Category: ‘Site Related’

Scam of the day – May 25, 2015 – New Social Security scams

May 25, 2015 Posted by Steven Weisman, Esq.

A person’s Social Security number is a key to identity theft.  Armed with this information, an identity thief can steal your identity, get credit in your name and even file an income tax return using your Social Security number.  Identity thieves are always devising new ways to lure people into providing their Social Security number.  The Social Security Administration (SSA)Inspector General has issued a warning about new threats, one of which you can control and the other of which you cannot.  According to the Inspector General, the data base of the Social Security Administration suffered a cyberattack that appears to have stolen information from the SSA that can be used to make you a victim of identity theft.  Having this information fall into the hands of identity thieves is something you cannot control.  However, the Inspector General also indicated that identity thieves are also contacting people by phone, emails or text messages claiming to be representatives of Social Security requesting personal information such as your Social Security number, bank account number or birth date under various guises.  People falling for these scams and providing this information soon end up becoming victims of identity theft.

TIPS

Trust me, you can’t trust anyone.  The Social Security Administration will not contact you by email or text messages so if you are communicated with by either of these methods, you can be sure that it is a scam.  They will generally not call you by phone either except in the limited situations of where you have just filed a claim and even then, they will never ask for your Social Security number or other personal information.  As a general rule, you should never provide personal information to anyone who calls you on the phone because you can never be sure they are who they say they are.  If you do receive a communication that purports to be from Social Security that you think might be legitimate, you can find out for sure by merely hanging up and calling the Social Security customer service line at 800-772-1213.

Scam of the day – May 24, 2015 – CareFirst Blue Cross Blue Shield hacked

May 23, 2015 Posted by Steven Weisman, Esq.

Health insurer Care First Blue Cross Blue Shield became the latest victim of hacking in the health care industry.  This latest hacking which was only just announced a couple of days ago, but occurred in June of 2014 is just the latest in a series of data breaches at major health care companies and insurers including Anthem and Premera.  More than a hundred million people have had their personal information compromised in these data breaches leaving them in serious danger of identity theft.  The Care First hacking affects more than a million of its present and former customers.  The breach was discovered a month ago during a routine forensic review of its computer networks.  Fortunately, neither Social Security numbers nor credit card numbers were lost in the data breach.  However, the hackers did manage to steal the names of present and former customers, email addresses, birth dates and Subscriber ID numbers, all of which could be used by the hackers for targeted email spear phishing by which intended targets of the identity thieves receive emails that, due to the information contained within them as well as the fact that they are directed to the individual by name, appear to be legitimate.  In these emails, in which the identity thief poses as a legitimate company doing business with the targeted person, the intended victim is lured into either clicking on links containing keystroke logging malware or into providing personal information in response to the email.  In either of these situations, if the intended victim clicks on the link or provides the information, he or she will quickly move from intended victim to actual victim.

TIPS

Remember my motto, “Trust me, you can’t trust anyone.”  Never provide personal information to anyone who contacts you by email, text message or phone.  You can never be sure if they are legitimate.  Never click on links in emails or text messages until you have actually confirmed that the communication is legitimate.  If you think such an email or text message might be legitimate, contact the real company at a phone number or email address that you know is accurate to confirm whether or not the email or text message you received was legitimate.  With so much information about all of us available either in public data bases or by way of data breaches of companies with which we do business, you can’t trust an email, text message or call regardless of how legitimate it may appear.  Always verify before providing personal information.

Scam of the day – May 23, 2015 – FTC shuts down huge charity scams

May 23, 2015 Posted by Steven Weisman, Esq.

Earlier this week, the Federal Trade Commission in cooperation with law enforcement officials from all fifty states and the District of Columbia filed a complaint in federal court against four phony charities and the people operating them accusing the charities of misapplying hundreds of millions of dollars of donations and using all but 3% of the donations for their own individual benefit.  The charities named are the Cancer Fund of America, the Cancer Support Services, Inc, the Children’s Cancer Fund of America, Inc and the Breast Cancer Society, Inc.  Also charged were officers of these charities, James Reynolds, Sr., Kyle Effler, Rose Perkins and James Reynolds II.  According to the FTC’s complaint, the funds collected from people thinking they were helping people with cancer went to huge salaries to the charities’ insiders along with payments for cars, luxury cruises, college tuition, gym memberships, ski outings, tickets to sporting and entertainment events and even dating site memberships.

The Children’s Cancer Fund of America and the Breast Cancer Society, Inc along with their principals Rose Perkins, James Reynolds II and Kyle Effler have all agreed to settle the charges.  As part of the settlements The Children’s Cancer Fund of America will pay $30,079.82 to the FTC which represents charitable donations made between 2008 and 2012.  The Breast Cancer Society, Inc.  will pay $65,564.36 which represents donations made between 2008 and 2013.  In both cases, this money will be turned over to legitimate charities.  Litigation will go on against the other charities and individuals charged.

TIPS

There are many lessons for all of us as individuals interested in making charitable donations.  The first lesson is that merely because the name makes a charity sound legitimate does not make it so.  Second, when you are considering making a donation to a charity, it is important to investigate the charity to find out whether it is an outright scam or whether it is one where very little of the money donated goes toward the announced charitable purposes of the charity.  You can find the answers to both of those questions by going to www.charitynavigator.org, which, by the way rated these charities extremely low.

Scam of the day – May 22, 2015 – Memorial Day scams

May 22, 2015 Posted by Steven Weisman, Esq.

Memorial Day is three days away and with it will come a unique number of Memorial Day related scams.  Scammers are always timely and whatever has your attention, also has the attention of scammers, whether it is a natural disaster such as the recent Nepal earthquake, an untimely death of a celebrity or a major holiday.  In the case of Memorial Day, you can expect to be solicited by scammers by phone (remember legitimate charities can call you by phone even if you have enrolled in the Do Not Call List because it exempts charities), email or letters asking for your money for various veterans causes or charitable ventures tied to Memorial Day.

TIP

You never know who is on the other line of a telemarketing call, so never trust them.  If you are at all interested in what they are selling or soliciting, ask them to send you written materials that you can then check out to see if it is legitimate.  When it comes to charities, a good place to go is www.charitynavigator.org where you can see if a charity is legitimate or a scam as well as actually see how much of the money they collect goes toward their charitable purposes and how much towards salaries and administrative costs.

Scam of the day – May 21, 2015 – Latest security updates from the Department of Homeland Security

May 21, 2015 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.  Today’s updates include critical updates for Adobe Acrobat, Internet Explorer, Google Chrome and Mozilla Firefox.

TIPS

Here are the links to the latest security updates and patches from the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB15-138

https://www.us-cert.gov/ncas/current-activity/2015/05/19/Google-Releases-Security-Update-Chrome

Scam of the day – May 20, 2015 – A new online dating scam

May 20, 2015 Posted by Steven Weisman, Esq.

I have written many times in Scamicide.com and in my book “The Truth About Avoiding Scams” about romance scams.  Most of these online dating and romance scams involve some variation of the person you meet though an online dating site quickly falling in love with you and then, under a wide variety of pretenses, asking for money.  However, recently in a new study done jointly by University College London and Jiayuan, China’s largest online dating service some new types of romance scams were identified and one is particularly insidious.

It starts with a local high-end restaurant hiring a beautiful woman who puts her profile on line with a dating service.  Once contact is made with a potential suitor/victim, the woman persuades her new friend to take her to the restaurant that hired her where she manages to run up a tab, which in some instances has been as much as $2,000.  The suitor/victim pays the bill who then vanishes from his life, never to be seen again.  According to the study, this scam was used with members of the Jiayuan dating site more than 57,000 times.

TIPS

Online dating can be very effective, but it is also extremely risky.  Of course, you want to be particularly wary of anyone, who early in the relationship finds some excuse to ask for money, but as the University College London study shows, there are other ways you can find yourself at risk.  In regard to protecting yourself from this particular type of scam, it is a good idea to leave the expensive restaurants or events out of the relationship until the relationship has seriously progressed.

Scam of the day – May 19, 2015 – Consumer Financial Protection Bureau settles cramming charges with Sprint and Verizon

May 19, 2015 Posted by Steven Weisman, Esq.

The Consumer Financial Protection Bureau (CFPB) has announced that it has reached settlements with wireless service providers Sprint and Verizon regarding allegations by the CFPB that both companies were guilty of cramming and have asked the federal courts for approval of the settlements.  For years I have been warning you about the dangers of cramming.  Cramming is the name for putting unauthorized third party charges on a consumer’s telephone bill without the knowledge or approval of the consumer.  This has long been a problem with landline phones and in recent years has become a major problem with cellular service.  There are many ways that these unauthorized charges make their way to a victim’s phone.   Sometimes, consumers actually unknowingly sign up for premium texting services that may be for things such as flirting tips, horoscopes or celebrity gossip.  Other times, unscrupulous merchants merely tricked consumers into providing their cell phone numbers to which these merchants added the charges without providing anything in return.  The charges range from a single monthly charge of up to $14.99 to regular, continuous monthly charges of $9.99 per month.  Many consumers did not even notice these charges in their bills, which often were not clearly designated.  Both Sprint and Verizon received between 30 and 40% of the revenue generated by these illegal charges.

Pursuant to the terms of the settlements, Sprint and Verizon will refund 120 million dollars to affected customers as well as pay 38 million dollars in federal and state fines.

TIPS

First and foremost, even if you are not a Sprint or Verizon customer, everyone should closely review their cellphone bill each month to make sure that you understand every charge that appears.  If anything is not clear to you, you should contact the cellphone service provider for an explanation.

If you are a Verizon customer who has been victimized by cramming, you can submit a claim for a refund by going to www.CFPBSettlementVerizon.com or by calling (888)-726-7063.  If you are a Sprint customer who has been victimized by cramming, you can submit a claim for a refund by going to www.SprintRefundPSMS.com or call (877) 389-8787.

Scam of the day – May 18, 2015 – Color run scams

May 18, 2015 Posted by Steven Weisman, Esq.

What you may ask is a color run?  These are road races, often advertised as being done to help a charity, in which the runners wear white clothes and along the route are doused with bright powdered dyes that turn their clothing into rainbows of color.  While this may seem like fun, the Better Business Bureau and a number of law enforcement agencies including the police departments in Baton Rouge, Louisiana and Bangor, Maine are warning people that many of these color runs are scams being operated by scam artists who steal the registration fees, cancel the race and refuse to refund the fees.

Making this scam more complicated is the fact that there have been legitimate color runs such as the recent Color Vibe Run in West Palm Beach, Florida which had more than 7,000 runners with funds raised benefiting the local Habitat for Humanity charity.

TIPS

Two of the organizations sponsoring these color runs that have been accused of being scams are Color 5 Mile and Run or Dye.   Anyone considering participating in such a run should first make sure that they pay any entrance fee by credit card so that if the race is cancelled, you can more readily dispute the charge with your credit card company and get your money back.  As always, there is little fine in fine print, so you should make sure that you read carefully the fine print of any application to participate in such a race, particularly as to the refund policy.  Finally, if the race is advertised as being done to benefit a charity, check out the charity first with charitynavigator.org to make sure that the charity is legitimate and if it is, contact the charity directly to confirm that they have an arrangement with the sponsor of the color run.

Scam of the day – May 16, 2015 – Penn State shuts down computer system following hacking

May 16, 2015 Posted by Steven Weisman, Esq.

Yesterday, Penn State University took the computer network of its engineering college offline while it works to free the system of  sophisticated hacking that has gone on for more than two years.  Penn State  first became aware of the hacking in November of 2014 when it was informed of the hacking by the FBI.  After an extensive investigation it was determined that the hacking was done by two separate groups.  The first group was Chinese government hackers and the second, unrelated group, while not yet identified by investigators is thought to be another state-sponsored group.  Russia and Iran have both been active in world wide hacking activities although neither has been specifically tied to this particular hacking.

American engineering schools, including MIT, and Carnegie Mellon, have been targets of Chinese state sponsored hacking for many years.  The goal of these hackings have been to gain information for both commercial and national defense purposes.

The fact that the hackers had unrestricted access to Penn State’s engineering schools computer networks for more than two years raises the distinct probability that they were able to exploit this access in order to gain access to some or all of the 500 companies, government agencies and other universities tied to this computer network.

TIPS

I have written many times of the extreme vulnerability of colleges and universities, which often gather and keep much personal information for which they have no real need, such as the Social Security numbers of applicants to the schools or Social Security numbers of alumni.  Coupled with lax security at many colleges and universities, this gathering and keeping of personal information for which the schools have no need puts the people whose information is affected in great danger of identity theft.  It is important for all of us to always inquire as to any company or agency that has personal information of ours as to what they do to keep this information secure.  This also emphasizes the need for us all to be extremely vigilant in monitoring our accounts for early indications of identity theft.

As for the larger issues of both corporate data security and national security, it is of the highest importance for companies and the government to cooperate better in developing and implementing secure data protection systems.