Scam of the day – March 31, 2015 – New developments in sextortion

March 30, 2015 Posted by Steven Weisman, Esq.

Sex extortion or sextortion has been around for years on the Internet with criminals tricking people into performing sexual acts online that are recorded and then used to blackmail the victims.  In other cases, hackers have gained access to the webcams of women and used them to take photographs of the women who unwittingly undressed in front of computers in their rooms, not knowing they were being recorded.  In one notorious case, Miss Teen USA, Cassidy Wolf refused to be a victim of sextortion and helped law enforcement find and prosecute Jared James Abrahams who was sentenced to 18 months in prison in March of 2014.

Now, however, as with many scams, sextortion has evolved.  In the latest incarnation, uncovered by cybersecurity firm Trend Micro, Cybercriminals in Asia set up fake profiles on social media such as Facebook and then lure their victims to platforms with both video and voice capabilities such as Skype and entice them into performing sexual acts, which are recorded by the cybercriminals.  In a new twist on this scam, however, the cybercriminals then pretend that they are having audio difficulties and convince their victims into downloading a specific Android app on to their Android smartphone which they represent will remedy the problem.  However, instead of fixing the problem, the app is malware that steals all of the contact information stored on the victim’s smartphone.  The cybercriminal then threatens to send the videos to everyone on the victim’s contact list unless the victim pays a ransom.

TIPS

The best solution to any problem is to avoid the problem altogether.  An easy and decidedly low-tech way to protect yourself from webcam surveillance is to merely put a post it over the camera when you are not using it.  If you are going to indulge in cybersex or phone sex, it should only be done with people whom you totally trust.  Engaging in such activities with strangers or people you do not know well is asking for trouble.  Also, make sure that all of your electronic devices including your smartphone and computer are protected with the latest updated security software.  Even then, however, no security software is 100% effective against the latest viruses and malware so you should never click on links or download attachments unless you have absolutely confirmed that they are legitimate and you should never download apps from anywhere other than legitimate app stores.  The risk of malware is just too high.

 

Scam of the day – March 30, 2015 – A new wrinkle on income tax identity theft

March 29, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a 5.9 billion dollar problem that the IRS and Congress have still not responded to sufficiently.  Most income tax identity theft involves a criminal filing an income tax return with phony W-2 information using a victim’s Social Security number.  If undiscovered by the IRS, as many of these phony returns are, the IRS sends the refund and the person whose Social Security number was stolen has his or her legitimate income tax return flagged when it comes in as a second income tax return using the same Social Security number.  It often takes many months before the victim is able to get his or her true refund.

But now, a new twist has come to income tax identity theft.  Where most income tax identity theft, as described above relies on the identity thief filing an income tax return before the victim files his or her legitimate tax return, now we are seeing a number of people who file their income tax returns electronically using TurboTax having their refunds stolen after the victim has electronically filed their legitimate income tax return.

People who have been victimized by this new type of income tax identity theft all filed electronically and had their electronic filing fees deducted from their refunds.  Generally the refunds are deposited with Tax Products Group a bank owned by the Green Dot Corporation where the fees are taken out and the balance sent to a bank account designated by the tax filer.  What has been happening is hackers are hacking into the accounts of their victims and changing the bank account into which the refund is to be deposited.  It is not clear yet if the breach of security is with TurboTax, Tax Products Group or the individual taxpayers although it would appear from the relatively small numbers of people so far affected by this scam that the security breach is with the individual taxpayers whose own computers were most likely hacked.

TIPS

Filing income tax returns online through TurboTax and other similar companies is still a safe way to file your taxes.  In response to this problem, TurboTax has already made security changes including requiring users of TurboTax to answer security questions before they are able to access their accounts or refunds.  TurboTax is also considering flagging customers who attempt to change their bank account information.  These are good steps to help stop this type of identity theft, but we have to do our part as well.  Protecting the computers and other electronic devices you use for financial transactions with regularly updated security software and avoiding clicking on links and downloading attachments unless you are absolutely sure that the links or attachments are legitimate are important steps that everyone should take.

Scam of the day – March 29, 2015 – Video gaming network Twitch hacked

March 28, 2015 Posted by Steven Weisman, Esq.

Twitch, a live streaming video platform has been hacked putting users in danger of identity theft.  Twitch,  which has been around since 2011 and was bought by Amazon in 2014 capitalizes in the exploding interest in video games and broadcasts video game competitions and other video game related content.  It is hugely popular.  Unfortunately, anything popular will be a target for hackers and identity thieves so it came as no surprise that Twitch accounts appear to have been hacked.  Twitch is retiring users passwords and stream keys as well as disconnecting accounts from Twitter and YouTube.

TIPS

Perhaps the biggest threat is to Twitch users who, as many people do, use the same password for all of their online accounts.  Hackers often take advantage of this fact by hacking into websites with weaker security, stealing personal information and passwords and use that information to access accounts that can be exploited for greater financial gain.  The lesson, of course is to use unique and complex passwords for each of your online accounts.  This is not as difficult as it may sound because a good way to choose a password is to pick a phrase such as IDon’tlikepasswords, which combines both capital letters, small letters and a symbol, which in turn makes it a complex password.  Then add a couple of symbols to this base password so it reads, for example, IDon’tLikePasswords!!! and then uniquely adapt this password with a few letters that describe the specific account so, for example your Amazon account password would be IDon’tLikePasswords!!!Ama.  That is a strong password and a way to make unique, but easy to remember passwords for all of your accounts.

Scam of the day – March 28, 2015 – FTC and 32 law enforcement agencies crackdown on automobile sale and leasing fraud

March 27, 2015 Posted by Steven Weisman, Esq.

The FTC recently announced the results of the results of Operation Ruse Control, a joint enterprise with law enforcement agencies in both the United States and Canada that resulted in 252 enforcement actions involving scams related to buying or leasing an automobile.  In six cases alone, the FTC obtained monetary judgments of more than 2.6 million dollars.  Two of the cases involve FTC actions under new authority over automobile dealers pursuant to the Dodd-Frank Act.  These two cases against National Payment Network, Inc. (NPN) of California and Matt Blanc Inc.  of New Jersey jointly with its companion dealership, Glassboro Imports, LLC involve deceptive or misleading add-ons, which are additional charges added to the sales or lease price for things such as extended warranties, guaranteed automobile protection (GAP insurance), credit life insurance, road service, theft protection and undercoating.  As a result of consent decrees in these cases,  NPN has agreed to refund more than 1.5 million dollars to its customers and waive $949,000 in fees to current customers while Matt Blatt will be paying the FTC $184,000.  Other cases brought by the FTC involving deceptive advertising of sales an lease terms were brought and settled with Cory Fairbanks Mazda of Florida, Jim Burke Nissan of Alabama and Ross Nissan of California.  In those cases, seemingly favorable terms were effectively cancelled out by disclaimers found in the fine print.

TIPS

With the exception of the purchase or renting of a home, the purchase or leasing of a car is most often a consumer’s largest purchase and is fertile ground for scams and deceptive sales and leasing techniques, many of which involve terms found in the fine print of the actual contracts that contradict the customer’s  impression based on the advertising.  Rarely, if ever, is there anything fine in fine print so it is critical that you never sign a contract until you fully understand all of the terms in the contract.  Never let a salesperson lure you into signing a sales contract or lease without having read and understood every item in the contract.  The FTC has some good information about what to look for when buying or leasing an automobile, which you can find at https://www.ftc.gov/news-events/blogs/business-blog/2015/03/operation-ruse-control-6-tips-if-cars-are-your-alley and http://www.consumer.ftc.gov/topics/buying-owning-car and http://www.consumer.ftc.gov/articles/0143-are-car-ads-taking-you-ride and http://www.consumer.ftc.gov/blog/add-auto-finance-plan-gets-d-deception

Scam of the day – March 27, 2015 – Another Nigerian letter scam

March 26, 2015 Posted by Steven Weisman, Esq.

As we all know by now, the Nigerian letter scam is the name for a type of scam in which you are told that under some pretense you are to receive a huge amount of money for doing next to nothing.  Of course, once you correspond with the sender of the email, you soon learn that it takes payment after payment from you under various guises in order to receive the money and, of course, ultimately, you receive nothing, but the scammer has managed to trick you out of your money.  Here is a copy of such an email that I recently received:

“Dear Friend ,

How are you? I am sorry but happy to inform you about my success in getting those funds transferred under the co-operation of a new partner from Kosovo though I tried my best to involve you in the business but God decided the whole situations.  Presently I am in Kosovo for investment projects with my own share of the total sum. Meanwhile, I did not forget your past efforts and attempts to assist me in transferring those funds despite that it failed us somehow.

Now contact my little friend in South Africa his name is. Mr. Betrand Thando On his e-mail address; mr.betrandthando@yahoo.com  Ask him to send you the total sum of $400.000.00 (four hundred thousand usd) which i kept for your compensation for all the past efforts and attempts to assist me in this matter. I appreciated your efforts at that time very much. So feel free and get in touch with my little friend. And instruct him where to send the amount to you. Please do let me know immediately you receive it so that we can share the joy after all the sufferness at that time.  In the moment, I am very busy here because of the investment projects which I and the new partner are having at hand, finally, remember that I had forwarded instruction to my friend on your behalf to receive that money, so feel free to get in touch with him he will send the amount to you without any delay.

Thanks,
Miss. Bea.”

TIPS

This email is typical of many others and filled with poor grammar and punctuation.  In this case, the letter even speaks of previous dealings which certainly cannot be true. The story is utterly preposterous.  So who would possibly fall for this?  Only the truly gullible and that is the very strategy used by these scammers.  They do not want to waste their time on people who might eventually see through their scam so they make their plea as outrageous as possible so that if someone takes the bait, they are likely to be able to cheat that person out of their money.

By now, we all know that no one is giving you something for nothing and even the most gullible among us must ask themselves, why they were singled out for such good fortune.  The answer is that this is a scam and the best thing you can do is to enjoy the humor of these emails, but never respond to them

Scam of the day – March 26, 2015 – FTC sending checks to buyers of phony body slimming creams

March 25, 2015 Posted by Steven Weisman, Esq.

The Federal Trade Commission (FTC) has announced a settlement with L’Occitane, Inc., the maker of Almond Beautiful Shape and Almond Shaping Delight skin creams, which the company had claimed had been clinically tested and proven to “trim 1.3 inches in just 4 weeks.”  The products were also claimed to resculpt and tone the bodies of users of the product as well as to fight cellulite.  None of these claims were accurate for the two products that sold for $48 for a 7 ounces of Almond Shaping Delight and $44 for 6.7 ounces of Almond Beautiful Shape.  As one of the conditions of the settlement, L’Occitane is paying $416,000 in refunds to customers who purchased either product since March 19, 2012.

TIPS

Gilardi & Company is the redress administrator for processing the refunds and has already started sending out refund checks to consumers whose names and contact information was obtained through customer lists of L’Ocitane.  The checks must be cashed no later than May 19, 2015.  It is important to also remember that if you receive a letter or other communication informing you that you must pay any type of payment or provide personal information in order to receive your refund, that letter is a scam.  No payments are required to receive a refund in this matter and no personal information is required to be provided in order to receive your refund.

Finally, there is a long history of health and weight loss scams.  In general, the old saying is true, if it sounds too good to be true, it generally is.  No cream can reduce fat or trim your body.  Never purchase a weight loss product until you have thoroughly researched it.

Scam of the day – March 25, 2015 – Prisoners become victims of identity theft

March 24, 2015 Posted by Steven Weisman, Esq.

In a somewhat surprising and ironic development, IRS officials have found that prisoners are becoming victims of identity theft in increasing numbers.  Phony income tax returns using the Social Security numbers of prisoners, according to most recent data has dramatically increased in recent years to more than 137,000 per year at a cost of about 70 million dollars to the Treasury.  Federal prosecutors have begun to target this type of crime.  Last year an Alabama bail bondsman, two former Alabama prison employees, a Florida prison guard and a Georgia man were all convicted in separate federal prosecutions for  stealing the Social Security numbers of 1,200 prisoners and filing phony income tax returns claiming more than 6.5 million dollars in fraudulent refunds.  In an Alabama state court, a prison clerk at the Staton Correctional Facility with access to Social Security numbers of prisoners illegally filed phony tax returns using the Social Security numbers of inmates and managed to get $176,000 in fraudulent refunds before he was caught.  He is no longer a prison clerk.  He is now a prisoner doing a ten year sentence.

TIPS

Of course, as I have been advocating for years now in regard to income tax identity theft, if Congress were to change the law so that when employers file W-2s with the Social Security Administration in February and March, they file copies with the IRS at the same time so that the IRS could match the actual W-2s with the phony ones used with fraudulent income tax returns before returning a refund, income tax identity theft could be all but eliminated.  Presently, employers are required to file W-2s with the Social Security Administration in February and March, but the Social Security Administration does not get around to sending them to the IRS until July, long after the IRS has sent out refunds based upon the W-2s filed with the fraudulent returns.

Until Congress finally acts, the best way to avoid income tax identity theft is to protect the privacy of your Social Security number as best you can and file your income tax return early before an identity thief can beat you to the punch.

Scam of the day – March 24, 2015 – Jeb Bush emails put 12,000 people at risk of identity theft

March 23, 2015 Posted by Steven Weisman, Esq.

While Hillary Clinton has been criticized for not releasing her emails sent and received during her tenure as Secretary of State, her potential presidential rival, former Florida governor Jeb Bush got into trouble for doing just the opposite.  As evidence of the old saying that no good deed goes unpunished, Bush, in an effort to be totally transparent released all 332,999 emails that he sent and received during the time he was governor of New York.  Unfortunately, some of those emails contained personal information including names, birthdates and Social Security numbers of Floridians thereby putting them in danger of identity theft.  Upon this being discovered, the emails with the personal data were removed, however, if someone downloaded the original files made available a week earlier, they would still have access to this information.  According to Fortune Magazine, the majority of the personal information was contained in a single email attachment from October 2003 that related to people on a family services waiting list.

TIPS

Transparency in how government operates is a good idea that informs the electorate of what their elected officials are doing.  Releasing of emails is a relatively new phenomenon, but as this particular instance shows, a thorough review of emails should be done prior to making public emails in order to make sure that nothing such as personal information that could be used for identity theft purposes or information that would be inappropriate for release such as information that should remain confidential for reasons of national security be released.

Scam of the day – March 23, 2015 – Obamacare tax scam

March 22, 2015 Posted by Steven Weisman, Esq.

The IRS is warning people about criminal tax preparers who are directing their clients to pay them directly for penalties connected with the Affordable Care Act, commonly called Obamacare.  The Affordable Care Act provides for penalties for not having health insurance if the taxpayer does not qualify as one of the thirty million people eligible for one of the many exemptions.  According to the Obama Administration as many as six million people will be owing penalties of $95 or the greater of 1% of their household income.    According to H & R Block about half of its clients with subsidized marketplace coverage are having to pay a penalty.  Meanwhile, unethical tax preparers are telling their clients that they are required to pay “shared responsibility” payments directly to the tax preparer if the taxpayer is uninsured.  In some instances the tax preparers have even demanded payments from people who are exempt from the penalty.  Legitimate tax preparers do not collect Obamacare related penalties.  If money is owed as an Affordable Care Act penalty, it is included on their tax return payable to the IRS or is paid directly to the IRS by the taxpayer by April 15th.   Some unscrupulous tax preparers have told their clients that if they pay the tax preparer directly, that they can lower the payment.

TIPS

If you have been victimized by these scams, you should report it to the IRS on Form 14157, Complaint:  Tax Return Preparer.  If you have a question about whether you may owe the penalty or are eligible for one of the exemptions you can use the IRS’ Interactive Tax Assistant to determine whether or not you do owe a penalty.  The link for the Interactive Tax Assistant is www.irs.gov/uac/AM-I-required-to-make-an-Individual-Shared-Responsibility-Payment%3F

If you do owe such a penalty, it is important to remember that you never pay it to your tax preparer.

Scam of the day – March 22, 2015 – Obituary scams

March 21, 2015 Posted by Steven Weisman, Esq.

Scammers have no sympathy for anyone as evidenced by the many scams that are based on obituaries.  For years, scammers would scan the obituaries and then go to Social Security’s Death Master File where the names of deceased Americans are available along with their Social Security numbers and then use this information to the deceased a victim of identity theft by obtaining credit, filing phony income tax returns or other tactics.  Easy access by scammers to the Death Master File has been largely closed by legislation that took a long time to be made effective.

Scammers also will look for information in obituaries about the names of family members and then use that information for purposes of the infamous Grandparent Scam where the grandparent gets a telephone call late at night from a scammer posing as the grandchild who under the guise of some emergency tricks the grandparent into sending money to the scammer.

Scammers also call the families of people they see in the obituaries and claim they are creditors of the deceased person and that the family must pay a debt owed by the deceased.

Finally, scammers will also deliver packages by messengers on a COD basis claiming that the package was something ordered by the deceased person.  It is only after the family member has paid the Cash On Delivery charges and opened the package that the family finds that the package is just filled with old newspapers or magazines merely used as weight for the package.

TIPS

Scammers prey on people at their most vulnerable so it is at times like the death of a family member that you must be your most vigilant.  When writing an obituary, don’t put in specific information such as names that can be used by a scammer.  Also, contact the three major credit reporting bureaus, Equifax, TransUnion and Experian to seal the credit report of the deceased in order to avoid the risk of identity theft.  If someone contacts you claiming a debt was owed by the deceased, demand written confirmation for you to review before paying any alleged debts.  Don’t be pressured to act quickly by a purported debt collector.  Finally, if a COD package comes, refuse to pay until you can confirm that the delivery is legitimate.