New York SBDC Research Network

From the Federal Trade Commission : Think consumers are the only ones harmed by phishing scams? It’s not just a problem for computer users but also for the businesses that the scammers are impersonating. And people who have been scammed may look to the business that was impersonated for help. The Federal Trade Commission has long provided  advice  to consumers about steps they can take to avoid phishing scams. The FTC has  released tips and a video  for businesses on how to respond if they are impersonated as part of a phishing scam. Among the steps businesses should take include notifying customers as soon as possible through social media, email or letters; contacting law enforcement; providing resources for affected consumers; and reviewing the company’s security practices. The Federal Trade Commission works to  promote competition  and  protect and educate consumers . You can  learn more about consumer topics  and file a  consumer complaint online  or by calling 1-877-FTC-HELP (38

The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees. The IRS has learned this scheme – part of the surge in phishing emails seen this year – already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives. “This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data.

Thanks to emails and calls from people who sensed something wasn't right, the Federal Trade Commission has heard that an FTC imposter scam it's written about before is back. The email tells you there’s a complaint against your business, and wants you to click on a link. Here’s what one of the scammy emails said: “This notification has been automatically sent to you because we have received a consumer complaint, claiming that your company is violating the CCPA (Consumer Credit Protection Act).According to our policy, we have initiated a formal investigation before taking legal action. You can download the document containing the complaint and the plaintiff contact information, from...” followed by a link. At first glance, it might look legitimate. It has the FTC seal, the email appears to come from an FTC email address, and the web address looks like it goes to an FTC site. But if you hover over the web address, you’ll see the link actually sends you somewhere else. If

How much is everything on your computer worth to you? About $300? The criminals behind a new malware program are betting on it. The Federal Trade Commission, the FBI and other federal agencies are warning consumers and businesses about “Cryptolocker,” a malware program that holds the files on your computer for ransom, and doesn’t allow you to access them until you pay up. Even then, there’s no guarantee. It’s essentially extortion, with all your personal documents, photos, and files at risk. Cryptolocker is spread mostly through email and “drive-by” downloads. The email might look like a routine message from a legitimate company, like a tracking notice from a shipping company. If you click on the hyperlink in the email, Cryptolocker encrypts everything on your hard drive and in your shared folders. When the job is done, you get a “ransom note” demanding payment via Bitcoin or some other anonymous payment method. The criminals behind this malware say they’ll give you the encryptio

Who among you haven't had a client who wonders or worries about being taken in an online scam? It's a topic I've written about since we developed this blog. Since e-mail & the Internet aren't going away soon, it might be helpful to you & your clients to read the Internet Crime Report: 2006 . It's a 27-page report issued from the Internet Crime Complaint Center (the IC3), and it provides insights into the current trends being used to con people out of their money via electronic means. (You can just read the highlights here , too.) The report identifies nine broad types of online fraud, including identity theft, investment fraud, phishing, spamming, cyberstalking, and other nasty things. Appendix II of the report offers tips on how to avoid falling prey to perpetrators, too. The report represents just a fraction of the online fraud that goes on. Most crimes don't get reported. If you or any of your clients feel like they've been victimized, have t