Scam of the day – May 21, 2013 – Eminem stabbing scam

May 21, 2013 Posted by Steven Weisman, Esq.

People are always interested in gossip, photos, videos, stories and news about celebrities.  Unfortunately, scam artists know this and take advantage of our curiosity to lure us to click on links that promise to provide photographs and videos as well as interest grabbing stories about the celebrities who fascinate the public.  It is for this reason that former Harry Potter actress Emma Watson is the most dangerous woman on the Internet.  One out of every eight searches for photographs of Emma Watson will end up downloading malware that can be used to make you a victim of identity theft.  The most recent manifestation of our fascination with celebrities to scam us is a scam that is presently circulating on the Internet involves rapper Eminem.  Many people are finding on their Facebook page a photograph of a stabbed person’s back along with a message that states “Rapper Eminem left nearly DEAD after being stabbed 4 times in NYC!  Warning, 18+!  It was all caught on surveillance video! Click the pic to play the video!”  The truth is that Eminem was not stabbed.  In fact, the same photograph was used in 2011 as a part of a scam in which the photograph was purported to be a shot of the back of Justin Beiber following a stabbing attack.  If you click on the video, one of two things may happen, both of which are not good.  The most benign result is that you will be directed to a website where you are promised prizes if you complete a survey.  The truth is that you won’t get any prizes, but the scammer gets paid for everyone who takes the surveys.  The second, more dangerous result is that when you click on the link, you will unwittingly download keystroke logging malware that can steal all of the data from your computer and use it to make you a victim of identity theft.

TIPS

Do not click on links or download attachments unless you are absolutely sure that the source is legitimate.  The risk is too great.  Stick to legitimate websites with which you are familiar and don’t fall for the lures of emails with attachments that promise you stories, photos or videos of famous people.   For celebrity gossip, stick to websites that you know are legitimate such as TMZ.   It is also important to make sure that you keep all of your computers, smart phones, tablets and other portable devices protected by security software that is up to date.

Tags: , , , , , , ,
Categories: Site Related

Scam of the day – May 20, 2013 – Critical Microsoft updates

May 20, 2013 Posted by Steven Weisman, Esq.

As I often tell you, it is critical to keep your software programs updated with the latest security patches.  Identity thieves and scammers are constantly locating and exploiting flaws in the software we all use in an effort to steal from us, make us victims of identity theft or gain control of our computers to make them a part of a bot net of zombie computers that they can use to spread viruses and malware as well as attack companies.  Consequently I regularly report on the latest software security updates for you to download.  Microsoft recently announced new updates for Windows, Internet Explorer, NET Framework, Lync, Microsoft Office and Microsoft Windows Essential.  Since everyone uses at least one of these programs, it is important for you to update your programs.

TIPS

Here is a link you can trust to the official Microsoft updates that you should download as soon as possible:  https://www.us-cert.gov/ncas/alerts/TA13-134A

If you have not already done so, you should consider making future updates automatic.  Links to enable you to do this can be found on the page that I am linking you to above.

Tags: , , , , , , ,
Categories: Site Related

Scam of the day – May 19, 2013 – Fidelity phishing scam

May 19, 2013 Posted by Steven Weisman, Esq.

Phishing, as I have described on Scamicide and in my book “50 Ways to Protect Your Identity in a Digital Age” is the name for the tactic used by identity thieves by which you are lured to a phony website to provide information used to make you a victim of identity theft.  Phishing often starts with an email from a company with you do business or a federal or state agency.  The email indicates that there is some problem or other matter to which you must give your immediate attention and a link is provided for you to purportedly go to the website of the company or agency, however, in fact, you are either sent to a phony website for the company or agency where information is solicited that will be used to make you a victim of identity theft or, even worse, by clicking on the link you download a keystroke logging malware program that steals all of the information from your computer including your Social Security number, credit card number, passwords and other information used to also make you a victim of identity theft.

Recently, I received an email purportedly from Fidelity Investments.  As phishing attempts go, this one was pretty flawed.  The email address from which it came was not an email address of Fidelity Investments.  In fact, it was that of a private person who most likely was a part of a botnet by which his computer was being manipulated by an identity thief.  If you want more information about botnets, you can check out the archives of Scamicide or read about them in my book “50 Ways to Protect Your Identity in a Digital Age.”  Other flaws in the phishing email were the lack of my name appearing anywhere which indicates that it is just a general phishing email sent out to many people by the identity thief, and the lack of a Fidelity logo.

Here is a copy of the email I received.  DO NOT CLICK ON THE LINK.

“Account Status NotificationWe have noticed unusual activity on your account. Due to this, we need you to verify your account information for more efficient use of our Banking system: Please confirm your account information today by clicking on the link below: https://fidelity.secure.com/Logon.aspx?LOB=RBGLogon=user=&email&Security Adviser
©

Fidelity Brokerage Services LLC. All rights reserved”

TIPS
Never click on links in emails unless you are sure they are legitimate.  Unfortunately, you can never be sure when you receive an email if the email is legitimate so you should always be skeptical and make it a habit not to click on links until you have verified that they are legitimate by contacting the company or agency that is indicated as having sent the email to confirm whether or not the email and link are legitimate.  Look for the telltale signs that it is a phony, such as an email address for the sender that is not that of the real company or agency and the failure to direct the email to you directly by name.  You can contact the company or agency by phone or email directly to confirm whether or not the email you receive was legitimate.  Finally keep your Firewall and security software up to date to help protect you from viruses and malware.  Security software is certainly not perfect, but it does help.
Tags: , , , , , , , , , ,
Categories: Site Related

Scam of the day – May 18, 2013 – Washington State Administrative Office of the Courts hacked

May 18, 2013 Posted by Steven Weisman, Esq.

In just the latest installment of a state or federal agency having its records hacked, the Washington State Administrative Office of the Courts recently disclosed that months earlier its website was hacked and that as many as 160,000 Social Security numbers and a million driver’s license numbers may have been stolen.  Although the hacking occurred in the Fall of 2012 and the Winter of 2013, the breach of data security was only confirmed by state officials in April.  The breach was traced, as it often is, to a software flaw.  In this case the flaw was with and Adobe software system called ColdFusion.  Adobe has created a security patch to resolve the problem, but for the victims of the hacking, this is of little consolation.

TIPS

If you have had any dealings with the Washington State Administrative Office of the Courts, you should contact them to see if your information may have been among the information stolen.  If so, you should put a credit freeze on your credit report to stop access to your credit report without your expressed direction.  You can find information about how to put on a credit freeze in the list of scam topics on Scamicide as well as in the archives of Scamicide.  You should also monitor all your financial accounts closely for early indications of identity theft.  You can get additional information as to how to protect yourself from identity theft in my book “50 Ways to Protect Your Identity in a Digital Age” which can be ordered from Amazon at a great price by clicking on the picture of the book on the right hand side of the front page of this blog.

Tags: , , , ,
Categories: Site Related

Scam of the day – May 17, 2013 – Facebook romance blackmail scam

May 17, 2013 Posted by Steven Weisman, Esq.

Recently a 21 year old college student in France accepted a  Facebook “friend request” by a beautiful, young woman or at least he thought the friend request came from a beautiful, young woman.  Their relationship blossomed on line with frequent messages and photographs that they sent to each other for weeks.  The tenor of the message became increasingly romantic and even erotic until finally, the college student agreed to his “friend’s” suggestion that they do stripteases for each other using their webcams.  She suggested that he go first which he willingly did.  She did not reciprocate. Instead, she, if indeed she was even a she, blackmailed him by sending him emails demanding payment of ransom or else the blackmailer would post the video taken of the striptease online as well as send it to the young man’s friends and family.  The frightened victim paid three payments before he stopped and alerted the authorities who through their investigation believe that the blackmail scam is the work of scammers located in the Ivory Coast.

TIPS

One would hope that the risk of “relationships” totally on line and even then without the use of Skype or webcams to see who you are really communicating with would have become more apparent after the embarrassing Manti Teo scam in which he was led to believe he had a relationship with a woman who he never met and he later found out never existed.  Transmitting an erotic video is a dangerous thing to do even if you know the person to whom you are sending the video.  The risk of it becoming public is great, which can occur merely by your lover being hacked.  However, sending such a video to someone you have never met or even seen except in a photograph that you cannot verify is accurate is definitely risky business.  This also serves as a reminder that accumulating as friends large numbers of people about whom you know nothing is dangerous.  Be selective in friending people on Facebook.

Tags: , , , ,
Categories: Site Related

Scam of the day – May 16, 2013 – Medical identity theft update

May 15, 2013 Posted by Steven Weisman, Esq.

In my book “50 Ways to Protect Your Identity in a Digital Age” and in a number of Scamicide “scams of the day” I have warned you about the dangers of medical identity theft which was again in the news recently with the indictment of an Ohio man who is charged with stealing the identity of a South Carolina man and using his identity and his insurance to obtain more than $300,000 of medical services at the Ohio State University Wexner Medical Center.  It has been estimated that medical identity theft by which someone’s medical insurance is accessed by an identity thief costs health care providers up to 7 billion dollars a year.  However, the cost to someone who is a victim of medical identity can be much worse than just lost money.   The medical identity thief’s medical information, such as blood type and other information gets mixed into the medical records of the medical identity theft victim thereby leaving the medical identity theft victim facing the possibility of receiving improper treatment based on false information in his or her tainted medical file.  This is potentially life threatening.  Often medical identity theft is an inside job where rogue employees of a medical facility sell the medical insurance information of their patients to identity thieves.

TIPS

The medical industry has a long way to go to insulate patients’ insurance and medical information from the prying eyes of identity thieves.  However, one promising step that is starting to be used is biometrics such as iris scanners to make sure that the person using medical information is the real insured.  I discuss this in detail in “50 Ways to Protect Your Identity in a Digital Age.”  With medical identity theft at epidemic proportions, it is important for the medical industry to take greater steps to reduce or eliminate medical identity theft. We can do our part by asking our medical care providers what they are doing to prevent medical identity theft and to encourage them to use iometric identifiers such as iris scans as a part of that effort.

Tags: , , , ,
Categories: Site Related

Scam of the day – May 14, 2013 – 9/11 charity scam

May 14, 2013 Posted by Steven Weisman, Esq.

Recently the New Jersey Attorney General announced charges of theft by deception and conspiracy against two men who claimed to be firefighters who were working at a firehouse close to the World Trade Center Towers on 9/11 when they were hit by the terrorist flown airplanes.  The charges relate to sales by the men of 9/11 memorial T-shirts which they sold for $20 each and represented that all of the proceeds went to the families of the victims of the attack on the World Trade Center.  The men sold the T-shirts from a truck painted with the names of police and firefighters who died in the September 11, 2001 attacks.  The truth is that the men who are not New York firefighters pocketed all of the money they received from the sale of the T-shirts and the families of the police and firefighters who died on 9/11 received nothing.  Phony charities set up by scammers to take advantage of the public’s generosity and willingness to help those in need following a tragedy such as the Newtown Connecticut school shooting or the Boston Marathon bombing has become a common  reprehensible scam tactic. TIPS Unfortunately, my motto “trust me, you can’t trust anyone” is too often correct.  When it comes to charitable donations, you can never be sure that a particular charity is legitimate until you have checked them out.  The website www.charitynavigator.org is a great and free resource which can help you to identify not only whether or not a charity is legitimate, but also how much of what is collected by a “legitimate” charity goes toward paying its own salaries and administrative expenses.  Some “legitimate” charities appear to exist primarily for their own well being rather than that of the people whom they say they are helping.  If you are contacted by a charity by phone, email or letter, even if the name of the charity is a legitimate one, you cannot be sure that the communication is not a forgery or a scam.  The best thing to do if you are interested in giving to a particular charity is to check out the charity’s real website for instructions as to how to contribute.

Tags: , , , , , , , ,
Categories: Site Related

Scam of the day – May 13, 2013 – FTC refunding 1.7 million dollars to victims of government grant scam

May 13, 2013 Posted by Steven Weisman, Esq.

Unfortunately, it is not very often that I get an opportunity to tell victims of a scam that they can get some of their money back, but today is one of those happy exceptions.  In 2009 the Federal Trade Commission first took action against a number of phony websites that promised that they could provide the consumer with tools to be able to easily locate fifteen billion dollars worth of free grant money and to qualify for those grants.  The websites looked official with pictures of President Obama and Vice President Biden.  The one-time charge was indicated to be between 99 cents and $2.78, however people signing on for the service actually ended up being charged monthly fees of $70 per month for unrelated services.  To make things worse, the information provided about obtaining grants was misleading, false or useless.

TIPS

Under a settlement with some of the scammers and court orders regarding the others by which the scammers approximately 1.7 million dollars is being paid to the FTC to be paid back to 22,764 victimized consumers.  The money is being administered by Gillardi & Co. a third-party refund administrator.  Checks are being sent now and must be cashed within 60 days of receipt.  It is expected that victims can expect to receive about 80% of the money they paid for the worthless service.  If you have been victimized by this scam and have not been contacted by the FTC, you should contact them at 1-877-FTC-HELP (1-877-382-4357) or go to the FTC’s website at www.ftc.gov.

In the future, you should always be skeptical of any service that sounds too good to be true.  Scammers sometimes say that they are from the Federal Grants Administration, but in truth, there is no such entity.  Government grants are not easy to get and if you have to pay money to obtain a free grant, it isn’t free.  The government does not charge for lists of grant providers.  If you are truly interested in information about federal grants, the only place to go is the federal government’s grant website of www.grants.gov.

Tags: , , , , , , , ,
Categories: Site Related

Scam of the day – May 12, 2013 – Bank text message scam

May 12, 2013 Posted by Steven Weisman, Esq.

Everyone texts including scammers and identity thieves.  A recent text message scam that has resurfaced involves a text message from “Credit Card Services Alert” and it informs you that your debit card has been deactivated.  The text message provides you with a telephone number to contact.  If you respond by calling the number, you will reach an automated service informing you that you have reached the card activation center.  It then asks you for you credit card number, expiration date and security code.  Anyone providing this information is sure to become a victim of identity theft.  Your bank or credit card issuer will not contact you in regard to problems by a text message so if you do receive such a text message, you should immediately delete it.

TIPS

Whenever you receive a text message, email, letter or telephone call, you can never be sure of who is communicating with you.  If you have even the slightest thought that the message may be real, you should not respond to the text, email, or caller directly, but rather contact the bank or other organization that they pretend to represent at a telephone number that you know is accurate in order to inquire about the legitimacy of the communication, whereupon you will promptly be informed that it was a scam.  Remember, texts and email messages or phone calls can appear to come from legitimate companies, but that does not mean that it is not a fake.  I received a very real looking email message about a problem with my bank account, however, there was only one problem.  I didn’t have an account at that bank so I merely deleted the email.  You should too.

Tags: , , , , , , , ,
Categories: Site Related
« Older Entries