FORM CRS & ADV 2A
MEET WITH AN ADVISOR
Security

CryptoChameleon

By Trilogy Financial
June 7, 2024
Share on:

CryptoChameleon is a phishing-as-a-service kit that makes it easier than ever for cybercriminals to create convincing phishing campaigns. Criminals often use it to impersonate reputable companies to steal passwords, account information, and other sensitive data.

 

A recent scam using CryptoChameleon targets LastPass, a popular password manager. Scammers pretend to be from LastPass, starting with seemingly authentic support calls. They later send follow-up emails with links to fake login pages, designed to look like legitimate LastPass sites. Once victims enter their master passwords on these fraudulent pages, scammers can access their password vaults and potentially lock them out of their accounts.

 

Reputable companies will never ask for your master passwords through phone calls, emails, or text messages. To protect yourself from these scams, remember to:

 

  • Hang up immediately if you receive a suspicious call claiming to be from LastPass or another reputable company.
  • Do not press any options in automated messages or clicking on links in emails from unfamiliar sources.
  • Report suspicious activity to the reputable company, including screenshots of suspect text messages and forwarded emails.

You may also like:

Life Event AdviceSecurity

Bank Customer Service Scams

By Trilogy Financial
July 26, 2023

Scammers are pretending to be bank customer service representatives reaching out regarding fraud prevention. Their goal is to get you to reset your login credentials and gain access to your account.

How it works
  1. Scammers, posing as customer service representatives, will call and keep the victim on the phone for multiple hours to “resolve” a fraud issue.
  2. The scammer urges quick action to prevent alleged hackers from draining the victim’s account.
  3. The victim is asked for sensitive information like login credentials and verification answers.
  4. The scammer logs in to the victim’s account to initiate unauthorized payments, bypassing security restrictions via a direct call to the real Fraud Support, all while the true customer is on hold.
Quick Tips
  • Check your account activity frequently and monitor for suspicious transactions.
  • When asked for information that seems unusual, hang up and call the phone number on the back of your bank card or account statement.
  • Read text and email communications fully and pause before responding.
  • Remember that banks and credit card companies will never ask you for your password or your card/account number over the phone.

 

Read more
Life Event Advice

Tax Refund Scams

By
June Adams
January 31, 2022

Tax-related fraud and identity theft have continued to grow, with millions of people becoming targets. Scammers need little more than your Social Security number and other general information to file a fraudulent tax return and hijack your tax refund. Taxpayers typically don’t discover the fraud until they attempt to file their own returns, which is why it's essential to file taxes as soon as possible. At the same time, you may want to confirm the appropriate timing with your tax professional. Although 1099s are due by the end of January, custodians may correct 1099s throughout February. If drastic changes happen to a 1099 after you file your taxes, the change can severely impact the amount you owe.

 

Here are some helpful ways to prevent your SSN from being compromised:

  • If you have been a victim of identity theft, complete  IRS form 14039, identity theft affidavit.
  • Respond immediately to any IRS issued notice once you verify the authenticity of the notice. You can do so by calling the IRS directly at 800-908-4490 or setting up your  online account.
  • Get an Identity Protection PIN: a 6-digit number that prevents someone else from filing a tax return using your Social Security number or individual taxpayer identification number. Only you and the IRS know the IP PIN.
Read more

Get Started on Your Financial Life Plan Today