Category: ‘Site Related’

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.


The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – March 1, 2015 – Bank teller convicted of identity theft

March 1, 2015 Posted by Steven Weisman, Esq.

Recently, Nadia Figueroa, a bank teller at a JP Morgan Chase bank in White Plains, New York was convicted of being part of an identity theft ring that stole $850,000  from the accounts of innocent depositors in the bank.  Figueroa obtained personal and account information of hundreds of the bank’s customers with accounts of more than $50,000 and then provided that personal and account information to two accomplices, Tyrone Lee and Anthony Davis who created fraudulent checks and identification documents which they used to impersonate the real account holders and withdraw funds from their accounts at other branches of JP Morgan Chase in New York, Connecticut and Massachusetts.  Lee and David had already been convicted of grand larceny, identity theft, criminal possession of a forged instrument and scheming to defraud.


This case serves as a reminder that it is not just foreign hackers who are attacking banks through cyberattacks, but also criminal, rogue employees who steal from banks by misusing their positions and the information to which they have access.  This should be a wake up call to banks and other financial institutions to provide constant security programs to minimize the opportunity for this type of crime.  It also is another reminder to all of us that the price of security is eternal vigilance.  Everyone should regularly monitor all of their financial accounts for any evidence of anything out of the ordinary.  The sooner you recognize a problem, the easier it is to fix.

Scam of the day – February 28, 2015 – Carnegie Mellon phishing scam

February 28, 2015 Posted by Steven Weisman, Esq.

Carnegie Mellon University is one of the country’s foremost universities in various areas of technology, but that does not mean that Carnegie Mellon employees are any better than anyone else at recognizing phishing emails.  Phishing remains the primary way that many major data breaches are initiated when employees of a company receive a legitimate appearing email that prompts the person receiving the email to click on a link under various guises.  Unfortunately, what happens in many instances is that by clicking on the link, malware becomes installed that enables the hacker to steal information and data from the computer data banks of the company.  This simple technique was how the Sony hacking and the recent billion dollar hacking of a hundred banks around the world was accomplished.  Another way that phishing works is by luring the victims to enter their usernames and passwords into legitimate appearing communications thus providing that information to hackers and identity thieves.   That is what happened to an undetermined number of Carnegie Mellon employees who  were lured into providing their log-in information when they responded to an email entitled “Your Salary Raise Information.”


This phishing scam is particularly noteworthy because it once again shows that sophisticated, technologically savvy people can fall for the lures of phishing emails, which is why everyone should always be skeptical before responding to any email or text message that requires you to provide personal information or click on a link.  In either situation, you can never be sure when you receive an email or text message that the communication is legitimate.  So along with maintaining the latest security software on your electronic devices, it is important to make it a habit to never to provide personal information or click on links in response to text messages or emails until you have absolutely confirmed that the communication is legitimate.

Scam of the day – February 27, 2015 – Texas court dismisses data breach class action

February 27, 2015 Posted by Steven Weisman, Esq.

More and more massive data breaches have become a part of everyday life.  Breaches such as recently occurred at Anthem and in the past few years affected Target, Home Depot and many other companies affect just about everyone.  Sometimes the data breaches, such as occurred with Target only affect credit card information, but other data breaches, such as the recent Anthem data breach result in much personal information being stolen which can then be used to turn the person whose information has been stolen into a victim of identity theft.  Recently a number of class actions on behalf of the victims of these data breaches have been filed against the breached companies for failing to use proper security measures.  Recently the Federal District Court for Southern Texas dismissed a class action brought by Beverly Peters on behalf of herself and others whose information had been compromised following a February 2014 data breach affecting 405,000 employees and patients of the St. Joseph Health System, a Texas hospital and health clinic company.  The class action was dismissed by the court because as of the date of the court hearing there was no evidence that any of the people affected had become victims of identity theft.


The problem with this decision is that in many instances, identity thieves wait before using the stolen information in the hope that as time goes by, people will be less vigilant in guarding their identities.  In massive data breaches such as the one suffered by the St. Joseph Health System, the hackers often steal all of the information and then sell it in batches on black market websites to identity thieves whose use of the information results in the victims suffering identity theft.  While credit monitoring is often offered on a free basis, as it was in this case, by the hacked company following the data breach, credit monitoring does nothing to stop identity theft.  It only tells you that you have become a victim sooner than you might otherwise become aware.  A much better alternative is to put a credit freeze on your credit reports at each of the three major credit reporting agencies, Equifax, Transunion and Experian.  This will prevent even someone with your personal information from accessing your credit report to obtain credit in your name and thus help keep you from becoming a victim of identity theft.  You can find information in the Archives of Scamicide about how to put a credit freeze on your credit reports.

Scam of the day – February 26, 2015 – Lenovo issues automatic fix for Superfish adware

February 26, 2015 Posted by Steven Weisman, Esq.

Computer company Lenovo recently disclosed that computers that it was selling came with a software called Superfish that posed huge potential problems for the users of those computers.  Superfish is the name of a type of adware that was bundled on to their computers when sold.  This software did not provide any benefit to the computer user, but rather was a source of revenue for the Lenovo because the makers of Superfish pay Lenovo to have the software installed.   Superfish would inject ads on to websites visited by the computer user as well as track the websites searched by the computer user unbeknownst by the computer user.  This type of software installed on computers before sale is known by such colorful and pejorative terms such as “crapware,” “bloatware,” or “junkware.”  Unfortunately, it was discovered that Superfish was easily exploited by hackers to steal user information of the computer user thereby endangering the user’s security.  Fortunately, Lenovo has come up with an automatic fix that will remove Superfish from your computer.


The affected computers include Lenovo’s G Series, U Series, YSeries, Z Series, S Series, Flex, Miix, Yoga and E Series computers.  Here is the link to remove Superfish from your computer if you have one of the affected computers:

Lenovo is not alone in installing such programs without informing its customers.  It is incumbent upon all computer purchases to inquire as to specifically what programs are installed on our computers when we purchase them and what the software does.

Jessica Bennett, a Lenovo user has just filed a proposed class action lawsuit against Lenovo on behalf of herself and other affected customers.  I will keep you informed as to the progress of this lawsuit.

Scam of the day – February 25, 2015 – IRS releases its list of “Dirty Dozen” tax scams for 2015

February 25, 2015 Posted by Steven Weisman, Esq.

Recently the IRS issued its annual list of “Dirty Dozen” tax scams although many of these scams are not scams that cheat taxpayers, but rather scams the scammers attempt to perpetrate on the IRS in order to get large fraudulent refunds.  These frauds against the IRS include excessive claims for fuel credits, abusive tax shelters and offshore tax avoidance schemes.  Here at Scamicide, however, we focus on those scams that target innocent citizens rather than the IRS.  The three primary consumer tax scams on the IRS’ list are phone scams, phishing scams and inflated refund scams.

This has been a particularly big year for aggressive phone scams where people receive phone calls from people purporting to be IRS employees demanding immediate payments of purported overdo taxes by wired funds or prepaid money cards.  People receiving these calls are threatened with fines, arrest, deportation and loss of drivers’ licenses among other penalties unless there is immediate compliance with the caller’s demand.  This is a total scam.  The IRS will not initiate such communications with any taxpayer by phone.

The second scam involves phony emails or text messages that again, appear to come from the IRS demanding information or payments under various guises.  Again, the IRS will not communicate with taxpayers in this fashion, so you can be confident when you receive such a communication that it is a scam.

Finally, unscrupulous scammers posing as tax preparers may promise huge refunds and ask unwary taxpayers to sign blank returns that the scammer fills in with fraudulent information.  Often these phony tax preparers make initial contact through a social group, religious group or some other group of which you may be a member taking advantage of the high level of trust for people who share such affiliations.  This type of fraud is called affinity fraud.


The IRS will not initiate contact with anyone by telephone and even if your Caller ID indicates that the call is from the IRS, Caller ID can be fooled through a technique called “spoofing” to make it appear that the call has originated from the IRS when it has not.  In addition, the IRS will never demand that you wire in a payment or pay immediately by a prepaid money card.  Just hang up if you receive such a call.

Just as the IRS will not initiate contact with you by phone, it will also not initiate contact with you by email or text message.  Never provide personal information in response to an email until you have confirmed that the email or text message is legitimate.  In this case, you don’t even have to bother to verify the email or text message because the IRS will not communicate with you in this manner.  Also, don’t ever click on links or download attachments in emails or text messages unless you have confirmed that they are legitimate because often these links or attachments end up downloading malware on your computer or other device that steals your personal information and uses it to make you a victim of identity theft.

Finally, always check out the reputation and honesty of anyone you may use to prepare your taxes.  Never sign a blank form and remember my motto, “trust me, you can’t trust anyone.”  Merely because you may share a religious or social affiliation with someone does not make them trustworthy.  Just ask the people that trusted Bernie Madoff.

Scam of the day – February 24, 2015 – Celebrity Chef Jamie Oliver’s website hacked

February 24, 2015 Posted by Steven Weisman, Esq.

Jamie Oliver is a popular celebrity chef whose website, was hacked by unknown hackers who infected his website with malware that enabled the hackers to take control of the computers of many of the ten million monthly visitors to his website since December until a few days ago when the problem was identified and fixed.  The hacking was discovered by the security firm Malware Bytes, the makers of excellent security software, which I use myself.  This particular hacking injected the malware into the website itself, so visitors did not even have to click on links within the website to risk becoming infected.  The particular malware enabled the hackers to take over the victims’ computers to utilize them for the sending of spam or phishing communications as well as to steal personal information from the victims’ computers to use to steal the identity of the victim.  It should be emphasized that the problem has been corrected, however this type of attack brings up many questions about how do we stay safe when surfing the Internet.


The first thing to do if you have gone to the Jamie Oliver website since the beginning of December is to have a security scan of your computer or other electronic device done with updated anti-virus and anti-malware security software.  The hackers in this particular case exploited a vulnerability in the Adobe Flash Player which was patched in January of 2015.  You can find links to the patch in the Scamicide security updates found in some Scams of the Day for January.  Adobe Flash has long been a favorite of hackers and it is critical, as I have advised you many times, to keep the software you used up to date with the latest security patches which is why I provide you with links to those patches as they become available.  The hackers also exploited vulnerabilities in Java software and Microsoft’s Silverlight.   Java is another software program popular with not just the public, but also with hackers so you should always be sure to maintain your Java software up to date with the latest security patches.

Scam of the day – February 23, 2015 – Chase Online bill pay scam

February 23, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email, however, I am sure many of you have received this, as well.  It is a phishing email that is intended to lure the recipient into providing personal information that will be used to make that person a victim of identity theft.  As typical with this type of phishing email, it is intended to make you think there is an emergency to which you must respond.  It looks pretty official, but there are some telltale signs that it is a scam.  First, is that although I did not include the email address of the sender, the email address is that of a private individual, not Chase although often identity thieves will use email addresses that appear to be official.  In this case, undoubtedly the email address used is part of a botnet whereby identity thieves have infiltrated the computers of innocent victims and then use their computers and email accounts to send out the fraudulent email.  Another telltale sign is that the email is directed to me, not by name, but rather as “Dear Customer.”   However, even if the email was directed to you by name, you couldn’t trust it because when JP Morgan Chase was hacked in the last year, the hackers stole names and email addresses.   Finally, the email appears to have been sent by Christopher Polumbo.  Christopher Palumbo is a Vice President at Chase, however, the email to me misspells his name.  However, it is easy to see how people would fall for this scam and provide the information that would enable an identity thief to gain access to your account.

Here  is a copy of the email I received.

“Dear Customer, 
We are writing to let you know that the service(s) listed below will be deactivated and deleted if your profile is not verified within 7 business days. Previous notifications have been sent to the Billing Contact assigned to your account.
As the Primary Contact, you must renew the service(s) listed below:

SERVICE: Chase Online and Bill Pay services. 
What you need to do:

1. Log in to your account through our enhanced security server www.Chase.comby clicking the URL.
Enter your user ID and Password (that you selected during the online enrollment process). 
Enter the requested information and your Chase Online and Bill Pay services will be renewed. 
If you have not signed up for online access, you can enroll easily by clicking “Enroll” at the bottom of the Login page. 
Please do not reply to this message directly but click on the URL. For questions, please call Customer Service at the number on the back of your card. We are available 24 hours a day, 7 days a week.


Christopher Polumbo
Chase Online(SM)
Fraud Prevention Team

This site is directed at persons in the United States only. Persons outside the United States may visit International Banking . 
Links to third party sites are provided for your convenience by JPMorgan Chase. JPMorgan Chase neither endorses nor guarantees any offerings of the third party providers, nor does JPMorgan Chase make any representation or warranty of any kind about the content, use of or inability to use, the third party sites.

© JPMorgan Chase Bank, N.A. Member FDIC ©2015 JPMorgan Chase & Co.; Co”


As I have warned you many times, you should never click on links in emails or text messages or provide information in response to such emails or text messages unless you have absolutely confirmed that the communication is legitimate, which is easy to do by merely contacting the company.  In this case, you could just contact Chase at the telephone number on your credit card or bank statement.  Providing information without confirming that the communication is legitimate gives the identity thief all that they need to make you a victim of identity theft.  In other variations of this phishing email, merely by clicking on the links provided will result in keystroke logging malware being downloaded on to your computer which can steal your personal information from your computer and then enable its use for purposes of identity theft.  Even if you have good security software installed on your computer or other electronic device, as you should, this may not protect you from keystroke logging malware because the latest malware is always at least a month ahead of the latest security software updates.  Remember my motto, “Trust me, you can’t trust anyone.”

As for this particular Chase phishing email, if you receive it, Chase requests that you forward it to them at

Scam of the day – February 22, 2015 – IRS warns tax preparers of phishing emails

February 22, 2015 Posted by Steven Weisman, Esq.

Income tax identity theft is a huge problem that costs the taxpayers more than 5 billion dollars a year.  Identity thieves armed with an unwary victim’s Social Security number files, generally electronically, a phony tax return on behalf of the victim with a fake W-2 that shows a substantial fraudulent refund due.  If the legitimate taxpayer files his or her income tax return after the identity thief, the real income tax return will be flagged and a long investigation will occur before the real taxpayer is able to receive his or her legitimate refund.

Now the IRS is issuing a warning to accountants and other tax preparers about a phishing scam where the tax preparer receives what appears to be an email from the IRS asking the tax preparer to update their IRS e-services portal information and Electronic Filing Identification Numbers (EFINs).  Links are provided in the email for entering the tax preparer’s username and password which is what the identity thief sending this phishing email is seeking.  Once the identity thief has this information, it is easier for him or her to file phony tax returns.  The IRS is advising anyone who receives one of these emails to delete it after forwarding it to the IRS at


As I have warned you many times, you can avoid phishing emails regardless of how clever they may be or how legitimate they may appear if you make it a practice to never click on links in emails, download attachments or provide personal information until you have absolutely confirmed that the communication is legitimate.  In this case, it is easy to call the IRS to confirm that this is a scam.  Even if the email or text message appears to have come from a trusted source, your trusted source may have had his or her email account or smartphone hacked so it is always necessary to confirm that any communication you receive is legitimate before clicking on links, downloading attachments or providing personal information.  Clicking on tainted links or downloading tainted attachments can result in keystroke logging malware being installed on your computer or other electronic device that will steal personal information from your computer or other electronic device and use it to make you a victim of identity theft.  Remember my motto, “trust me, you can’t trust anyone.”

Scam of the day – February 21, 2015 – Child predator email scam

February 21, 2015 Posted by Steven Weisman, Esq.

Parents are always concerned about the dangers posed by child predators so it is easy to understand that so many people are falling victim to a scam that starts when the parents receive a phony email warning about a child predator now living in their community.  The email appears to be an official notification generated based on the email recipient’s zip code.  The email promises to provide more specific information about the predator threat by clicking on a link provided in the email.  Clicking on the link takes the victim to the website of a company that provides localized reports on child predators.  Unfortunately, clicking on the link also downloads keystroke logging malware that will steal the information from your computer or other electronic device and use it to make you a victim of identity theft.


Once again, it is important to remember that you should never click on links in emails or text messages regardless of how legitimate they may appear unless you have absolutely confirmed that the email or message is legitimate.  Regardless of how legitimate it may appear, the chances of downloading dangerous keystroke logging malware that can lead to your becoming a victim of identity theft is just too great.  For free information about sex offenders in your area, you can go to the National Sex Offender Public Website set up by the Department of Justice.  Here is a link to their website: