Category: ‘Site Related’

Scam of the day – September 2, 2015 – Microsoft lottery scam

September 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day again comes from my own email although I am sure many of you have received the same email.  It appearsto inform me that I have won a huge prize in a lottery sponsored by Microsoft.  Lottery scams are among the most prevalent scams year after year and with good reason.  People, often blinded by their greed, fall for these scams and end up paying thousands of dollars to scammers and receive nothing in return.  Generally, there are two ways that phony lotteries work.  Either you are told that in order to claim your prize, you must pay administrative fees or income taxes to the lottery sponsor.  In both cases, victims pay money to the phony lottery sponsors and never see a dime.  Here is a copy of the email that I received.

“Dear Cash Winner,

Your e-mail address was selected and confirmed by our co-sponsor Microsoft International, through their latest internet software. You have therefore been approved by Microsoft® Corporation UK the sum of £3.6 Million POUNDS (THREE MILLION, SIX HUNDRED THOUSAND POUNDS). These funds are in cash, Credited to a valid cashier’s check, with a winning Reg. No. MCIMJ: 36925/0751 and payment ID mast/isd/04-15. Be informed that your prize has been insured and ready for pay out to you. You are to contact your assigned claims officer below with your required information’s:

Name: Sergey Alexandro
Claims Verification Department.
Microsoft® Liaison Office”


The first tip off that this is a phony lottery is that the email address sending me the email is that of an innocent individual whose email was hacked and made part of a botnet to send out such phony lottery emails.  The email address shows no relationship to either Microsoft or any lottery.  The second thing to remember is that it is difficult to win a lottery you enter.  It is impossible to win one that you never even entered.  Finally, in regards to administrative fees, no legitimate lottery will ask you to pay for administrative fees in order to collect your prize and while it is true that income taxes are due on lottery winnings, those taxes are either deducted from your winnings and paid directly by the lottery sponsor on your behalf to the IRS or the entire winnings are paid to you and it is your responsibility to pay the income taxes to the IRS.  No legitimate lottery collects income taxes on behalf of the IRS.

Scam of the day – September 1, 2015 – Fake ID scams

August 31, 2015 Posted by Steven Weisman, Esq.

As many young people get ready to head off to college many of them are bringing with them fake IDs in order to enable students who are under the drinking age of 21 to purchase alcohol at bars and liquor stores.  It has been estimated that as many as 80% of college students have used fake IDs.  However, as New York Governor Andrew Cuomo earlier this week warned, buying a fake ID is a risky enterprise that can lead to the purchaser becoming a victim of identity theft after providing sensitive information to the maker of the fake ID.  In addition, in many instances, the companies offering this product online are often based in foreign countries and merely take the money, generally a hundred dollars or more, of unwary victims and never send anything in return.  As for the cheated young consumers, they are left without recourse because they can’t go to the police complaining that the company selling them an illegal fake ID didn’t provide the product and even if they did go to the police, there is nothing that can be done to get the money back from the companies located overseas.  The most common form of fake ID sold on the internet is a phony driver’s license and some of them are actually well copied counterfeits, but they certainly are not worth the risk.


Buying a fake ID online is just too risky a venture.  Providing personal information that is often requested for these fake IDs is just an invitation to becoming a victim of identity theft.  In addition, when buying illegal goods, you can’t be sure that you will ever get anything in return for the money or Bitcoins you pay before you ever receive anything.   Finally, using a fake ID is a crime and if you are caught, you are in serious trouble.  The bottom line is that young students would be smart to avoid buying fake IDs.

Scam of the day – August 31, 2015 – Jason Chaffetz becomes a victim of income tax identity theft

August 31, 2015 Posted by Steven Weisman, Esq.

Unless you live in Utah, the name of Jason Chaffetz may not be familiar to you.  Jason Chaffetz is a Congressman from Utah, the Chairman of the House Oversight Committee and a recent victim, as he disclosed this week, of income tax identity theft.  Chaffetz did not find out he was a victim of income tax identity theft until he went to file his income tax return only to be told that someone else had filed using his name and Social Security number.  Fortunately for Chaffetz he owed money to the IRS so the fact that he is a victim of income tax identity theft will not delay the payment to him of a refund.  Those victims of income tax identity theft who are owed a refund find insult added to injury as they must wait many months before the IRS completes its investigation and sends a refund.  Chaffetz has long been a critic of IRS Commissioner John Koskinen and this latest matter has only added to the reasons Chaffetz is using in asking for Koskinen to be fired.


Although Congressman Chaffetz is  rightfully placing much of the blame for income tax identity theft on Commissioner John Koskinen, there is plenty of blame for income tax identity theft on the part of Congress itself which continues to fail to pass legislation to require employers to file W-2s with the IRS at the same time they file them with the Social Security Administration.  Presently, employers file W-2s for their employees with the Social Security Administration either at the end of February or March depending on whether they are filing electronically or by paper.  The Social Security Administration does not get around to sending the W-2s to the IRS until July, long after the IRS has already sent out refunds to many income tax identity thieves who filed counterfeit W-2s.  If the IRS received W-2s early and compared them to the W-2s filed with income tax returns before sending out refunds, a tremendous amount of income tax identity theft could be avoided.  As for what we as taxpayers can do to protect ourselves from income tax identity theft, the best things you can do are to keep your Social Security number private and file your income tax return early before an identity thief files one before you do.


Scam of the day – August 30, 2015 – Routers vulnerable to hacking

August 30, 2015 Posted by Steven Weisman, Esq.

If you are reading this online, you have a router.  A router is a networking device that is used to transfer data between your computer and the Internet.  Unfortunately, researchers at Carnegie Mellon University have disclosed that a number of commonly used DSL routers are vulnerable to hacking because they use an easily guessed hard code password.  The affected models are ASUS DSL-N12E, DIGICOM DG-5524 T, Observa Telecom RTAO1N, Philippine Long Distance Telephone (PLDT), SpeedSurf 504AN and ZTE ZXV10 W300.  Although this vulnerability was just announced earlier this week, other researchers had discovered the same problem and had reported on it for two of the affected devices last year.  In addition, earlier this year, at least 700,000 routers from different manufacturers were also vulnerable for the same reason and although they were manufactured by different companies, they all used vulnerable hardware manufactured by the same Chinese company.


Here is a link to the Vulnerability Notice as released by the researchers at Carnegie Mellon University.

I urge you to check and see if your router is one of those affected.  Unfortunately, if your router is one of the vulnerable routers, according to the researchers at Carnegie Mellon there is no practical solution at this time.  However, they do recommend that you adapt your Firewall so that the telnet service of your router is not accessible by untrusted sources.

Steve Weisman’s latest column for USA Today

August 29, 2015 Posted by Steven Weisman, Esq.

Here is  a link to Steve Weisman’s latest column for USA Today.


Scam of the day – August 29, 2015 – Class action filed against IRS for data breach

August 29, 2015 Posted by Steven Weisman, Esq.

The trend of people suing companies and government agencies deemed responsible for data breaches due to their failing to take proper steps to protect personal information they hold continues to accelerate with the recent filing of a proposed class action on behalf of the approximately 330,000 people affected by the recent data breach of the IRS’ Get Transcript program about which I have reported to you a number of times here at Scamicide.  Go to the Archives for more information about this particular data breach.  According to Richard McCune, one of the lawyers who filed the lawsuit, “As custodians of taxpayer information, the IRS has failed in its obligation to protect the personal and sensitive information of hundreds of thousands of taxpayers, their spouses and families.  Furthermore, the breach and theft occurred after repeated warnings over the course of several years regarding the lax computer security system.”


If you were affected by this data breach and want more information about the lawsuit, you can contact McCuneWright, one of the law firms that filed the lawsuit by clicking on this link.

As for the rest of us, the best things you can do to protect yourself from  income tax identity theft is to protect the privacy of your Social Security number and file your income tax return as early as possible to prevent an identity thief from filing one using your name and Social Security number before you get a chance to file your legitimate return.

Scam of the day – August 28, 2015 – Money flipping scam

August 28, 2015 Posted by Steven Weisman, Esq.

Social media is suddenly being flooded with advertisements for money flipping opportunities.  In one version of the scam being found on Instagram, there is a photograph of someone folding a pile of money with text that says that it is easy to “flip” a couple of hundred dollars to as much as thousands of dollars and then gives you contact information in order to take part in this great opportunity.  Once contacted the scammer then instructs the victim to provide their debit card and PIN to the scammer in order to be able to deposit a check into your account.  The scammer then tells you that he or she will deposit a check into your account and then withdraw the money shortly thereafter.  You then get paid for allowing the scammer to use your account in this manner.  The problem is that the check the scammer deposits into your account is counterfeit, but the money withdrawn from your account in the amount of the counterfeit check is not so you lose money from your account.


Certainly everyone wants, as Dire Straits sang years ago, “money for nothing,” however, you should always be skeptical of anyone proposing a scheme that appears to offer that kind of reward.  What possible legitimate reason could there be for a stranger to need to use your bank account to cash a check?  This is an obvious scam and one that should be avoided.   You also should never consider giving your debit card and PIN to a stranger or even a friend for that matter.

Alaska cruise with Steve Weisman of

August 27, 2015 Posted by Steven Weisman, Esq.

Bottom Line Publications is sponsoring a luxury cruise of Alaska on the Crystal Serenity from June 19th to June 26th 2016.  The trip will also feature a number of speakers on a variety of personal finance topics.  Steve Weisman of will be one of the speakers talking about scams, identity theft and cybersecurity.

If you are interested in joining Steve on the cruise or want more information, here is a link to the cruise website.


Scam of the day – August 27, 2015 – Virginia news shooting scams

August 27, 2015 Posted by Steven Weisman, Esq.

Yesterday’s news was filled with coverage of the tragic killing of Virginia WDBJ news reporter Alison Parker and cameraman Adam Ward by Vester Flanagan, also known professionally as Bryce Williams, a deranged and disgruntled former co-worker.  During the course of the killings Flanagan actually took videos of the murders as he committed them and posted them to his Facebook and Twitter accounts shortly after the killings while he was on the run from law enforcement.  Some legitimate news sites are presenting edited still photos from the videos while others are providing the actual footage.    The videos themselves were taken down shortly after being posted.  However, there will be people out of morbid curiosity looking on the Internet for those grisly videos and scammers are only too willing to take advantage of their curiosity.  You can expect that there will be websites, text messages and emails purporting to provide links to the videos and you also can expect those websites, text messages and emails to be contaminated with malware that will enable the scammer to steal the personal information from the computers, smartphones and other electronic devices of the morbidly curious and use that information to make them victims of identity theft.


Never click on links in emails or text messages unless you are absolutely sure that they are legitimate.  The risk of downloading malware is just too high.  In addition, there are some types of malware that can steal your information when you merely go to an infected website so whenever seeking videos or photos of controversial subjects, you should stay with legitimate news websites.  Merely because a website may turn up high in a Google or other search engine search does not mean that the website is legitimate.  It only means that the makers of the website know how to manipulate the logarithms used by Google to receive a high ranking.

Scam of the day – August 26, 2015 – Bank of America security message scam

August 26, 2015 Posted by Steven Weisman, Esq.

This is another phishing scam that is making the rounds these days.  It appears to be a legitimate email from Bank of America informing you that due to upgrades being done to the Bank of America computer systems, it is necessary for you to confirm personal account information in order to maintain your account.  Of course, if you click on the link contained in the email, you will only succeed in either unwittingly downloading keystroke logging malware that will steal your personal information from your computer and use it to make you a victim of identity theft or you will be sent to another website that prompts you to provide your personal information directly, which then wil be used to make you a victim of identity theft.  Either way you lose.  Here is a copy of the email presently being circulated:


We need you to confirm your Bank of America account due to our new upgrading. It is mandatory that you confirm your details through our secure link below.

Thank you for your co-operation.
Bank of America Admin
Copyright © 2015 BOA Inc.”


There are a number of ways to know that this is a phishing scam.  First of all, if you are not an account holder at Bank of America, you can rest assured that the email is a scam.  Unfortunately, there are so many people that are account holders at Bank of America, the scammers just send out the email in large numbers hoping to reach Bank of America account holders among the random people being sent the email.  The email address from which it is sent was not that of Bank of America, but rather that of a private individual whose email account was hacked, taken over and made part of a botnet to send these emails in large numbers.  Because you can never be sure whenever you receive an email that asks you to provide personal information whether it is legitimate or not, the best thing to do is to remember my motto, “trust me, you can’t trust anyone” and confirm whether it is legitimate or not by calling the real company, in this case Bank of America to learn whether or not the email is phony or not.  Chances are, you will be told that it is a scam.