scams – PSafe Blog https://www.psafe.com/en/blog Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general. Thu, 19 Jan 2023 14:49:21 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://www.psafe.com/en/blog/wp-content/uploads/2018/05/cropped-psafe_blog_purple-shield-32x32.png scams – PSafe Blog https://www.psafe.com/en/blog 32 32 <![CDATA[Scammers Posing As Netflix’s Steal Credit Card Details]]> https://www.psafe.com/en/blog/netflix/ Sun, 20 Jun 2021 18:08:52 +0000 https://www.psafe.com/en/blog/?p=20938 PSafe’s dfndr lab, specializing in digital security, has identified a new scheme that illegally uses Netflix’s name to steal victims’ personal information and credit card data. So far, more than 6,000 detections of this scam have been recorded.

How does this scam work?
Emilio Simoni, director of the dfndr lab, explains the scheme: “With the intention of deceiving Netflix customers, scammers steal the name and graphics of the well-known streaming platform. They approach their victims through emails with a malicious link, which directs them to a fake website posing as the official Netflix website. By clicking on this link, the victim is tricked into providing personal and credit card details for a supposed registration update. Those who provide this information hand over their sensitive data to scammers, making them likely victims of bank fraud “.

How to protect yourself from this type of digital scam:
The experts at dfndr lab list some precautions that everyone should take to avoid falling into phishing scams (malicious links):

1 – Use mobile security solutions that offer protection against digital threats. dfndr security, for example, sends security alerts in real-time to its users whenever they receive a malicious link or fake news, whether it’s on Facebook Messenger, WhatsApp, via SMS, or in the browser.

2 – Always search and check to assure you’re on the official website for every company when you receive information through the Internet. Be wary of promotions, sensational news, discounts — and any administrative action that requires you to re-furnish personal / financial information.

3 – Be careful when clicking on links shared through Facebook, TikTok, and other social networks. Also be especially wary of any unknown email contacts. Don’t provide personal information to websites unless you’re certain of their authenticity.

4 – When in doubt, it is possible to check if a link is fake on the dfndr lab website. Checking the links notifies you in a few seconds whether a website may offer any malicious features.

]]>
<![CDATA[The Anatomy of a URL]]> https://www.psafe.com/en/blog/the-anatomy-of-a-url/ Sat, 07 Apr 2018 12:00:30 +0000 https://www.psafe.com/en/blog/?p=17398 You can tell a lot about the website you’re entering based on the URL you’re about to click on. Phishing websites and other scams are all the rage right now as hackers are finding new, creative ways to steal your personal data or access your banking information. One key way to protect yourself from these attacks is with an antivirus app such as dfndr security, which does virus scans, has anti-hacking technology, and helps you avoid security breaches on your phone.

Read More: Where Do Most Phishing Attacks Occur and Why?

There are several other ways to tell whether or not a link is the real deal, or could lead you to a fraudulent page.

Take Out Your Magnifying Glass
When a link is sent to you via email, direct message or any other way, take a close look at what the link looks like before clicking it. 

A good way to check whether or not you’re getting scammed by a fraudulent email is to look at the exact spelling of the email account, as well as the URL, and compare it to the real deal.

For example, PayPal sends messages via emails that end with @paypal.com, but a fraudster might use an account that ends with @paypalpayments.com to trick you, so watch out for these discrepancies.

It may seem a bit loony to examine email or link addresses so closely, but taking those extra few seconds can save you from the nightmare of being hacked and victimized.

Become a Cybersecurity CSI
Another way to ensure you’re entering a trusted site is to notice if the domain is secure or not. Sounds really CSI, but it’s not as hard as you think.

First, look for the Secure Sockets Layer (SSL), which shows up on a website when it’s secure. A SSL website begins with “https” rather than “http”.

To further enforce security, also look for the green padlock at the beginning of the link and the word “Secure”, or the name of the company before the link. The green address bar only shows up when a site is using a type of SSL certificate called an Extended Validation (EV) Certificate, which helps confirm that the site is operated by a legally incorporated company.

URL Shorteners Could Be Your Enemy
When media outlets share an article on social media sites, they’ll typically use a URL shortener like Bitly or TinyURL. Sometimes, URL shorteners are used in emails as well. These tools help abbreviate long web addresses but make it hard to tell if a website is legitimate since the appearance of a URL is altered.

One way to get around this issue is to right click on the shortened link and copy the URL to a text editor and examine it. Never load it in your web browser though. When it comes to banking, most major financial institutions will probably not use URL shorteners in official emails, so you’re clear there.

We hope these step-by-step tips help you dissect your electronic correspondence better and avoid being a victim of a phishing or cyber attack.

]]>
<![CDATA[Online Scams to Look Out for During the Holidays]]> https://www.psafe.com/en/blog/online-scams-to-look-out-for-during-the-holidays/ Wed, 20 Dec 2017 01:00:08 +0000 https://www.psafe.com/en/blog/?p=15926 More than ever holiday shoppers are now choosing to purchase their gifts online rather than at a physical store location. While online shopping is often preferred for its convenience and incredible discounts, it can also be a great hassle if you fall victim to a virus or scam. Phishing attacks, hacks, and malware are all more common during the holidays — since more people are shopping online — and these scams are getting savvier every year. Luckily, there are several ways that you can protect yourself from scams and viruses while shopping online this season. Be on the lookout for these:

  1. Sketchy Emails That Mimic Well-Known Businesses

Scammers love to send out fake emails that mimic the language and images used by well-known companies. These emails often attempt to trick consumers by offering them a free, in-demand item if they enter a contest, or informing them that their account has been breached, which is a false warning meant to take over a person’s account. You should also be cautious of any email attachments, even if they come from seemingly trustworthy sources, such as a coworker or a friend. If an email or an attachment doesn’t make sense, don’t click on it — the person’s account could have been hacked, and the attachment could contain malware. Reach out to the person directly and ask them if the email is legitimate.

Read More: The Most Common Viruses of 2017 and How to Stop Them

  1. Unbelievable Deals? Pause Before You Buy

Fake and malicious ads and websites are especially common during the holiday season. You may see them at the top of Google search results, or on Facebook, Instagram, or another website. They typically advertise absurdly discounted items, such as expensive sunglasses or handbags, laptops, or other in-demand goods for 80% to 90% off. To avoid these types of scams, avoid clicking on any ads or links that seem too good to be true, and consider using an ad-blocker. You should also verify that you are on a legitimate, secure website before entering any information or making a purchase. Lastly, make sure to take advantage of dfndr security’s various protection features like anti-hacking to prevent you from falling victim to any online scams or fraudulent websites.The anti-hacking feature alerts you that a link is malicious and then blocks it before you even click on it.

  1. Shopping Apps With No Holiday Spirit

During the holidays, many more malicious shopping apps crop up. They typically mimic well-known shopping apps or else lure consumers in by promising unbelievable deals. To avoid becoming a victim of malware or scams, avoid downloading apps from third-party websites. Further, exercise caution when downloading apps from the Google Play store, and pay attention to the language used — is it free of typos or other glaring errors? — and pay attention to the number of reviews and downloads. Lastly, when it comes to shopping on your phone, stick with a store’s official mobile website.

]]>
<![CDATA[5 Unknown Phishing Scams to Watch for During the Holidays]]> https://www.psafe.com/en/blog/5-unknown-phishing-scams-to-watch-for-during-the-holidays/ Wed, 20 Dec 2017 00:00:40 +0000 https://www.psafe.com/en/blog/?p=15904 It’s the most wonderful time of the year for spending time with family and friends — and finding great holiday gifts at incredible prices. As you spend more money online and hunt for the best deals, hackers introduce more clever phishing scams to lure you in. These phishing scams go far beyond the more obvious ones, such as a fake email about winning a contest or a Google ad for a discounted luxury item. Here are 5 lesser-known phishing scams to watch out for this holiday season:

An Email That Your Transaction Was Declined
While shopping this season, the last thing you want is for your card to be declined. If you receive an email that says your credit card or PayPal transaction was declined for a recent order, this is a phishing scam. Don’t click on any links or hand over your personal information. If you must check your account or the status of your order, manually type in the correct URL and log in to your account to verify that everything is in okay. You could also download an antivirus app like dfndr security to regularly scan your phone for any malware. The best feature you might want to activate in our app is anti-hacking because during the flurry of a shopping session this feature can identify and block malicious links before you click on them. Turn it on to try it:


Read More: 
Can’t Stop Clickbaiting? anti-hacking Will Protect You

Spoofed Two-Factor Authentication
In this phishing scam, a hacker uses a victim’s phone number and email address to assume her identity and ask Google (or another service) to reset the password for her email account. Whenever Google texts the victim with the reset code, the hacker will then pose as Google to text the victim about unusual account activity, and request that the victim send the hacker the reset code to confirm her identity. If the victim sends the reset code to the fake Google text, then she has just given the hacker the ability to access her account.

Instagram Shopping Scams
Boutique accounts have become incredibly popular on Instagram, with items often selling out within minutes. While there are many legitimate Instagram boutiques out there, you should be wary of shady accounts that try to lure you in by purchasing an item or clicking on a link. Before you shop on Instagram, make sure that the boutique you’re interested in is legitimate by paying attention to the number of followers, the seller’s language, and any reviews or websites that discuss the boutique.

Fake Promotional Emails With Coupons
Maybe you ignore promotional emails altogether, or maybe you check them for the latest sales and deals at your favorite stores. If you receive an email this season that promises an incredible deal, don’t click on any links or images in the email — it could be an email spoofing your favorite retailer. To ensure that the deal is legitimate, check the email’s language, compare the email to past emails, and go to the store’s website to find the deal or contact customer service to verify the email.

Shipping Scams
With this scam, you’ll receive a fake email from UPS or FedEx informing you that your package was unable to be delivered. To remedy this issue, the email will ask you to click an infected link or open a malicious attachment. If you receive an email like this, ignore it — these services will never email you about undeliverable packages. Further, be wary of any odd-looking emails that contain a tracking number — the link could be fake.

]]>
<![CDATA[Why You Should Be Worried About Password Phishing on Android]]> https://www.psafe.com/en/blog/worried-password-phishing-android/ Sun, 09 Jul 2017 20:00:16 +0000 https://www.psafe.com/en/blog/?p=12449 Like ransomware, phishing scams and social engineering attacks are on the rise this year. The recent scams are becoming far more clever, with hackers learning more about their victims before they strike. This helps them to carry out a far more effective attack. Still, some of the most common and effective password phishing scams include spoofing a bank’s website or an email login page. To stay protected from phishing attacks while online, activate Anti-Hacking:

Deeplink_Activate-Anti-Hacking
DFNDR’s Anti-Hacking feature will keep you safe online. It will block you from malicious websites and phishing attempts designed to steal your account information or money. Once this feature is activated, you’ll also receive warnings about deceptive websites so that you never enter your account information on an unsafe site. With Anti-Hacking you’ll be fully protected against password phishing on your Android.

Read More: The 7 Password Mistakes You Might Be Making

How Common is Password Phishing on Android?
Think about the progress that app developers have made over the years, and how advertisers are no longer having trouble displaying ads on smartphones. Malware and malicious attacks have made progress, too. It was only a matter of time before password phishing increased on Androids — and it will likely continue to do so.

Take, for example, the recent Google Docs phishing scam. In this phishing scam, Gmail users would receive a link to a Google Doc from one of their contacts or a seemingly legitimate person. After clicking the link, they would then be sent to a real Google page, where they’d be tricked into giving access to a third-party “Google Docs” app that would request access to all of their account information. Google has since responded to the attack and has issued an update for their Android app to make the app more secure. Unfortunately, Gmail is still vulnerable to future phishing attacks of a similar nature. The attack was so successful because it used real Google pages. This is why it’s important to use Anti-Hacking to ensure you’re always protected — such as when a phishing attempt goes undetected by Google.

Another common password phishing scheme involves the Cloak & Dagger malware. This malware is downloaded onto an Android when you download a malicious app from the Play store. Once it has infected your device, it can then spoof your Android’s appearance in order to carry out phishing attacks. This malware has been able to infect older Android operating systems in addition to the latest operating system, Nougat. As a reminder, you should always pay attention to the language, design, and reviews of an app before downloading it. In order to ensure that your device is free of hidden malware, use Full Virus Scan to check your phone and SD card for threats:

run-security-scan

]]>
<![CDATA[5 Things You Can Do to Prevent Phishing Scams at Work]]> https://www.psafe.com/en/blog/5-things-can-prevent-phishing-scams-work/ Mon, 22 May 2017 14:00:27 +0000 https://www.psafe.com/en/blog/?p=11347 Phishing attacks on businesses are on the rise: the FBI reports that businesses worldwide have lost more than $5 billion over the last several years because of this trend. Hackers are typically able to gain access to a business’ computer system through their employees, by targeting individuals with social engineering scams through phishing or by collecting personal information from their social media profiles. You can use the Anti-Hacking feature to block phishing attempts on your work phone:

Deeplink_Activate-Anti-Hacking
Anti-Hacking will block you from malicious websites and warn you of deceptive websites. It’s important to stay protected from scams across devices since you’ll likely check emails throughout the day on your work or personal phone. After all, you don’t want to be the weak link at your company — the individual whose oversight leads to a company-wide breach. The following are additional ways you can protect yourself from phishing scams at work.

Read More: How to Protect Yourself from Social Engineering Attacks

  1. Follow the Strong Passwords and Use Two-Factor Authentication Rule

Your IT department will prompt you to create strong passwords and use two-factor authentication for your professional accounts. Don’t ignore this request, as this is how many companies are breached — employees who ignore this or put it on a to-do list but don’t follow through. Strong passwords are long passwords with lowercase and uppercase letters, symbols, and numbers. Also, apply the same rule to your personal accounts.

  1. Be Wary of What You Send Via Email

Email is not a secure form of communication for many reasons, one being that it’s easy to intercept emails. Don’t send any personal information via email or email forms (such as passwords or your Social Security number).

  1. Be Suspicious of Unsolicited Emails and Phone Calls

Some unsolicited emails and phone calls are legitimate — but many are not. Many phishing scams are designed to prey on your emotions, and get you to respond with personal information or click on a link out of fear. This approach works, too: it is often most successful when the targeted individual is experiencing personal trouble or hardship, which the hacker can gather from stalking the victim’s social media profiles.

  1. Be Skeptical of Emails From Trusted Sources

You should be skeptical of all emails you receive — even if they’re seemingly from a friend, coworker, or your bank. Phishing scams are getting cleverer by the day, and many scammers are able to spoof emails from people you know or else compromise a known, trusted email address. If the language in the email feels “off” or strange — and if that language is accompanied by a link, attachment, or a request for personal information — ask yourself if the email seems legitimate. If you have doubts, reach out to the sender by another form of communication and ask if they sent the email. If you’re at work, alert your IT support department right away.

  1. Don’t Mix Business With Pleasure

Be cautious about what you post on social media, especially when it comes to information related to your job. Hackers are more frequently targeting employees’ social media profiles in order to collect personal information that could provide answers to job-related security questions or passwords.

]]>
<![CDATA[Someone Hacked John Legend’s Twitter Account]]> https://www.psafe.com/en/blog/someone-hacked-john-legends-twitter-account/ Sun, 16 Apr 2017 16:00:58 +0000 https://www.psafe.com/en/blog/?p=9974 John Legend is certainly one of many celebrities on Twitter whose accounts you want to follow. But his celebrity also means that he is of more interest to hackers. And that’s just what happened to the Grammy winner — his Twitter was hacked recently. While Legend and and wife Chrissy Teigen found this Twitter hack amusing, hacks aren’t often any fun. If you’re worried about your account being hacked or your personal information being stolen, use the Anti-Hacking tool to be safer while browsing the web:

activate-safe-navigation
Unfortunately, social networking sites and web browsers don’t automatically block you from malicious websites or links. Once activated, Anti-Hacking will ensure that you don’t enter any of your personal information on a dangerous website. It will block you from malicious sites and warn you of suspicious sites, to keep you safe from malware and hackers.

Read More: Twitter Has Signed a New Live Streaming Deal

John Legend’s Hacked Account

Once the hacker gained control of Legend’s account, he posted some amusing and disturbing messages. The poster focused on political subjects, posting tweets about Donald Trump and Hillary Clinton. For example, the hacker called President Trump “a Cheeto.” Some of these political posts were violent or sexual in nature, and when he regained control of his account, Legend was quick to distance himself from them.

John Legend’s Response

John Legend, like his music, was calm about the hacking. In fact, he laughed at the absurdity of the hacker’s messages. In fact, Legend himself started posting on Twitter, letting his fans know that he had been hacked. For example, he posted the Tweet: “Someone just hacked my account” to let his followers know he hadn’t been posting the bizarre messages. He then posted: “I’m back. My hacker was vulgar and kinda hilarious. I’ll try to be funnier from now on so he won’t feel the need to ghost write for me.”  

Chrissy Teigen’s Response

Chrissy Teigen is one of the most popular celebrities on Twitter with her funny and true-to-life tweets. Like her husband, Teigen found the tweets funny. Teigen was clued into the attack on her husband’s social media after one of her followers private messaged her about her husband’s new Twitter bio, which described the singer’s private parts in a less-than-flattering way. It’s not surprising that this happened, though. In fact, Teigen made fun of her husband the same week his account was hacked, comparing him to the animated aardvark, Arthur, on her own Twitter account.

]]>