Cyber Security: Are You Worried About Getting Scammed?

Please join the Pennsylvania Capital Management Team as we talk about cyber security and the risk of getting scammed, as well as steps you can take to protect yourself and your finances.

 

Lesley Buck: Welcome to our webinar on cyber security. Are you worried about getting scammed? I’m joined by Donna Zanetti, our director of client services and Andrew Randisi and Christopher Mallon, who are both certified financial planners here at Pennsylvania Capital Management. We’re doing this webinar today.

We’ve done cybersecurity webinars in the past, but we wanted to do another one just because we keep hearing more and more. From friends, family, clients about getting scammed. So we just wanted to make sure that we got as much information out to you as we could. And I’m sure a lot of you probably heard a few weeks ago, there was another big breach where I think over a million people’s data got, uh, you know, out onto the dark web.

So at this point, it’s our assumption that you, everyone’s data is on the dark web, but that’s what you should just. Assume that your social security birth date is out on the dark web. And so we’re going to give you some tips on what to do now with that knowledge, knowing that your data is out there. So we’re going to go around and just tell some stories about what we’ve heard from friends, family, clients.

I’ll start off. I have a friend who got scammed. She, she fell for the IRS one, which I feel like was one of the original ones. Um, this was over a year ago. She got contact, she got called by somebody claiming to be from the IRS and that she had back. Taxes do and that they wouldn’t the penalties wouldn’t increase if she paid right away with a wire transfer and she fell for it and she went to the bank.

And thankfully, she started telling the person at the bank, you know, why she was initiating this wire transfer. And the person at the bank stopped her and said, are you sure this is raising some red flags to me? Let’s pause here. And that’s 1 thing that I wanted to just. mentioned too as I tell this story is that if you have something in your gut or if you mention it to a spouse or One of your kids or a friend that you know, if there’s something that says this doesn’t feel right investigate it further Don’t just go on the fear and the pressure that the fraudsters are putting on you Thankfully in my case, my friend didn’t fall for it because the person at the bank intervened But now we’ve got lots of examples where people fall or

Christopher Mallon: right.

I think a big red flag, which is consistent across A lot of stories we talk about is the urgency of whoever’s on the phone or emailing or anything like that. It’s never, hey, you need to pay this bill or something. It’s doing 30 days, 60 days, 90 days. Let’s set up a time to talk, pay on this portal or something.

It’s always like, oh, you need to send money and you need to do it now. And it needs to be like, Oh, I’ll stay on the phone with you for however long it takes to get done. It’s something that’s happening like urgently, but anything we get bills in the mail for various things all the time. It’s never pay this yesterday as soon as possible.

Electronically it’s going to be, usually there’s some leeway there. So that’s one, that’s a common kind of universal red flag. We’ve seen a lot with, with these.

Lesley Buck: And Donna, you have a story about a recent. Client bars, right?

Donna Zanetti: Yeah, I have, I have two stories. Actually, the first is an elderly client who, you know, is so with it and probably smarter than a lot of other people that I know called me and said, I need to wire transfer some monies to my bank and I said, okay, it didn’t sound too off base that she needed to get it done.

And so I took all the information down, made sure it was her. And I said, what do you need it for? She goes, Oh, it’ll be back in a month. Okay. My nephew needs it, and he only needs it for a month, and he’s going to get it back to me. Okay, so I took the information down, and I hung up. And then I thought about it more, and I called her back, and we’ll call her Jane.

I said, Jane, what, tell me a little bit about more what’s going on. And then she asked me another question and said, how can somebody get into my account? And she started asking me questions about her account, and that’s when the red flag went up for me. And I said, tell me the real story what’s going on.

And that’s when the light went on in her eyes that she was being scammed. And before she told me the truth, they had already been in her bank account and had taken monies out. You know, she immediately went to the bank. They. Frozer account and they attempted to get it and they succeeded. So the sophistication that is going on is just getting more and more prevalent in getting scammed.

Yeah,

Christopher Mallon: a common one i’ve seen from a fan was my wife’s aunt fell for one. I think one of our clients might have had an issue too with this at least more recently. It’s been the like tech company So it’s been microsoft called me and has issued my microsoft account. Oh, like i’m sending you something to download So I can fix your system, or you need to update this, or Apple’s calling, they need to fix your Apple ID, download this, so they’ll fix something, and you download some software that allows them to get remote access to your device, and then they can fish around for whatever data they want, and then go off with it.

I think that’s been one that’s Lately, I’ve seen more and more of is the, the tech companies, the financial ones is that does ring some alarm bells and a lot of people’s head, right? IRS is 1, you’d be like, wait, a money institution like, that’s going to make me nervous anyway. But attack, they’d be like, oh, I’m confused about my, you know, how my iPhone works or act like.

Apple ID or something. Oh, maybe I do need to update that. And then you go down a rabbit hole, and then you’re kind of lost.

Lesley Buck: Yeah, absolutely. Yeah, I’ve been hearing a lot about the tech ones lately. And I think we had a client that fell for that, the tech one too. Like, you get a pop up that says, this is Microsoft.

Call us, and we’ll help you clear it up. Call. And that should be a red flag. Don’t just Believe whatever pop up tells you often what they want to do is they want to remote into your computer and that they say, we’re going to, we’re going to get rid of the virus. Let us remote in. And then suddenly they’re looking at your bank accounts and logging into your financial websites.

So that’s another tip to don’t let people remote into your computer, even if they’re telling you, they’re helping you. Don’t let them do it. MFA, multi factor authentication, or two factor authentication. So this is pretty prevalent now. When you log into your bank’s website or, you know, a Vanguard Schwab, whatever they’ll say, we’re going to send a code to your phone.

And that’s what it means, multi factor. It’s two, two levels to get into your account. And I remember when this first started happening, I was so annoyed by multi factor because it’s just a pain. You have to have your phone next. you when you’re logging in. And if you have multiple phones, cause you have a work phone and a personal phone, which one are they texting it to?

It’s just a complete hassle. So at first, when it first came out, I was so resistant. And I w and if given the option, I wouldn’t sign up for MFA. I was like, I’m not doing this. I’m just going to do my regular life. I think I

Christopher Mallon: still deny it whenever I get a chance to turn some cases.

Lesley Buck: No, it’s so bad, Chris. I mean, I’ve completely switched now.

Anytime anybody offers me to sign up for multifactor, I do it like. Just because it really does give you a nice layer of protection because if somebody’s got your password now, they can log in, but they, if you have multi factor on there, they have to have your phone too. And that’s a whole nother level of, of that.

I did recently read too, that I’ve never done this and I don’t think it’s that prevalent, but that you can also, your password can be your voice, but the article I was reading saying they were recommending you not do it because our voices are so out there right now are the four of our voices are out in the.

You know, universe or whatever. So they were recommending

Donna Zanetti: against using your voice as

Lesley Buck: a

Donna Zanetti: password. I never answer a number that I don’t know because Nine times out of 10, they just want to hear me say hello. And they’ve already recorded my voice right there.

Christopher Mallon: And then if your information is out there, they have, they build out and then call whomever say the last four of social, and then it sounds like you.

And then you’re, you’re off

Lesley Buck: reach out to somebody else. Don’t do this alone. Cause as soon as you reach out to your spouse, your kid, friend, sibling, they’re going to say timeout. Have we thought this through? Is this really legit? Some other tips I just want to throw out there. Don’t this is a, everybody knows this one, but don’t use public wifi.

I know it’s convenient when you’re in a hotel or a coffee shop or something like that, but if you have to go on public wifi to look at, to get a restaurant reservation real quick or something like that’s fine, but don’t ever go on your banking or your financial websites on public wifi. Unless you have your own secure VPN.

True. You’ve got your own VPN. That’s a different story. Make sure you’ve got security software on your laptop and make sure it’s a legit company. You will get invites sometimes to, to add security software to your laptop, and that is a fraud if it’s not a legitimate company. Make sure it’s McAfee, Symantec.

By one of the, one of the real firms, and you can just Google it and make sure that it is a real firm and also set your security software, set it to auto update. They’re constantly sending out patches as bugs and intrusions are found. These security companies send out patches to their security software to protect you better.

So you want to make sure that you’re. Auto updating on your security software as well. The other thing we recommend using credit cards, not debit cards. There’s a lot more protection to a credit card than to a debit card. Your debit card is tied directly to your bank account. And if that money leaves, it’s a lot harder to get it back than if you get fraud on your credit card.

Definitely. It’s

Christopher Mallon: a lot shorter and the limits are a lot lower of what’s protected credit card. You’re, you’ve got a lot more room for error there.

Lesley Buck: That’s a good one for kids too. Cause I know when my kids were first starting to. To swipe, they had their debit cards and they were just swiping against their bank accounts because they weren’t old enough really to get a credit card.

But pretty soon I wanted to get them on a credit card because I didn’t the idea of them just wandering around with a debit card that even if there’s only a couple hundred bucks in their bank account, I didn’t want that couple hundred bucks easily. Hacked out of my kids accounts. And then the last thing that I wanted to mention is I recommend strongly to freeze your credit and like we talked about in the beginning, you have to assume that your data is out on the dark web.

Now, your social security, your birth date, everything is on the dark web and what that means is that people can use your social security and birth date to open Bye. Credit in your name. They can open a credit card in your name with your credit, have the credit card mailed to their house, and then they start using the credit card and the bill comes and it’s on, it’s a bad credit to you.

The bill comes to their house. ’cause that’s where the, the credit card came in.

Christopher Mallon: So much things you talked about before, somebody calling you or having you be present during the theft, so to speak. This would be something that could be a little bit more nefarious happening in the background. All of a sudden you’re like, wait a minute, I don’t have.

This credit card, this new line of credit’s been opened and then, yeah, then you have to deal with that. So yeah, freezing it is a, can be a little bit of a process, but probably worth the 20 minutes or so.

Lesley Buck: Yeah, exactly. I did, I’ve, I have, I froze my credit a couple years ago and just this summer, I had my kids freeze their credit as well.

It takes, like Chris said, it takes 20 minutes to freeze the credit. The only thing, the downside is then if you go to apply for a mortgage or a car loan or a new credit card, You have to unfreeze your credit, and when you freeze your credit, they’ll give you a pin that you have to hang on to, that you’ll need when that day comes and you want to unfreeze your credit, so you just have to be on top of your, your pin and your details there when you freeze the credit, and of course, check your credit report at least once a year, because that’s a way to catch if somebody’s opened a, A credit card or a loan in your name, just wanted to put this out there and put it on people’s minds.

Be careful. Oh, I did hear this one is so nasty too. And we just, you just have to remember that people are just going to keep coming up with new ways to rip us off. But the 1, I just heard the other day is parking meters. Now, a lot of parking meters, or you have to use the app or something, right? And some of them have QR codes on them and crooks were going around and putting fake QR codes on top of the real

Donna Zanetti: ones on parking meters.

Whenever you’re doing a real estate transaction, they always say, do never rely on an email always verbally confirm everything. We take pride in finding those bad guys and I, I’m definitely calling the title company. I’m calling the attorneys. I’m calling everybody before. We actually wire out large amounts of money for any settlements on real estate and asking the client.

Did you actually see. The person who gave you these instructions and ultimately it’s their responsibility, but we’re trying to protect them. Anyway, we don’t have great advice. Take

Lesley Buck: a couple extra steps, a couple extra moments to just dig a little deeper and make sure the transaction you’re initiating is really legit and not going to harm you.

This is just a couple of helpful websites. They’re both dot gov websites, which is a good indication that it’s a legit government. Website if it ends in dot gov, you have pretty good reliability that it’s a legitimate government website because you can’t just get a website and you know, you have to go through government channels to get a dot gov website.

So, the 1st, 1 is USA dot gov slash credit dash freeze that takes you to instructions on how to freeze your credit and then also how to unfreeze your credit. And then the second one on guard online dot gov. That’s a whole good website that just talks about protecting yourself online and cyber security and cyber fraud to two really good resources for you all to use in this realm.

Thanks everybody for joining us. We appreciate you taking the time to learn. And if you have any questions, feel free to give us a call at Pennsylvania capital management. Happy to walk you through anything that you’re struggling with. Take care everybody. Thank you.

Scroll to Top