FRAUD - They Are Out To Get You! - part 2

Last month I wrote about fraud occurring through your cell phone and the dangers associated with answering that call from an unknown number.  In this edition I want to focus on your other online activity with your Personal Computer, Online Banking, and all of those wonderful websites that you purchase items that you must have.


Email fraud is another one of those attacks that often catch people off-guard. Spoofing of emails is a leading tool used by fraudsters and often leads to big losses for individuals.  Here are three very common types of email spoofs:

  • Display Name Spoofing: The attacker uses a trusted name with a different email address (e.g., "John Smith fakeaddress@example.com").
  • Domain Spoofing: The attacker forges the entire email to look like it’s coming from a legitimate domain (e.g., johnsmith@trustedcompany.com).
  • Reply-to Spoofing: The attacker manipulates the "Reply-to" field to redirect responses to their email address.


The simplest rule that I have learned to defeat email spoofing is to NEVER CLICK ANYTHING IN AN EMAIL SENT TO ME


For example, I make purchases at Amazon, Office Depot, Kohl’s and other online retailers, oftentimes, I receive confirmation from the retailer that I have made a purchase, and it includes a receipt. Many people assume that email is secure between themselves and the sender – in reality there are many programs running on the internet that are glancing at those messages and finding information. This little bit of information alerts the scammers that I do business with that company – and it also gives them my email address.


So, about a couple of days later I receive an email from Customerservice@khls.com. If I’m not paying attention and only see the Kohl’s logo, I am inclined to click the link that they provided me to fix my recent purchase or to guide me to their site to steal my login information for my Kohl’s account. If you are speed reading this article – you likely missed the subtle change in the DOMAIN of the email that I received from khls.com, not kohls.com.


I learned a long time ago, because I was a victim of fraud, that I no longer click any email links or open any email attachments from companies.  I will simply go to the company website and login to my account in order to confirm the information that I’m being told is so very important.  Remember, also, that the fraudsters rely upon rushing you into a rapid response to their email or phone message. IF YOU HURRY – YOU’LL BE SORRY…


Let me give you a few quick suggestions on dealing with email and keeping yourself safe with your home computer.

  1. Use a Secure and Reputable Email Provider: Choose an email provider like Gmail, Outlook, or Yahoo that offers robust built-in security features, including SPF, DKIM, and DMARC protection.
  2. Enable Multi-Factor Authentication (MFA): Add an extra layer of security to your email account by enabling MFA. This requires a second verification step (like a text message or authentication app) to access your account.
  3. Recognize Spoofed Emails: Be cautious with emails that:

      a.   Urge immediate action or sound too good to be true.

      b.   Contain spelling errors or unusual language.

      c.   Have suspicious links or attachments.

      d.   Hover over links to see the actual URL before clicking.

  4. Keep Your System Updated

      a.   Regularly update your operating system, browser, and email client to protect against known vulnerabilities.

      b.   Use antivirus software to scan for malware that may arrive via email attachments.


If you follow the simple rules, you can avoid being taken advantage of by the myriads of scams that appear in your email Inbox on a daily basis – sometimes multiple times per day.


Take some time to sign up for an ID Theft program to have an extra set of eyes for your online health. We offer a great product at Washington State Bank called ID Theftsmart – it is an inexpensive way to protect your financial life. There are many good companies that provide similar services, and I would strongly encourage you to take advantage of the offerings before you fall victim to identity theft or fraud.


One last suggestion…use a Credit Card for all of your online activity. It adds one more layer of protection away from your personal banking accounts that are accessed via your debit card. There is much lower risk to your financial health in using a credit card for your purchases.


All the best as you keep yourself safe from all of the bad actors out on the internet and your email inbox.


Michael Herzog

President

FRAUD - They Are Out To Get You!

By Michael Herzog March 6, 2025
Every single day the fraudsters are looking for ways to infiltrate your defenses and to take advantage of your weakness. Think for a moment about all of the SPAM phone calls that you receive – the kind that block their numbers from caller-id, the kind that come up on your caller-id as a “local” number, the kinds of calls that you are unsure as to whether you should even answer the phone. Allow me to make a simple suggestion. IF YOU DON’T RECOGNIZE THE NUMBER – DON’T ANSWER THE CALL! A legitimate caller will leave you a voice message. A legitimate caller won’t keep calling your phone. A legitimate caller doesn’t make multiple calls in a row without leaving a message. I hear customers say things like the following: I didn’t want to miss a call from my doctor or healthcare provider. I was sure that the number was someone that I knew. The caller-id said that it was a federal agency (FBI, DHS, FTC). The same caller was on my phone 2 or 3 times in an hour. The biggest danger that we face is in answering the phone and beginning a conversation with a potential scammer. Trust me when I say, the person that is calling you is well-rehearsed, extremely convincing, and they will immediately make you feel that you must do something right now to help them or to remove yourself from the trouble they suggest you are involved in. Scammers utilize an appeal to authority and time pressure to make you afraid. They use this fear to get you to do what they ask of you. They will tell you a story about unclaimed property, or cash prizes, or even that you are helping law enforcement with an investigation of your bank. All of these stories are false, but they have just enough truth and a lot of correct sounding jargon to make you believe that you are doing something good that will benefit you. They may even send you to the bank and ask you to keep them on the phone, telling you that the bank employees are going to suggest that you are involved with a fraud – that’s all part of their hook. Finally, the scammer will ask you to buy Pre-Paid gift cards after withdrawing cash from your bank – and to reveal the numbers on the back of the card to them. IF YOU DO THIS – YOUR MONEY WILL BE GONE! There is no Identity Theft Protection that will keep you from doing this on your own. Please take the time to think through answering your phone. I have an old friend who used to say, “I have a phone for my convenience, I don’t answer the phone unless I know who is calling me.” Allow me to make some simple suggestions that may very well keep you safe from the myriad of scammers… If someone calls you from a familiar place and isn’t confirming information that you already know or are waiting to hear, hang up the phone and call that place directly. · Scammers are using technology that spoofs phone numbers – the caller-id may indicate it is from your local bank or the doctor’s office. Your bank will NEVER, EVER, ask for your specific account information – we already have that information. Bank’s do not know your PIN #s for cards, that is your information and is issued specifically to you. Your bank will NEVER, EVER need to ask you for a PIN number. Be careful with your card information. Scammers are very good at talking you into giving away specific information and making it seem like they already know the information. · For example – the three digit card security number on the back of your cards. The conversation will go something like this… · Scammer: I know that your card ends in 1234, and your expiration date is 08/27. Would you please give me the 3-digit code in order to verify your account? · Person: Sure, it is 111. Criminals have access to so much of our data, the simple process of asking you questions is to gain your trust. Please don’t fall for this trick. In closing this piece. Remember the old rule, “If it sounds to good to be true, it probably is.” Even the biggest prize company in the world – Publisher’s Clearing House states that they will never call you, email you, send mail to you – they will show up at your home when you are the winner. No legitimate organization needs you to send them money in order to investigate another organization. All of these people are attempting to take advantage of you and steal your money. And sadly, once you withdraw cash and give it to them – IT IS GONE FOREVER! Please be safe in this increasingly dangerous world. Michael Herzog President

Time & Savings

By Michael Herzog February 5, 2025
You may not think that my title goes along with a consistent thought pattern, after all, taxes are one of those normal life headaches that cost us money and typically, savings is something we are doing that provides a long-term benefit. But what if you could save money and reduce your taxes at the same time? Have you considered the tax-deferral available to you by utilizing an IRA? IRA accounts have been around for a long time, and yet, many of us don’t take the opportunity to fund this portion of savings that avoid the taxes that would be imposed upon that income you are setting aside for future use – in retirement. We have a couple of good options for your consideration. Washington State Bank offers these first two options to anyone who wishes to start or continue depositing dollars for retirement planning. Traditional IRA – every taxpayer in the United States has this option, even if you are covered by an employer 401k or other type of retirement program. There are limits to the amount you may contribute, and I would encourage you to speak with your tax preparer about those limits. Roth IRA – this is going to be after-tax dollars, so you don’t receive the immediate benefit, but since you have already paid taxes on these contributions, you will be able to withdraw those funds with very little tax consequences in the future. In most cases, the withdrawals will be tax free. Additionally, we have a partnership with NestEgg that allows you to access investment products that are typically offered in a brokerage with a discounted fee structure. These investments allow you to increase your potential return over the time that you are working toward retirement. Nest Egg is an online brokerage and they offer one on one service as well as the opportunity for you to make investment choices on your own. Let me give you an example of how much you might be saving over a 20-year time frame… For example, you decide that in 2024 you wanted to defer the full amount of $7,000 to an IRA account. And you commit to setting aside this amount each year going forward. $7,000 per year for the next 20 years. I am going to use a conservative 6.0% return on investment over the 20 years. (For this example, I am using the Future Value of Money Calculator at calculator.net) In 2024, you begin and at the end of the first year you have a total of $7,420.00. At year 5 you would have a total of $39,459.00 (while contributing $35,000) By year 10, your $70,000 investment would be worth $92,265.00. In year 20, compounding has almost doubled your investment of $140,000 to a total of 279,949.09. If you are young and can afford this $7,000 annual investment – according to this calculator, you would accumulate $1,000,000 in 39 years. So, if you are in your 30s today, by beginning this simple plan, you would have saved one million dollars by the time you are 70 years old! I think just about everyone would be excited about that number. Start small, finish big. The rules of compound interest are always the same. If you don’t have $7,000 today, start by adding to your IRA on a monthly basis – that would be about $600.00 per month. Maybe the first question is why am I not already doing this? Michael Herzog President

Happy New Year

By Emily Brandenstein January 6, 2025
As I was taking some time to reflect upon all that has happened in my life and the world around me during 2024, I thought of these words from Scripture found in Isaiah 9:6 – “For a child is born to us, a son is given to us. The government will rest on his shoulders. And he will be called: Wonderful Counselor, Mighty God, Everlasting Father, Prince of Peace.” My wife and I welcomed three new grandchildren into our lives during 2024, two of our sons are now parents and “wow!” what a ride this has been so far! I always thought that I was protective of my own children, and yet, I find myself even more concerned for the well-being of my grandchildren – looking around our current world, I’m guessing you are experiencing some of the same feelings as we turn the page on 2025. One of the biggest things I have found true is the cost of everything from diapers to formula to toys and books has gone up quite a bit over the last number of years; frankly, I was shocked at the cost of a package of diapers! I have always tried to keep a close eye on my personal finances and watch those pennies to avoid over-spending, but once again, it isn’t just about my own spending, it’s also about keeping a close eye on who else might be trying to “spend” my money. Nope, not talking about my wife or others in my home – I’m talking about those fraudsters that are hard at work trying to pad their own financial picture at my expense. As we step into this new year with hope and excitement, it’s also a great time to protect what matters most — our personal information. Identity theft is a growing concern, but by staying vigilant and informed, we can safeguard ourselves. Here are a few simple tips to help prevent identity theft in 2025: Monitor Your Accounts: Regularly check your bank and credit card statements for any suspicious activity. Very important to check the statement if you are needing to prove fraud. Use Strong Passwords: Create unique and strong passwords for each of your online accounts. Passphrases are also helpful and easy to remember – ie. “Fall is my favorite time of year” – the more characters that you can use, the better. Shred Personal Documents: Shred any sensitive papers before discarding them to avoid dumpster divers. Washington State Bank will be hosting another shred day this spring for your larger projects. Enable Two-Factor Authentication: Secure your accounts with an extra layer of protection. This is most commonly established by a text message to your phone or adding an authenticator from Google, Microsoft, etc – that produce a login code for you. Stay Wary of Phishing Scams: Always verify sources before sharing personal or financial information online. When your bank sends you a code and it has the following message: WE WILL NEVER ASK FOR THIS CODE, please take that seriously – no one from a financial institution needs to have access to your online banking. To revisit my opening paragraph. Isaiah was writing about the coming Messiah – the child will establish a new, eternal government – He shall be called Wonderful Counselor, Everlasting Father, and Prince of Peace. Remember that He called us to be wise as serpents and gentle as doves – Part of wisdom is protecting yourself and your home from these various “serpents” looking to steal what you are working for in this life. Protect yourself and reap the benefits of peace in your homes. Don’t be a victim of identity theft in the new year or any year for that matter! Let’s start 2025 with a plan to stay vigilant in our finances and prosperous in our lives! I look forward to sharing more of this new grandparent journey with you over the next year – and more ideas on making the financial parts of your lives work to your benefit! May God bless each of you as we begin the New Year of 2025! Michael Herzog President
More Posts
Share by: