Westwood South of

Santa Monica Blvd.

Homeowners Association


Consumer Alerts


October 2017

FROM nearby LAPD Senior Lead Officer Chris Ragsdale:
____________________________________

If anyone knocks, calls, emails, texts, or approaches, unsolicited by you,
DO NOT OPEN THE DOOR, DO NOT ENGAGE! Respectfully and politely indicate that you are not interested. If the solicitors become persistent or refuse to leave, advise them you are notifying the police and report the details to  the Non-Emergency Dispatch at 1-877-275-5273.

Be aware that another trend has been Distraction Burglaries. In these incidents a person posing as a utility worker, roofer or tree trimmer knocks on your front or side door and states they need to access your back yard.
The suspect will lure you into the back of your residence while a second suspect will enter through the front door and quickly ransack areas inside the home seeking Jewelry, cash and small valuables. In most cases the suspects stay in contact and communicate by cellular telephone or two way radios. Other methods of operation have been female suspects who claim their pet or small child went into your backyard.

Whenever receiving emails from financial institutions or retail stores advising you "click here" or providing a direct link to follow in the email, NEVER CLICK ON THE LINK! This is a phishing scam!
 
Another recent scam has been persons calling and claiming to be from the power company or other utility. The caller demands immediate payment or the power or other utilities will be shut off. In most of the scams, the caller directs the resident to purchase cash debit cards at a retail location and provide the card numbers and pin number as payment.

Just to reiterate, if you receive anything from anywhere, unsolicited, DO NOT RESPOND!

* Solicitors, regardless of if they are selling a product, offering a service, seeking a donation or, political in nature, should be turned away.

* If someone knocks on your door and says you have to step out of your home, especially to go to your back yard, CALL 911 Immediately!
* When logging into online accounts always use the saved link on your browser or type in the web address on your own.
* When making wire transfers, ALWAYS verbally verify and confirm the wire instructions prior to completing the wire transfer.
* You may report Internet scams and crime to www.ic3.gov

EMERGENCY: 911
NON-EMERGENCY: 1-877-275-5273
All other City Services: 311

--------------------------------------------

Oct. 2017

10 Tips on How to Identify a Phishing or Spoofing Email

Phishing attacks are more rampant than ever before, rising by more than 162 percent from 2010 to 2014. They cost organizations around the globe $4.5 billion every year and over half of internet users get at least one phishing email per day.

The best defense companies have against phishing attacks is to block malicious emails before they reach customers with the DMARC (Domain-based Message Authentication Reporting and Conformance) standard. Brands must also work with a vendor that can offer email threat intelligence data revealing attacks beyond DMARC (e.g., attacks that spoof their brand using domains outside of the company’s control).

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox. And those messages are extremely effective—97% of people around the globe cannot identify a sophisticated phishing email. That’s where customer education comes in.

Here are 10 tips on how to identify a phishing or spoofing email. Share them externally with your customers and internally with your company.

Tip 1: Don’t trust the display name
A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Return Path analyzed more than 760,000 email threats targeting 40 of the world’s largest brands and found that nearly half of all email threats spoofed the brand in the display name.

Here’s how it works: If a fraudster wanted to spoof the hypothetical brand “My Bank,” the email may look something like:

Since My Bank doesn’t own the domain “secure.com,” DMARC will not block this email on My Bank’s behalf, even if My Bank has set their DMARC policy for mybank.com to reject messages that fail to authenticate. This fraudulent email, once delivered, appears legitimate because most user inboxes only present the display name. Don’t trust the display name. Check the email address in the header from—if looks suspicious, don’t open the email.

Tip 2: Look but don’t click
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in website address directly rather than clicking on the link from unsolicited emails.

Tip 3: Check for spelling mistakes
Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Tip 5: Don’t give up personal information
Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.

Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Tip 8: Don’t click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Tip 9: Don’t trust the header from email address
Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address. Return Path found that nearly 30% of more than 760,000 email threats spoofed brands somewhere in the header from email address with more than two thirds spoofing the brand in the email domain alone.

Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

Want to learn how to block phishing threats before they reach your customers? Check out the guide, Getting Started with DMARC

From the Southern California Gas Company (5/15/12)

Imposters Claim President Obama is paying utility bills

Southern California Gas Co. (SoCalGas) is alerting customers to be aware of a scam that has impacted other utility customers in several states across the country.

The scam claims that President Barack Obama is providing credits or applying payments to utility bills. In some cases, scammers have asked for social security numbers in order to allow for credits or to apply payments to customers' utility bills, presenting an identity-theft risk. According to reports, scammers have visited customers in person, posted fliers and used social media and texting to send messages claiming that President Obama will provide a credit or directly pay utility bills.

SoCalGas wants to assure customers that SoCalGas employees carry proper identification when called out to any job. The company also does not randomly call or text customers asking for social security or other information. Customers should verify the employee's proper uniform and identification before letting anyone in the home or on their property. Customer safety is a top priority for SoCalGas and employees will always be happy to wait while the customer confirms their identity.

Here are some tips to help customers identify SoCalGas employees:

• Be vigilant and question anyone who presents themselves as a representative of the utility.

• SoCalGas workers who perform in-home appliance services, work on gas meters or work on gas pipelines wear uniforms. However, some other employees do not. Always ask for identification before allowing anyone inside the home or on the property.

• The majority of authorized SoCalGas employees will be in uniform with company logo and carry an official employee badge. Most field employees also drive a company vehicle.

• Most of the time a SoCalGas employee visits a home or business in response to a service request. If no one scheduled an appointment, call SoCalGas before allowing anyone inside the home or property

• Never leave the house unlocked and unattended. SoCalGas does not ask customers to leave their homes unattended.

• To verify the authenticity of anyone claiming to be a representative of SoCalGas, customers are encouraged to ask for proper identification or call the utility at 1-800-427-2200 (or 1-800-342-4545 in Spanish). SoCalGas customer service representatives are available 24 hours a day, seven days a week.

• Visit socalgas.com/safety for more information on staying safe.



LA DWP ISSUES WARNING TO RESIDENTS (6-2012): 

LOS ANGELES - The Los Angeles Department of Water and Power (LADWP) cautions residents to beware of impostors posing as utility personnel making service-related house calls. These impostors seek to gain access to residential property in order to steal valuables from the occupant. LADWP customers have reported recent incidents of "distraction burglaries," wherein the impostors work as a team: one diverts the attention of the resident by taking them outside or to another part of the house, while another searches the home for valuable items to steal.

LADWP asks all customers to call the Department at 1-800-DIAL DWP (1-800-342-5397) to verify the worker's identity, employment and purpose of visit before granting access to any part of their property. Employees will present their Department-issued IDs and give their name, employee number and supervisor name to customers at the time of visit and anytime upon request.

"Distraction burglary is an important issue for us but the good news is, this form of victimization is easily preventable," said Patrick Findley, Director of LADWP Security Services Division. "The more our customers know about it, the less likely it is to happen, so help us spread the word among your family, friends and neighbors."

All LADWP employees have ID cards and field employees wear uniforms and drive Department vehicles, both of which prominently display the familiar LADWP logo seen at the top right corner of this document. Additionally, LADWP employees typically do not appear at customers' doors unannounced. To remain safe, customers should not open their doors to anyone claiming to be a utility employee until the worker's identity, employment and purpose of visit has been confirmed.

The public should always report any criminal incidents to the Los Angeles Police Department.

LADWP officers are on watch 24 hours a day, seven days a week, 365 days a year. To report suspicious activity to the Department: call LADWP Security Services at (213) 367-3373 or (213) 367-9111, or

  • email SecurityServicesWebNotification@ladwp.com, or
  • visit www.ladwp.com and click Security Issue under Contact Us.

 

Make a free website with Yola