Scam of the day – June 26, 2017 – Despite receiving ransom, hackers leaked “Orange is the New Black”

I first reported to you in May first’s Scam of the day of the hacking of Larson Studios by the hacking group thedarkoverlord, which demanded a ransom or else they threatened to release the latest season of the Netflix series “Orange is the New Black.”  Larson Studios is a post-production company that works on many Hollywood movies and television shows. Now in an interview with Variety Magazine, Larson Studio’s Vice President, Jill Larson is saying that Larson Studios paid the demanded 50 Bitcoin ransom, but that thedarkoverlord released the fifth season of “Orange is the New Black” regardless, indicating that it did so because Larson Studios had violated their agreement by contacting the FBI.

Thedarkoverlord has performed a number of other ransomware attacks including one in which it hacked a small Indiana charity from which it demanded a ransomware of 50 bitcoins that the charity refused to pay and consequently had its data destroyed.

TIPS

This story points out the fact that even if you pay a ransom, there are no guarantee that the cybercriminals will honor their bargain.   A recent study done by Spiceworks found that of small to medium businesses who paid a ransom after being hacked with ransomware, 45% did not get their data restored.

The key to not becoming a victim of a ransomware attack is to prevent it in the first place.  Generally, the malware is installed unwittingly by victims when they are lured through phishing and spear phishing emails to click on links infected with the malware.  Never click on links in emails or text messages regardless of how legitimate they may appear until you have verified that it is legitimate.  You should also install anti-phishing software.

It is also important to not only have anti-malware software installed on all of your electronic devices, but to make sure that you update the security software with the latest security patches and updates.  Many victims of ransomware have fallen victim to strains of ransomware for which there are already security software available to thwart it.   Finally, always back up your computer’s data daily, preferably in two different ways in order to protect your data in the event you do become a victim of ransomware.

Ransomware continues to be a growing threat to individuals, large and small companies as well as government agencies, all of which have been targeted by ransomware.  Ransomware malware is readily available for unsophisticated cybercriminals to purchase on the Dark Web. While in the past, the typical manner in which it has been used was to encrypt the data of the target and refuse to release the data back to the victim unless a ransom was paid, the scam has evolved to also include threats of making stolen data public as was done in this instance.

Some older strains of ransomware can be defeated through software that can recover data encrypted by older ransomware programs.  In 2016 through the efforts of international law enforcement organizations and private security companies, the website No More Ransom was launched on which victims of ransomware can go to get decryption tools for many strains of ransomware for free.  Thousands of people have utilized this tool to decrypt their files after a cyber attack  without having to pay a ransom.  Unfortunately, however, there are some newer forms of ransomware for which there are no known decrypting tools developed yet.

Scam of the day – June 24, 2017 – Inheritance email scam

The Nigerian letter scam by which you are promised huge amounts of money through an email under various guises, such as an inheritance from a relative you never knew existed or a public official who needs help getting money out of his country, is a scam that has actually been around since the 1500s when it was known as the Spanish Prisoner scam.  While the scam promises money for nothing,  the truth is once you start communicating with the scammer, you are asked to pay one fee after another.  One thing that this scam has in common in all of its incarnations is that if you respond to the scam, you will not end up getting anything except a lesson in learning to be more skeptical.  Many people have paid thousands of dollars to Nigerian letter scam artists before they realize that they have been the victim of a scam.

I don’t publish every one of these types of letters that I receive, but I wanted to share this new version of the letter that Scamicide reader Marty Kenney received earlier this week.

“Good Day.
We wish to notify you again that you were listed as beneficiary to the total
sum US$9 of Million only in the intent of the deceased. On my first email I
mentioned about my late client whose relatives I cannot get in touch with.
But both of you have the same last name so it will be very easy to front you as his official next of kin. I am compelled to do this because I would not want the finance house to push my clients funds into their treasury as
unclaimed inheritance.

We contacted you because you bear the Last name with our Late Client and
therefore can present you as the Beneficiary to the inheritance since there
is no written WILL or Bequest.Our legal services aim to provide our private
clients with a complete service. We are happy to set-up all modalities and
administer Trusts,carry out the administration of estates. All the papers
will be processed in your acceptance of this Transaction.

Note that you are to furnishing me with the requested information’s below
immediately;

(1)Full names.
(2)Contact address.
(3)Telephone and fax numbers.
(4)Location.

If you are interested do let me know so that I can give you Comprehensive
details on what we are to do. Waiting for your response.

Yours faithfully,

Barr. Philip Mark”

 

TIPS

Although it should be apparent to everyone who reads this email that it is a scam, the very outrageousness of  the email is most likely intentional because as more people become aware of the Nigerian letter scam, the scammers do not want to waste their time on potential victims who may be skeptical of their scam, so they often send out emails like these that are so outrageous in an effort to catch only the most gullible and greedy.  You may also pick up on grammatical errors, such as “Note that you are to furnishing me” in the email which is often an indication of a scam perpetrated by someone whose primary language is not English.  The name of the lawyer used in the email of Philip Mark is a name that appears in many Nigerian email scams.  Another indication that this is a scam is that the salutation is not directed to you by name.  In fact, this particular email was sent as a mass email mailing to many people who did not, as indicated in the email, share the same name.

If you receive a particularly inventive or interesting Nigerian email, please share it with us here at Scamicide.

Scam of the day – June 22, 2017 – How to protect your cellphone

We all conduct many  activities on our cellphones which contain much personal information that can lead to identity theft if our phone falls into the wrong hands.   I have written many times about protecting your cellphone from a cyberattack or hacking, but what about an old fashioned theft of your phone? Cell phones can get lost or stolen and it is important to protect yourself from those dangers as well.

TIPS

The best protection for your phone starts with a strong password or fingerprint scanner.  Also, set your phone so that it locks when you are not using it.  Make sure that you back up everything in your phone regularly. Install the  Find My iPhone app  if you have an iPhone or the Find My Device app if you have an Android phone.  These will enable you to locate your cellphone if it is lost or stolen and also allow you to send a command to erase everything in your cellphone even if the phone has been turned off.  If your phone is lost or stolen, you should immediately contact your wireless provider to have them disable the SIM card in your phone so that your phone cannot be used by someone else.  As for protecting your phone from cyberattacks, it is important to both download and continually update security software.

June 21, 2017 – Steve Weisman’s latest column for the Saturday Evening Post

Identity theft can be high tech, low tech or no tech.  Here is a link to a column I wrote for the Saturday Evening Post about the dangers of identity theft posed by your regular snail mail.

Con Watch: How Snail Mail Can Lead to Identity Theft

Scam of the day – June 21, 2017 – Tobacco settlement scam

You may remember the 1998 Tobacco Master Settlement Agreement by which the major tobacco companies settled a class action brought against them by the Attorneys General of 46 states in regard to the dangers posed by cigarette smoking and the misrepresentation of those risks by the tobacco companies.  According to the terms of the settlement, the tobacco companies are required to pay the states 10 billion dollars each year.

Now advertisements  like the one reproduced below are appearing that claim that you can receive guaranteed tax-free payments of $2,300 every month for the rest of your life from the settlement funds even if you never smoked.   The catch is that in order to get your share of these funds you must subscribe to an investment newsletter promoted by a company called Money Morning which purports to provide investment advice on how to invest in state or local bonds backed by settlement payments.  The monthly subscription rates cost about 5 dollars for the first month, but then increases to as much as 129 dollars for succeeding months.  In order to subscribe you must provide a credit card number which the company automatically bills and according to the Attorneys General of Washington, California, Nevada and West Virginia  the continuing payments are hard to stop once you have initially authorized payment.  The Attorneys General from the aforementioned states are warning the public that the advertising is a misleading scam.

Big Tobacco Must pay

TIPS

The biggest problem with this advertisement is that the payments made by the major tobacco companies are done exclusively to the states.  There is no provision in the settlement for any individuals to receive payments from the settlement funds.  While some states have issued bonds backed by the settlement payments, these bonds have nothing to do with the misleading advertising.  Don’t fall for this scam, however, if you already have, you should contact your state Attorney General for help.

Scam of the day – June 20, 2017 – Another cosmetic surgery clinic suffers data breach

On June 5th I reported to you about the data breach at a Lithuanian cosmetic surgery clinic and now we have learned about a similar, but significantly different data breach suffered by prominent Beverly Hills plastic surgeon  Dr. Zain Kadri whose patients include people from many states and four countries.

The data breach, which law enforcement says, affects approximately 15,000 people includes tremendous amounts of data, information and documents including before and after surgery photographs, patient records, credit card information and patient contact information.  It appears that Dr. Kadri’s practice was both electronically hacked and physically burgled by a person, who police say, was a former employee.

The patients victimized by this crime face blackmail, extortion and identity theft as a result of the data breach.

TIPS

Medical practices continue to be a prime target for identity thieves because they are often quite vulnerable to cyberattacks, but as this case apparently shows, data breaches can be done through old fashioned burglaries as well and it is important for all entities that store personal data to take steps to secure data both physically as well as electronically and to limit access to such information to only such employees as have a need to have access to the information.

Unfortunately, there is little that we as consumers and patients can do other than to limit the amount of personal information we provide, as best we can.  For example, your doctor does not need your Social Security number.  We should also inquire of anyone or any entity that retains our personal information about what they do to secure that information.

Scam of the day – June 19, 2017 – New IRS phone scam

A new version of the long running scam of people receiving telephone calls from scammers posing as IRS representatives demanding payments for overdue taxes is being reported by the IRS.  In this new version of the scam, the intended victim is told by the scammer that two certified letters sent by the IRS to the intended victim were returned as undeliverable and that payment must be made immediately over the phone through providing the numbers from a prepaid debit card.  The phony IRS agent also tells the potential victim that the purchase of the prepaid debit card is linked to the IRS’ Electronic Federal Tax Payment System (EFTPS).

The EFTPS is a real system used by the IRS for payment of income taxes electronically over the Internet or by phone, but it does not require the use of prepaid debit cards and the systems are not linked.

Another major indication that this is a scam is that the caller also tells the intended victim not to contact their lawyer, tax preparer or their local IRS office until after the payment has been made.

TIPS

By using a technique called “spoofing” a scammer scan trick your Caller ID into making it appear that the call is originating from the IRS.  Even though Congress foolishly recently authorized private collection agencies to contact taxpayers by phone in regard to overdue taxes, neither the IRS nor any of these private collection agencies will ever demand immediate payment over the phone by credit cards, prepaid debit cards, iTunes cards or wire transfers.

If you receive such a call you should hang up immediately.  If you think you owe money to the IRS, you should contact the IRS directly to deal with this matter.

Scam of the day – June 18, 2017 – Identity thieves hack Federal Student Aid website

The Free Application for Federal Student Aid (FAFSA) is a part of the U.S. Department of Education used by college students to apply for much needed financial aid to assist them in furthering their education.  Some of the forms used in the application process require inserting information from past income tax returns.  To make the process more convenient, FAFSA provided for a data retrieval service directly to the IRS to obtain the necessary information, however scammers, such as two recently indicted men from Indiana and Georgia are alleged to have hacked into the data retrieval system of FAFSA applicants to get the tax information which they then used to commit income tax identity theft, attempting to steal approximately 12.7 million dollars in phony income tax refunds.

In response to these problems, FAFSA suspended its data retrieval system until two weeks ago when they reinstituted the Data Retrieval Tool with the IRS in a manner that the tax return information will be encrypted and hidden from view of even the borrower as well as someone hacking into the borrower’s account.

TIPS

Quite often, as Shakespeare said, the fault is not in the stars, the fault is in ourselves. Too often we become victims of identity theft when the security of particular websites, companies or government agencies that have our personal data is compromised because we provide our passwords and user names to identity thieves by falling prey to spear phishing emails or downloading malware.   It is important to never click on a link in an email or download an attachment unless you have confirmed that it is legitimate.  Also, never provide personal information to anyone unless you have confirmed that the request is legitimate.

As for students seeking to use the Data Retrieval Tool of the IRS for filing a FAFSA form, you can safely use this service by going to StudentLoans.gov.