Tag Archives: privacy law

Tax Identity Theft Awareness Week January 29-February 2

It is tax time.  The tax scammers are gearing-up.  Learn how to protect yourself during Tax Identity Theft Awareness Week January 29-February 2, 2018.IRS

Tax identity theft occurs when a person uses someone else’s Social Security number to either file a tax return and claim the victim’s refund, or to earn wages that are reported as the victim’s income, leaving the victim with the tax bill.

The Federal Trade Commision, the Internal Revenue Service, the Department of Veterans Affairs, the Treasury Inspector General for Tax Administration, and others throughout the week are hosting free webinars and Twitter chats focused on steps consumers and businesses can take to help avoid tax identity theft and recover if it occurs. There will also be discussions about ways to identify and avoid IRS imposter scams that target consumers and businesses.

The events include:

  • January 29 at 2 p.m. ET: A webinar for consumers on tax identity theft and IRS imposter scams, how to protect yourself, and how to recover, co-hosted by the FTC and the Identity Theft Resource Center.
  • January 30 at 2:30 p.m. ET: A webinar for older adults and other consumers on tax identity theft and IRS imposter scams, co-hosted by the FTC, AARP Fraud Watch Network, the AARP Foundation Tax-Aide program, and the Treasury Inspector General for Tax Administration.
  • January 31 at 11 a.m. ET: A Twitter chat for service members, veterans, and their families, co-hosted by the FTC and the Department of Veterans Affairs. Join the conversation at #VeteranIDTheft.
  • January 31 at 1 p.m. ET: A closed webinar co-hosted by the FTC, the Department of Veterans Affairs, and the Treasury Inspector General for Tax Administration, focused on tax identity theft and IRS imposter scams. This webinar is only available to Veterans Administration employees and patients.
  • February 1 at 1 p.m. ET: A webinar for small businesses, Protecting Sensitive Business and Customer Data: Practical Identity Safety Practices for Your Business, co-hosted by the FTC and IRS focused on tax identity theft, imposter scams targeting businesses, cybersecurity practices to reduce your risk, and data breach response.
  • February 1 at 3 p.m. ET: A Twitter chat for consumers on protecting yourself from tax identity theft, co-hosted by the FTC and the Identity Theft Resource Center. Join the conversation at #IDTheftChat.

If you or your business have legal questions or concerns regarding computer law, privacy, or cybersecurity law matters, contact attorney Jeffrey A. Franklin at Prince Law Offices.

Advertisements

Leave a comment

Filed under Business Law, Computer Law, Consumer Advocacy

New Locky Ransomware Phishing Attack: Credit Card Suspended And Suspicious Money Movements

Ransomware is an increasing plague.  We have seen that it can disproportionately impact individuals and small businesses which may be least prepared to protect themselves or respond to ransomware computer attacks.  Yesterday, Graham Cluley described the latest spam email flood trying to hold your computer files ransom for your hard-earned money.
locky

Please be extremely cautious of unsolicited emails, especially with ZIP type attachments.  It’s one of the favorite methods used by cyber-criminals to trick unsuspecting computer users into opening dangerous attachments or clicking on a link to a malicious webpage.

In the last few days there have been a spate of spam attacks duping unwary internet users into clicking on an attachment that will lead to their Windows PC being infected with the notorious Locky ransomware.

For instance, you might have seen messages like the following appearing in your inbox, claiming that there have been “suspicious movements” of funds out of your bank account.

suspicious-movement-email

Attached to the email is a ZIP file containing a malicious .JS (Javascript) file, that if opened downloads a version of the Locky ransomware from a remote server from one of several different URLs, saved in a temporary folder under the name “GyFsMGsLUNA.dll”.

The malware is executed without any requirement for further user interaction. No further clicking is needed.  Some antivirus products detect the malicious Javascript as Trojan.JS.Downloader.GXW.

Similar attacks have been spammed out claiming that your credit card has temporarily been suspended.

account-suspended

Alternatively, you might have received emails posing as notifications that you have a parcel waiting for you at your local mail office.

parcel-email

This final example also leads to the Locky ransomware.

In all cases, the criminals can (and frequently do) change the names and contact details used in the emails meaning that you cannot always rely on them looking the same.  In these examples, the file attachments were all ZIP file attachments.  Criminals frequently use ZIP file attachments to hide the true purpose of the attachment.

Tips to avoid these problems include keeping your operating system up to date, keeping up-to-date security software on your computers and email servers, creating regular off-line backups, and conducting user awareness training to teach employees to be wary of dangerous file types and unsolicited emails.

We know that criminals are making money from online extortion – and ransomware is one of their favorite methods.

If you or your business have questions or concerns regarding fraud, computer law, privacy, or cybersecurity law matters, including assistance with prevention or recovery from a ransomware attack and cybersecurity insurance or insurance claims, contact attorney Jeffrey A. Franklin at Prince Law Offices.

Leave a comment

Filed under Business Law, Communications Law, Computer Law, Consumer Advocacy