Scam of the day – July 26, 2016 – Real estate closing scam

July 26, 2016 Posted by Steven Weisman, Esq.

On January 20th’s Scam of the day, I first told you about an intricate email scam targeting people involved in the sales of residential real estate that has increased over the past year both in the United States and the UK.  I mention it again today because of recent reports of this scam occurring in the small town of Dewey Oklahoma where Lacey Monday became a victim of the scam.  The scam begins with the hacking into the email account of one of the parties involved with a residential real estate conveyance.  This can be either the buyer, seller, lawyers, title company, real estate agent or banker.  In Lacey Monday’s case it was her title company whose email was hacked.  Unfortunately, hacking into email accounts is a relatively easy thing for a skilled identity thief to do.  The hackers then monitor the communications regarding the progress of the sale of a particular piece of real estate and when the time is right,  generally posing as one of the lawyers, title company or bank mortgage officer, the scammer will email the buyer, telling him or her that funds necessary to complete the sale need to be wired to the phony lawyer’s, title company’s or banker’s account provided in the email.  Everything appears normal so unsuspecting buyers too often are wiring the money to the cyberthieves who then move the funds from account to account to make it difficult to trace the funds.  In Lacey Monday’s case, she lost $25,000 to this scam.  The fact that this scam can occur in small towns as well as large cities show how these types of scams are a threat to you regardless of where you live.

TIPS

Even if you are not involved in buying or selling a home, it is always a good idea to protect your email account from being hacked.  This means having a strong password and security question.  You can find information about how to pick strong passwords and security questions here in the Scamicide archives as well as in my book “Identity Theft Alert.”  Maintain good anti-virus and anti-malware software on all of your electronic devices including your computer as well as your smartphone and keep your security software up to date with the latest security patches as soon as they are made available.  Don’t click on links in emails or text messages that may contain malware that can steal your personal information from your electronic devices and remember, your security software is always at least thirty days behind the latest malware.

Don’t use public wifi for any financial or business purposes.  Use a virtual private network to encrypt your data when using your electronic devices in public.  Never provide personal information in response to an email regardless of how legitimate it may appear until you have independently confirmed that the email is legitimate.  Finally, whenever you are asked through an email or text message to wire funds as a part of a real estate or other business transaction, don’t do so until you have confirmed that the request and the account to which you are being asked to wire the funds are legitimate.  Appearances can be deceiving so always confirm.  It may seem a bit paranoid, but remember, even paranoids have enemies.

Scam of the day – July 25, 2016 – Game of Thrones downloading scam

July 25, 2016 Posted by Steven Weisman, Esq.

Many people illegally download movies and television shows from a variety of websites and the HBO series, “Game of Thrones” is the most downloaded show of all.  In a clever scam, recently people have been receiving a notice apparently from IP-Echelon, a company that enforces copyright claims for companies such as HBO, the producer of “Game of Thrones.”  The notice is forwarded to them, however, directly from their real Internet Service Provider, such as Cox Cable where this scam has been happening for the last month.  Cox has unwittingly been passing on these notices to their targeted subscribers.  The notice is a fake violation notice that IP-Echelon has determined that the person receiving the notice has illegally downloaded “Game of Thrones” or other copyright protected entertainment and that unless they pay a settlement within 72 hours, the matter will be turned over to their attorneys.   The person is then directed to a website where they can pay the settlement.  What makes this scam even more dangerous is that the phony IP-Echelon notice is actually forwarded by the intended victim’s real Internet Service Provider.  People falling for this scam end up paying a phony claim to a cybercriminal.

TIPS

Of course, the best way to avoid this scam is to never illegally download copyrighted material, however even if you do illegally download copyrighted material such as “Game of Thrones,” you can never be sure when you receive a notice like this as to whether or not it is legitimate, particularly in this instance where the scammers were able to convince a number of Internet Service Providers to send out the notices to their customers.  The best course of action if you receive such a notice is to contact the real IP-Echelon directly which you can do by clicking on this link.  https://www.ip-echelon.com/contact-us/

Scam of the day – July 24, 2016 – Latest security updates from the Department of Homeland Security

July 24, 2016 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security include critical new updates to Adobe Flash, Google Chrome, iTunes, Safari, Windows 10 and Internet Explorer. I have been warning you for years about flaws in Adobe Flash that have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.

TIPS

Here are the links to  lists of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-200 and https://www.us-cert.gov/ncas/current-activity/2016/07/21/Google-Releases-Security-Update-Chrome and https://www.us-cert.gov/ncas/current-activity/2016/07/18/Apple-Releases-Multiple-Security-Updates

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/ while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

Scam of the day – July 23, 2016 – Six month jail term for celebrity hacker

July 23, 2016 Posted by Steven Weisman, Esq.

Earlier this week, twenty-nine year old Andrew Helton was sentenced to six months in prison for hacking hundreds of Apple and Google accounts including many of celebrities  and stealing 161 nude or partially nude photos from thirteen people.  I first reported to you about Helton when he pleaded guilty to the hacking charges in February of this year.

Between March 2011 and May 2013, Helton used a simple phishing scheme to steal the usernames and passwords of 363 Apple and Google email accounts including those of many celebrities.  Once he had access to his victims’ email accounts he was able to access all of the contents of their email accounts including 161 sexually explicit or nude images of thirteen of his victims.  It should be noted that Helton did not post any of the stolen photos online and his case is totally unrelated to the stealing and posting of nude photos of celebrities including Jennifer Lawrence and Kate Upton that occurred in September of 2014 although a similar phishing tactic was used to obtain the usernames and passwords of the victims.

Helton obtained the usernames and passwords of his victims by sending emails to his victims that appeared to come from Apple or Google in which his victims were asked to verify their accounts by clicking on a link which took them to a website that appeared to be a login page for Apple or Google.  Once they entered their information, Helton had all that he needed to access his victims’ accounts.  It is interesting to note that in a letter to the court, Helton emphasized his lack of computer talent saying, “There was no expertise involved.  All I did was essentially copy and paste.” Even the email addresses of his targets were obtained from easily accessed contact lists online.  The fact that such havoc could be spread by someone without having particular computer skills points out how easily any of us can be victimized if we do not take proper precautions.

TIPS

The type of phishing scam used by Helton is one used by many other scammers and it is easy to defend against.  Always be skeptical when you are asked to provide your personal information, such as your user name, password or any other personal information in response to an email or text message.  Trust me, you can’t trust anyone.  Always look for telltale signs that the communication is phony, such as bad grammar or the sender’s email address which may not relate to the real company purporting to send you the email.  Beyond this, even if the email or text message appears legitimate, it is just too risky to provide personal information in response to any email or text message until you have independently verified by contacting the company that the communication is legitimate.

In addition, you should not store personal data or any photos or other material on your email account. Store such data in the cloud or some other secure place.

Scam of the day – July 22, 2016 – Home Depot class action update

July 22, 2016 Posted by Steven Weisman, Esq.

As I reported to you in March a tentative settlement was reached between Home Depot and the plaintiffs in a class action on behalf of the 56 million victims of Home Depot’s massive data breach which occurred between April and September of 2014.  The tentative settlement provides for a 13 million dollar fund to reimburse victims for out of pocket losses incurred  with an additional 6.5 million dollars being set aside for legal fees and other related expenses.  Home Depot announced also agreed to provide eighteen months of free credit monitoring through security company All Clear ID to affected shoppers.  You can receive payments through the settlement if you used your credit or debit card at a self checkout lane at Home Depot between April 10, 2014 and September 23, 2014 and your card information was stolen.  You also are eligible for a payment if you received notification that your email address was compromised or if you specifically received a settlement notice informing you that you are a member of the class action.  Payments of as much as $10,000 will be made to claimants who suffered out of pocket losses and unreimbursed charges as a result of the data breach.  In addition, affected shoppers can receive payments of $15 per hour for time spent remedying the problems they encountered as a result of the data breach.

Similar to the major data breach at Target which occurred a year earlier, Home Depot’s computers and credit card processing equipment were hacked when a third party party vendor’s computers were hacked thereby enabling the hackers to steal the passwords necessary for the third party vendor’s to access Home Depot’s computers.  As an additional part of the settlement Home Depot committed to make greater efforts at data security.

TIPS

If you believe you are entitled to payment as a part of the class action, click on this link for more information and to get the claim form which must be filed by October 29th.   http://www.homedepotbreachsettlement.com/frequently-asked-questions.aspx

A hearing on final approval of the settlement will occur on August 12th in the Federal District Court for Northern Georgia.

As for all of us, even if we were not a victim of this particular data breach, it is important to remember that we are only as safe as the places with which we do business that have the weakest security.  Greater use of EMV smart chip credit cards will reduce the effects of data breaches aimed at gaining credit card and debit card information, but many stores still have not shifted over to the new equipment required to process EMV smart chip credit cards.  However, whenever you can, you should use your EMV chip card.

Also, do not use your debit card for retail purchases.  Limit its use to ATMs.  There are strong laws to protect you from fraudulent use of your credit card, but the laws protecting you from liability in the event of fraudulent use of your debit card are not as strong and you potentially risk losing your entire bank account to which the card is attached.  In addition, even if you report the fraudulent use of your debit card immediately, your bank will freeze your account while it investigates the breach which can be very inconvenient if you need immediate cash or have bills automatically paid from your account.

Scam of the day – July 21, 2016 – Hackers attack unpatched computers

July 21, 2016 Posted by Steven Weisman, Esq.

Recently it was disclosed by the security research firm Proofpoint that a twelve year old malware program known commonly as NetTraveler has been used by Chinese hackers against Russian and Eastern European targets exploiting a vulnerability in Microsoft Word designated as CVE-2012-0158.  This malware program enabled the hackers to infiltrate the computers of their victims who generally downloaded the malware as a result of clicking on links in spear phishing emails.  What is particularly significant about this cyberthreat is that this specific vulnerability was patched four years ago, but many people and companies have still not installed the patches necessary to defend against this particular malware thus leaving them needlessly vulnerable.  Similarly, ransomware, which has developed into a major threat to companies, governments and individuals by which their computer data is encrypted with the hacker threatening to destroy the data unless paid a ransom has turned into a huge worldwide problem.  However, the problem is somewhat bigger than it needs to be as some hackers are still using old ransomware programs for which security patches have already been issued, but failed to be installed by many companies, government agencies and individuals.

It is hard enough to defend yourself against the numerous zero day exploits which are the newer strains of malware exploiting vulnerabilities for which there are no existing security defenses.  Once discovered it can take thirty days or more for the security software companies to come up with a patch for the latest zero day exploits.  However,  no one should fall victim to a malware program for which there already exists a security patch.

TIPS

The solution to protecting yourself from various types of malware including ransomware is to first avoid them in the first place by avoiding spear phishing emails and text messages.  Don’t click on links unless you have absolutely confirmed that they are legitimate.  Installing anti-phishing security software is also advisable, but not totally effective so you should not entirely rely on it to screen all of your phishing emails. Secondly, you should install the latest security updates to all of your software programs as soon as they become available.  The best way to do this is to have updates installed automatically, but in any event, make sure you do not delay installing security updates and patches as soon as they become available.  Here at Scamicide we let you know when important new security updates are issued.

Scam of the day – July 20, 2016 – Baseball executive sentenced for hacking

July 20, 2016 Posted by Steven Weisman, Esq.

In July of 2014 I first reported to you about the hacking of the computers of the Houston Astros baseball team.   After a prolonged investigation, Christopher Correa of the St. Louis Cardinals pleaded guilty in January of 2016 to hacking the private online data base of the Astros called Ground Control that contained tremendous amounts of confidential data including scouting reports and statistics on baseball players.  At the time he did the hacking, Correa was the Director of Baseball Development for the St. Louis Cardinals.   Correa was fired by the Cardinals when he first became a suspect in the hacking of the Astros.  A current Astros employee had worked previously for the Cardinals and Correa was able to easily guess the password used by him to access Ground Control by merely using variations of the password the Astro employee had used when he worked for the Cardinals.  Armed with this password, Correa stole data from Ground Control for use by the Cardinals.  Correa has now been sentenced to 46 months in prison and ordered to pay restitution of $279,038.65.  Now that the criminal case against him is over, Major League Baseball is beginning its own investigation that could result in serious consequences for the Cardinals.

TIPS

Although this story reads like fiction, perhaps the biggest lesson for all of us from this story is the danger of using the same password or slight variations thereof for all of your accounts, which unfortunately is a habit that many people have gotten into.  Hackers will often steal passwords of customers from companies when they commit a data breach and then use those passwords for identity theft purposes at banks, brokerage houses and other companies where the victim can suffer substantial financial losses.  The best course to follow is to have a difficult to crack password that is unique for every account.

Scam of the day – July 19, 2016 – Another version of the Nigerian scam

July 19, 2016 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from the email of a Scamicide reader.   I am sure that the same email has been sent to many of you, as well.  This is just another version of the Nigerian email scam.  Although it may seem that the Nigerian email scam began in the era of the Internet, the basis of the scam actually goes back to 1588 when it was known as the Spanish Prisoner Scam.  In those days, a letter was sent to the victim purportedly from someone on behalf of a wealthy aristocrat who was imprisoned in Spain under a false name.  The identity of the nobleman was not revealed for security reasons, but the victim was asked to provide money to obtain the release of the aristocrat, who, it was promised would reward the money-contributing  victim with great sums of money and, in some circumstances, the Spanish prisoner’s beautiful daughter in marriage.

In the various versions of this scam circulating on the Internet today, you are promised great sums of money if you assist a Nigerian in his effort to transfer money out of his country.  Variations include the movement of embezzled funds by corrupt officials, a dying gentleman who wants to make charitable gifts or a minor bank official trying to move the money of deceased foreigners out of his bank without the government taking it.  The example below of the email  received by a Scamicide reader whose name I have crossed out involves “donating” money to the recipient of the email for charitable purposes.   Although generally, you are told initially in these scams that you do not need to contribute anything financially to the endeavor, you soon learn that it is necessary for you to contribute continuing large amounts of money for various reasons, such as various fees, bribes, insurance or taxes before you can get anything.  Of course, the victim ends up contributing money to the scammer, but never gets anything in return.

Here is a copy of the email recently received by a Scamicide reader:

“Dear  XXXXXX,

I got your details after an extensive on-line search Via (Network Power Charitable Trust) for a reliable person, I’m Mrs.Rose Duggan, 61 years old dying woman who was diagnosed for cancer about 4 years ago,I have decided to donate ($10,500,000.00) to you for charitable goals.Contact me if you are interested in carrying out this task, so that i can arrange the release of the funds to you.

Thank you and God bless you.
Mrs.Rose Duggan”

TIPS

This is a simple scam to avoid.  It preys upon people whose greed overcomes their good sense.  The first thing you should ask yourself if you receive such an email is why would you be singled out to be so lucky to be asked to participate in this arrangement.  Since there is no good answer to that question, you should merely hit delete and be happy that you avoided a scam.

Many people wonder why cybercriminals and scammers send out such ridiculously obvious scam letters that anyone with an ounce of sense would recognize as a scam, but that may be intentional on the part of the scammer because if someone responds to such an obvious scam, they are more likely to be gullible enough to fall prey to the scam.

Scam of the day – July 18, 2016 – Facebook cloning or spoofing

July 18, 2016 Posted by Steven Weisman, Esq.

Just last weekend, I received three “friend” requests on Facebook from people who were already Facebook friends of mine, which is an indication that someone had set up new Facebook pages in their names and was attempting to lure their friends into becoming friends with the hacker.  This scam is called either Facebook cloning or Facebook spoofing and the goal of the hacker is to get people to respond to the new friend request and then to lure the friends of the person whose Facebook page they commandeered to trust communications and postings from the cloned page in an effort to get them to click on links and download malware or ransomware or respond to emergency requests by sending money.

TIPS

There are many things you can do to protect yourself from this type of scam.  Scammers harvest information from social media to help them in their scams so the first thing you should do is to check to see if the public is able to see your posts.  Click on the padlock at the top right hand side of your Facebook page and click on “Who can see my stuff?”  It should say “friends,” but if it says “public” you should change that setting to “friends” to increase your privacy.

As for accepting friend requests, if you are already a friend of the person, don’t accept a second request.  Also, when accepting friend requests, don’t do it from the friend request email.  Instead go directly to your Facebook page from your browser and not from a link in the email because it could be a phishing scam seeking to steal your password or other information.

Finally, it is worth repeating that you should never trust any communication that contains a link until you have confirmed independently that the communication is legitimate.  The risk of malware in a link found in social media, a text message or email is just too great.

If your Facebook account has been cloned, here is a link that will take you to Facebook with tips as to what to do and how to report the problem.  https://www.facebook.com/help/174210519303259

Scam of the day – July 17, 2016 – Pokemon Go scam

July 17, 2016 Posted by Steven Weisman, Esq.

It hasn’t taken very long for the Pokemon Go app to become the most downloaded phone app in the United States and it is equally popular around the world.   As I am sure you all know, the Pokemon Go app uses the popular Pokemon characters from twenty years ago and has updated them into a virtual reality game and, using GPS, allows gamers to  go out in the real world with their smartphones and catch Pokemon characters in the blended real and virtual worlds.  Of course, anything this popular will be used in some fashion to scam people and Pokemon Go is no exception to this rule.

The Pokemon Go app is free.  Nintendo and Niantic Labs, the developers of the new Pokemon Go app make money when gamers use real money to buy virtual currency called PokeCoins which gamers can use to purchase items to enhance the game experience such as eggs which hatch rare Pokemon or incense to lure Pokemon to their location.  Scam artists, the only criminals we refer to as artists are sending people emails such as the following, attempting to lure their victims into paying them to continue playing Pokemon Go.

“We regret to inform you that due to the overwhelming response to our new Pokemon Go app and the need for more powerful servers we can no longer afford to keep your account as free.  Your account will be frozen in 24 hours if you do not upgrade.”

You are then told to sign up for the new upgraded version at a cost of $12.99 per month.  People signing up for the service risk not only losing money, but turning over passwords and other personal information to a scammer who can use that information to make you a victim of identity theft.

TIPS

So how do Erica and everyone else playing Pokemon Go protect themselves from these scams?  Here is a list of important steps to take.

  1.  Remember that Pokemon Go is a free app and Nintendo is not charging for upgrades.  Any notices you receive to the contrary are scams and should be ignored.
  2.  Install the updated version of the Pokemon Go app since the original version unintentionally invaded your privacy by providing full access to your Google account.
  3. Use a strong password and make sure that you don’t use the same password for your Pokemon Go account for any other account.
  4. Make sure that your smartphone is protected with security software and keep it up to date with the latest security patches.