Posts

Elder Fraud Expert Answers: How do I prevent & resolve it?

seniors on computerThe past two blogs have outlined why seniors are targeted, what signs to watch for, and some common schemes.  Now for the truly important info: How to prevent elder fraud from happening and what to do if it does happen!

  • Report actual or attempted elder fraud (or any type of fraud) via Fraud.org’s Online Complaint Form.
  • Change the phone number if a senior is receiving excessive sales calls.
  • Change the bank account or credit card numbers if they have fallen into the hands of thieves.
  • Avoid getting on sucker lists. Don’t fill out contest entry forms at fairs or malls—they are a common source of “leads” for con artists. Ask companies you do business with not to share your personal information with other marketers.
  • Know your “Do-Not-Call” rights. Under federal law, you can tell a telemarketer not to call you again and you can file a complaint on the Do Not Call website.
  • Make sure you know the company you are dealing with. If it’s an unfamiliar company or charity, check it out with your state or local consumer protection agency and the Better Business Bureau.
  • Screen your calls. Use an answering machine, Caller ID, or other services that may be available from your phone company to help you determine who you want to talk to and who you want to avoid.
  • Never sign blank insurance claim forms.
  • Never give blanket authorization to a medical provider to bill for services rendered.
  • Ask your medical providers what they will charge and what you will be expected to pay out-of-pocket.  Get it in writing.
  • Carefully review your insurer’s explanation of the benefits statement. Get an annual “Benefits Request Checkup” from your insurance provider to see a list of all benefits and services paid in your name.  Call your insurer and provider if you have questions.
  • Do not do business with door-to-door or telephone salespeople who tell you that services of medical equipment are free.
  • Give your insurance/Medicare identification only to those who have provided you with medical services.
  • Keep accurate records of all health care appointments.
  • Use caution when purchasing drugs on the Internet. Do not purchase medications from unlicensed online distributors or those who sell medications without a prescription. Reputable online pharmacies will have a seal of approval called the Verified Internet Pharmacy Practice Site (VIPPS), provided by the Association of Boards of Pharmacy in the United States.
  • Always ask for and wait until you receive written material about any offer or charity. If you get brochures about costly investments, ask someone whose financial advice you trust to review them.  Remember, even a classy brochure can be a hoax!
  • Always take your time making a decision. Legitimate companies won’t pressure you to make a snap decision.
  • Don’t pay for a “free prize.” If a caller tells you the payment is for taxes or shipping fees, he or she is violating federal law.
  • Never send money or give out personal information such as credit card numbers and expiration dates, bank account numbers, dates of birth, or social security numbers to unfamiliar companies or unknown persons.
  • Get a second opinion!  When filling out important forms or making a big financial decision, ask someone you trust to look it over and talk it over before giving away any personal information.
  • Get help when using the internet, especially concerning financial transactions.  NEVER give out personal information such as SS numbers or credit card information. Remember that older grandkids make great resources when it comes to using the Internet because they are true digital natives.

Remember, you’ve worked hard to reach a point where you can enjoy your golden years.  Don’t let someone else enjoy the fruits of your labor.  Be vigilant and be protected!

John Sileo is an author and highly engaging speaker on business fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Elder Fraud Expert Answers: What are the Most Common Schemes?

senior on internet ccIn our previous blog we talked about why senior citizens have become such a target for con artists and even unscrupulous relatives to commit elder fraud and take their hard-earned money.   We also talked about signs that they may be being duped.  Today, we want to make you aware of the variety of schemes that are out there.  This is by no means a complete list, but will give you a pretty good idea of what to watch for.

Common schemes:

  • The “Grandparents Scam”: someone phones or e-mails and pretends to be a grandchild in trouble. The elderly person, who may not have much contact with their grandchild, might be convinced and may wire money or send a prepaid debit card to help.
  • Offers of “freebies”: the Better Business Bureau of eastern Michigan reports that scammers now are offering seniors $3,000 in “free groceries savings certificates” along with a free medical alert bracelet. The scam may lure people to give away bank account information.
  • Enticing links on websites lure inexperienced seniors into divulging personal information.
  • Con artists may attend the funeral service of a stranger claiming that the deceased had an outstanding debt with them.
  • Reverse mortgage scams: the FBI reports that victims are offered free homes, investment opportunities and foreclosure or refinance assistance.
  • Thieves steal personal information and contact the Social Security Administration to change the payment routing information to the thieves’ own bank accounts or prepaid debit cards.
  • Fake lottery/sweepstakes: seniors are enticed into buying inexpensive knick-knacks or magazine subscriptions (which they do receive) in order to be entered into a contest.  Another variety is they receive an official looking check saying they’ve won a foreign lottery.  In both cases, they are asked to give up personal information to proceed.
  • The discount prescription scam: seniors are offered prescription drugs at a significant discount, but are required to pay a $200 membership fee or give up their credit card information.
  • The “credit card company” calls:  a polite caller says he’s from the senior’s credit card company and is investigating a possible fraudulent purchase. He even IDs the last four digits of the charge card as proof. When the senior denies making the purchase, the caller offers to reverse it immediately, but asks for the verification code on the back of the credit card.
  • Door-to-door solicitors ask for donations on behalf of charitable organizations.
  • Telemarketing fraud: according to the National Consumers League, nearly a third of all victims are age 60 or older. Studies by AARP show that most older telemarketing fraud victims don’t realize that the voice on the phone could belong to someone who is trying to steal their money.
  • Medical Equipment Fraud: equipment manufacturers offer “free” products, such as wheelchairs or oxygen tanks, to individuals. Insurers are then charged for products that were not needed and/or may not have been delivered.
  • “Rolling Lab” Schemes: unnecessary and sometimes fake tests are given to individuals at health clubs, retirement homes, or shopping malls and billed to insurance companies or Medicare.
  • Services Not Performed: Customers or providers bill insurers for services never rendered by changing bills or submitting fake ones.

This list truly only scratches the surface of what is out there, but it gives you a good idea of just how vigilant seniors and their caretakers need to be.  In our next blog, we will provide a list of what seniors need to do to prevent becoming a victim of scams and what to do if it does happen to them.

John Sileo is an author and highly engaging speaker on fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Elder Fraud Expert Answers: Why Are Senior Citizens Targeted?

senior id theft1

Imagine spending your whole life working hard, saving wisely and spending conscientiously—only to have your comfy “nest egg” taken away by unscrupulous scammers or even your own greedy relatives in your golden years.  Sad to say, this is a scenario that is far too common; up to 80% of scam victims are over 65, according to the U.S. Federal Trade Commission. A 2009 study by MetLife’s Mature Market Institute estimates that seniors lose approximately $2.6 billion per year to elder fraud, or what they call financial abuse, meaning fraud by outside scammers or theft by family members and acquaintances.

And this issue will take on even more importance in the years to come as the senior population in America grows.  According to the U.S. Census Bureau, there were 37.3 million people 65 and older in the United States as of 2006.  This group is expected to double in size within the next 25 years. By 2030, almost 1-out-of-5 Americans – some 72 million people- will be 65 years or older.

A scan of recent alerts from the Senior Journal shows a wide variety of areas that require constant vigilance:

By definition, Elder Fraud targets seniors, but why?

  • Senior citizens are most likely to have significant savings, to own their home and/or to have excellent credit—all very desirable to criminals.
  • People who grew up in the 1930s, 1940s, and 1950s were generally raised to be polite and trusting.  They are less likely to be suspicious of a nice salesperson, say no or hang up on pushy telemarketers.  There is even a study showing that we get more trusting as we age.  Through MRI testing, researchers at  the University of California, Los Angeles found that the area known as the anterior insula, which is associated with “gut feelings,” became more active in the younger subjects at the sight of an untrustworthy face. Older subjects, however, showed little to no activation in this area.
  • Seniors can be less comfortable with technology and inadvertently share information online or click on links that makes them vulnerable.
  • Criminals know that seniors are less likely to report a fraud.  This could be either because they don’t know who to report it to, are too ashamed at having been scammed, or don’t even know they have been scammed. Many are afraid to appear as if they have lost the ability to make sound decisions to their relatives, so they just keep it to themselves.
  • If an elderly victim does report the crime, scammers know that they often make poor witnesses.   The effect of age on memory combined with the amount of time that often passes between the crime, the realization, and actually acting on it makes it difficult for elderly victims to supply enough detailed information to investigators.
  • Senior citizens are more interested in and susceptible to products promising all sorts of wonderful results, from anti-aging creams to improved memory to medical cures.  In a world full of the miracles they’ve witnessed in their lifetimes, nothing seems too good to be true.  And if they can get a bargain on it, so much the better!

Elder Fraud Warning Signs:

  • You notice an excess amount of ATM or bank account withdrawals, perhaps even exceeding the daily maximum allowed on that account.
  • The senior is bouncing checks, which might indicate an unexpected loss of money.
  • There are debit transactions that don’t seem to make sense for an older adult.  Also, there may be debits that the person can’t remember or explain.
  • The older adult may be suddenly wiring large sums of money or writing large checks.
  • He or she may close a certificate of deposit, even though a large penalty would be paid for early withdrawal before that CD matured.
  • The bank is unable to speak directly with the older adult, despite repeated attempts to contact him or her.
  • A “new friend” suddenly begins handling the money for a senior.
  • The senior receives excessive amounts of junk mail.  (Once a senior takes the bait for one scam, thieves sell the person’s name, address and telephone number, and fake mailings proliferate.)
  • The phone rings excessively with sales calls.
  • He or she may be having difficulty buying groceries and paying bills.
  • They seem to receive lots of cheap items such as costume jewelry, beauty products, water filters, and knick-knacks that they bought to win something or received as prizes.

Tomorrow, we will outline common schemes that are used to prey on senior citizens.

John Sileo is an author and highly engaging speaker on fraud, internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Fraud Training (Not Technology) is the Achilles Heel of Cyber Security

,

Ignoring fraud training as the foundation of your cyber security strategy is like counting on Google to educate your kids. Technology is a critical tool in the fight, but without well educated users, guided by knowledgeable teachers, the tools are a waste of your money.   

Thanks to President Obama’s state-of-the-union plug for increased cyber security, the Chinese hacking of the New York Times and Wall Street Journal, and the hacking of a prominent celebrities, America is waking up to the tangible value of virtual data. Awareness is definitely the first step, but it is only the tip of the privacy iceberg. Just as in the age before the internet, the only thing keeping employees from selling secrets or participating in fraudulent activity are the human controls that discourage the practice. But it’s all the more hair-raising to think of the amount of digital secrets an employee has access to at any given time. The new tale of a Reuters journalist gone cyber-rogue adds a chilling wrinkle to the perils of protecting the data that keeps corporate profits ticking.  

Last Thursday, Matthew Keys, a Reuters social media editor, was indicted on charges of conspiracy, among others. Keys had previously worked for a TV station owned by the Tribune company, and according to the allegations, he leaked server login information of his former employer to a hacker group known as Anonymous. Apparently Keys began exploring Anonymous chatrooms as “just a reporter”, but eventually progressed to exposing sensitive passwords and promoting the idea of targeting the Tribune. Using this information, the hackers were able to enter Reuters’ otherwise secure systems and alter the existing text of a Los Angeles Times story from 2010, inserting out-of place colloquialisms and hacker-speak. Now, Mr. Keys is looking at the potential of over a decade in prison and up to three-quarters of a million dollars in fines. So what does this have to do with fraud training? We’re getting there…

Here’s the rub: the illegal access all happened after Keys had been FIRED by Reuters.  In other words, a former employee who was never very high on the corporate food chain in the first place and was actually fired (not laid off), retained access that, in the right hands, allowed criminals to change the course of the news. Although this particular case doesn’t appear to have involved any financial transactions, don’t think for a second that there aren’t buyers out there willing to pay good money for a chance to break into your supposed “stronghold.”

Cyber Security is Less About Technology, More about Employee Fraud Training

No matter how tight your cyber security, the weakest link is always the human beings responsible for implementation. The lapse here wasn’t in the technology – Reuters used user-level logins and passwords to protect their network. The mistake here was the employee who failed to shut down Keys access the minute he was fired (or in the moments before), or the executive who failed to prepare for this common scenario. The lesson here is this: when employees leave your company under any terms, someone must be responsible and held accountable for disabling their computer access from all devices.  This is a basic principle of successful fraud training that makes all of your investments worthwhile.

A large-scale enterprise can institute all the security barriers it wants, but without trust, responsibility, and knowledge, the corporation is only as strong as its Achilles heel. How are you addressing this type of exposure?

John Sileo is CEO of The Sileo Group and a fraud training expert. His recent clients include the Department of Defense, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Fighting Friendly Fraud (Webinar): 5 Insider Theft Secrets to Protect You

Do you know what’s behind the masks your employees may wear? A staggering number of businesses falter and even fail because someone on the inside – an employee, vendor or even a partner – steals money, goods, data or intellectual property from the organization. Will yours be one of them? Not if you learn about the warning signs of fraudsters and the weaknesses in your current hiring procedures.

The strongest indicator that your business is at risk? Denial. If you have ever said to yourself, “My people would never do that,” or “were too small to be worth a fraudster’s time”, you are caught in a cycle of self-delusional naiveté. Most inside theft happens at the hands of a “trusted” team member. In fact, insider theft and fraud aren’t generally committed by experienced criminals.

In John Sileo’s webinar (video above), he shares his own history of experiencing a fraudulent case of insider theft that destroyed his small business, cost him nearly $300,000 and almost landed him in jail. His story will serve as the framework for five insider secrets that will help you and your business avoid his fate.

In Fighting Friendly Fraud, you will learn:

  • 10 Fraud Early Warning Signs
  • What goes on inside the mind of a friendly fraudster
  • Why good employees sometimes make bad choices
  • 5 Universal truths that underlie most types of fraud
  • Simple, inexpensive controls you can put in place to discourage fraud
  • Deterrence tactics to discourage the most devious inside spies

If you learn these five lessons, it will save you from learning others the hard way!

7 Steps to Secure Profitable Business Data (Part II)

, , , ,

In the first part of this article series, we discussed why it is so important to protect your business data, including the first two steps in the protection process. Once you have resolved the underlying human issues behind data theft, the remaining five steps will help you begin protecting the technological weaknesses common to many businesses.

  1. Start with the humans.
  2. Immunize against social engineering.
  3. Stop broadcasting your digital data. There are two main sources of wireless data leakage: the weakly encrypted wireless router in your office and the unprotected wireless connection you use to access the Internet in an airport, hotel or café. Both connections are constantly sniffed for unencrypted data being sent from your computer to the web.Strategy: Have a security professional configure the wireless router in your office to utilize WPA-2 encryption or better. If possible, implement MAC-specific addressing and mask your SSID. Don’t try to do this yourself. Instead, invest your money in proportion to the value of the asset you are protecting and hire a professional. While the technician is there, have him do a thorough security audit of your network. You will never be sorry for investing the additional money in cyber security.To protect your data while surfing on the road, set up wireless tethering with your mobile phone provider (Verizon, Sprint, AT&T, T-Mobile) and stop using other people’s free or fee hot spots. Using a simple program called Firesheep, data criminals can “sniff” the data you send across these free connections. Unlike most hot-spot transmissions, your mobile phone communications are encrypted and will give you Internet access from anywhere you can make a call.
  4. Eliminate the inside spy. Most businesses don’t perform a serious background check before hiring a new employee. That is short sighted, as much of the worst data theft ends up being an “inside job” where a dishonest employee siphons information out the back door when no one is looking. In the consulting work we have done with breached companies, we have discovered the number one predictor of future theft by an employee – past theft. Most employees who are dishonest now were also dishonest in the past, which is why they no longer work for their former employer.Strategy: Invest in a comprehensive background check before you hire rather than wasting multiples cleaning up after a thief steals valuable data assets. Follow up on the prospect’s references and ask for some that aren’t on the application. Investigating someone’s background will give you the knowledge necessary to let your gut-level instinct go to work. More importantly, letting your prospective hire know in advance that you will be performing a comprehensive background check will discourage dishonest applicants from going further in the process (watch the video for further details). I personally recommend CSIdentity’s SAFE product, which is a technologically superior service to other background screen services.
  5. Don’t let your mobile data walk away. In the most trusted research studies, 36-50% of all major data breach originates with the loss of a laptop or mobile computing device (smart phone, etc.). Mobility, consequently, is a double-edged sword (convenience and confidentiality); but it’s a sword that we’re probably not going to give up easily.Strategy: Utilize the security professional mentioned above to implement strong passwords, whole disk encryption and remote data-wiping capabilities. Set your screen saver to engage after 5 minutes of inactivity and check the box that requires you to enter your password upon re-entry. This will help keep unwanted users out of your system. Finally, lock this goldmine of data down when you aren’t using it. Either carry the computer on your person (making sure not to set it down in airports, cafes, conferences, etc.), store it in the hotel room safe, or lock it in an office or private room when not using it. Physical security is the most overlooked, most effective form of protection.
  6. Spend a day in your dumpster. You have probably already purchased at least one shredder to destroy sensitive documents before they are thrown out. The problem tends to be that no one in the business uses it consistently.Strategy: Take a day to pretend that you are your fiercest competitor and sort through all of the trash going out your door for sensitive documents. Do you find old invoices, credit card receipts, bank statements, customer lists, trade secrets, employee records or otherwise compromising information? It’s not uncommon to find these sources of data theft, and parading them before your staff is a great way to drive the importance of privacy home. If your employees know that you conduct occasional “dumpster audits” to see what company intelligence they are unsafely throwing away, they will think twice about failing to shred the next document. In addition to properly disposing of new documents, make sure that you hire a reputable on-site shredding company to dispose of the banker’s boxes full of document archives you house in a back room somewhere within your offices.
  7. Anticipate the clouds. Cloud computing (when you store your data on other people’s servers), is quickly becoming a major threat to the security of organizational data. Whether an employee is posting sensitive corporate info on their Facebook page (which Facebook has the right to distribute as they see fit) or you are storing customer data in a poorly protected, noncompliant server farm, you will ultimately be held responsible when that data is breached.Strategy: Spend a few minutes evaluating your business’s use of cloud computing by asking these questions: Do you understand the cloud service provider’s privacy policy (e.g. that the government reserves the right to subpoena your Gmails for use in a court of law)? Do you agree to transfer ownership or control of rights in any way when you accept the provider’s terms of service (which you do every time you log into the service)? What happens if the cloud provider (Salesforce.com, Google Apps) goes out of business or is bought out? Is your data stored locally, or in another country that would be interested in stealing your secrets (China, Iran, Russia)? Are you violating any compliance laws by hosting customer data on servers that you don’t own, and ultimately, don’t control? If you are bound by HIPAA, SOX, GLB, Red Flags or other forms of legislation, you might be pushing the edges of compliance.

By taking these simple steps, you will begin starving data thieves of the information they literally take to the bank. This is a cost-effective, incremental process of making your business a less attractive target. But it doesn’t start working until you do.

John Sileo, the award-winning author of Privacy Means Profit, delivers keynote speeches on identity theft, data security, social media exposure and weapons of influence. His clients include the Department of Defense, Pfizer, Homeland Security, Blue Cross, the FDIC and hundreds of corporations, organizations and associations of all sizes. Learn more at www.ThinkLikeASpy.com.

 

Fun Fraud Detection Training

, , , ,

Businesses often make social engineering (or fraud) training boring! And that’s bad for your bottom line, because no one ends up remembering how to protect your organization against threats like data theft, corporate espionage or social networking exposure.

Too often, fraud and social engineering workshops cover just the concepts that define fraud rather than the feelings that signal it’s actually in process at the moment. The key to training your executives, employees and even customers on fraud is to let them experience what it feels like to be conned. In other words, they need to actually be socially engineered (manipulated into giving away their own private information) several times throughout the training so that they begin to reflexively sense fraud as it is happening. Like learning to throw a ball, there is no substitute for doing it for yourself. Fraud detection is similar; it takes actually doing it (or having it done to you) to fully understand the warning signs. Anything less will leave your audience yawning and uneducated.

This social engineering video was recorded at a fraud training I did recently and it demonstrates how fun it can be to train someone on detecting fraud, and how profitable. As silly as it might seem, the skills necessary to detect fraud can be taught in very entertaining and engaging ways. After watching the video, take a minute to understand the basic skills your employees and executives will need to Stop Fraud:

Fraud Training Step 1: The Trigger

The trigger, or what causes you to be on high alert, is actually very simple—it is the appearance of private information in any form (your identity, customer information, employee records, intellectual capital, etc.). Anytime someone requests or has access to any of the names, numbers or attributes that make up identity, or to the paper, plastic, digital or human data where identity lives (whether it is yours or your organization’s), the trigger should trip and sound an alarm in your head.

There are hundreds of examples of fraud triggers in the workplace. Here are a few of the more common:

  • When someone is requesting information about you on Facebook, LinkedIn, etc.
  • When someone requests information about your company, computer login or co-workers in person or by phone
  • When you are clicking on a link in an email
  • When you are entering data into a website

When your identity is being requested in any way, slow down and ask yourself: Is the risk of giving this piece of identity away in this specific situation worth the benefit?

Fraud Training Step 2: Hogwash!

Your team should be trained such that anytime their reflex is triggered, a phrase or picture automatically pops into their head, whether they actively think about it or not. If the word (also called a trigger) is a bit out-of-the-ordinary and the picture is humorous, you almost can’t help but noticing when it appears. The trigger that I use when I train is the word HOGWASH! Here is my definition of Hogwash:

Hog’wash |hôg’wô sh | n. 1. A gut reaction that someone is manipulating you for their own gain, or feeding you a line of bull in order to deceive you (e.g., I’ll just borrow your password for a short time); 2. Healthy skepticism that persists until the person requesting information from you proves they are worthy of your trust.

When the word Hogwash pops into your head, picture a pig feeding at a trough. Better yet, picture the person (who is requesting your information) feeding at a trough (the image is what makes it fun and memorable – don’t be afraid of the silliness – it works). As they provide legitimate reasons for needing the information and adequate reassurance that your data will be handled securely, they begin to rise from the trough. But don’t let them off the hook yet, because social engineers are masters at using your natural biases against you.

Fraud Training Step 3: Vigilance

When an outsider has access to your identity or critical business data, your trigger should automatically activate without thinking about it (Hogwash!). Your first response should be to heighten your level of observation, to become more vigilant. View the situation as a child would—with curious eyes. You can even borrow what we teach our children to be more aware in dangerous situations—Stop, Look and Listen:

Listen to your instincts. Ask yourself if your identity is safe. Is there a change in the environment that makes you uneasy or uncertain? What is your gut saying? Would a spy give away this information? Is the benefit you are receiving worth the data you are sharing? Be a healthy skeptic (i.e., not paranoid, but vigilant) of anyone who is requesting sensitive information. The final and most important step is to follow up with the right questions, or interrogate the enemy.

Don’t make privacy a policy, make it part of your culture. Start by engaging your troops, not putting them to sleep.

If you are interested in having John Sileo conduct fraud training or social engineering keynotes for your organization, contact him directly on 1.800.258.8076. His satisfied clients include the Department of Defense, the FDIC, Pfizer and the Federal Trade Commission.

Avoid Spring Break Travel Scams

Here comes Spring Break! And the scams that go along with travel and vacations, whether you are a student or just taking some time off. 

Picture this: you find a great deal online for a vacation package and are counting the days till you take off for some fun in the sun. The day finally arrives and you show up at the airport, bags packed and ready to take flight. But when you reach the ticket counter, you learn that you have no flights booked… you’ve been scammed!

It happens ALL THE TIME, and scammers are getting more and more convincing. Scams rise during any busy travel season, but there are ways to avoid becoming a victim. Here are some tips on how to prevent travel scams and make sure that you get to enjoy a great Spring break trip.

  • Verify the business you are booking your trip through. If you are going to use a travel agency or online booking company, make sure they are legitimate first. Go online and do your research – if people have been scammed before by the company, the internet is the first place they will go to vent. You can even ask the company for referrals so you can check up on some satisfied customers.
  • Read everything carefully before you sign. Sometimes there are hidden fees or clauses where they can  change the airport you are flying into or out of without telling you – even up to 100 miles away!  Make sure you know the airline and hotel before signing. This way you can verify their legitimacy. Feel free to contact them and make sure that this is a great deal.
  • Always pay with a credit card. Good credit card companies allow you to dispute fraudulent charges so that you are not held liable for the money. If the company insists you pay with cash or check or money order, GO SOMEPLACE ELSE! Legitimate travel companies will let you use a credit card.
  • Make sure you get EVERYTHING in writing. If your great deal does turn out to be a scam, you will need something to show the credit card company in order to dispute the charges.
  • If it sounds too good to be true, then it probably is. If they are offering you a flight to Mexico that is regularly $500 for $100, then chances are, it’s a scam. While there are great ways to book your hotel + flight + food + drink together to save money, most don’t offer an 80% discount!
  • Buy directly from the companies themselves (airline, hotel, transportation, tickets). Many times the actual companies guarantee the cheapest possible fare on their own website (United does this, for example). Even if it does cost you a bit more, you will sleep better at night knowing that your trip is booked and confirmed.
  • A lot of Mexico resorts offer all inclusive packages that are a great deal. You simply need to purchase your airfare. If you are booking it directly through the resort websites themselves, your chances of getting scammed drops immensely.
  • Don’t be afraid to try a website like TripAdvisor.com to do some background investigation.

Getting scammed definitely kills the vacation buzz! Getting scammed when you’re ready to have a great time with friends and family just plain sucks!  Follow these tips to make sure that it doesn’t happen to you.

John Sileo will be delivering identity theft speeches during Spring Break. Luckily, he travels frequently with his family.