Latest news with #FederalTradeCommission
USA Today
a day ago
- USA Today
Don't click that link: Authorities warn of new DMV scam texts
Don't click that link: Authorities warn of new DMV scam texts Show Caption Hide Caption Federal officials warn of unpaid toll scam texts coast to coast People across the country are getting scam texts demanding they cough up unpaid tolls or else. Here's what you need to know. Straight Arrow News First toll roads, and now DMVs are the entity text scammers are looking to hide behind. The latest round of text message scams pose as important messages from state Departments of Motor Vehicles, or DMVs. As of Friday, May 30, the messages had been reported in several states such as Illinois, Pennsylvania, Florida, New Jersey, Georgia, New York. On Tuesday, May 27, Illinois Secretary of State Alex Giannoulias issued a warning, asking residents to be wary of text messages claiming to be from the Illinois State Department of Motor Vehicles, threatening to suspend vehicle registration and driving privileges if certain bills aren't paid. Here's what to know about the latest round of text scams. What do the DMV scam texts look like? While the texts vary state to state, the underlying message is the same: Residents are at risk of losing their vehicle registration and driving privileges, receive a toll booth charge increase, or see their credit score impacted, if they go not pay an outstanding traffic ticket to the state's DMV. The text message sent to Illinoisans includes a date in which penalties will begin, a fake state administrative code and a list of consequences that the receiver will face if they don't pay an outstanding bill. The message also includes a link that appears to be the Illinois Department of Transportation website. The City of Linden, New Jersey shared in an advisory that folks may receive a text message that includes "ezpassnj" and ".gov" in the link to appear legitimate. The message, however, doesn't allow folks to click the link directly but instead prompts them to respond "Y" and copy the link to a browser. What should you do if you receive a DMV scam text? If you receive a text message from a DMV, demanding money, the Federal Trade Commission suggests the following: Do not respond to the text or click any links. State DMVs would not ask for your information or money by text. If you think the message might be real, contact your state's DMV using a trusted phone number or website. Copy the text message and forward it to 7726 (SPAM). This will help your wireless provider spot and block similar messages. Report the text on the messaging app you use. Look for the option to report junk or spam. Report the text to the Federal Trade Commission at and/or file a compliant with the FBI's Internet Crime Compliant Center at What is 'smishing'? The DMV text scam is an example of smishing. "Smishing" is a social engineering attack that uses fake text messages to trick people into downloading malware, sharing sensitive information or sending money to hackers, according to IBM. The term is a combination of "SMS" or short messaging service" and "phishing," an umbrella term for social engineering attacks. Is 'smishing' the same as a telemarketer? No. While both types of communication may be unwarranted, smishing and messages/calls from telemarketers are different. Smishing is a cybercrime in which scammers are looking to trick victims into revealing sensitive information. Telemarketers, on the other hand, is a legitimate marketing practice used to promote products or services. Greta Cross is a national trending reporter at USA TODAY. Story idea? Email her at gcross@
Yahoo
a day ago
- Business
- Yahoo
CVS and Express Scripts sued to block a new law restricting drug middlemen
CVS and Cigna-owned Express Scripts filed lawsuits Thursday to block an Arkansas law that tries to curb the power of pharmacy benefit managers (PBMs) in the state. PBMs, also known as drug middlemen, are third-party administrators of prescription drug plans for health insurers. They negotiate with pharmaceutical companies over how much a health plan will pay for a drug and set the out-of-pocket costs for patients. Arkansas Gov. Sarah Huckabee Sanders signed a law last month that banned PBMs from owning and operating pharmacies in the state, saying at the time that they 'have taken advantage of lax regulations to abuse customers.' The legislation came following two reports from the Federal Trade Commission and the House Committee on Oversight and Accountability last year that accused PBMs of reaping massive profits by pushing patients to pay for more expensive drugs, including life-saving cancer medicine. Supporters of the Arkansas law, which goes into effect in January, claimed it would also greatly help independent pharmacies, which can't compete with PBM-owned chains like CVS. In its lawsuit Thursday, CVS said the legislation will force it to close 23 pharmacies in the state, eliminating hundreds of jobs, and claimed the ban would 'drive-up costs for Arkansans.' CVS, which declined to further comment, said in their press release that the law violates the Dormant Commerce Clause, a part of the Constitution that restricts states from discriminating against or unfairly burdening out-of-state businesses. It also said the law violates the company's Equal Protection rights. Susan Peppers, vice president of pharmacy practice for Evernorth Health Services, which runs Express Scripts and is owned by Cigna, said in a press release that 'if this law takes effect in January, hundreds of thousands of Arkansans will be left scrambling to navigate the forced closure of pharmacies and finding new ways to get their medicines and critical clinical support.' While advocates say the law will help rural Arkansans whose local pharmacies can't stay afloat, Express Scripts is claiming the opposite. The law 'could be especially challenging for the more than 40% of Arkansans that live in a rural area and may not have easy access to a retail pharmacy,' it said. In a statement to Quartz, Arkansas Attorney General Tim Griffin defended the legislation. 'Pharmacy benefit managers wield outsized power to reap massive profits at the expense of consumers,' he said. 'Through Act 624, Arkansas is standing up to PBMs on behalf of consumers, and I will vigorously defend our law.' For the latest news, Facebook, Twitter and Instagram.
Yahoo
2 days ago
- Business
- Yahoo
The hidden price of free: How businesses' cost-cutting tech choices compromise your security
Free software is everywhere, used for email, marketing, accounting, scheduling, and even storing customer data. For small businesses under pressure, it's a tempting way to cut costs and stay afloat. But 'free' often comes with strings. Many of these tools don't offer strong security, putting your customers or clients at risk. What looks like a smart financial move can end up compromising sensitive information. Plenty of businesses, from healthcare to retail, have learned this the hard way. Data breaches tied to free platforms aren't rare, and the consequences can be serious. Just because a tool saves money doesn't mean it's the right choice. If it's not built to protect sensitive data, it might cost you and your customers much more down the road. Heimdal explored this issue to highlight how popular free software tools can weaken cybersecurity and what businesses (and consumers) can do to stay protected. Free software isn't really free. To stay in business, these tools often make money by tracking users, selling data, or running ads. They can collect user data by scanning emails, monitoring activity, or analyzing documents, and it's rarely clear how the data is used or stored. Without strong protections in place, customers can end up paying the price with lost privacy. Businesses might save a few dollars using free platforms, but the trade-off can mean weak security, intrusive advertising, and data leaks. Free platforms often lack essential security features like encryption, multi-factor authentication, and monitoring tools. These gaps can make sensitive information easier to access and exploit. Even trusted brands make compromises in their free versions. For example, Microsoft's no-cost Office stores files on OneDrive by default and displays ads. This setup raises concerns about privacy and control over users' stored content. The most troubling part is that customers don't choose these tools—businesses do. But when something goes wrong, it's the customers who suffer. Their data may be exposed, sold, or stolen. Free software might help balance a budget, but the real cost is often passed on to someone else. Legal and compliance risks Using free software can do more than risk data. It can also break the law. Industries like healthcare, finance, and legal services must follow strict compliance standards and data protection rules. Free tools may not be equipped with the features needed to meet those requirements. Take healthcare, for example. HIPAA requires encryption for patient emails containing health information, yet most free platforms don't offer that protection by default, which can lead to provider violations, fines, and lawsuits. Any business collecting customer information, such as emails, names, or payment details, has a legal obligation to safeguard it. The Federal Trade Commission (FTC) has outlined specific steps businesses should take after a breach, from notifying users to fixing the issue, and they don't take violations lightly. From retail to healthcare, real-world breaches show how cutting corners on tech can expose sensitive data, violate regulations, and damage trust. The following examples highlight what happens when cost-saving decisions put customers at risk. Retail and e-commerce data exposures Online shopping is convenient, but only if businesses keep customer data safe. Many small retailers use free or cheap tools to handle payments and store personal details. Without strong security, that choice can cause damage. Drizly's 2022 breach is a clear example. After ignoring known vulnerabilities, the alcohol delivery company and its CEO faced FTC action when millions of customer records were compromised. It's no longer in business. Insecure systems can lead to fraudulent charges, identity theft, and long-term credit damage for customers. Hackers can use leaked details to open accounts or apply for loans. Retailers may not intend harm, but skipping secure systems puts people at risk. Saving money shouldn't come at the cost of customer trust and safety. Small business service providers Law firms, consultants, and accountants often handle highly sensitive client data. But when they rely on free tools, they may be putting that information at risk. Free cloud storage isn't always secure, and file-sharing tools pose similar risks. Without alerts or monitoring, unauthorized access can go unnoticed, leaving confidential documents exposed. In 2024, Illinois-based accounting firm Legacy Professionals suffered a data breach that exposed the personal information of nearly 217,000 individuals, including Social Security numbers and health data. Multiple lawsuits were filed, alleging the firm failed to implement reasonable security measures or notify victims promptly. A single breach can shatter client trust in these types of businesses. Once it's broken, it's tough to rebuild. Plus, if data like Social Security numbers or banking info gets leaked, clients could face real financial harm. Healthcare privacy breaches Using free tools in healthcare puts providers at serious risk. Without proper security, these tools can lead to HIPAA violations. Take free email platforms, for example. If they don't encrypt messages, patient info gets exposed with every send. That kind of slip can trigger identity theft, insurance scams, and even job discrimination. Onsite Women's Health experienced this firsthand. In October 2024, the Massachusetts-based provider suffered an email data breach that exposed the personal details of over 350,000 people. Lawsuits followed, claiming the company didn't do enough to protect patient data. Customers can spot weak digital security if they know what to watch for. Many small businesses using free tools leave behind clues. One red flag? Free email addresses. A business sending messages from @ or @ might not be using secure, business-grade email services. Custom domains usually offer stronger protections. Sketchy websites are easy to spot if you know what to look for. No 'https,' a broken padlock, or browser warnings usually mean the site isn't secure. Pay close attention to payment pages. If you're redirected to a site you don't recognize or don't see trusted logos, that's a red flag. Maybe the system is outdated or missing encryption. Even random software ads can be a clue. They might mean the business is running on older, less secure tools. These signs aren't foolproof, but they help people protect their data. Business practices that signal risk Some businesses make it pretty easy to spot security problems if you know what to look for. Pay attention to how they handle your data. If they dodge security questions or give vague answers, that usually means their protections are weak or nonexistent. Privacy policies packed with generic language are another warning sign. If they don't say how data is stored, whether it's encrypted, or who can access it, they're probably not taking security seriously. Be wary if a company asks for info they don't need, like your birthdate, just to sign up for a newsletter. That usually means they're collecting data for marketing or even selling it. And if a tool forces everything into cloud storage without options, that's a hit to your control. No transparency? No real privacy. Before sharing your data Sharing personal information shouldn't be automatic. Before filling out a form or buying something online, consider how that business handles your data. Ask direct questions. How is your data stored? Is it encrypted? Who can access it? If the business can't answer clearly, that's a red flag. The FTC expects transparency, and so should you. Read the privacy policy. Look for details on data sharing, storage time, and security measures. If it's vague or hard to follow, that's not accidental. Do a little research. Check for HTTPS in the URL, valid security certificates, and online reviews. See if the company has had breaches or complaints. Trust your gut—if something feels off, walk away. A cautious pause now can save you headaches later. After your data has been shared Even if you're careful, breaches can still happen. Once a company has your information, it's smart to stay alert. Watch for unusual activity in your bank accounts, emails, and credit reports. Tools like credit monitoring or breach alerts can help you spot trouble early. You can also check online databases to see if a company you've used has been breached. If you feel something is wrong, act quickly. Change your passwords and freeze your credit if needed, then report the issue and keep records. The FTC offers a helpful guide for the next steps. Know your rights and don't stay silent. Depending on your location, you might qualify for credit monitoring or compensation, and you can report mishandling to the FTC, your state attorney general, or consumer protection agencies. Affordable alternatives to free software Businesses don't have to choose between overspending and risking security. Plenty of budget-friendly tools offer real protection without the downsides of free platforms. Many paid options are built for small businesses and include encryption, access controls, and support. When you consider the hidden risks of free software, affordable paid versions start to look like smart investments. Open-source tools can also be secure. Many are well-maintained and ad-free, but they may require IT support to set up properly. Using a risk assessment checklist (e.g., What data is stored? Who owns it? Is it updated regularly?) can help guide smart choices. Breaches can cost far more than subscriptions. Spending a little now can protect trust, data, and your bottom line later. Minimum security standards worth paying for Some security features are nonnegotiable when handling sensitive data. These protections are worth paying for: Automatic updates to fix vulnerabilities fast Strong logins with multi-factor authentication Encryption for data while it's moving and when it's stored Role-based access and audit logs to track who's doing what Backup and recovery systems in case something goes wrong These features cut the risk of breaches, protect your reputation, and keep you out of legal trouble. It's smart IT and smart business. Consumers aren't helpless when it comes to data protection. Speaking up and making informed choices can help push businesses to do better. Start by asking questions. Don't hesitate to ask how your data is stored, whether it's encrypted, or who has access. These conversations can nudge companies toward stronger security. Choose where you spend. Supporting businesses that invest in secure systems helps raise the standard. Avoiding those that cut corners sends a clear message. Stay informed. Know your rights and keep up with trends in data security. Stay alert. Use strong passwords, keep software updated, and monitor your accounts. Free software may offer convenience, but it often comes at a price—one that customers or clients may end up paying. Businesses and consumers alike have the power to change that. This story was produced by Heimdal and reviewed and distributed by Stacker.
Yahoo
2 days ago
- Business
- Yahoo
Ramit Sethi's ‘Buy American' Challenge (and Why No One Takes It)
Personal finance author Ramit Sethi has a challenge for Americans. In an Instagram post, he said that if you can prove that at least 51% of the items in your home are made in America by giving him a Zoom tour, he'll write you a $1,000 check. Read Next: Find Out: The challenge was aimed directly at people who have commented on his Instagram posts to encourage others to buy American-made goods instead of those from other countries to 'protect America.' However, Sethi said once he presents his offer, he never hears back. Here's why the 'buy American' challenge has no takers. Even for those who want to buy mostly (or all) American goods, international supply chains make it hard to do so. Everything from cotton T-shirts to smartphones often involves materials and/or labor from multiple countries, even if the final product is assembled in America. Some goods just aren't available as 'American-made.' Check Out: Product labels can be misleading. A 'made in the USA' claim may only mean the product was assembled in the U.S., while most parts were imported. The Federal Trade Commission defines 'made in the USA' as meaning 'all or virtually all' of the product is made in the U.S., but that standard is vague and hard to regulate. Even retailers may not know where their products come from, per NetChoice. The price difference between goods that are imported and those made in the U.S. is a major reason shoppers don't commit to buying American-made products. Sethi explained that buying American-made items could cost consumers six to eight times more money. Recently, a serial entrepreneur, Ramon Van Meer, who is the founder of Afina, which sells filtered shower heads, did an experiment to see if Americans would buy a shower head that was made in the U.S. for a much higher price — about $110 more — than the imported version. He was motivated to do this due to skyrocketing tariffs. Even though some people put the more expensive American-made product in their shopping cart, not one person ultimately bought it. The only sales Van Meer made were for the cheaper imported product. Editor's note on political coverage: GOBankingRates is nonpartisan and strives to cover all aspects of the economy objectively and present balanced reports on politically focused finance stories. You can find more coverage of this topic on More From GOBankingRates I'm a Retired Boomer: 6 Bills I Canceled This Year That Were a Waste of Money These 10 Used Cars Will Last Longer Than an Average New Vehicle This article originally appeared on Ramit Sethi's 'Buy American' Challenge (and Why No One Takes It) Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
3 days ago
- Business
- Yahoo
Washington consumers will gain ‘right to repair' cellphones and other electronics
Photo by Getty Images. Washington is joining a growing list of states trying to tear down barriers for consumers who want to repair their electronics rather than buy new ones. Gov. Bob Ferguson last week signed the state's new 'right to repair' policy into law. The goal of House Bill 1483 is to allow consumers to fix their devices instead of throwing them away and buying new ones. It was a yearslong effort to get the law approved. 'This is a win for every person in Washington state,' said the bill's prime sponsor, Rep. Mia Gregerson, D-SeaTac. 'We all know that we want to keep our devices longer. We want to be able to connect with our loved ones.' In 2021, the Federal Trade Commission reported that consumers with broken electronics don't have much choice but to replace them because repairs require specialized tools, unique parts and inaccessible proprietary software. And those restrictions, the FTC found, disproportionately burden communities of color and low-income communities. The COVID-19 pandemic exacerbated these issues as access to technology quickly became increasingly vital. Apple has since made moves to improve the repairability of its products. Some companies engage in a practice called 'parts pairing' that can make replacing parts of a device impossible. Washington's new law would largely outlaw this tactic. Starting Jan. 1, 2026, the law will require manufacturers to make tools, parts and documentation needed for diagnostics and maintenance available to independent repair businesses. The requirement applies to digital electronics, like computers, cellphones and appliances, that were first sold in Washington after July 1, 2021. Manufacturers won't be able to use parts that inhibit repairs. The state attorney general's office could enforce violations of the new law under the Consumer Protection Act. Critics argued the bill could harm businesses' reputations if repairs aren't completed correctly, and potentially leave users' personal information unsecured. But some tech giants backed the legislation. Google, for example, thanked the governor for signing it. 'This is a significant win for consumers, and will provide them more affordable ways to repair their devices while reducing waste,' a spokesperson said in an email. Microsoft said its 'Surface PCs are among the most repairable in their class — and we view this law as a meaningful step toward reducing waste, empowering consumers, and advancing a more circular economy.' State lawmakers across the country have introduced similar legislation in recent years. Five states now have laws on the books: California, Colorado, Minnesota, New York and Oregon. Massachusetts and Maine have such laws focused on car repairs. Southwest Washington U.S. Rep. Marie Gluesenkamp Perez, a Democrat, has led the charge in Congress for national right to repair laws focused on cars, electronics and military equipment. Before joining Congress, Gluesenkamp Perez co-owned an auto repair shop. Late last month, the U.S. Army, at the direction of Defense Secretary Pete Hegseth, announced it would seek 'right to repair' provisions in all of its contracts. Ferguson also signed a similar repair bill focused on wheelchairs and mobility scooters. Both measures had strong bipartisan support. This story was originally produced by the Washington State Standard which is part of States Newsroom, a nonprofit news network, including the Daily Montanan, supported by grants and a coalition of donors as a 501c(3) public charity.
