Recently, I was contacted by one of our members regarding some frightening email he received. We all have received spam and phishing attempts in our inboxes, but this message is much more sinister. This scam comes in the form of a death threat, resembling an assassination notification.

This email scam has touched many people, including Florida State Rep. Rob Schenck. You can find the article about it here. Schenck’s commented; “When you read something that disturbing, for a moment you do get concerned. No matter whether it’s fake or not, if someone talks about killing your family, it’s unsettling.”

The message warns of certain death unless the reader sends in large sums of money. The email also states that contacting anyone, including the authorities, will extend the death contract to your family. Some versions of the message even indicate that they will provide you proof of the person who hired the assassin to kill you once you provide them with the money.

This is just scam, if a very frightening one. The sheriff’s office reminds people that “you have to be a willing victim to fall victim… this is just a new scare tactic to get money out of people.” Authorities recommend that you do not click any links or respond to the message, and simply delete it entirely from your mail.

This is a reminder to us all how aggressive and clever identity thieves are. We must remain vigilant, and always scrutinize messages we receive by email, phone, text message, or mail. Trust your instincts and if something doesn’t feel right, listen to that feeling.

Rachel James- Intake Specialist

A new method of scams, as described by this article, from IT World, called “Why you can’t trust ‘friends’ on Facebook”, is another example of the risks that social networking exposes us to:

Step 1: Request to be “friends” with a dozen strangers on MySpace . Let’s say half of them accept. Collect a list of all their friends.

Step 2: Go to Facebook and search for those six people. Let’s say you find four of them also on Facebook. Request to be their friends on Facebook. All accept because you’re already an established friend.

Step 3: Now compare the MySpace friends against the Facebook friends. Generate a list of people that are on MySpace but are not on Facebook. Grab the photos and profile data on those people from MySpace and use it to create false but convincing profiles on Facebook. Send “friend” requests to your victims on Facebook.

As a bonus, others who are friends of both your victims and your fake self will contact you to be friends and, of course, you’ll accept. In fact, Facebook itself will suggest you as a friend to those people.

(Think about the trust factor here. For these secondary victims, they not only feel they know you, but actually request “friend” status. They sought you out.)

Step 4: Now, you’re in business. You can ask things of these people that only friends dare ask.

“Let’s meet for drinks — bring your new car!”

“I’m in Nigeria on vacation, got robbed and need $500 to get home!”

A recent study found that nearly 50 percent of Facebook users put enough info — things like birth date, hometown, family information and more — to aid ID thieves.

Social networking is everywhere. There are literally millions of members who are sharing details about their lives, their jobs and their personal information. With that many users to choose from, social networking sites are ripe for harvest in the hands of a clever identity thief.

One of the most innocent-looking attacks is to start a “survey” that asks all about your favorite things in order to give you some label regarding your personality type, or even what cartoon character you resemble most. The instructions typically require you to post your results and then forward it amongst your friends. Among these questions are popular security questions for accounts such as “What is your favorite pastime?”, “What town did you grow up in?”, “What is your favorite movie?”

In fact, these questions- which are often the key to gaining access to your accounts in the event you forget your password- are often built into the social networking site’s profile to help better match people to you with similar interests. Most people do not consider the risk that answering these questions posses, because they have probably long forgotten which security questions they placed for their email or bank accounts.

These questions are just the tip of the iceberg. People using Twitter have updated their location as “on vacation” only to come back to a home that has been ransacked and robbed. A recent study in the UK by the Information Commissioners Office showed that 2/3 of social networking users post their date of birth, ¼ post their job title and 1/10 post their home address.

So what are the biggest vulnerabilities?

·        95% of Facebook users run at least one application on their profile. These applications, despite being available for download directly from a social networking site, are by far and large not reviewed by staff at the company and often contain viruses or other malicious code

·        Use your privacy settings and only allow people to view your posts if you trust them and have met them in real life to verify that account is actually owned by them. If you get a friend request you think you recognize, call that person to verify it was really them

·        Don’t post your full name

·        Don’t post your address, phone number or where you work

·        Don’t post your salary range

·        Don’t use status or location updates

·        Don’t post the town you grew up in, or the schools that you went to

·        Emails or posts that request too much information should be considered suspicious and probably ignored. The person forwarding it to you might not even be aware that they might be aiding an identity thief.

·        Be careful of the pictures that you post of yourself, family, friends and activities. These pictures could be used to gain valuable information, or altered in a manner against your will. Fake IDs, stalking, or damage to reputation could occur.

·        Remember that even if you delete the post later, it is still “out there”. Other users may have a copy of the information still on their computers, and it may have been picked up by the various internet archives. Treat everything you post on the internet as though you can never take it back.

·        Now with more social networking sites employing classifieds sections, you must be wary of job offers or other scams in advertising. Remember that if it sounds too good to be true, it probably is.

·        Be sure your security software such as your firewall, anti-virus, spyware protection and internet browser are up to date and running. Updates often include security patches to address known vulnerabilities, so it is important to update as often as possible.

·        Use complex passwords, vary them and change them often. The password to your email, social networking sites, or blog should NEVER be the same as the passwords for your financial or personal information

·        When setting up accounts, do not ever use the “real” answer to a question. When asked for your favorite movie, respond with a password like 00Bond7 to make it easy to remember but hard to guess

·        Speak with children about the dangers of revealing personal information