Do you have a business that requires you to be able to accept credit cards in a variety of places? Then you might want to be a “square”.

Square is the name of a device that is currently in development that will be a mobile credit card reader that will plug into the head phone jack of any smart phone or iPod and will allow you to process a transaction in real time.

The square actually has three parts to it.  The square or credit card scanner that plugs into the headphone jack on you phone.  Second the secure app that you need to load on your smartphone. According to a CNBC report they are hoping to either give away the hardware and app for free or sell it at a very low cost.

The third part is the credit card processing service. Like with your phone itself. they will give you everything you need to use their service for free but to make it work you have to pay for the service. Payment for the service looks like it will model after the traditional credit card companies, they will take a percentage of every transaction.

For more information watch the CNBC Report below.

If, they are able to keep the device under $20.00 and keep the service competitive. I can see the “Square” being a must have for business.

Facebook is gaining  popularity very quickly with scammers. Here is a new phishing scam disguising itself as Facebook.

This phishing scam looks more official than the virus that we wrote about the other day. This email claims that Facebook has updated there log-in process and you need to update your account. The email looks very official with Facebook color scheme and logo. But like all phishing scams the links are fake. This perticular email does not have a legitimate link to Facebook at all. The majority  of copies of this email seem to have .eu web address.

Quick review

• Email is very official looking
• Does use the Facebook logo
• Does not have an attachment
• Does not contain a virus.

Actions to take

• Do not click on the links
• Do not fill out any form in conjunction with the email
• Delete the email

When “password reset” shows up in the subject line there are some basic things you should know about this type of email to protect yourself. The most important thing to remember is if you did not change your password or you do not remember triggering a password reset. The email is either a virus or a phishing scam. With that said, Password resets breakdown into three basic types.

The first type is confirming it is done. These emails are sent after you have either just changed or reset your password confirming that the process is done and will typically contain the verbiage along the line of “your password has just been changed.  If you did not change your password please contact support”. If you receive an email like this and you did not change the password always verify a phone number by going to the web separately from the email.  Or in the case of email always go to the web to click on a support email or to start a support ticket.

Second type are a click on the link. These are emails that are triggered after you have filled out a password reset form. Once you click submit on the form it will tell you that it is sending you a confirmation email with a link in it that you need to click on and you will receive it in a set period of time. The link will never be contained in an attachment.

Third type is the temporary password or code email. Again this is an email you have to trigger by either filling out a password reset form or clicking on a forgot my password link and given some information. These emails typically either have no link or just a simple link that takes you to a home or log-in page. These emails will contain either a code that you have to input or a temporary password that you input and after log-in instantly takes you  to a page to change your password. The codes and temporary passwords are typically only good from anywhere from an hour to 48 hours.

Sign that a password rest email is fake

• You did not trigger the email
• Email has an attachment
• It is to a page you do not belong to( example would be you get a  password reset email from Chase but you do  not have a Chase account)
• Email has a fake link

Facebook being one of the big sites on the web is bound to have it’s name slapped on a virus eventually. One of the viruses going around  is in an email with the subject line “Facebook Password Reset Confirmation”. This email normally comes in plain text and always with an attachment.  The “From line” will show Facebook or service@facebook.com. While Facebook does allow you to reset your password and there is email involved there is never an attachment involved. Big red flag is YOU have to trigger a password reset.  If you did not trigger a password reset that should tell you it is a fake email. The virus on this is only a concern if you try to open the attachment.

Quick Review

• From line says either Facebook or service@facebook.com
• Subject line: Facebook password reset
• There is an attachment
• The body of the email is plain text with no links.

Actions to take

• Do not download anything
• Delete email
• Make sure trash bin is Empty after deleting

Make  sure you check out our follow-up blog post “What you should know about password reset emails“

Have you gotten an email from the FDIC that your bank has failed. This email is not from the FDIC. The email pictured below is a phishing(pronounced fishing) scam.

There is only one link in this email that appears to be directing you to fdic.gov. Unfortunately the link actual leads you to a fraudulent .uk web address. This is phishing for your personal information. This is no a virus,  just an attempt to steal ones identification.  To deal with this email, ignore and delete.

Quick Review

• Message from line reads either FDIC or consumeralert@fdic.gov
• There are no attachments
• Fake link in body
• No virus

Action to take

• Do not fill out any information
• Delete email