Yesterday, September 11th our server went down making www.scamicide.com unavailable for most of the day. We apologize for the inconvenience, but want to emphasize that it was just a temporary matter. We will continue to fight the identity thieves and scammers every day.
Later this Fall, Nigerian Emmanuel Ekhator will be going on trial in the Federal District Court for Pennsylvania on charges that he stole more than 32 million dollars from lawyers using a simple, but effective scam against law firms that should know better. The way the scam works is that American law firms are contacted by people claiming they need representation collecting a lawsuit settlement check. The law firms that fall for this scam collect the settlement check in the form of a bank check, deposit the check in their firm’s escrow account, deduct their fee and wire the remainder to the “client.” Many of these scams have been traced to Nigeria and to Nigerians living in Canada as well as Japan and South Korea.
This scam works on the same basis as the mystery shopper scam where the victim receives a counterfeit check, deposits the check into his or her account and then sends some of the money from the check back to the scammer. The key is that a bank will give provisional credit for the check in the account of the victim after just a few days so it will appear that the check has been cleared, however, the check does not officially clear, or in the case of a counterfeit check not clear for a few weeks after which time the provisional credit is rescinded and the victim is left having wired good money of the victim to the scammer. The key to avoiding this scam is to contact the bank issuing the check deposited by phone to make sure that the check is legitimate and that there are funds to cover the check in that account. Further, do not send any funds in such a situation until the check you are given has fully cleared.
By now, most people are aware of the scam tactic referred to as “phishing,” by which you receive an email purportedly from a legitimate company or government agency that has all of the appearances of being a true and legitimate communication from the company or agency, but in fact is from an identity thief who under the pretext of a problem with your account or some other such emergency lures you into clicking on a link contained in the email, which unbeknownst to you downloads harmful malware on to your computer, such as keystroke logging programs, sometimes called Trojan Horses that will steal all of the information from your computer and lead to your becoming a victim of identity theft. Most often these phishing emails are not directed at you by name, but rather to you as “customer” or “consumer.” They also may appear to come from companies with which you do not do business as from a bank where you have no accounts. However, with the epidemic of hacking of large companies and governmental agencies, many identity thieves are able to use the hacked information to send you a personal phony email that contains your name and is definitely from a company or agency with which you do business making you more likely to respond to the urging to click on the dangerous link contained in the email. This type of targeted phishing is called “spearphishing” and it is extremely dangerous.
Never click on links in emails unless you are absolutely sure they are legitimate. If you get such an email from a company, you should always be skeptical and make sure that you call the company or federal agency before considering clicking on the link to confirm whether or not the email is legitimate. Merely because the email uses your name and even your account number does not mean that the email is legitimate.
Although many of us are very cognizant of protecting our computers from the slings and arrows of outrageous hackers and identity thieves many people do not take the same security precautions with our smart phone, tablets and other portable devices. Many people use these devices for making purchases online, doing online banking and other financial transactions as well as storing sensitive personal information. If your portable device is hacked, it can lead to a devastating identity theft.
Protect your portable device with a complex and unique password so that if your device is physically lost or stolen, the information contained in it will be secure. Also get a good encryption app. Google Play has many good encryption apps for androids. The premium form of the app Lookout, which for only $29.99 a year, has a feature that continually scans your other apps for viruses or malware and can also lock your phone remotely or eliminate all of your stored data if your device is lost or stolen.
Young children have become prime targets of identity thieves because the law requires children to have Social Security numbers, yet they rarely are involved with credit. An identity thief who is able to obtain a child’s name and Social Security number can leverage that information into identity theft and obtain credit as well as make large purchases while ruining the credit of the child who may not be aware that the crime has occurred until the child is much older and applies for financial aid, a car loan or some other financial transaction. Often the perpetrators of this crime are family members, baby sitters or others who may have easy access to the child’s information. Other times personal information gathered about your child by his or her school or an extracurricular program such as sports or music becomes the source of the problem if they do not properly protect the security of your child’s information.
Guard your child’s Social Security number at home. Keep any documents with the number on them locked in a secure location. Find out from your child’s school or other organization that is gathering such information what they are doing to protect that information as well as with whom they share that information. Federal law requires schools to notify parents about the school’s directory information policy and to offer families the right to opt out of the release of any data on their child to third parties.
Recently Theresa Brown was shocked to receive an e mail with a huge bill for her iTunes account. Like so many phishing scams, where you receive an email that appears entirely legitimate, the bill indicated that if she disputed the charge, she needed to click on a link contained in the email. Fortunately, Ms. Brown was savvy enough to check her credit card records for the credit card that she had provided to Apple from which her iTunes charges were automatically deducted and found that there were no charges. It was then that she realized for sure that this was a scam.
If Theresa Brown had reacted in panic upon receiving such a huge bill and clicked on the link contained in the email that looked entirely legitimate, she would have ended up downloading a keystroke logging program on her computer that would have stolen all of her personal information from her computer and taken the first step toward her becoming a victim of identity theft. NEVER click on links contained in emails from companies with which you do business no matter how legitimate they look. You can never be sure if it is legitimate or a phishing scam. If you have any questions, call the company at a number that you know is accurate.
Earlier this week, AntiSec, a hacking group often associated with the larger, more familiar international hacking group Anonymous, posted on line a file that contained a million of what they said was twelve million U.D.I.D. numbers they said they had for various people’s Apple mobile devices such as iPads and iPhones. They alleged they had obtained these by hacking into the laptop of FBI agent Christopher K. Stangl who is the supervisory agent of the F.B.I.’s Cyber Action Team. As a part of his job, Agent Stangl has tried to recruit hackers to come and work with the F.B.I. Apple’s U.D.I.D.s are forty character strings of letters and numbers that are uniquely assigned to each Apple mobile device. AntiSec said that it was releasing this information to show the world that the F.B.I was using this information to track people. Armed with a person’s U.D.I.D., someone could track the location of the device. In the past app developers also used U.D.I.D.s to track customers as they went from one app to another. However, Apple banned developers from doing this a year ago. The truth is that the information being posted by AntiSec is accurate, however, Apple says that it did not provide this information to the F.B.I. and the F.B.I said that it had not collected the data.
Although this was a very real breach of security, AntiSec could have gotten this information from any number of sources by hacking into Apple itself, video game makers who had the information, app developers, AT &T or even a file from the F.B.I who may have obtained such information in a legitimate investigation into data breaches. The truth also is that if your U.D.I.D. was compromised, you are at very little risk of harm. In order to use this information to make you a victim of identity theft would take additional information such as your email address and your date of birth. Perhaps the primary lesson for us all to take from this incident is to guard our personal information as much as possible. For instance, don’t include your birth date on your Facebook page. Keep your personal information that is public as limited as possible so that identity thieves don’t have an easy time assembling the seemingly innocuous information about you and using it to turn you into a victim of identity theft.
I recently received two, almost identical emails purportedly from the Chief Financial Officer of Facebook telling me that I had been lucky enough to win a free Apple MacBook Air as a part of an advertising promotion. The emails each provided a link for me to click on to in order to complete a survey and receive my prize. This is a scam. If you receive one of these emails and click on the link you risk becoming a victim of identity theft through the downloading of a keystroke logging program that can steal the information from your computer or by providing the information requested in the “survey.”
If you receive this type of email, delete it immediately. In one email that I received, the CFO was McKeighan Humberto. In the other his name was Esposto Coy. Both emails were very similar although not identical. As with many scam emails, the grammar is sometimes poor. In McKeighan Humberto’s email, I was told that I was “randomly elected” to receive the prize rather than “selected.” If you are ever tempted to respond to such an email, do yourself a favor and contact the legitimate company, in this case Facebook, to determine whether or not the offer is a scam. In every instance, you will learn that it is a scam.
As the new semester starts for college students, a new batch of Freshmen get introduced not only to college life, but to identity theft. College students are five times more likely to become victims of identity theft than the rest of the population and usually take longer to find out that they have been victimized. Living in close quarters combined with a lack of proper precautions make college students easy pickings for identity thieves.
Here are a list of things that college students should do to protect their identity: Lock their computers, smart phones and tablets when they are not in use; use a strong password and use different passwords for each device; use encryption software on all their electronic devices; don’t use Wifi for financial transactions, it is too easy to be cracked; college mail boxes are not very secure, have sensitive mail sent to their home or sent to the student electronically; don’t trust messages with links from “friends” that appear on their Facebook page and don’t put too much personal information on their Facebook pages; it can lead to identity theft; shred papers with personal information before disposing of them; check their bank statement and credit card statements carefully each month to look for signs of identity theft and get their free credit report from each of the three credit reporting agencies annually.