The FBI identified a new phishing scam online that targets your bank accounts. The scam is called “Gameover.” Once the virus is on your computer, it can steal all of your user names and passwords before you realize what has happened.
How It Works
The Gameover scam will email you, pretending to be from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC). The email will say that there has been a problem with your bank account or a recent transaction, and will include a link to help fix the problem. The link will send you to a phony site, where the Gameover malware is automatically installed on your computer and starts stealing your bank account information.
If you think you’ve been victimized by this type of scheme, contact your financial institution to report it, and file a complaint with the FBI’s Internet Crime Complaint Center.
Learn more about the Gameover Scam.
Learn about how to prevent or respond to identity theft.
ATM skimming happens when your credit or debit card number is stolen during what seems like a normal transaction. Some card readers have been rigged to look completely normal, but underneath they have a “boot” that captures your card information and stores it, so someone can use it for their own purposes.
It is extremely difficult for the average person to detect the device over the card slot reader. However, credit card companies can help. If you submit a fraud claim, credit card companies can find patterns based on where their cardholders shop and investigate specific locations.
The FBI offers these tips to help you avoid being the victim of ATM skimming:
- Inspect the ATM, gas pump, or credit card reader before using it. Be suspicious if you see anything loose, crooked, or damaged, or if you notice scratches or adhesive/tape residue.
- When entering your PIN, block the keypad with your other hand to prevent possible hidden cameras from recording your number.
- If possible, use an ATM at an inside location (less access for criminals to install skimmers).
- Be careful of ATMs in tourist areas. They are a popular target of skimmers.
- If your card isn’t returned after the transaction or after hitting “cancel,” immediately contact the financial institution that issued the card.
Learn more about ATM skimming from the FBI.
When we think of a child’s safety we think of physical and emotional well-being, but what about their financial safety? According to the Carnegie Mellon Cylab’s report Child Identity Theft, published in April 2011, children’s identities are increasingly used to commit fraud.
Just like a criminal can use personal information of an adult to commit fraud, they can use a child’s identity to:
- Open credit accounts
- Take out student loans, home, boat, and car loans
- Receive government benefits and unemployment compensation
- Receive tax refunds
- Access medical care
- Secure employment
Many criminals turn to stealing children’s identities because it can go unnoticed for many years and this crime offers virtually no consequences. The child victims, on the other hand, inherit significant debt, carry a tarnished credit history, and suffer emotional impacts—particularly if the offender is a parent or family member—all before they even reach legal age.
How is child identity theft even possible? Unfortunately, the biggest loophole is the credit granting system itself. The system isn’t set up to verify if the information provided in a credit application is accurate (i.e., that the Social Security number presented corresponds with the age and particular person to whom it was issued by the Social Security Administration).
For now, the most important step we can take is to help build awareness of this issue, learn more, and talk to our friends and family about child identity theft.
Learn more about child identity theft and what to do if your child’s ID is stolen.
Whether you’re waiting to board an airplane or hanging out at a neighborhood café, public wireless networks can be a great way to stay connected.
Convenient? Yes. Secure? Hmm, not so much.
Unfortunately, most hotspots don’t encrypt what goes over the internet. So if you send email, manage your calendar, use social networks, or transmit financial data while using a public network, you may make it easier for hackers to access your accounts. In fact, new hacking tools – freely available online – make it easy to access unencrypted information, which could be used to scam you or someone you care about.
- When using a WiFi hotspot, only log in or send personal info to sites you know are fully encrypted. Look for https at the beginning of the web address (the “s” is for secure) and a lock icon at the top or bottom of your browser window. Some sites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, you could be at risk. So check for https and the lock icon the whole time you’re on the site, not just when you sign in.
- Don’t stay permanently signed in to accounts. When you’ve finished, log out.
- Don’t use the same password on different websites. Otherwise, a hacker who steals one password may be able to access a bunch of your accounts.
- If you travel a lot or use the local coffee shop as your office, consider a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can get a personal VPN account from a VPN service provider.
Finally, visit the Wifi Hotspot page at OnGuard Online for more Internet safety tips and share this information with your colleagues, friends, and family.
Nicole Vincent is a Consumer Education Specialist at the Federal Trade Commission.