Personal Finance 
3
comments

Be Wary of Unsolicited Phone Calls

Telephone PhishingRecently I’ve been getting a lot of strange unsolicited phone calls from 800 numbers claiming to be my cell phone company or my bank or my credit card. In many cases, the calls are legitimate. If it’s a credit card company, they’re confirming some card activity and offering all the sensitive information. However, I’ve also been getting some suspicious ones at all. This last week, I had a phone call from someone who worked for a timeshare. I wasn’t interested in flying down for a three day, two night getaway in Florida and when I asked where they got my name, I got the “oh reception is breaking up *click*” That really put me on edge.

Then, a few days later, I received another phone call from someone telling me I was eligible for a promotion related to my “credit card that ended in…” and then rattled off four numbers (that matched a credit card I actively used). Again, when I asked them for their company name or how they found me, I god the “reception is breaking up *click*” treatment.

Lesson of the Day

If a company calls you out of the blue, be on your toes. Phishing isn’t limited to email, people lose sensitive information all the time because of phone calls like the ones I’ve been receiving. If a company calls you and you’re on the National Do Not Call Registry, get their information and file a complaint.

Whatever you do, don’t give up any information. If it’s really important, you can call them back at a published corporate phone number. Have them annotate your record.

Search

Lastly, if you’re curious, do a search of the number. When I searched for 877-671-1851, I discovered, through 800Notes, that it was Sprint trying to sell me a promotion (which matched what the CSR was trying to do). While you can’t trust everything you see online (anyone can put up a website that says their phone number is legimate), it can give you a good idea.

(Photo by _М и р К о__)


 Banking 
1
comments

Five Check Fraud Tips by Frank Abagnale

If you’ve ever seen Catch Me If You Can, starring Leonardo DiCaprio, then you’re very well aware of the exploits of Mr. Frank Abagnale Jr. The story is about one of the most prolific check fraudsters. He’s passed a bad check in all fifty states as well as an additional twenty-six countries, before behind apprehended. Recently, US News had a chance to talk with him and he passed on five tips to prevent check fraud.

The tips are fairly straightforward – release as little information as possible, don’t use checks because they’re insecure, and check your register every single month. Diligence and common sense have always been and always will be the best defense against fraud.


 Personal Finance 
8
comments

Don’t Access Private Information from Public Computers

Our home recently lost Internet access because our Verizon FiOS cable modem/router died (after only a couple months!) and my wife sauntered over to the library next door to prepare her taxes while I was at class Monday night. As you can imagine, when she told me this, after she’d prepared her taxes, I got nervous that she had put all that sensitive information through one of the publicly accessible computers at the library. Fortunately I was wrong, she was merely using her own computer connected to their network and thus safe in this regard.

I segregate the world of “personal/private information” into sensitive and routine information. Sensitive information covers all financial and personally identifying information such as bank and brokerage accounts, business assets, and anything account that would cause considerably harm if compromised. Routine information covers everything else including email. Loss of a routine information account wouldn’t cause too much harm (I’d be furious though) and wouldn’t compromise sensitive accounts. This means that sensitive and routine accounts never share the same password, this is a crucial step.

Why do I do this? Publicly accessible computers, such as terminals at libraries and hotels, aren’t within your control and so you never know what’s been done to them. At worst, they have keyloggers installed, either software or hardware, that log your every keystroke. Those keystrokes can be replayed back at a later time for someone to gain access to your accounts.

Also, I can’t trust myself to clear the cache, cookies, and other information every single time (on Firefox, it’s easy, go to Tools -> Clear Private Data or hit CTRL-SHIFT-DEL). What if I’m lax and click “Remember Me?” and leave myself logged in? What if I tell Firefox to save the password out of habit? What if I simply don’t log out and the next person on gets access to my information? Security breaches aren’t always the cause of a malicious act, sometimes they’re caused by user error or mistake meeting an ethically-gray opportunist.

Chances of theft are low. I recognize that the chances of someone installing a keylogger on a hotel computer or the chances of me leaving myself logged in and the next person being an ethically-gray opportunist is slim, but I see it as not being worth it. 99.99% of the time, I won’t ever need to log into a brokerage or bank account at the hotel so why bother?


 Credit 
9
comments

Stealing RFID Credit Card Data Is Easy!

Remember when someone actually needed to have your card before they could steal your data? With RFID, or radio frequency identification, all they need to be is near your card, with an $8 RFID reader, to get your information now! If you watch this episode of boing boing TV, you can see a $8 reader pull your card’s details from you without actually having your card. What can you get? Card name, cardholder’s name, and expiration date (probably more, you can transmit about 2 kB of data) – or essentially everything off the face of your card.


If you remember back to physics class, electricity and magnetism are inter-related. A magnetic field around a conductive material will generate an electric charge. If you want to get real nostalgic, remember the right hand rule? :) Anyway, RFID works off that principle. The reader sends out a magnetic signal that generates a current in the RFID chip. The current powers the chip and gets it to send out a signal that the reader will detect. The signal is encrypted, that’s not the problem, the problem is that it can be decrypted by the reader, a reader you can buy for $8. The security flaw has nothing to do with RFID technology, the failure is in the implementation by the credit card industry.

The technology expert in the clip, Pablos Holman, does point this out by saying the decryption should happen back at a secure location rather than at the point of sale and I suspect this is a cost cutting measure on the credit card industry’s part. By decrypting at the POS, they get to reuse their systems (i.e. use RFID on the cheap) as-is rather than building a mechanism for decrypting the data somewhere down the data stream. I’m 99.9% sure that someone in the entire industry has thought of the scenario in which someone buys an $8 reader and starts stealing data but it’s cheaper to fix the fraud than develop a better system.

As to the concerns that you could walk into a Starbucks and steal everyone’s data with a reader augmented with a powerful antennae, that’s not 100% accurate because an RFID tag has a read range based on its frequency. Smart cards are said to use high-frequency tags, which have a read range of 3′ or less. So while you could activate every card in the room, you’d have to wander within 3′ of everyone (still easy, just not as easy as turning it on and standing there) to grab the data.

If you want to learn more about RFID, check out the Association for Automatic Identification and Mobility’s FAQ on RFID.


 Personal Finance 
11
comments

Investigating A Error On My Equifax Credit Report

When the Federal Reserve lowered the target federal funds rate last week, lots of people started inquiring about refinancing options to see if they could get a better loan. I was among the crowd. I requested refinancing information through LendingTree and fielded a few offers before deciding that refinancing was not a viable option for me at the moment. One of the lenders pulled my credit and Equifax was obligated to tell me about it.

I learned that my score was a 643, not surprising that it’s not an awesome score because I recently closed out some balance transfer arbitrages, but the listing of items that adversely affected my score did concern me:

  1. 78 – Serious delinqncy, derog, public recd or collection with balance
  2. 58 – Insufficient length or lack of credit history
  3. L – Length of time since legal item filed or collection item reported
  4. F – Prop. of bal. to high cr. on bk rvlvng or all rvlvng accts
  5. Y – Inquiries impacted the score but not significantly

Items 2 isn’t much of a concern overall and items 4 and 5 are certainly related to my balance transfer arbitrage days, but what about Items 1 and 3? Legal item? Collection item? Delinquency? This calls for a trip to the Equifax for a copy of my credit report (my one freebie each year) and a side trip to their Equifax Online Dispute page.

After reviewing my account, there was one entry in the Collections category for an account with “PPL ELECTRIC UTILITIES,” a power company that appears to be located in Pennsylvania. About a year ago I cleared up some errors on my credit report from another bureau for a cell phone that wasn’t mine, an social security number linked to my account plus some address history; could this be a leftover from that account? It appears so.

What’s infuriating is that the other SSN was identical except a six was replaced with a zero and Equifax felt it was “close enough” to link to my account! I don’t understand why it didn’t have to be an exact match. Anyway, I submitted a dispute and we’ll how quickly they can get that resolved.


 Credit 
20
comments

Another Reason To Avoid Debit Cards

There are plenty of reasons you should use a credit card instead of a debit card (if both are available) but here’s one that is especially compelling. A debit card is directly linked to your checking account, whereas a credit card is linked to an ephemeral credit limit. When Burger King accidentally bills you $2,243 instead of $22.43 or when they bill you $8,648 instead of $86.48, you aren’t suddenly emptied of all your funds.

Debit cards used to suffer from weaker fraud protection, that’s no longer the case. Debit cards used to be less widely accepted because they used a network that differed from credit cards, that’s less and less the case. However, debit cards will always be linked to your bank account (that’s by definition) so when someone accidentally enters in $2000 instead of $20, you’ll be out that money until someone is around to resolve it.

In the meanwhile, any checks you’ve written or any future debit transactions will result in NSF (not sufficient funds) and overdraft fees – which will likely put a smile on your bank’s face and a huge frown on yours.

So, if you want yet another reason not to use debit cards, this is a big one. Don’t underestimate the power of carelessness and stupidity.


 Personal Finance 
20
comments

50 Fun Facts About Cold Hard Cash

$100000 Woodrow Wilson Gold CertificateCash, cabbage, paper, scratch, scrizzle, dineros, dough, whatever you want to call it, it’s all means the same – it’s cold hard cash. There is plenty of useless and fun trivia about currency that is certainly fun to know and you guessed it, I’m going to give you at least fifty fun facts about currency, mostly US facts but a sprinkling of international ones near the end. The first bunch have to deal with US money history in general such as the creation of the Mint and the Bureau of Engraving and Printing, then moves onto specifics about the bills and coins such as what they are made of. Then we move onto some of the interesting facts that deal with counterfeiting. The 50 facts end with a few facts on what you should do with damaged or mutilated currency and then a few international facts for those of you looking to get an edge in Trivial Pursuit. I hope you enjoy it!

Oh, and in keeping with the tradition of these 50 fun facts posts, I added a few bonus facts so there are a few more than 50 in the list. If you enjoy this list, you might enjoy 50 Fun Facts about Credit Cards and 50 Fun Facts about Banks.

(Click to continue reading…)


 Credit 
1
comments

Nothing Is Free – Including Debit Cards

Companies are getting more and more clever these days. Kim Palmer, who writes a US News & World Report money/business blog called Alpha Consumer, recently received (technically her husband received it ) a letter from the National Collegiate Lending Institute in which they were told they could receive a $300 debit card at no cost to them.

It turns out—surprise, surprise—that the offer is too good to be true. I called the number listed in the letter and learned that the “free service” is student loan consolidation. The $300 would be handed over only if we consolidated our student loans through the company and then provided a testimonial about it—hardly a 10-minute decision, especially when our student loans are already consolidated at decent interest rates. …


The lesson: Mail offering free money usually belongs in the trash.

What’s especially funny is the explanation and discussion that Kim has with David Tominus, sales manager and part owner of National Collegiate Lending Institute. Kim says its misleading (it is a litte), David says people should read the fine print (people don’t), and what it comes down to is that your average recent graduate is going to see $300 debit card, look at a relatively decent offer, and pull the trigger. NCLI is banking on that (and they do bank on it, 70-80 times a week).

Your recent grad won’t compare and contrast other offers as diligently because $300 right now is a lot of money (who can give a testimonial without actually using the service?). National Collegiate Lending Institute isn’t being misleading or doing anything disingenuous, they’re simply conducting business and consumers have to be smart enough to protect themselves (though if you do a search of National Collegiate Lending Institute in Google, the first few results are all about AG Cuomo’s investigation into their practices).

I’m all about keeping consumers as accountable for their actions as businesses are but why can’t businesses do business without this sort of chicanery?


Advertising Disclosure: Bargaineering may be compensated in exchange for featured placement of certain sponsored products and services, or your clicking on links posted on this website.
About | Contact Me | Privacy Policy/Your California Privacy Rights | Terms of Use | Press
Copyright © 2014 by www.Bargaineering.com. All rights reserved.