Don’t leave yourself open to attacks – help keep yourself safe by directing potential buyers or sellers to keep everything ONLINE. One of the best ways to help prevent fraud is to use our on-line messaging system. By communicating and tracking the order process on Audiogon’s messaging system, you can help deter fraudulent attempts to your account. This also helps our Support Team to quickly research and resolve your case in the event of a fraudulent transaction.
How does Fraud happen?
The majority of online fraudulent attacks are to try target people by identifying and impersonating services that they know people are using – things that look familiar. In order to perpetuate these attacks, they need to know your email address and that you are a user of a particular site. That’s one of the biggest reasons it’s important to avoid engaging a user in a direct email conversation. Our old direct user messaging system made this possible if you ever responded to a request, unfortunately, which is the premier reason that we had to rebuild the system to utilize On-Site Messaging. Through this system, you can have a discussion with another user without ever exposing your email address. The #1 thing you can do to protect yourself is to avoid giving out your email address to people/users that you don’t know.
What should I be aware of?
The type of email fraud we run into most often is called “Phishing.” This happens when an email is sent out by someone pretending to be Audiogon – they will imitate our email templates and usually have some type of message about “security changes” or telling you that “your account will be cancelled unless…” asking you to login, update your password or verify your account. In an email like this, they’ll include a link to a site they’ve copied to look exactly like the Audiogon login page. Usually, you won’t be able to identify this from the email itself. These are designed specifically to try to trick you into giving up your password so they can access your account.
In the event that you receive one of these messages, there are a couple of things you need to remember:
1. Remember, Audiogon will NEVER send you an email prompting you to update your password unless you have visited the site and completed the “Forgot your Password” form.
We will stick to this policy even when it is inconvenient. In the event that we actually do need you to update your password for some type of security protocol change, you will see the following message:
“In keeping with Audiogon’s email security policy, there is no link in this email to change your password. Please visit the site yourself and follow the instructions after you login.”
2. Always check the domain name.
If you click a link in an email and you’re brought to a login screen, look in your address bar to verify that you are visiting app.audiogon.com and the login screen shows “https” to indicate the proper security certificate. In most cases, these copycat login screens will try to set themselves up on a domain name that LOOKS like audiogon.com. A few that we’ve seen recently include audiogonsupport.com, appaudigon.info, audigon.com, audiogon.co. They are generally similar enough that you wouldn’t notice anything wrong with just a quick glance.
3. Report the site to us.
As soon as you realize you’re looking at a fake email, report it to us here. We will then work to get the site taken down as fast as possible.
4. Report the site to Google, Microsoft, and the US Government.
– Report them to Google
– Report them to Microsoft by using a tool built into Internet Explorer:
– Report them to the US Government by forwarding the email you received to: firstname.lastname@example.org
– Report them to Symantec
– Report them to PhishTank by OpenDNS (you will have to create a free account)
5. Protect yourself behind the scenes.
This is a more technical step but is overall fairly straightforward way to protect your entire home or office if you can access your router. You can setup a free service called OpenDNS which validates and blocks fraudulent websites exceptionally quickly through a dedicated team of site reviewers. In the event that there is a delay with us getting a site taken down at the provider level, OpenDNS does an excellent job of blocking fraudulent sites quickly so you’ll be presented with a prominent warning if you accidentally visit one.
What to do if you’ve been a victim of a scam
In the event that you think you’ve fallen for one of these sites, login to your account and change your password to something completely different that your original password. For example, if your old password was BrownCow, don’t choose BrownCow1. A combination of 3-4 words is easier for a person to remember but more difficult for a hacker to crack. Always be sure that you’re entering your password on a legitimate site.
If you’re unable to access the account, go through the “Forgot your Password” dialog. If for some reason you do not receive an email to update your password, check your inbox for an “AudiogoN Email Address Changed” email. These are sent out whenever the email address on your account is changed and will allow you to undo the change if you did not request it. Simply click the link, you WILL NOT have to enter your password.
One more step on this is critical to your overall security as well. If you have fallen prey to one of these copycat or spoof sites and your username, email, and password are currently being used on other publicly accessible sites be sure to change your password on those as well. These are less likely issues, but if you’ve been using the same password in multiple locations for a long time it’s a good idea to protect yourself.
In addition to this system, behind the scenes we are constantly analyzing the patterns of reported attacks and updating our security protocols in place to take additional steps to protect you. If you have further questions, please contact our dedicate Support Team here.