could be a scammer instead of a legitimate seller.
  6. Watch out for offers of “free” pets. While it may seem like a good deal, scammers have been known to use these to lure unwary consumers in to paying for “shipping” and other costs for nonexistent pets.

If you’ve been a victim of one of these scams or been approached by someone you suspect of being a scammer, file a complaint at fraud.org so that we can share your information with our network of law enforcement and consumer protection agencies.

Lovers, beware: ‘Tis the season for romance scams – National Consumers League

/in /by

love_stinks.jpgThink you’ve found your Romeo or Juliet online? Experts are warning, especially this time of year, to be on the lookout for predators posing as the perfect sweetheart. These Romance Scams can be a long, drawn-out process–it takes a long time to kindle a relationship in which the victim might actually consider sending cash. We’ve heard from countless victims who were more than just unlucky in love. Read on to hear their stories.After being single for many years, 51-year-old “Dan” befriended a woman on a dating Web site. She said she was an artist in Lagos. The two developed a spiritual connection and grew romantically involved. The woman told Dan that she longed to come to California to be with him. That’s when she asked him for money, and he happily wired her $2,500. Dan was soon contacted by a man claiming to be the woman’s doctor, who said Dan’s true love had been in a terrible accident and wasAfter being single for many years, 51-year-old “Dan” befriended a woman on a dating Web site. She said she was an artist in Lagos. The two developed a spiritual connection and grew romantically involved. The woman told Dan that she longed to come to California to be with him. That’s when she asked him for money, and he happily wired her $2,500. in a coma. Dan never heard from her again.

Ugh!

Hearing about these victims is really tough. They’re devastated emotionally and sometimes out a ton of money. The worst thing is how far from unique Dan’s story is. Sure, there’s a melodramatic twist at the end “explaining” his swindler’s disappearance. But, time and again, the reports we get at NCL’s Fraud.org often contain a drama: an accident, a tragedy, some sudden need for monetary assistance. And, inevitably, love triumphs over caution, and a soon-to-be-heartbroken consumer victim sends the money via wire transfer, preloaded card, or even cash.

Though the details of the scammers’ stories vary with each individual case, the gist is almost always the same: some tragedy has befallen the scammer and he or she desperately needs money. After spending time communicating and building a relationship with the victim, the scammer will ask for help. In a report we received from a woman we’ll call “Molly,” she had met a man on a major online dating site, and they conversed regularly for about a month before the man told Molly that his daughter needed heart surgery. Over the course of several months, Molly sent the man a total of $1,000. Only later did she realize that the man was after her money and nothing more, and that the daughter who needed heart surgery probably didn’t even exist.

In another report, “Pam” told us about a man she’d met online who asked her for $150 because he’d been hit by a car and needed treatment. He then sent her a document that he claimed was a copy of his medical receipt, and asked her to send him another $760 to help him come to the United States so that they could be together. Pam was in love, and she sent the money. He never showed up, but Pam reported that the man still harasses her for more money from time to time.

We’ve heard reports about such scams occurring on all of the major dating sites, and from victims of varying backgrounds. Men, women, young, old, black, white, gay, straight, etc. So while you shouldn’t let this deter you from finding love online, you should remember that these scammers are out there. And while they may not love you, they would love to take your money, so be sure to only consider giving money to someone you’ve met in person, have known for a long time, and can truly trust. Or be prepared to kiss your money – and your special friend – goodbye.

Don’t let your new computer get filled with scammy software – National Consumers League

/in , , /by

With the holidays upon us, many consumers will soon be unwrapping new laptops, tablets, and desktop computers. Out of the box, these new devices run great, but over time they can become clogged with all manner of scammy software. At best, these programs can degrade performance. At worst, they can lock down your new device and steal personal information.

Web browsers are a popular way that scammers gain entry to consumers’ computers. This is often done via deceptive browser tools and extensions.  These programs are typically legitimate and useful software that add new features to Web browser or otherwise alters the default Web surfing experience.  Popular examples include browser toolbars, language translators, and email notification icons.

Unfortunately, as many victims know too well, scammers also creating browser downloadables that promise one thing, but unleash a parade of horribles on unsuspecting consumers.  For example, these programs can rewire your browser settings and degrade your browser and computer performance.  They may also overlay scammy or inappropriate ads all over the web pages you visit, often covering up content that you want to see.  Even worse, these unwanted programs can introduce malware and other security and privacy threats, including stealing passwords and account login information.  And in many cases, they are impossible to get rid of without expert (read: expensive) help.

 So, what else can consumers do? Here are some tips for spotting and avoiding being a victim:

  • Keep your browser and operating system up to date. Most operating systems and software will notify you when it’s time to upgrade – don’t ignore these messages and update as soon as you can. Old versions of software can sometimes have security problems that criminals can use to more easily get to your data.

  • Know what you are downloading. Software from unfamiliar third parties may contain unwanted add-ons or malware. Be sure to know from where the software originates and only download it from a reputable source or a well-known app store.

  • Review Installation Options. When you download programs and extensions, pay attention to the fine print details and any auto-checked checkboxes. Make sure that you understand what programs are being installed.

  • Read the User Agreement. In addition to only downloading software from a reputable source, also be sure to read disclosures on the download site to understand exactly what you’re installing. Don’t install software from sites your browser tells you may contain malware or software bundled with “additional offers” unless you fully understand what is in them.

  • Recognize the signs of infection. Here are some clues that a suspicious program is affecting your browser:
    • Your browser doesn’t block pop-up ads from showing
    • Your homepage, startup page, or default search engine has changed to a site you don’t recognize
    • Unfamiliar extensions or toolbars are added to your browser
    • The browser’s desktop shortcut opens an unfamiliar website

  • Remove scammy software. Routinely scan your computer for malware with antivirus software you trust.

  • If you get hit with a scammy download report it Fraud.org or the FTC.

These tips are part of the National Consumers League’s continued commitment to helping consumers keep themselves safe online. In particular, NCL’s #DataInsecurity Project raises awareness about the need for reforms aimed at better protecting consumer data and calls on our policymakers to act now to strengthen cybersecurity standards.

Turning cybersecurity awareness into cybersecurity reform – National Consumers League

/in , , /by

Facebook_NCSAM_icon.jpgOctober is National Cyber Security Awareness Month, which is a good time for consumers to take stock of their online safety habits and practices. Great tips and tricks for creating stronger passwords, taking advantage of two-factor authentication and learning to spot phishing scams and other cyber threats abound from organizations like the Federal Trade Commission, Stop. Think. Connect., and NCL’s own Fraud.org.In partnership with the U.S. Department of Homeland Security and the National Cyber Security Alliance, NCL is helping to raise awareness about cybersecurity and give consumers advice on how to protect themselves from hackers and other online scam artists. However, 2014’s NCSAM comes at a unique time. Consumers’ concern about the security of their personal data has rarely been higher. Due in part to massive data breaches at retailers like Target and Home Depot—and, just this week, news regarding JP Morgan Chase—there is a new urgency for action in Washington and in corporate boardrooms to address data security.

While NCSAM is a perfect opportunity to take ownership of your own data, one person cannot protect all of their data by themselves. In today’s connected economy information about consumers is held by hundreds, if not thousands of entities – often without your knowledge. However, a data breach at just one of these companies can expose millions of consumers’ records to fraud.

This summer, NCL organized events in Miami, Los Angeles, and Chicago to raise awareness about the problem of data breaches. Armed with new research from a groundbreaking survey and a report on the consumer impact of data breaches, we met with federal and state law enforcement and consumer protection authorities, local media, and American consumers. What we heard was not surprising: Consumers are fed up with the constant stream of data breaches, which they often feel powerless to stop. They want businesses to do more than just offer up free credit monitoring – they want a way to hold businesses and government accountable when their sensitive data is not protected.

That’s why this October, we’re calling on policymakers in Congress, at the White House and throughout the country to not just be aware of cybersecurity, but to do something about it. Through our #DataInsecurity Project, NCL is working to raise the alarm about the urgent need for data security reforms, including passing a national data breach notification standard, creating meaningful national data security requirements and giving enforcement agencies like the FTC the tools they need to go after hackers and companies that put profits ahead of securing consumers’ data.

As we look towards a new Congress, we at NCL will be redoubling our efforts to make sure our elected leaders don’t sit idly by while hackers profit off our data. Instead, we’ll be making our voice heard in Washington and throughout the country to push for real reforms that start to put a dent in the data security problem.