Category Archives: credit card fraud

Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know

cash appsI can’t recall the last time I gave my teenage daughter cash for anything. If she needs money for gas, I Venmo it. A Taco Bell study break with the roommates? No problem. With one click, I transfer money from my Venmo account to hers. She uses a Venmo credit card to make her purchase. To this mom, cash apps may be the best thing to happen to parenting since location tracking became possible. But as convenient as these apps may be, are they safe for your family to use?

How do they work?

The research company, eMarketer, estimates that 96.0 million people used Peer-to-Peer (P2P) payment services this year (that’s 40.4% of all mobile phone users), up from an estimated 82.5 million last year.

P2P technology allows you to create a profile on a transfer app and link your bank account or credit card to it. Once your banking information is set up, you can locate another person’s account on the app (or invite someone to the app) and transfer funds instantly into their P2P account (without the hassle of getting a bank account number, email, or phone number). That person can leave the money in their app account, move it into his or her bank account, or use a debit card issued by the P2P app to use the funds immediately. If the app offers a credit card (like Venmo does), the recipient can use the Venmo card like a credit card at retailers most anywhere. 

Some of the more popular P2P apps include Venmo, Cash App, Zelle, Apple Pay, Google Wallet, PayPal.me, Facebook Messenger, and Snapcash, among others. Because of the P2P platform’s rapid growth, more and more investors are entering the market each day to introduce new cash apps, which is causing many analysts to speculate on need for paper check transactions in the future.

Are they safe?

While sending your hard-earned money back and forth through cyberspace on an app doesn’t sound safe, in general, it is. Are there some exceptions? Always. 

Online scam trends often follow consumer purchasing trends and, right now, the hot transaction spot is P2P platforms. Because P2P money is transferred instantly (and irreversibly), scammers exploit this and are figuring out how to take people’s money. After getting a P2P payment, scammers then delete their accounts and disappear — instantly

In 2018 Consumer Reports (CR) compared the potential financial and privacy risks of five mobile P2P services with a focus on payment authentication and data privacy. CR found all the apps had acceptable encryption but some were dinged for not clearly explaining how they protected user data. The consumer advocacy group ranked app safety strength in this order: Apple Pay, Venmo, Cash App, Facebook Messenger, and Zelle. CR also noted they “found nothing to suggest that using these products would threaten the security of your financial and personal data.”

While any app’s architecture may be deemed safe, no app user is immune from scams, which is where app safety can make every difference. If your family uses P2P apps regularly, confirm each user understands the potential risks. Here are just a few of the schemes that have been connected to P2P apps.

cash apps

Potential scams

Fraudulent sellers. This scam targets an unassuming buyer who sends money through a P2P app to purchase an item from someone they met online. The friendly seller casually suggests the buyer “just Venmo or Cash App me.” The buyer sends the money, but the item is never received, and the seller vanishes. This scam has been known to happen in online marketplaces and other trading sites and apps.

Malicious emails. Another scam is sending people an email telling them that someone has deposited money in their P2P account. They are prompted to click a link to go directly to the app, but instead, the malicious link downloads malware onto the person’s phone or computer. The scammer can then glean personal information from the person’s devices. To avoid a malware attack, consider installing comprehensive security software on your family’s computers and devices.

Ticket scams. Beware of anyone selling concert or sporting event tickets online. Buyers can get caught up in the excitement of scoring tickets for their favorite events, send the money via a P2P app, but the seller leaves them empty-handed.

Puppy and romance scams. In this cruel scam, a pet lover falls in love with a photo of a puppy online, uses a P2P app to pay for it, and the seller deletes his or her account and disappears. Likewise, catfish scammers gain someone’s trust. As the romantic relationship grows, the fraudulent person eventually asks to borrow money. The victim sends money using a P2P app only to have their love interest end all communication and vanish.  

P2P safety: Talking points for families

Only connect with family and friends. When using cash apps, only exchange money with people you know. Unlike an insured bank, P2P apps do not refund the money you’ve paid out accidentally or in a scam scenario. P2P apps hold users 100% responsible for transfers. 

Verify details of each transfer. The sender is responsible for funds, even in the case of an accidental transfer. So, if you are paying Joe Smith your half of the rent, be sure you select the correct Joe Smith, (not Joe Smith_1, or Joe Smithe) before you hit send. There could be dozens of name variations to choose from in an app’s directory. Also, verify with your bank that each P2P transaction registers.

Avoid public Wi-Fi transfers. Public Wi-Fi is susceptible to hackers trying to access valuable financial and personal information. For this reason, only use a secure, private Wi-Fi network when using a P2P payment app. If you must use public Wi-Fi, consider using a Virtual Private Network (VPN).

cash apps

Don’t use P2P apps for business. P2P apps are designed to be used between friends and include no-commercial-use clauses in their policies. For larger business transactions such as buying and selling goods or services use apps like PayPal. 

Lock your app. When you have a P2P app on your phone, it’s like carrying cash. If someone steals your phone, they can go into an unlocked P2P app and send themselves money from your bank account. Set up extra security on your app. Most apps offer PINs, fingerprint IDs, and two-factor authentication. Also, always lock your device home screen.

Adjust privacy settings. Venmo includes a feed that auto shares when users exchange funds, much like a social media feed. To avoid a stranger seeing that you paid a friend for Ed Sheeran tickets (and won’t be home that night), be sure to adjust your privacy settings. 

Read disclosures. One way to assess an app’s safety is to read its disclosures. How does the app protect your privacy and security? How does the app use your data? What is the app’s error-resolution policy? Feel secure with the app you choose.

We’ve learned that the most significant factor in determining an app’s safety comes back to the person using it. If your family loves using P2P apps, be sure to take the time to discuss the responsibility that comes with exchanging cash through apps. 

The post Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know appeared first on McAfee Blogs.

How To Practise Good Social Media Hygiene

Fact – your social media posts may affect your career, or worse case, your identity!

New research from the world’s largest dedicated cybersecurity firm, McAfee, has revealed that two thirds (67%) of Aussies are embarrassed by the content that appears on their social media profiles. Yikes! And just to make the picture even more complicated, 34% of Aussies admit to never increasing the privacy on their accounts from the default privacy settings despite knowing how to.

So, next time these Aussies apply for a job and the Human Resources Manager decides to ‘check them out online’, you can guess what the likely outcome will be…

Proactively Managing Social Media Accounts Is Critical For Professional Reputation

For many Aussies, social media accounts operate as a memory timeline of their social lives. Whether they are celebrating a birthday, attending a party or just ‘letting their hair down’ – many people will document their activities for all to see through a collection of sometimes ‘colourful’ photos and videos. But sharing ‘good times’ can become a very big problem when social media accounts are not proactively managed. Ensuring your accounts are set to the tightest privacy settings possible and curating them regularly for relevance and suitability is essential if you want to keep your digital reputation in-tact. However, it appears that a large proportion of Aussies are not taking these simple steps.

McAfee’s research shows that 28% of Aussies admit to either never or not being able to recall the last time they checked their social media timeline. 66% acknowledge that they have at least one inactive social media account. 40% admit that they’ve not even thought about deleting inactive accounts or giving them a clear-out and concerningly, 11% don’t know how to adjust their privacy settings! So, I have no doubt that some of the Aussies that fall into these groups would have NOT come up trumps when they were ‘checked out online’ by either their current or future Human Resources Managers!!

What Social Media Posts Are Aussies Most Embarrassed By?

As part of the research study, Aussies were asked to nominate the social media posts that they have been most embarrassed by. Here are the top 10:

  1. Drunken behaviour
  2. Comment that can be perceived as offensive
  3. Wearing an embarrassing outfit
  4. Wardrobe malfunction
  5. In their underwear
  6. Throwing up
  7. Swearing
  8. Kissing someone they shouldn’t have been
  9. Sleeping somewhere they shouldn’t
  10. Exposing themselves on purpose

Cybercriminals Love Online Sharers

As well as the potential to hurt career prospects, relaxed attitudes to social media could be leaving the door open for cybercriminals. If you are posting about recent purchases, your upcoming holidays and ‘checking-in’ at your current location then you are making it very easy for cybercriminals to put together a picture of you and possibly steal your identity. And having none or even default privacy settings in place effectively means you are handing this information to cybercriminals on a platter!!

Considering how much personal information and images most social media accounts hold, it’s concerning that 16 per cent of Aussies interviewed admitted that they don’t know how to close down their inactive social media accounts and a third (34%) don’t know the passwords or no longer have access to the email addresses they used to set them up – effectively locking them out!

What Can We Do To Protect Ourselves?

The good news is that there are things we can do TODAY to improve our social media hygiene and reduce the risk of our online information getting into the wrong hands. Here are my top tips:

  1. Clean-up your digital past. Sift through your old and neglected social media accounts. If you are not using them – delete the account. Then take some time to audit your active accounts. Delete any unwanted tags, photos, comments and posts so they don’t come back to haunt your personal or professional life.

  1. Lockdown privacy and security settings. Leaving your social media profiles on the ‘public’ setting means anyone who has access to the internet can view your posts and photos whether you want them to or not. While you should treat anything you post online as public, turning your profiles to private will give you more control over who can see your content and what people can tag you in.

 

  1. Never reuse passwords. Use unique passwords with a combination of lower and upper case letters, numbers and symbols for each one of your accounts, even if you don’t think the account holds a lot of personal information. If managing all your passwords seems like a daunting task, look for security software that includes a password manager.

 

  1. Avoid Sharing VERY Personal Information Online. The ever-growing body of information you share online could possibly be used by cybercriminals to steal your identity. The more you share, the greater the risk. Avoid using your full name, date of birth, current employer, names of your family members, your home address even the names of your pets online – as you could be playing straight into the hands of identity thieves and hackers.
  1. Think before you post. Think twice about each post you make. Will it have a negative impact on you or someone you know now or possibly in the future? Does it give away personal information that someone could use against you? Taking a moment to think through the potential consequences BEFORE you post is the best way to avoid serious regrets in the future.

 

  1. Employ extra protection across all your devices. Threats such as viruses, identity theft, privacy breaches, and malware can all reach you through your social media. Install comprehensive security software to protect you from these nasties.

 

If you think you (or one of your kids) might just identify with the above ‘relaxed yet risky’ approach to managing your social media, then it’s time to act. Finding a job is hard enough in our crowded job market without being limited by photos of your latest social gathering! And no-one wants to be the victim of identity theft which could possibly affect your financial reputation for the rest of your life! So, make yourself a cuppa and get to work cleaning up your digital life! It’s so worth it!!

Alex xx

 

 

The post How To Practise Good Social Media Hygiene appeared first on McAfee Blogs.

Capital One Data Breach: How Impacted Users Can Stay More Secure

Capital One is one of the 10 largest banks based on U.S. deposits. As with many big-name brands, cybercriminals see these companies as an ideal target to carry out large-scale attacks, which has now become a reality for the financial organization. According to CNN, approximately 100 million Capital One users in the U.S. and 6 million in Canada have been affected by a data breach exposing about 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers, and more.

According to the New York Post, the alleged hacker claimed the data was obtained through a firewall misconfiguration. This misconfiguration allowed command execution with a server that granted access to data in Capital One’s storage space at Amazon. Luckily, Capital One stated that it “immediately fixed the configuration vulnerability.”

This breach serves as a reminder that users and companies alike should do everything in their power to keep personal information protected. If you think you might have been affected by this breach, follow these tips to help you stay secure:

  • Check to see if you’ve been notified by Capital One. The bank will notify everyone who was affected by the breach and offer them free credit monitoring and identity protection services. Be sure to take advantage of the services and check out the website Capital One set up for information on this breach.
  • Review your accounts. Be sure to look over your credit card and banking statements and report any suspicious activity as soon as possible. Capital One will allow you to freeze your card so purchases can no longer be made.
  • Change your credentials. Err on the side of caution and change your passwords for all of your accounts. Taking extra precautions can help you avoid future attacks.
  • Freeze your credit. Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts and alert you of any suspicious activity.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Capital One Data Breach: How Impacted Users Can Stay More Secure appeared first on McAfee Blogs.