Avoid Spring Break Travel Scams
Here comes Spring Break! And the scams that go along with travel and vacations, whether you are a student or just taking some time off.
Picture this: you find a great deal online for a vacation package and are counting the days till you take off for some fun in the sun. The day finally arrives and you show up at the airport, bags packed and ready to take flight. But when you reach the ticket counter, you learn that you have no flights booked… you’ve been scammed!
It happens ALL THE TIME, and scammers are getting more and more convincing. Scams rise during any busy travel season, but there are ways to avoid becoming a victim. Here are some tips on how to prevent travel scams and make sure that you get to enjoy a great Spring break trip.
- Verify the business you are booking your trip through. If you are going to use a travel agency or online booking company, make sure they are legitimate first. Go online and do your research – if people have been scammed before by the company, the internet is the first place they will go to vent. You can even ask the company for referrals so you can check up on some satisfied customers.
Sileo Deflates ePickPocketing Hype on Fox & Friends
John appeared on Fox & Friends this morning to set the facts straight about the real and perceived risks posed by Electronic PickPocketing.
It is true that Identity Thieves are able to steal your credit card information without even touching your wallet. The technology exists, is readily available and can be assembled for under $1,000. But that doesn’t necessarily make it an efficient means of stealing credit card numbers.
RFID, or radio-frequency identity technology was introduced to make paying for items faster and easier. All major credit cards that have this technology have a symbol (pictured below). It means that your card can communicate via electromagnetic waves to exchange data (your credit card number) between a terminal and a chip installed inside of your card (or passport). Thus, by getting within a few inches of your credit card, a thief is able to obtain your credit card number, expiration date and maybe your name.
So we have established that stealing credit card numbers this way is possible, but is it feasible?
The Electronic Pickpocketing video circulating around YouTube makes it look that way. But the reality is a bit different. First, take into account that the news story in the video was focused around a gentleman and a company that makes money by raising your fear about this type of theft. The gentleman they interview runs a company that makes shields for your credit cards and passports to stop electronic pickpocketing. I’m not saying that the products don’t work or aren’t somewhat valid; I’m saying that you have to take the context of the story into consideration before buying the hype.
Electronic Pickpocketing Hype Banks on Your Fear!
Electronic Pickpocketing is Possible, but Over-Hyped.
There is a new wave of hi-tech identity theft that allows thieves to steal your credit card information using inexpensive technology to intercept credit card (and sometimes even passport) information without even touching your wallet. Watch the video to the left or read our Electronic Pickpocket post to learn the basics.
And make sure you pay attention to the fact that the person they are interviewing for the news piece in the video MAKES MONEY FROM YOUR FEAR OF ELECTRONIC PICKPOCKETING! The gentleman they interview runs a company that makes shields for your credit cards and passports to stop electronic pickpocketing. I’m not saying that the products don’t work or aren’t somewhat valid; I’m saying that you have to take this gentleman’s perspective into consideration before buying the hype. He benefits from your fear, so do a little more research before you go gettin’ all paranoid.
The amount of hype this old form of theft is receiving (yes, this has been possible for years, despite all of the attention it’s getting now) is a bit overblown. Here are just a few reasons why:
- The person being interviewed in the video benefits from your fear of electronic pickpocketing.
Social Engineering Expert Quoted in CSO Article
Quoted from the original CSO Online story:
Social engineering stories: The sequel
Two more social engineering scenarios demonstrate how hackers still use basic techniques to gain unauthorized access, and what you can do to stop them
By Joan Goodchild, Senior Editor
May 27, 2010 —
John Sileo, an identity theft expert who trains on repelling social engineering, knows from first-hand experience what it’s like to be a victim. Sileo has had his identity stolen—twice. And both instances resulted in catastrophic consequences.
The first crime took place when Sileo’s information was obtained from someone who had gained access to it out of the trash (yes, dumpster diving still works). She bought a house using his financial information and eventually declared bankruptcy.
“That was mild,” said Sileo, who then got hit again when his business partner used his information to embezzle money from clients. Sileo spent several years, and was bankrupt, fighting criminal charges.
Now that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.
ow that he has come out of it all innocent, he spends his time assisting organizations train employees on what social engineering and identity theft techniques look like.
Fraud Report: SMiShing Identity Theft
Identity Theft Expert John Sileo’s Latest Fraud Report
Just as you wouldn’t want to give any personal identity information to someone via email, you want to use the same practices via text message. There is a new wave of fraud that tries to trick you with text messages appearing to be from your bank.
According to Wikipedia, SMiShing uses cell phone text messages to deliver the “bait” which entices you to divulge your personal information. The “hook” (the method used to actually “capture” your information) in the text message may be a web site URL, like it is in phishing schemes. However, it has become more common to received a texted phone number that connects to an automated voice response system. One version of this SMiShing message will look like this:
Notice – this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####.
In many cases, the SMiShing message will show that it came from “5000″ instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, instead of being sent from another cell phone.
Once you take the “bait” and pass on your private information, it can be used to create duplicate credit/debit/ATM cards. There are some documented cases where the information an unsuspecting victim gave on a fraudulent website was used within 30 minutes…halfway around the world.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
