Category: ‘Site Related’

Scam of the day – January 30, 2015 – 1,800 Minecraft passwords compromised

January 30, 2015 Posted by Steven Weisman, Esq.

The German website Heise is reporting that 1,800 accounts of the popular online video game Minecraft were hacked, however, as a spokesman for Mojang, the developer of Minecraft was quick to point out, it was not the computers and data of Mojang that were hacked and compromised, but rather, individual accounts of Minecraft players who had unwittingly turned over their passwords and user names to hackers who had tricked the account holders into revealing their user names and passwords through the technique called phishing by which you receive a legitimate appearing communication by email or text message that requests personal information, in this case the user name and passwords for the victim’s Minecraft account.  Phishing is a very simple, common and effective way that hackers gain credentials to not only individual accounts, but also to the data banks of entire companies by tricking people into providing passwords.  The Target hacking started with a phishing email to an employee of the HVAC company that worked with Target.

TIPS

Always be skeptical of any email or text message that requests that you provide your password or text message.  Unless you are absolutely sure that it is legitimate,  you should always confirm that the request is legitimate before providing such information.  In addition, in order to protect yourself from identity theft, you should use a different password for all of your online accounts.  By doing this, you protect your other accounts in the event that one of your accounts is hacked.  You can find some tips on how to choose complex, but easy to remember passwords in my book “Identity Theft Alert.”

Scam of the day – January 29, 2015 – Major security flaw discovered in Linux operating system

January 29, 2015 Posted by Steven Weisman, Esq.

Linux is a popular and free computer operating system.  Recently researchers at the cloud security company Qualys discovered a major security flaw in the Linux operating system which they have named GHOST that would enable hackers to remotely take total control of a Linux user’s computer or other device without having to even know a password.  The GHOST security flaw could be exploited merely though an email from a Linux-based system to the victim’s computer or other device.  Fortunately, there is a patch for this security problem.  A link to the patch can be found below.

TIPS

If you are a Linux user it is imperative that you download the security patch immediately.  Here is a link that will take you to the necessary patches.  https://www.us-cert.gov/ncas/current-activity/2015/01/27/Linux-Ghost-Remote-Code-Execution-Vulnerability

This is just another example of how important it is to keep up to date with the latest security patches and updates and install them as soon as possible.  Hackers and identity thieves constantly are taking advantage of people who do not update the software they use on their computers and other devices with the latest security patches.  Here at Scamicide we inform you whenever there are important security patches and updates about which you should be aware.  Make sure that you check out Scamicide every day and let your friends know to do the same.

Scam of the day – January 28, 2015 – Phony Chinese bank scams millions

January 28, 2015 Posted by Steven Weisman, Esq.

Scam artists are the only criminals and with good reason, the creativity and audacity shown by these criminals can sometimes be astounding.  Recently, a phony Chinese bank was shut down by Chinese authorities, but not before it had swindled innocent Chinese customers including a large number of small businesses out of an estimated 200 million dollars.  The phony bank, Nanjing Mou Village Cooperation Unit operated in the Chinese city of Nanjing for about a year before the fraud was discovered and the bank closed down by authorities.  Physically it looked like a bank, but it had no legal authority to act as a bank.  As with so many scams, a telltale sign is an offer that is too good to be true.  In this particular case, the bank promised depositors 2% interest on their deposits each and every week.   A phony bank scam is nothing new to China.  In 2012, Lin Chunping claimed to have purchased and then operated an American bank in China that turned out later to be nonexistent.  Lin is now serving a life sentence for fraud.

TIPS

When it comes to investing or banking, you should always check out the legitimacy of the financial institution before turning over your  money.  There are many federal and state regulatory agencies that relate to various financial businesses and it is an easy task to find out prior to investing or saving with a particular company or bank whether or not the company is legitimate.  Of course, anytime you are enticed by an offer that sounds too good to be true, you should be particularly skeptical and at this point in time a promise of 2% per week is outrageously unlikely to be legitimate.

Scam of the day – January 27, 2015 – Green coffee bean weight loss scam

January 27, 2015 Posted by Steven Weisman, Esq.

Lindsey Duncan and his companies, Pure Health LLC and Genesis Today, Inc have agreed to a 9 million dollar settlement with the Federal Trade Commission (FTC) regarding phony weight loss claims made by Duncan and his companies about green coffee bean extracts, which Duncan claimed would enable users to lose 17 pounds and 16% of their body fat in 12 weeks without diet or exercise.  Duncan also touted a severely flawed clinical study which he claimed supported his claims.  Helping his sales of the weight loss product were his television appearances on legitimate shows such as The View and The Dr. Oz Show.  Dr. Oz received much criticism while testifying before Congress recently regarding the recommending of green coffee bean extracts for weight loss on his show.

TIPS

The truth is that there are no quick fixes when it comes to weight loss and you should be wary of any product that promises you can lose tremendous amounts of weight quickly without dieting or exercise.  You should also be wary of any weight loss product that is sold exclusively either over the Internet or through mail-order advertisements.  It is also important to remember that no cream that you rub in your skin can help you lose substantial weight and no product can block the absorption of fat or calories.  The best course of action is to ask your physician about the effectiveness of a particular weight loss product or program before you reduce your wallet in an effort to reduce your waistline.

Scam of the day – January 26, 2015 – 7 Year old child hacks into public WiFi in under 11 minutes

January 26, 2015 Posted by Steven Weisman, Esq.

The famous comic, Groucho Marx once remarked that a four year old child could understand a report he started to look at, but as he read further and found he couldn’t understand it, he said, “run out and find me  four year old child.”  Well, Betsy Davis isn’t four.  She is seven, but it is still pretty impressive that a computer savvy seven year old could find the instructional information she needed to hack into a Wi-Fi system and then hack into a public Wi-Fi system all in a mere ten minutes and fifty-four seconds.  Fortunately, Betsy is not a criminal hacker, but was enlisted as a part of a security experiment to see how easy it was to hack into a public Wi-Fi network and steal information from people using the network.  All of this begs the question as to how safe are you when you use public Wi-Fi?  The bad news is that most people are not pretty safe.  The good news is that by following a few precautions, you can enhance your safety significantly.

TIPS

Whatever electronic device you are using connect to a Wi-Fi network, whether it is a computer, laptop, tablet or smartphone should be equipped with security software.  In addition, you should have encryption software so that your communications are encoded.  You also should go to your settings and turn off sharing.  In addition, you should make sure that your firewall is current and turned on.  Finally, you may wish to consider using a Virtual Private Network (VPN) which enables you to send your communications through a separate and secure private network while you are on a public network.  A good VPN that you can use for free is CyberGhost which you can go to by clicking on this link.  http://www.cyberghostvpn.com/en_us

Scam of the day – January 25, 2015 – Critical Oracle security updates

January 25, 2015 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Today’s updates are critical updates from Oracle that address 169 vulnerabilities in various of their products including the much used Java, which has often been exploited by hackers and identity thieves in the past.  Part of the reason that Java has been attacked so often is its popularity with users.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.

TIPS

Here are links to the necessary updates as provided by the Department of Homeland Security.

https://www.us-cert.gov/ncas/current-activity/2015/01/20/Oracle-Releases-January-2015-Security-Advisory

Scam of the day – January 24, 2015 – Parking lots becoming hotbeds of identity theft

January 24, 2015 Posted by Steven Weisman, Esq.

Maine police are indicating that a series of automobile break-ins occurring in parking lots in various cities throughout the state may be the work of a national gang called the Felony Lane Gang.  The Felony Lane Gang originated in Florida, but is now operating throughout the country.  Their pattern is to break into automobiles and steal purses, wallets and other personal property not for the cash contained, but for the credit cards, checkbooks, driver’s licenses and other forms of personal information and identification that they use for purposes of identity theft.  They will often target parking lots at gyms and fitness centers where the car owner will both be out of the car for an extended period of time and may also leave purses, wallets and other property in the car for the very purpose of what they perceive as enhanced security rather than bring these items with them to the gym or fitness center, where locker break-ins are a constant threat.  Although the most recent reports of the activities of the Felony Lane Gang have been in Maine, this problem is by no means limited to Maine, but is found everywhere.

TIPS

There is nothing you can do that will guarantee that you will not become a victim of identity theft, but there are simple steps you can take to reduce the risk.  When parking your car, don’t leave purses, wallets or any personal items in plain view and certainly lock the car.  Also either lock your valuables and personal documents in the trunk of your car or take them with you.  Identity thieves are looking for low hanging fruit, which in this instance means unlocked cars or cars with visible purses or other items that can be used for purposes of identity theft.

Scam of the day – January 23, 2015 – Green Dot MoneyPak card scam update

January 23, 2015 Posted by Steven Weisman, Esq.

The MoneyPak reloadable debit card made by Green Dot, a California company is very popular with consumers to easily send money quickly anywhere you want.  Its convenience and inability to be accurately traced also makes it a favorite of scammers who often will trick their victims into sending money using the MoneyPak cards merely by providing the activation code and the security number of the cards that the consumer purchases.  However, as I reported to you in early September 2014, Green Dot has announced that it will be phasing out the MoneyPak card by March of 2015 and replacing the cards with a new reloadable debit card that will move the reloading of cards to the cash registers of retailers to be done through a card processing machine that Green Dot says will reduce fraud.   With this looming deadline, many scammers are increasing their efforts to scam people out of their money through the use of the MoneyPak cards before they go out of existence.

TIPS

Whenever you are asked by someone to quickly provide payment to them through a MoneyPak card, you should immediately become skeptical and give more thought to whether or not the transaction is legitimate.  In one scam that is currently exploiting the use of these cards, scammers under the guise of being IRS agents are calling people and threatening them with tremendous financial penalties and even jail time unless they pay the phony IRS agents by providing the numbers for MoneyPak cards.  As I have told you before, the IRS will never contact you in this fashion, so you can be sure that if you receive such a call, it is a scam.  Whether or not the phasing out of the old MoneyPak debit cards will reduce the fraudulent use of reloadable debit cards remains to be seen, but everyone should be wary whenever they are told to pay for something by means of wiring funds or debit cards which are impossible to get back.

Scam of the day – January 22, 2015 – Tarrish Tellis convicted of income tax identity theft

January 22, 2015 Posted by Steven Weisman, Esq.

We are just at the start of the income tax identity theft season;  income tax identity thieves file early (and often) in order to get their fraudulent income tax returns to the IRS before the victim files his own legitimate income tax return.  The theory behind income tax identity theft is simple and effective.  The identity thief steals someone’s Social Security number and then files a phony income tax return using that Social Security number with phony W-2s or 1099s that can fool the IRS into sending a large, fraudulent refund.  It doesn’t help matters that the IRS still does not match the legitimate W-2s and 1099s sent by employers with those filed by tax filers until late in the summer, long after theirs has sent refunds, but that is another story.

Tarrish Tellis was recently convicted of filing fraudulent income tax returns and stealing more than $700,000 from the IRS through fraudulent refunds obtained as a result of the phony tax returns.  Tellis obtained the Social Security numbers and names of 700 victims from an employee of the Alabama Medicaid State Agency.  Tellis is scheduled for sentencing on April 15th.

TIPS

The two best things you can do to protect yourself from income tax identity theft are to keep your Social Security number as safe, secure and private as possible and file your income tax return as early as possible to beat the identity thief to the punch.  As shown by the fact that the victims in this case became victims through no fault of their own, but due to the criminal acts of an employee of an agency that had access to their personal information, it is once again abundantly clear that we are only as safe as the places that hold our personal information with the worst security.

Scam of the day – January 21, 2015 – Mailbox identity theft

January 20, 2015 Posted by Steven Weisman, Esq.

Identity theft can be high tech, low tech or, as in the case of Tulsa, Oklahoma native Peter Thomas, distinctly no tech.  Thomas had personal and financial information stolen from mail contained in his mailbox at the apartment complex where he lives.  I have often warned people about the danger of having your mail, such as credit card bills or bank statements stolen from your personal mailbox.  In addition, many people put themselves in great danger of identity theft by putting their outgoing mail in their mailbox and put up the red flag to alert the postman that there is mail to be picked up.  Unfortunately, that is also an alert to identity thieves cruising the neighborhood of mail to be easily stolen.

In the case of Peter Thomas, his mailbox should have been secured as it was locked, however, the locking systems of mailboxes in apartment complexes are often not particularly secure.

TIPS

In order to avoid becoming a victim of identity theft through your mailbox, you should make sure that it is securely locked so that it is not easily accessed by your friendly neighborhood identity thief and when it comes to outgoing mail, don’t put it in your mailbox for your postal carrier to pick up regardless of how convenient it may be to do so.  In fact, identity thieves have been known to steal mail from the U.S. Postal Service mailboxes found on the corners of major streets so, in order to be safe, you should mail your outgoing mail at the post office.   It may seem like this is being a bit excessive when it comes to protecting your mail, but remember, even paranoids have enemies.