A new identity theft scenario is masquerading as a communication from Google Photos, the photo-sharing and storage service.
It happens when you receive an email message or text that says someone wants to share a photo album with you, says the Identity Theft Resource Center.
Hard to resist, right?
Here’s how it works: You will be told to log in to your Google account, only to find that there actually is no photo album. Instead, you will have enabled a phishing scam.
That’s because when you click the “View Photo” link, you are directed to another website so you can log in.
That dangerous website captures your login information, giving the scammers access to your credentials and your account, says the resource center.
“It’s always easier to steal something when you have the key to a lock instead of having to break into where valuables are kept,” the center says. “The Google Photo sharing scam is a way for identity criminals to get the credentials needed to access and steal personal and company information.”
Such email compromise scams cost businesses
$1.8 billion last year, while individuals lost $54 million in phishing scams, according to the FBI.
These are some ways to avoid phishing cons, the resource center says:
– Do not click on links in a suspicious or unexpected email. Even if the message looks authentic, the links still could contain malware. If the email appears to come from a business, contact the company directly to verify that the message and link are legitimate. If it comes from an unknown person, delete the message without clicking on links.
– Do not reuse or share passwords. “Criminals steal logins and passwords because they know most people use the same password on multiple accounts,” the center says. Create a specific and different combination on each account, and make sure they all have at least 12 characters.
– Take a look at the URL link. Use your cursor to hover over it and see where the email is really coming from. A sure sign that it’s a scam is when the link address is slightly changed, such as “Goo.gle” rather than “Google.”
With the prospect of summer and hopes for more in-person events, beware of ticketing and related scams.
“The return of big events gives thieves another tempting target: people so eager for the return of music fests, block parties and crowded stadiums that they’re more susceptible to buying tickets that don’t exist,” says Norton LifeLock, a cybersecurity services company.
Victims might pay for the tickets and never receive them, or they might learn that the ones they did receive are fake — after arriving at the event and trying to use them.
Avoid this happening to you by purchasing tickets from the venue where the event will be held, whenever this is possible.
Before buying anything, ask sellers about the refund policy and purchase only from those who have a policy that’s acceptable to you. Also, make sure the seller is clear about where your seats are located.
You can verify that sellers are members of the National Association of Ticket Brokers by checking VerifiedTicketSource.com. The association provides a guarantee on tickets sold by its members.
Also, you can check the name of the seller through the Better Business Bureau or do an online search for complaints.
Use a credit card when buying tickets because there are more protections than other forms of payment.
Contact Ellen Marks at firstname.lastname@example.org or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-888-255-9210 or file a complaint at www.nmag.gov/file-a-complaint.aspx.