How can I recognise a SCAM?

A very good question and here are some tips including information from the Canadian Anti-Fraud Centre. www.antifraudcentre.ca

1. If it sounds too good to be true – guess what?!
You’ve won a big prize in a contest that you don’t recall entering. You are offered a once-in-a-lifetime investment that offers a huge return. You are told that you can buy into a lottery ticket pool that cannot lose. Oh really?
2. You must pay or you can’t play.
“You’re a winner!” BUT, you must agree to send money to the caller in order to pay for delivery, processing, taxes, duties or some other fee in order to receive your prize. Sometimes the caller will even send a courier to pick up your money. No legitimate lotteries use this process!
3. You must give them your private financial information – I think not!
The caller asks for all your confidential banking and/or credit card information. Honest businesses do not require these details. If you are placing an over-the-phone order, be extremely careful when providing credit card information – get the name of the person and an order number and record it to compare with your monthly statement.
4. Will that be cash… or cash?
Often criminal telemarketers ask you to send cash or a money order, rather than a cheque or credit card. The reason is simple – cash is untraceable and can’t be cancelled. Crooks (obviously) have difficulty in establishing themselves as merchants with legitimate credit card companies.
5. The caller is more excited than are you – oh joy, oh rapture!
The crooks want to get you very excited about this “opportunity” so you won’t think clearly. Lottery, “free” vacation, stock tip – the gimmick doesn’t matter. Act in haste, repent at leisure!
6. The manager is calling – don’t we wish.
The person claims to be a government official, tax officer, banking official, lawyer or some other person in authority. The person calls you by your first name and asks you a lot of personal or lifestyle questions (such as “how often do your grown children visit you”). They are trying to get enough information to steal your identity or have another crook try to scam you as a parent/grandparent.
7. The stranger calling wants to become your best friend – so you need more?
Criminals love finding out if you’re lonely and willing to talk. Once they know that, they’ll try to convince you that they are your friend – after all, we don’t normally suspect our friends of being crooks. Hang up and ignore them – HONEST people don’t try to become best friends over the phone or internet or in chat rooms or dating sites.
8. It’s a limited opportunity and you’re going to miss out – good, miss out.
If you are pressured to make a big purchase decision immediately, it’s probably not legitimate. Real businesses or charities will give you a chance to check them out or think about it.

What can you do to protect yourself?
Remember, legitimate telemarketers have nothing to hide, however….
• criminals will say anything to part you from your hard-earned money.
• be cautious. You have the right to check out any caller by requesting written
information, a call back number, references and time to think over the offer. Legitimate business people will be happy to provide you with that information. They want the “bad guys” out of business too. Always be careful about providing confidential personal information, especially banking or credit card details, unless you are certain the company is legitimate. And, if you have doubts about a caller, your best defence is to simply hang up. It’s not rude – it’s smart.

If you’re in doubt, it’s wise to ask the advice of a close friend or relative or contact the Canadian Anti-Fraud Centre, local law enforcement or the Better Business Bureau. Rely on people you can trust. Remember, you can Stop Phone Fraud – Just Hang Up!

What if I suspect that a relative or friend is being targeted by unscrupulous telemarketers?
Watch for any of these warning signs:
• a marked increase in the amount of mail with too-good-to-be-true offers;
• frequent calls offering get-rich-quick schemes or valuable awards or numerous calls for
donations to unfamiliar charities;
• a sudden inability to pay normal bills;
• requests for loans or cash;
• banking records that show cheques or withdrawals made to unfamiliar companies; or
• secretive behaviour regarding phone calls.

If you suspect that someone you know has fallen prey to a deceptive telemarketer, don’t criticize them for being naïve. Encourage that person to share their concerns with you about unsolicited calls or any new business or charitable dealings. Assure them that it is not rude to hang up on suspicious calls. Keep in mind that criminal telemarketers are relentless in hounding people – some victims report receiving 5 or more calls a day, wearing down their resistance. And once a person has succumbed to this ruthless fraud, their name and number will likely go on a “sucker list”, which is sold from one crook to another.

Also, make sure the details are reported to local law enforcement, the Better Business Bureau and the Canadian Anti-Fraud Centre. In addition, add your phone numbers (including your cell and fax) to the Do Not Call List – at www.dncl.gc.ca. It isn’t perfect but it does help.

Internet and E-mail Safety (and security)

In this blog, let’s look more closely at internet and e-mail scams and security.

Internet
Knowledge is power – and never truer than when surfing the net. The most common risks are viruses, key-stroke recordings, miscellaneous malware and Trojan horses.

Viruses do the same thing to your computer as they do to us – they make it sick; they can even kill it. Key-stroke recording software is installed by hackers and allows them to record all of your keystrokes with particular attention to usernames and passwords – they love banking, credit card and email access the most. Malware is also malicious as it can take many forms: from tracking your internet use patterns to copying files to a remote computer to erasing key pieces of software. Trojan horses get uploaded and then sit in wait – silently for a triggering date or event and then allow the hackers to take control of your computer and use it for attacking other computers.

The only 100% protection against these threats is don’t surf the net! Now let’s get into reality – hardware and/or software firewalls together with anti-virus and anti-malware software.

Hardware firewalls are called routers and they act as a first line of defence between the internet and your computer and are relatively inexpensive to acquire and are not very complicated to install. Software firewalls are generally a second layer of protection after the hardware firewall. Most reputable commercial ISPs (Internet Service Providers) provide this as part of their customer offering and may reside either on their servers or on your computer.

Anti-virus and anti-malware software is sold by several companies (Norton, AVG, Kasperski, F-secure and MalwareBytes to name but a few). Most suppliers offer free versions of their protection suites but remember if it is free, there is a reason! They are in business to make money and the free versions are teasers only. They do help of course, but don’t provide complete protection, so beware of freebies! Running “in the background” on your computer, they analyse every attempt at both inbound and outbound communication over the internet for suspicious software code and either block or delete access to outsiders. You can control all of these functions through a “control panel” that is installed with this software.

Be very selective on the websites that you visit. Some categories are higher risk for spreading these problems than others – dating sites, erotic picture and video sites together social media are the greatest sources of problems – avoid them!

E-mail
Rule No. 1 – if you don’t know the sender or you didn’t sign up for any e-mail notifications from stores or websites, DON’T OPEN IT! The “Nigeria” scams and grandchild scams are run constantly on e-mail as are Lottery scams of various types.
Rule No. 2 – see Rule No. 1.
Rule No. 3 – ensure you have a full-version of both anti-virus and anti-malware software installed on your computer that gets automatic signature updates – preferably daily – to stop evolving threats. If you follow these 3 rules, you are going to be safe 98% of the time.

The final 2% is chain-mail – the electronic version of old chain-letters – if you get one, regardless of the identity of the sender, do not forward it – even if it is from a close relative or friend – don’t!

General
A great reference book on scams is from the Competition Bureau of Canada – The Little Black Book of Scams – click here to get there immediately. The Canadian Anti-Fraud Centre has a website that is all about various scams and identity theft. Click here – Canadian Anti-Fraud Centre Home Page.

Fraud and Identity theft – a common glossary

Unfortunately, identity theft and fraud are among the fastest growing crimes in the world. In 2012, more than 120,000 calls were received and more than 40,000 e-mail messages each month were reported to the Canadian Anti-Fraud Centre! In 2011, credit card fraud alone exceeded $436 million! By contrast, in 2007, TOTAL fraud losses were $14 million. There are many more unreported incidents.

Phishing – An e-mail message that appears to have been sent by a financial institution with which you have business dealings asking for verification of various pieces of information. When you follow the hotlink and answer the questions, the thieves get enough information about you and your accounts to steal your money and perhaps your identity. The financial institutions you deal with do not need to “verify” the information they already have on you. Immediately delete all such emails. Report it immediately to the Canadian Anti-Fraud Centrehttps://www.antifraudcentre.ca, by phone to 1.888.495.8501 or by email to info@antifraudcentre.ca (CAFC) and your local law enforcement department.

Vishing – Similar to phishing above, but the fraudsters call you directly and pose as an employee of a financial institution or direct you by e-mail to call a number. They can even disguise call display so that it looks like the call may be legitimate. Your financial institution does not make calls like these. Ignore the call, hang up and report it to the CAFC and law enforcement.

Pharming – This is a term used to describe what a fraudster or hacker does to redirect traffic from a legitimate website to a fraudulent website without the victim knowing it. The scammer then harvests the data entered by the victim, thus the play on words – farming. Report such items to the CAFC and law enforcement.

Spoofing – This is the term used when a fraudster uses software or some other internet tool that allows the fraudster to mask their real identity by displaying a fake e-mail address or name and telephone number on your computer or telephone. It is meant to both hide who they really are and to trick you into thinking you are either dealing with a reputable business or person but also to give you the impression the call or message is coming from somewhere other than the actual location. Your telephone or Internet service provider have the ability to determine the true IP (Internet Protocol) address or telephone number but they must be informed quickly. They usually only provide this information to law enforcement in the course of an official investigation. Report to the CAFC and local law enforcement.

Shoulder Surfing – Someone hovering nearby while you are entering the PIN for your bank or credit card. If they get your PIN and skim your card (phoney machines used to steal your digital information) or pick your pocket or purse, they can clean out your bank account in no time. They may even use the digital camera feature of a cell phone. Beware of people around you that may be able to view your PIN as you enter it on a keypad. Shield the keypad with your other hand or your body. If someone is aiming a cell phone in your direction when using your cards, block the view of your card and stop the transaction until they’re gone.

Dumpster Diving – An information thief goes through garbage or recycling bins looking for account information. With an old bank or credit card statement, cancelled cheques, discarded junk mail credit card offers and some over-the-counter technology, a thief can open an account in your name and make off with the money. It may take you years to clear your good name. Shred all old bank and credit card statements and any pre-approved credit card offers you receive in the mail. It’s a good idea to do this for any papers you have that contain any information about you other than name and address.

Pump and Dump – A fraudster buys a block of low priced penny stocks and sends out millions of spam e-mails. The e-mails can be quite compelling and look like a hot tip. Those that fall for this actually fuel a demand for the stocks that the fraudster sells at an inflated price, sticking the new buyer with a loss. Ignore all such emails. A good spam filter should block most for you. In addition, always report such incidents to the CAFC, local law enforcement and your provincial securities commission.

If you are a victim of fraud or identity theft, always notify law enforcement immediately and then notify credit bureaus and card issuers as appropriate.

My next blog will go through some other common scams that use fraud and identity theft – sometimes together, sometimes separately, but the damages can be horrendous.

With courtesy to Wikipedia, the Canadian Anti-Fraud Centre, the Canadian Competition Bureau and the Globe & Mail.

Fiduciary duty – a long time overdue

As most Canadian readers will know, the concept of mandating that certain advisors have a legally binding fiduciary duty to their clients has been gaining strength recently. Long overdue in my opinion!

Ignoring fancy legal words, a fiduciary duty or responsibility is to put the interests of the client FIRST, before the interests of the advisor. While for professional advisors this should be self-evident (and has always been part of my personal standard of integrity), regulators seem to feel the need to add more regulatory teeth to this issue.

So far, the impetus in Canada has come from the CSA (no – not the Canadian Standards Organisation – The Canadian Securities Administrators) which is a policy group consisting of the top Securities Regulators in each Province and Territory – and yes this includes Québec. They provide policy direction to Provincial Regulators and try and make the rules consistent across the country. There is a parallel insurance industry group called the CCIR (the Canadian Council of Insurance Regulators) which functions in the same manner as the CSA for the life and general insurance industries. I am going to presume that the folks on the CCIR are paying close attention to the work of their colleagues on the CSA and we can expect further action on the insurance side of the Canadian money world soon. Good stuff! HOWEVER, there is a problem from my perspective – what about the rest of the financial community??

What about banks, trust companies, credit unions, caisse populaires? How about household financing companies, mortgage lenders and brokers and payday lenders? What about vehicle dealers and their financing arms? Have people considered the furniture and appliance dealers and their lending practices? Even issuers of credit cards should be subject to this duty – some could argue they are the biggest offenders of not putting the interest of the client or customer ahead of their own! What about MLM businesses that require an “investment” by new “distributors” before they can play the game? Who is considering this issue beyond just the “investment” industry?

How do we, as a society, deal with those unscrupulous folks such as Earl Jones who was never registered or licensed in the first place? It wouldn’t matter what rules were in place via IIROC, the MFDA or the equivalent bodies in Québec for the Mr. Jones’ of this world. How will this impact Ponzi-schemes and the perpetrators behind them?

My next blog will examine some of the costs that will have to be paid – by guess who?? The consuming public is the ONLY source of $$ to pay for regulation and they need to be fully informed of this aspect as well!

Identity theft, email and phone fraud – some tips – Part 2 of 2

Identity theft, email and phone fraud – some of the “tricks”
Written by Ian R. Whiting, CD, CFP, CLU, CH.F.C., FLMI(FS), ACS, AIAA, AALU, LSSWB, Contributing Editor
Website: www.ianrwhiting.com Blog: http://money.ca/you-and-your-money/ian-r-whiting/


Ponzi Schemes
– These never seem to go out of style, mainly because greed is such a powerful emotion. Earl Jones from Quebec and Bernie Madoff from New York are just two of the more well-known practitioners of this deceptive art. My father I didn’t always agree on things (big surprise) but I did learn a basic truth of life: “if it sounds too good to be true, it is.” Perpetrators of Ponzi Schemes promise the world. High returns, special investments, not known to the general public, stable returns in all market cycles, limited product available, no risk, fully protected. There is no such investment; accept it. Regardless of pressure (peer or group including faith-based promotions unfortunately), do not bite. Madoff went on your several decades before everything collapsed. Remember, only the promoters get rich and only at your expense.

Banking Scams and Mail Theft – Many times bank scams begin as mail theft, unfortunately. Thieves target super mailboxes, apartment, condo and townhouse mail buildings and boxes and outgoing letterboxes. Anything of value is taken – and value means ID and account information. Whenever possible, consider electronic statements and payments. When having new cheques printed, pick them up at your financial institution, in person. When printing cheques, only use your initials and last name so that thieves don’t know if the account is in the name of a male or female. Check all your statements the DAY they arrive and report any errors or suspicious transactions immediately by phone and then follow-up in person with your branch or card company. My wife and I no longer even have our address or phone printed on cheques – just our initials and last name. We have been victimised twice through mail theft of cheques and one of the thieves was a real rocket-scientist and used our cheque to pay for her VISA bill, and had written her VISA number on the cheque!

Password Protection – As more and more of the economy moves to e-based commerce, remembering multiple passwords becomes a major concern. Writing them down (including your banking PIN) is definitely the wrong way to go. My memory sure isn’t perfect and I have to track about 30 different passwords of varying levels of complexity for my business and personal activities. The solution? There are several password utilities available (most are free or at least offer a basic free version) for download. My choice is LastPass. It saves my login information for all of the sites including passwords, PLUS it generates (if I ask it to do so) multi-character, multi-special character passwords at random. I can access it using one ID and one password from any internet-enabled computer in the world and nothing resides or stays on the computer being used – no cookies or any trace of its use. This way, I only have to remember one login ID and one password (mine is 15 characters in length and is a combination of letters (upper and lower case), numbers and special characters. Nothing is 100% secure, but I am comfortable with that level of protection.

Well, now what? Most of this is common-sense and nothing is overly complex. Take the time to review your personal and business security to ensure you are protected to the greatest extent possible. If you are a victim of fraud or identity theft, notify law enforcement immediately. The Canadian Identity Theft Support Centre (link below) is a source of excellent information and they even have a downloadable toolkit on how to deal with suspected ID theft and fraud. I recommend it highly!

With courtesy to http://www.cbc.ca/news/canada/british-columbia/story/2012/04/12/bc-id-theft-support-centre.html

and the Canadian Identity Theft Support Centre – http://idtheftsupportcentre.org/

Identity theft, email and phone fraud – some tips – Part 1 of 2

Identity theft, email and phone fraud – some of the “tricks”
Written by Ian R. Whiting, CD, CFP, CLU, CH.F.C., FLMI(FS), ACS, AIAA, AALU, LSSWB, Contributing Editor
Website: www.ianrwhiting.com Blog: http://money.ca/you-and-your-money/ian-r-whiting/

This started out as a short, 500-word blog but unfortunately, this issue is so prevalent in the world today, it became two blogs! Today, it appears that the ID theft and related frauds are probably the fastest growing crimes in the world. In February 2008 (the last full study), over 1.7 million Canadians reported cases of ID theft or fraud and some estimates apparently put the value in excess of $100 million. Further information on this topic strongly suggests this figure is less than half the actual number of cases as people are too ashamed to report it, unfortunately. Here are some tips that can help you avoid the consequences of this aggressive trend.

Dumpster Diving – not glamorous, but effective. In this scenario, the fraudster (or some hired minion) goes through garbage cans and recycling bins looking for any account or personal information they can find. Old bank and credit card statements, cancelled cheques, those special “you-are-approved” credit offers, when merged with some modern technology, are a wealth of detail and a creative thief can use it for a variety of nefarious purposes. Invest in a shredder. Many are available for less than $50.00 (including taxes) and should be kept next to where you sort your mail. If a piece of “junk” mail has anything on it other than your name and address (which the company already knows), shred it – don’t just throw it in the garbage.

Phishing – Not to be found in Webster’s Dictionary, this is one of the new internet words that pepper the world today. This word means an e-mail message that looks like it was sent to you by your financial institution. Typically, it has the correct logo, a collection of what seem to be appropriate disclaimers and a request for verification of some personal information. The financial institutions with whom you deal do not need to “verify” any information they have on file and they would never do this via an email – only in person the next time you went to their office. Just mark any such emails as SPAM or JUNK and delete it immediately. Under no circumstances click on any of the links, nor should you reply to the email in any manner. If you follow the link, thieves will obtain enough information about you, and probably your accounts, to allow them to steal either or both your money or identity.

Pump and Dump – Nothing new here but they seem to be cropping up again. For this to work, a fraudster buys (or creates) a block of penny stocks and sends out millions of spam e-mails. Many times, they follow the email with a personal phone call. Both the e-mail and the phone calls are quite compelling and look like a hot tip. Buyer beware (caveat emptor for the Latin readers) because those that fall for this actually fuel a demand for the stocks the fraudster then re-sells at an even more inflated price. Ignore all unsolicited e-mails like this.

Vishing – Similar to phishing, the fraudsters call you directly and pose as an employee of your financial institution or other company with which you do business. Sometimes you will get an email that asks you to call a number – perhaps even a 1-800 number. With current technology, callers can disguise their identity and spoof your call display so it all looks legit! Ignore the calls and hang up.

Shoulder Surfing – Use of credit and debit cards is constantly increasing so your level of awareness needs to improve as well. If you see someone hovering nearby while you are entering your PIN – stop the transaction until they move away. If necessary, turn and face them and ask them to move away: don’t be shy! If someone gets your PIN and manages to skim your card (phoney machines used to steal digital information from your card) or pick your pocket or purse, your account is as good as empty. Some scammers are even using the digital cameras built in to every cell phone (or other e-device) to record your PIN key strokes while appearing to have a normal phone conversation. Shield the keypad when you are entering your PIN (use your other hand or your body as necessary). If you think someone could be aiming a cell phone camera at the PIN pad, stop until they leave or turn away.