Scam of the day – June 24, 2017 – Inheritance email scam

The Nigerian letter scam by which you are promised huge amounts of money through an email under various guises, such as an inheritance from a relative you never knew existed or a public official who needs help getting money out of his country, is a scam that has actually been around since the 1500s when it was known as the Spanish Prisoner scam.  While the scam promises money for nothing,  the truth is once you start communicating with the scammer, you are asked to pay one fee after another.  One thing that this scam has in common in all of its incarnations is that if you respond to the scam, you will not end up getting anything except a lesson in learning to be more skeptical.  Many people have paid thousands of dollars to Nigerian letter scam artists before they realize that they have been the victim of a scam.

I don’t publish every one of these types of letters that I receive, but I wanted to share this new version of the letter that Scamicide reader Marty Kenney received earlier this week.

“Good Day.
We wish to notify you again that you were listed as beneficiary to the total
sum US$9 of Million only in the intent of the deceased. On my first email I
mentioned about my late client whose relatives I cannot get in touch with.
But both of you have the same last name so it will be very easy to front you as his official next of kin. I am compelled to do this because I would not want the finance house to push my clients funds into their treasury as
unclaimed inheritance.

We contacted you because you bear the Last name with our Late Client and
therefore can present you as the Beneficiary to the inheritance since there
is no written WILL or Bequest.Our legal services aim to provide our private
clients with a complete service. We are happy to set-up all modalities and
administer Trusts,carry out the administration of estates. All the papers
will be processed in your acceptance of this Transaction.

Note that you are to furnishing me with the requested information’s below
immediately;

(1)Full names.
(2)Contact address.
(3)Telephone and fax numbers.
(4)Location.

If you are interested do let me know so that I can give you Comprehensive
details on what we are to do. Waiting for your response.

Yours faithfully,

Barr. Philip Mark”

 

TIPS

Although it should be apparent to everyone who reads this email that it is a scam, the very outrageousness of  the email is most likely intentional because as more people become aware of the Nigerian letter scam, the scammers do not want to waste their time on potential victims who may be skeptical of their scam, so they often send out emails like these that are so outrageous in an effort to catch only the most gullible and greedy.  You may also pick up on grammatical errors, such as “Note that you are to furnishing me” in the email which is often an indication of a scam perpetrated by someone whose primary language is not English.  The name of the lawyer used in the email of Philip Mark is a name that appears in many Nigerian email scams.  Another indication that this is a scam is that the salutation is not directed to you by name.  In fact, this particular email was sent as a mass email mailing to many people who did not, as indicated in the email, share the same name.

If you receive a particularly inventive or interesting Nigerian email, please share it with us here at Scamicide.

Scam of the day – June 22, 2017 – How to protect your cellphone

We all conduct many  activities on our cellphones which contain much personal information that can lead to identity theft if our phone falls into the wrong hands.   I have written many times about protecting your cellphone from a cyberattack or hacking, but what about an old fashioned theft of your phone? Cell phones can get lost or stolen and it is important to protect yourself from those dangers as well.

TIPS

The best protection for your phone starts with a strong password or fingerprint scanner.  Also, set your phone so that it locks when you are not using it.  Make sure that you back up everything in your phone regularly. Install the  Find My iPhone app  if you have an iPhone or the Find My Device app if you have an Android phone.  These will enable you to locate your cellphone if it is lost or stolen and also allow you to send a command to erase everything in your cellphone even if the phone has been turned off.  If your phone is lost or stolen, you should immediately contact your wireless provider to have them disable the SIM card in your phone so that your phone cannot be used by someone else.  As for protecting your phone from cyberattacks, it is important to both download and continually update security software.

June 21, 2017 – Steve Weisman’s latest column for the Saturday Evening Post

Identity theft can be high tech, low tech or no tech.  Here is a link to a column I wrote for the Saturday Evening Post about the dangers of identity theft posed by your regular snail mail.

Con Watch: How Snail Mail Can Lead to Identity Theft

Scam of the day – June 21, 2017 – Tobacco settlement scam

You may remember the 1998 Tobacco Master Settlement Agreement by which the major tobacco companies settled a class action brought against them by the Attorneys General of 46 states in regard to the dangers posed by cigarette smoking and the misrepresentation of those risks by the tobacco companies.  According to the terms of the settlement, the tobacco companies are required to pay the states 10 billion dollars each year.

Now advertisements  like the one reproduced below are appearing that claim that you can receive guaranteed tax-free payments of $2,300 every month for the rest of your life from the settlement funds even if you never smoked.   The catch is that in order to get your share of these funds you must subscribe to an investment newsletter promoted by a company called Money Morning which purports to provide investment advice on how to invest in state or local bonds backed by settlement payments.  The monthly subscription rates cost about 5 dollars for the first month, but then increases to as much as 129 dollars for succeeding months.  In order to subscribe you must provide a credit card number which the company automatically bills and according to the Attorneys General of Washington, California, Nevada and West Virginia  the continuing payments are hard to stop once you have initially authorized payment.  The Attorneys General from the aforementioned states are warning the public that the advertising is a misleading scam.

Big Tobacco Must pay

TIPS

The biggest problem with this advertisement is that the payments made by the major tobacco companies are done exclusively to the states.  There is no provision in the settlement for any individuals to receive payments from the settlement funds.  While some states have issued bonds backed by the settlement payments, these bonds have nothing to do with the misleading advertising.  Don’t fall for this scam, however, if you already have, you should contact your state Attorney General for help.

Scam of the day – June 20, 2017 – Another cosmetic surgery clinic suffers data breach

On June 5th I reported to you about the data breach at a Lithuanian cosmetic surgery clinic and now we have learned about a similar, but significantly different data breach suffered by prominent Beverly Hills plastic surgeon  Dr. Zain Kadri whose patients include people from many states and four countries.

The data breach, which law enforcement says, affects approximately 15,000 people includes tremendous amounts of data, information and documents including before and after surgery photographs, patient records, credit card information and patient contact information.  It appears that Dr. Kadri’s practice was both electronically hacked and physically burgled by a person, who police say, was a former employee.

The patients victimized by this crime face blackmail, extortion and identity theft as a result of the data breach.

TIPS

Medical practices continue to be a prime target for identity thieves because they are often quite vulnerable to cyberattacks, but as this case apparently shows, data breaches can be done through old fashioned burglaries as well and it is important for all entities that store personal data to take steps to secure data both physically as well as electronically and to limit access to such information to only such employees as have a need to have access to the information.

Unfortunately, there is little that we as consumers and patients can do other than to limit the amount of personal information we provide, as best we can.  For example, your doctor does not need your Social Security number.  We should also inquire of anyone or any entity that retains our personal information about what they do to secure that information.

Scam of the day – June 19, 2017 – New IRS phone scam

A new version of the long running scam of people receiving telephone calls from scammers posing as IRS representatives demanding payments for overdue taxes is being reported by the IRS.  In this new version of the scam, the intended victim is told by the scammer that two certified letters sent by the IRS to the intended victim were returned as undeliverable and that payment must be made immediately over the phone through providing the numbers from a prepaid debit card.  The phony IRS agent also tells the potential victim that the purchase of the prepaid debit card is linked to the IRS’ Electronic Federal Tax Payment System (EFTPS).

The EFTPS is a real system used by the IRS for payment of income taxes electronically over the Internet or by phone, but it does not require the use of prepaid debit cards and the systems are not linked.

Another major indication that this is a scam is that the caller also tells the intended victim not to contact their lawyer, tax preparer or their local IRS office until after the payment has been made.

TIPS

By using a technique called “spoofing” a scammer scan trick your Caller ID into making it appear that the call is originating from the IRS.  Even though Congress foolishly recently authorized private collection agencies to contact taxpayers by phone in regard to overdue taxes, neither the IRS nor any of these private collection agencies will ever demand immediate payment over the phone by credit cards, prepaid debit cards, iTunes cards or wire transfers.

If you receive such a call you should hang up immediately.  If you think you owe money to the IRS, you should contact the IRS directly to deal with this matter.

Scam of the day – June 18, 2017 – Identity thieves hack Federal Student Aid website

The Free Application for Federal Student Aid (FAFSA) is a part of the U.S. Department of Education used by college students to apply for much needed financial aid to assist them in furthering their education.  Some of the forms used in the application process require inserting information from past income tax returns.  To make the process more convenient, FAFSA provided for a data retrieval service directly to the IRS to obtain the necessary information, however scammers, such as two recently indicted men from Indiana and Georgia are alleged to have hacked into the data retrieval system of FAFSA applicants to get the tax information which they then used to commit income tax identity theft, attempting to steal approximately 12.7 million dollars in phony income tax refunds.

In response to these problems, FAFSA suspended its data retrieval system until two weeks ago when they reinstituted the Data Retrieval Tool with the IRS in a manner that the tax return information will be encrypted and hidden from view of even the borrower as well as someone hacking into the borrower’s account.

TIPS

Quite often, as Shakespeare said, the fault is not in the stars, the fault is in ourselves. Too often we become victims of identity theft when the security of particular websites, companies or government agencies that have our personal data is compromised because we provide our passwords and user names to identity thieves by falling prey to spear phishing emails or downloading malware.   It is important to never click on a link in an email or download an attachment unless you have confirmed that it is legitimate.  Also, never provide personal information to anyone unless you have confirmed that the request is legitimate.

As for students seeking to use the Data Retrieval Tool of the IRS for filing a FAFSA form, you can safely use this service by going to StudentLoans.gov.

Scam of the day – June 17, 2017 – Father’s Day scams

Tomorrow is Father’s Day which for many people is an opportunity to show our fathers how much we love and appreciate them, for scam artists, it is yet another opportunity to scam people.

One of the most common Father’s Day scams involves e-cards which are great, particularly for those of us who forget to send a Father’s Day card until the last minute.  Identity thieves send emails purporting to contain a link to an electronic Father’s Day card, but instead send malware that becomes downloaded when the victim clicks on the link. This keystroke logging malware enables an identity thief to steal personal information from the victim’s computer that can be used for purposes of identity theft.

TIPS

Never click on a link to open an e card unless the e card specifically indicates who sent the card. Phony e cards will not indicate the name of the sender.  Even if the sender is someone you recognize, you should independently confirm with that person that they indeed sent you an e card before clicking on the link.

Scam of the day – June 16, 2017 – Woman pleads guilt to identity theft through mail theft

Crystal Candiece Cooper recently pleaded guilty in California to stealing mail and using the stolen mail for purposes of identity theft.  At her sentencing, scheduled for September 12th she faces a prison sentence of as long as thirty years.   Identity theft is a high tech, low tech and no tech crime and while we often tend to focus our attention on high tech identity theft tactics such as spear phishing, no tech tactics such as fishing for mail with a plastic bottle covered in glue that is lowered into blue public mailboxes to capture mail being sent with checks is making a comeback.

I have warned you for years about leaving mail with checks or credit card information in your personal mailbox outside of your home with the flag raised to alert your postal carrier that there is mail in your box to be retrieved is a bad idea because it also alerts identity thieves who can easily steal the mail.  Once they have the checks, they can “wash” the name or even the amount of the check and make the check payable to the thief. They also can use the account number of your check to create counterfeit checks to access your checking account.

Mail thieves also will steal incoming mail from your own personal mailbox which may contain credit card bills, checks and other information and documents that can readily be used for purposes of identity theft.

TIPS

This is an easy crime to avoid.  In regard to paying your bills, the best course of action is to pay your bills electronically and avoid the problem altogether.  However, if you cannot do so or prefer to send a paper check by mail, you should use a gel pen that is not easily “washed” to write your checks and you should mail envelopes with checks in them directly from inside the post office.  You also should consider a locked mailbox for your personal mailbox to avoid identity thieves from easily accessing your mail before you do.