Watch out for e-Mail Scams about Electronic Tax Payments

Well it’s getting closer to tax season.

Many of us do our taxes as soon as we get our year end statements and many of us have quarterly taxes we pay.

Either way please keep an eye our for scams ‘reminding you of payments’ telling you owe payments and the like.

Believe me – if the IRS or the State wants their tax dollars they’ll reach out to you via REGULAR MAIL they will NOT be using some third party payment processing company.

The idea with emails like the one I just received is to first scare you into thinking you owe money, and second get you to click on a malicious link – one that will either infect your system or get you to a site designed to one way or another separate you from your money. Often times with life operators asking questions and continuing the scare tactics.

SCAM

Above is one I just received. – IT’S COMPLETELY B.S.!!

Please IF you are ever concerned about a Tax problem go to the ‘front door’ of the agency – www.irs.gov, www.oregon.gov/dor, or the like, via your web browser address bar (NOT a search bar – the very top bar of your browser that says, http://www……)

the IRS has some good info here.

Remember be safe folks

Security news – Gmail spear phishing attack

There are some very splashy news stories going around saying ‘Google was Hacked".. Oh no sky is falling.

Let’s be clear. GOOGLE WAS NOT HACKED!
What happened is that many ‘targeted users’ were ‘Phished’ – the users where ‘conned/tricked’ into giving up their security information and passwords. This is called ‘spear phishing’

Essentially Gmail’s login screen was mimicked, and people were tricked in ‘re-entering their information, and hundreds of Gmail accounts, including those of U.S. Officials were then compromised in this very targeted Phishing attack. You have to read a little bit into these articles to actually find the true nature of the supposed ‘attack’.

To be clear – Hacking is done by a very skilled person on whatever his target is, phishing is done by almost anyone to anyone dumb enough to let themselves be tricked!

Here is one headline

and another

Google’s blog page has more details here

The simple thing to take a way from this is to be ever cautious of where, when and how you enter in any information online – to ANYONE.
AND use strong passwords.

The way this attack was carried out can be seen in this analogy I used with someone.

Suppose you went to the bank ATM, put in your card and entered your PIN. You then carried out your transaction; looking up your balance and making a withdrawal. After you are finished you take your cash, receipt and card and prepare to walk away.

At that moment someone comes around the corner wearing a shirt with the bank name – looking ‘all official’ and asks to look at your card because the bank is ‘tightening up security for it’s special clients.

You hand it to him. He then asks for your PIN; you know just to make sure you are who you say you are. He writes down your name, card and PIN number and hands back your card and says, "thanks, we just have to be extra cautious nowdays…"

In this scenario you just handed that person everything they need to know about how to royally screw you.

This is the same thing that happens with these ‘phishing’ and other types of ‘social engineering’ cons and scams.

People – please use extrodinary caution when dealing with personal information.

Google has an awesome security protocol called ‘Two Step Authentication’ and it is well worth the extra time and effort to set up.

You can learn about Two step authentication in this video:

[Remember about Application Specific passwords if you use Gmail on your Smartphone or desktop (Outlook, Thunderbird etc.)]

Massive Data breach again – protect yourself

The names and e-mails of customers of Citigroup Inc and other large U.S. companies, as well as College Board students, were exposed in a massive and growing data breach after a computer hacker penetrated online marketer Epsilon.

The list of companies is HUGE! TiVo, JP Morgan Chase, Capital One Financial, US Bank, the Kroger grocery chain, teleshopping company HSN Inc., Verizon Communications Inc, Blackstone Group LP’s Hilton Hotels, Kraft Foods Inc, and AstraZeneca and more.
According to the reports only email addresses and name information was stolen. So you may just get an extra does of spam. But you can never be sure.

You can read more about it HERE and HERE.

Update Even more news here!

My advice is to reset your account passwords if you use any of these merchants and as always, use extremely strong passwords – preferably using applications like LastPass or KeePass to create super strong passwords and manage all your accounts information.

Either of these apps should be used by EVERYONE anyways. LastPass being the easiest for most.

Keep safe folks!

Real Credit Score Answers

Identity theft is all over the TV adds, and internet these days. Making it seem as if everyone will be a victim whereby they lose all their money and have their credit completely ruined.

Truth is this will probably NOT happen to the vast majority of people EVER! Heck, my own brother had his messed up by an illegal alien not 20miles from his home – and the police could do nothing but tell him to ‘start watching’ his credit more and put fraud alerts on his accounts! It does happen, just not that often and the results can usually be resolved fairly easily – not quickly but easily.

Don’t get me wrong you should still be careful.

But remember your bank and credit card company already have some pretty strict identity theft protections in place already–they’re the ones who usually wind up footing the bill, after all. But beyond that there are some pretty simple steps that you can take yourself, such as getting your annual credit report, regularly checking your bank statements for odd charges.

But please don’t get suckered into things like ‘LifeLock’.

This March, LifeLock had to settle with the Federal Trade Commission for $12 million amidst charges that they were lying about what their services could do, mainly because they were. According to the chairman of the FTC, Jon Leibowitz, LifeLock’s protection "left enough holes that you could drive a truck through it,"

The sort of thing LifeLock protects you from is mainly people opening up new credit accounts, which is only 17 percent of existing identity theft. If someone used your identity to get medical care, a new job or even if they just took your credit card for a joyride, you wouldn’t hear a thing until the bank showed up to repossess your new car that you didn’t know you bought.

I admit, your credit score determines some rather important factors in your life, such as how easily you can get a loan, or buy a house. But it is not all that mystical and flowing. And it is very easy to get your current status and learn how to clean up your credit by yourself.

There are hundreds of companies offering to ‘give’ you a ‘free credit report’ if you sign up for their monthly service – usually at an incredibly high right (average of $15/mo).

The amazing thing is, you can get your credit report completely free at AnnualCreditReport.com. You can do this once a year, which may not sound like much, but your credit score really doesn’t change very rapidly. Right Here:

https://www.annualcreditreport.com/cra/index

This central site allows you to request a free credit file disclosure, commonly called a credit report, once every 12 months from each of the nationwide consumer credit reporting companies: Equifax, Experian and TransUnion.

Here is what they are about:

https://www.annualcreditreport.com/cra/helpabout

Ok let’s start.

Select your state and start the process. I am going to show most of the process and explain where you should take care to open the reports in a separate window for printing so you won’t ‘lose your place’ on the original web site.

clip_image002

clip_image004

clip_image006

clip_image008

clip_image010

clip_image012

Then ‘Right Click’ on Print your report and choose ‘open in new window’ and then print out the report!

Close the print window and don’t leave this page yet!

Now go up to the ‘Return to AnnualCreditReport.com’ link at the top of the page to do the same for the other two agencies.

clip_image014

clip_image015

clip_image017

clip_image019

clip_image021

Right-click on the ‘View and Print Your Online Report’ button and choose ‘Open in New Window’

clip_image023

Note there are two items to print here.

Click on the Print This Page and another window will pop up you can then print it out.

Then click on Print Report and print out the entire report page that pops up.

Once again:

clip_image024Please Note! Click on Return to: AnnualCreditReport.com to get your remaining Free Report(s)

clip_image025

clip_image027

clip_image029

clip_image031

You may get this:

clip_image033

I did.

So I right-clicked on ‘by phone or mail’ and got this:

clip_image035

Right-click on ‘the link ‘request form’ and choose ‘save file as’ or ‘save target as’ depending on your browser.

Save the form and print it out and fill it out and mail it

· Print and complete the form

· Mail the completed form to:
Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281

The you should get this window:

clip_image037

I hope this helps some of you. Keep safe out there.

Peace.