Scam of the day – May 22, 2015 – Memorial Day scams

May 22, 2015 Posted by Steven Weisman, Esq.

Memorial Day is three days away and with it will come a unique number of Memorial Day related scams.  Scammers are always timely and whatever has your attention, also has the attention of scammers, whether it is a natural disaster such as the recent Nepal earthquake, an untimely death of a celebrity or a major holiday.  In the case of Memorial Day, you can expect to be solicited by scammers by phone (remember legitimate charities can call you by phone even if you have enrolled in the Do Not Call List because it exempts charities), email or letters asking for your money for various veterans causes or charitable ventures tied to Memorial Day.

TIP

You never know who is on the other line of a telemarketing call, so never trust them.  If you are at all interested in what they are selling or soliciting, ask them to send you written materials that you can then check out to see if it is legitimate.  When it comes to charities, a good place to go is www.charitynavigator.org where you can see if a charity is legitimate or a scam as well as actually see how much of the money they collect goes toward their charitable purposes and how much towards salaries and administrative costs.

Scam of the day – May 21, 2015 – Latest security updates from the Department of Homeland Security

May 21, 2015 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.  Today’s updates include critical updates for Adobe Acrobat, Internet Explorer, Google Chrome and Mozilla Firefox.

TIPS

Here are the links to the latest security updates and patches from the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB15-138

https://www.us-cert.gov/ncas/current-activity/2015/05/19/Google-Releases-Security-Update-Chrome

Scam of the day – May 20, 2015 – A new online dating scam

May 20, 2015 Posted by Steven Weisman, Esq.

I have written many times in Scamicide.com and in my book “The Truth About Avoiding Scams” about romance scams.  Most of these online dating and romance scams involve some variation of the person you meet though an online dating site quickly falling in love with you and then, under a wide variety of pretenses, asking for money.  However, recently in a new study done jointly by University College London and Jiayuan, China’s largest online dating service some new types of romance scams were identified and one is particularly insidious.

It starts with a local high-end restaurant hiring a beautiful woman who puts her profile on line with a dating service.  Once contact is made with a potential suitor/victim, the woman persuades her new friend to take her to the restaurant that hired her where she manages to run up a tab, which in some instances has been as much as $2,000.  The suitor/victim pays the bill who then vanishes from his life, never to be seen again.  According to the study, this scam was used with members of the Jiayuan dating site more than 57,000 times.

TIPS

Online dating can be very effective, but it is also extremely risky.  Of course, you want to be particularly wary of anyone, who early in the relationship finds some excuse to ask for money, but as the University College London study shows, there are other ways you can find yourself at risk.  In regard to protecting yourself from this particular type of scam, it is a good idea to leave the expensive restaurants or events out of the relationship until the relationship has seriously progressed.

Scam of the day – May 19, 2015 – Consumer Financial Protection Bureau settles cramming charges with Sprint and Verizon

May 19, 2015 Posted by Steven Weisman, Esq.

The Consumer Financial Protection Bureau (CFPB) has announced that it has reached settlements with wireless service providers Sprint and Verizon regarding allegations by the CFPB that both companies were guilty of cramming and have asked the federal courts for approval of the settlements.  For years I have been warning you about the dangers of cramming.  Cramming is the name for putting unauthorized third party charges on a consumer’s telephone bill without the knowledge or approval of the consumer.  This has long been a problem with landline phones and in recent years has become a major problem with cellular service.  There are many ways that these unauthorized charges make their way to a victim’s phone.   Sometimes, consumers actually unknowingly sign up for premium texting services that may be for things such as flirting tips, horoscopes or celebrity gossip.  Other times, unscrupulous merchants merely tricked consumers into providing their cell phone numbers to which these merchants added the charges without providing anything in return.  The charges range from a single monthly charge of up to $14.99 to regular, continuous monthly charges of $9.99 per month.  Many consumers did not even notice these charges in their bills, which often were not clearly designated.  Both Sprint and Verizon received between 30 and 40% of the revenue generated by these illegal charges.

Pursuant to the terms of the settlements, Sprint and Verizon will refund 120 million dollars to affected customers as well as pay 38 million dollars in federal and state fines.

TIPS

First and foremost, even if you are not a Sprint or Verizon customer, everyone should closely review their cellphone bill each month to make sure that you understand every charge that appears.  If anything is not clear to you, you should contact the cellphone service provider for an explanation.

If you are a Verizon customer who has been victimized by cramming, you can submit a claim for a refund by going to www.CFPBSettlementVerizon.com or by calling (888)-726-7063.  If you are a Sprint customer who has been victimized by cramming, you can submit a claim for a refund by going to www.SprintRefundPSMS.com or call (877) 389-8787.

Scam of the day – May 18, 2015 – Color run scams

May 18, 2015 Posted by Steven Weisman, Esq.

What you may ask is a color run?  These are road races, often advertised as being done to help a charity, in which the runners wear white clothes and along the route are doused with bright powdered dyes that turn their clothing into rainbows of color.  While this may seem like fun, the Better Business Bureau and a number of law enforcement agencies including the police departments in Baton Rouge, Louisiana and Bangor, Maine are warning people that many of these color runs are scams being operated by scam artists who steal the registration fees, cancel the race and refuse to refund the fees.

Making this scam more complicated is the fact that there have been legitimate color runs such as the recent Color Vibe Run in West Palm Beach, Florida which had more than 7,000 runners with funds raised benefiting the local Habitat for Humanity charity.

TIPS

Two of the organizations sponsoring these color runs that have been accused of being scams are Color 5 Mile and Run or Dye.   Anyone considering participating in such a run should first make sure that they pay any entrance fee by credit card so that if the race is cancelled, you can more readily dispute the charge with your credit card company and get your money back.  As always, there is little fine in fine print, so you should make sure that you read carefully the fine print of any application to participate in such a race, particularly as to the refund policy.  Finally, if the race is advertised as being done to benefit a charity, check out the charity first with charitynavigator.org to make sure that the charity is legitimate and if it is, contact the charity directly to confirm that they have an arrangement with the sponsor of the color run.

Scam of the day – May 16, 2015 – Penn State shuts down computer system following hacking

May 16, 2015 Posted by Steven Weisman, Esq.

Yesterday, Penn State University took the computer network of its engineering college offline while it works to free the system of  sophisticated hacking that has gone on for more than two years.  Penn State  first became aware of the hacking in November of 2014 when it was informed of the hacking by the FBI.  After an extensive investigation it was determined that the hacking was done by two separate groups.  The first group was Chinese government hackers and the second, unrelated group, while not yet identified by investigators is thought to be another state-sponsored group.  Russia and Iran have both been active in world wide hacking activities although neither has been specifically tied to this particular hacking.

American engineering schools, including MIT, and Carnegie Mellon, have been targets of Chinese state sponsored hacking for many years.  The goal of these hackings have been to gain information for both commercial and national defense purposes.

The fact that the hackers had unrestricted access to Penn State’s engineering schools computer networks for more than two years raises the distinct probability that they were able to exploit this access in order to gain access to some or all of the 500 companies, government agencies and other universities tied to this computer network.

TIPS

I have written many times of the extreme vulnerability of colleges and universities, which often gather and keep much personal information for which they have no real need, such as the Social Security numbers of applicants to the schools or Social Security numbers of alumni.  Coupled with lax security at many colleges and universities, this gathering and keeping of personal information for which the schools have no need puts the people whose information is affected in great danger of identity theft.  It is important for all of us to always inquire as to any company or agency that has personal information of ours as to what they do to keep this information secure.  This also emphasizes the need for us all to be extremely vigilant in monitoring our accounts for early indications of identity theft.

As for the larger issues of both corporate data security and national security, it is of the highest importance for companies and the government to cooperate better in developing and implementing secure data protection systems.

 

Scam of the day – May 15, 2015 – Jamaica lottery conviction

May 15, 2015 Posted by Steven Weisman, Esq.

Last week, following three days of deliberation a North Dakota jury convicted Sanjay Williams, of Montego Bay, Jamaica of conspiracy, wire fraud, money laundering charges related to the infamous Jamaican lottery scam by which many Americans, most elderly have been scammed out of money after being told that they have won the non-existent Jamaican lottery.  This particular case was four years in the making and started when an 86 year old North Dakota widow, Edna Schmeets lost her entire life’s savings of $300,000 to Jamaican scammers who telephoned her and told her that she had won a 19  million dollar Jamaican lottery, but that she needed to pay taxes and fees before she could claim her prize.  Sentencing of Williams has been delayed to give Mr. Williams time to consider cooperating with investigators about others involved in return for a lesser sentence.  Williams faces a maximum of forty years in prison

TIPS

As I have often told you, it is difficult to win a lottery you have entered.  It is impossible to win one that you have not even entered.  You should always be skeptical about being told that you have won a lottery you never entered.  It is also important to remember that it is illegal to play foreign lotteries unless you are present in the other country.  While it is true that income taxes are owed on lottery winnings, legal lotteries never collect tax money from winners.  They either deduct the taxes from the winnings or leave it up to the winners to pay their taxes directly to the IRS.  You also should never pay a fee to collect a legal lottery prize.

Scam of the day – May 14, 2015 – Starbucks mobile app hacking scam

May 14, 2015 Posted by Steven Weisman, Esq.

Consumer reporter Bob Sullivan has uncovered another scam involving the use of the popular Starbucks mobile app which was used last year by Starbucks customers to make two billion dollars of Starbucks purchases using this mobile app which is tied to the customer’s credit card.  The scam begins when the scammer gets the username and password of the Starbucks customer using the Starbucks mobile app.  This can be done in many ways including phishing emails, keystroke logging malware or even data breaches at other companies where the Starbucks customer may use the same username and password.  Once the criminal has access to the account, he or she can transfer balances of gift cards to other credit cards controlled by the scammer, use the hacked account to issue and send gift cards to themselves or exploit the Starbucks mobile app auto reload feature by which the Starbucks mobile app automatically adds funds to the mobile app from the credit card tied to the mobile app.  By quickly spending the funds in the mobile app and triggering the auto reload feature, the criminal can get more money to steal in a short time.

TIPS

This is just another example of why it is important to have unique user names and passwords for each of your accounts so that you are not in total jeopardy if this information is stolen by way of a data breach at one of your accounts.  As I have mentioned in the past, a strong password contains capital letters, small letters and symbols.  A password made up of a phrase such as “IDon’tLike Passwords!!!” is not only strong, but can be personally adapted for each account by merely adding a few letters such as “Ama” as the password you use for your Amazon account to distinguish it from other accounts so your Amazon password would be “IDon’tLikePasswords!!!Ama.”  This is a strong and secure password and one that you can remember.

If you use the Starbucks mobile app, you should disable the auto reload feature.  You don’t need it and it makes you vulnerable to the type of hacking presently going on.

Scam of the day – May 13, 2015 – What to do if your email is hacked

May 13, 2015 Posted by Steven Weisman, Esq.

Yesterday I told you about a scam which starts when you receive an email that appears to come from one of your friends, but in actuality is coming from a scammer who has hacked into your friend’s email account is sending out messages that appear to come from your friend touting a product.  We have all received these emails and hopefully, you just immediately delete them after informing your friend that his or her email account has been hacked and scam emails are being sent to everyone on his or her email address list.

But what do you do if you are the person whose email has been hacked?

TIPS

1. Change your password on your email account. If you use the same password for other accounts, you should change those as well.
2. Change your security question. I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Report the hacking to your email provider.
4. Contact the people on your email list and tell them you have been hacked and not to click on links in emails that appear to come from you. 5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program. This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
6. Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
7. Get a free copy of your credit report. You can get your free credit reports from www.annualcreditreport.com. Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.
7. Consider putting a credit freeze on your credit report. You can find information about credit freezes here on Scamicide.com