How to block spam calls and texts.  How to combat credit card fraud.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 29 March 2022, 2040 UTC.

Content supplied by email subscription to “PCMag Security Watch.”


Please click link or scroll down to read your selections.

Trouble viewing this email? View in a browser
PCMag SecurityWatch
5 Tips for Blocking Mobile Tax Scammers
As if filing your taxes wasn’t stressful enough, tax season also means you must watch out for scammers who are trying to trick you into giving up your personal information and your money. You may have even received a slew of recent calls, emails, or texts from people posing as government officials or tax service representatives. According to research from RoboKiller, there was a 24 percent increase in IRS and Social Security-related spam text messages between January and February of this year. These kinds of scams are unfortunately nothing new, and as PCMag senior security analyst Max Eddy writes, scammers got bolder during the COVID-19 pandemicand even started taking advantage of people receiving unemployment benefits from the U.S. government.

Who Is a Target for Tax Scams?

Anyone online can be a target of a tax scam if they don’t pay close attention to the messages they receive over the phone or via SMS. I recently discussed this particular phishing epidemic with Giulia Porter, a vice president at Teltech. The company makes an app called RoboKiller, which is designed to block spam callers from reaching their potential victims.

Porter told me that though anyone can be a target, the elderly are usually the ones caught in the phishing nets. “Some of this technology, particularly texting, is somewhat newer and a little more unknown to older people. Scammers are obviously taking advantage of that,” she said. “Scammers also tend to target areas that have an older population. So for example, Florida, Texas, and more southern states tend to have a higher volume of spam calls. ”

Tips for Protecting Yourself From Tax Scam Messages

There are ways to spot potential tax scams, but some may require you to change the way you interact with your mobile devices. Porter offered five tips for keeping safe online during tax time.

  1. Consider the Method of Communication
    U.S. government entities usually communicate with taxpayers via email or snail mail. The IRS even has a phishing warning page that includes frequently asked questions about contact from the organization. Porter said the IRS and Social Security offices typically do not call or text private citizens. “Normally you won’t hear from the IRS or Social Security unannounced, “she said. “If there is an issue with your account, typically you’ll receive multiple forms of communication, such as mail that comes to your house notifying you of changes. Always remember that if the IRS is calling you out of the blue, it’s pretty unlikely that it is a legitimate call.”

  2. Ignore Threats in Calls and Texts
    Criminals often offer their victims a short period of time to pay up, counting on a victim’s ignorance of the tax process or fear of incarceration to get the crooks the money or information they seek. “Typically a scammer says something like, ‘If you don’t pay the taxes you owe, then you’ll go to prison in seven days,’” Porter said, “so if there’s any talk that’s really urgent within the call or text itself, make note of that.”

  3. Stop Answering Calls and Texts From Unknown Numbers
    I know it seems like a waste of a mobile phone plan, but Porter recommends that you don’t pick up the phone as often to answer calls from people you don’t know. Spam callers are prolific, and it may be easier to let the calls from numbers you don’t recognize go straight to voicemail. 

  4. Keep Your Info to Yourself
    “Don’t provide any sort of personal financial information over the phone,” Porter said. “For texts, we always recommend not replying. Don’t click on links.” Porter also noted that if you’re curious to see if other people received these texts, you can type the message verbatim into a search engine online. That said, just because the exact wording of the message doesn’t appear in search results doesn’t mean it isn’t a scam. Play it safe. Don’t reply and don’t click any included links.

  5. Use an App to Block the Spam
    Several apps in the Apple App Store and Google Play Store are designed to stop scammers before they can trick you out of your money or personal information. PCMag has a list of the best third-party apps for blocking unknown callers, including Hiya, RoboKiller, and Truecaller.

If you think you’ve been a victim of a tax-related scam, Porter had good news and bad news. “The FTC does allow you to file a complaint with anything suspicious, whether that’s a robocall, a text, or an email. Unfortunately, and largely due to caller ID spoofing, robocalls and tax scams are basically untraceable. It’s very difficult to recoup lost funds from phone scams,” she said. 

The best advice is to remain vigilant online and when using your smartphone. As always, I implore you to avoid giving out any personal information online or to anyone you don’t recognize over the phone. Good luck filing your taxes on time! The deadline is April 18. If you’re going to go down to the wire, you might want to read our story on Tax Tips for Last-Minute E-Filers.

Get this email from a friend? Get it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.

What Else Is Happening in the Security World This Week?

Ransomware Attacker Sentenced to 5.5 Years in Prison. The attacker was also ordered to pay $36 million in restitution.

Ukraine Doxes 620 Alleged Russian Spies by Publishing Names, Addresses. Ukraine claims it obtained a list of officers at Russia’s Federal Security Service (FSB), who’ve been engaged in malicious activities across Europe.

Should You Buy Kaspersky Security Products? Founded in Russia by a Russian national, with a headquarters division in Moscow—that doesn’t mean Kaspersky is in Putin’s pocket. But with multiple governments and even hacker groups shunning the company, we can no longer recommend Kaspersky products.

Google Patches This Year’s Second Actively Exploited Chrome Zero-Day. Farewell, CVE-2022-1096.

Ransomware Can Encrypt 100,000 Files in Minutes. Splunk reports that the fastest ransomware can encrypt roughly 100,000 files in just four minutes and nine seconds.

If you buy something from our links, we may get a commission from the sale. Learn more here.
83% off First Year of Norton AntiVirus Plus Subscription (1 PC/Mac) w/ 2GB Cloud Storage
$59.99 $9.99  
How Much Is Your Credit Card Worth on the Dark Web?
According to a report from NordVPN, the average cost to buy someone’s credit card details from the dark web is just $10. As PCMag’s Eric Griffith writes, for the price of a Netflix subscription, a criminal can obtain your payment information and use it to commit fraud.

Sometimes criminals get the credit card information they want from data breaches, but dark web credit card lists available for purchase also include info that requires some educated guesses to determine your credit card numbers. This method can slow the crooks down, but not by much. The bad guys don’t have to guess all 16 numbers—most of the first four numerals on cards are identifiers for the type of card (Visas always start with 4, for example) and the bank that issued it. According to the report from NordVPN, a criminal can crack these accounts in seconds, and they can also guess the security code.

So far, so scary, which is why we urge you to remain vigilant in the face of these online threats. Keep an eye on your credit and debit card statements each month for unauthorized activity.

I also recommend that you use your credit card instead of a debit card while online shopping. The FTC notes that credit cards often give you extra protection for online purchases. If unauthorized charges appear on your statement, you’ll be able to dispute them. Credit card protections vary from bank to bank, so check with your issuer to understand all of your card’s protections.

Stay safe,
Kim Key
PCMag Security Analyst

Ukraine’s Main Telecom Provider Suffers Major Cyberattack

Report: Nokia Tech Is Vital to Russia’s Internal Spying Efforts

HackerOne Blocks Kaspersky From Using Its Bug Bounty Platform

Report: US Concludes Russia’s Military Was Behind Viasat Hack

Should You Become an Anti-Russia Hacktivist?

Want more deals like these delivered to your inbox?
ASUS VivoBook Pro K3400 14″ OLED 2880×1800 NanoEdge Intel Core i5-11300H Laptop w/ 256GB SSD, 8GB RAM
$749.00 $619.00  

NVIDIA RTX 3080 Alienware Aurora R10 AMD Ryzen 7 5800X Gaming Desktop w/ 1TB SSD, 16GB RAM
$2,769.99 $1,999.99  

Rare $30 off Just Released 2022 Apple iPad Air 10.9″ Liquid Retina Display 64GB Wi-Fi Tablet (Starlight Color) w/ Apple M1 Chip
$599.99 $569.99  

400GB SanDisk Ultra UHS-I Class 10 microSDXC Memory Card with Adapter (Up to 120MB/s read speeds)
$69.99 $43.99  

Quickship Dell Inspiron 15 3000 Intel Core i5-1035G1 15.6″ 1080p Laptop w/ 8GB RAM, 256GB SSD
$638.99 $399.99  

All product and deal information such as discount, price and availability are believed to be accurate as of the time of publication. Please verify these details with the merchant site and check the merchant’s terms and conditions before you buy. Publisher is not responsible for errors or omissions.

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts (machine learning, artificial intelligence, IoT, information security)