Scam of the day – September 8, 2012 – iTunes bill scam

Recently Theresa Brown was shocked to receive an e mail with a huge bill for her iTunes account.  Like so many phishing scams, where you receive an email that appears entirely legitimate, the bill indicated that if she disputed the charge, she needed to click on a link contained in the email.  Fortunately, Ms. Brown was savvy enough to check her credit card records for the credit card that she had provided to Apple from which her iTunes charges were automatically deducted and found that there were no charges.  It was then that she realized for sure that this was a scam.

TIPS

If Theresa Brown had reacted in panic upon receiving such a huge bill and clicked on the link contained in the email that looked entirely legitimate, she would have ended up downloading a keystroke logging program on her computer that would have stolen all of her personal information from her computer and taken the first step toward her becoming a victim of identity theft.  NEVER click on links contained in emails from companies with which you do business no matter how legitimate they look.  You can never be sure if it is legitimate or a phishing scam.  If you have any questions, call the company at a number that you know is accurate.

Scam of the day – September 7, 2012 – Jury duty scam

This is one of the old reliable scams that seems to be making a reappearance recently.  It starts when you receive either a telephone call, a text message or an email indicting that you have not reported for jury duty and that there is a serious penalty.  In some forms of the scam, you are able to pay a fine rather than go to jail.  In other variations of the scam, you are told that if the notice is mistaken, you should contact the jury commissioner at a phone number to provide information to confirm that the notice was sent to you in error.  The information you are asked to provide includes your Social Security number and as soon as you provide it, you are on the road to identity theft.

TIPS

Initial contacts from the courts regarding jury duty are always in writing through the mail although some systems will permit you to receive future notices through email.  Under no circumstances will you receive telephone calls or text messages indicating that you have failed to report for jury duty.  No court will ask for your Social Security number as a part of the information you provide them in regard to jury duty and NEVER give your Social Security number or any other personal information to anyone whom you have not called at a telephone number that you are absolutely positive is correct.  If you do receive such a notice and you think that there is even the possibility that you might have forgotten to report for jury duty, merely call the local clerk of courts where you can find accurate information.

Scam of the day – September 6, 2012 – The truth about the hacking of 12 million Apple device records

Earlier this week, AntiSec, a hacking group often associated with the larger, more familiar international hacking group Anonymous, posted on line a file that contained a million of what they said was twelve million U.D.I.D. numbers they said they had for various people’s Apple mobile devices such as iPads and iPhones.  They alleged they had obtained these by hacking into the laptop of FBI agent Christopher K. Stangl who is the supervisory agent of the F.B.I.’s Cyber Action Team.  As a part of his job, Agent Stangl has tried to recruit hackers to come and work with the F.B.I.  Apple’s U.D.I.D.s are forty character strings of letters and numbers that are uniquely assigned to each Apple mobile device.  AntiSec said that it was releasing this information to show the world that the F.B.I was using this information to track people.  Armed with a person’s U.D.I.D., someone could track the location of the device.  In the past app developers also used U.D.I.D.s to track customers as they went from one app to another.  However, Apple banned developers from doing this a year ago.  The truth is that the information being posted by AntiSec is accurate, however, Apple says that it did not provide this information to the F.B.I. and the F.B.I said that it had not collected the data.

TIPS

Although this was a very real breach of security, AntiSec could have gotten this information from any number of sources by hacking into Apple itself, video game makers who had the information,  app developers, AT &T or even a file from the F.B.I who may have obtained such information in a legitimate investigation into data breaches.  The truth also is that if your U.D.I.D. was compromised, you are at very little risk of harm.  In order to use this information to make you a victim of identity theft would take additional information such as your email address and your date of birth.  Perhaps the primary lesson for us all to take from this incident is to guard our personal information as much as possible.  For instance, don’t include your birth date on your Facebook page.  Keep your personal information that is public as limited as possible so that identity thieves don’t have an easy time assembling the seemingly innocuous information about you and using it to turn you into a victim of identity theft.

Scam of the day – September 5, 2012 – Latest Facebook scam

I recently received two, almost identical emails purportedly from the Chief Financial Officer of Facebook telling me that I had been lucky enough to win a free Apple MacBook Air as a part of an advertising promotion.  The emails each provided a link for me to click on to in order to complete a survey and receive my prize.  This is a scam.  If you receive one of these emails and click on the link you risk becoming a victim of identity theft through the downloading of a keystroke logging program that can steal the information from your computer or by providing the information requested in the “survey.”

TIPS

If you receive this type of email, delete it immediately.  In one email  that I received, the CFO was McKeighan Humberto.  In the other his name was Esposto Coy.  Both emails were very similar although not identical.  As with many scam emails, the grammar is sometimes poor.  In McKeighan Humberto’s email, I was told that I was “randomly elected” to receive the prize rather than “selected.”  If you are ever tempted to respond to such an email, do yourself a favor and contact the legitimate company, in this case Facebook, to determine whether or not the offer is a scam.  In every instance, you will learn that it is a scam.

Scam of the day – September 4, 2012 – College student identity theft threat

As the new semester starts for college students, a new batch of Freshmen get introduced not only to college life, but to identity theft.  College students are five times more likely to become victims of identity theft than the rest of the population and usually take longer to find out that they have been victimized.  Living in close quarters combined with a lack of proper precautions make college students easy pickings for identity thieves.

TIPS

Here are a list of things that college students should do to protect their identity: Lock their computers, smart phones and tablets when they are not in use;  use a strong password and use different passwords for each device; use encryption software on all their electronic devices; don’t use Wifi for financial transactions, it is too easy to be cracked; college mail boxes are not very secure, have sensitive mail sent to their home or sent to the student electronically; don’t trust messages with links from “friends” that appear on their Facebook page and don’t put too much personal information on their Facebook pages; it can lead to identity theft; shred papers with personal information before disposing of them; check their bank statement and credit card statements carefully each month to look for signs of identity theft and get their free credit report from each of the three credit reporting agencies annually.

Scam of the day – September 3, 2012 – Phony American Express email address notice

Again, when I am confronted by a scam, I pass it on to you.  Recently I received an email purportedly from American Express thanking me for updating my email address and then indicating an email address for someone other than me.  The email goes on to say that if the email address indicated is not correct, I should click on a link provided in the email to change it. This is an example of the scam called phishing.   The phony email looks very legitimate, but there are a few tell tale signs that it is a fake, most notably the fact that the email supposedly sent specifically to me indicates that the same email was sent to about twenty other people, which makes no sense whatsoever.  If I had clicked on the link I would have downloaded malware that could have resulted in my becoming a victim of identity theft.

TIPS

Never click on a link in an email no matter how official the email looks unless you are absolutely positive that the email is legitimate.  In cases such as this, the prudent thing to do if you have any thoughts that it might be legitimate is to call American Express or whomever the legitimate entity is that is purporting to send you the email and confirm its accuracy, or more likely, confirm that it is a scam.

Scam of the day – September 2, 2012 – Phony e cards

E cards, which are greeting cards sent electronically are great.  Hallmark and many other companies offer them.  I have used them, particularly when I would otherwise be late in sending out a birthday or anniversary card.  However, these cards are also a great source of identity theft and fraud.  This week I received an email telling me that I had an e card sent to me and that I could view it by clicking on the link contained in the email.  There was no e card and if I had clicked on the link I would have downloaded malware that would have enabled an identity thief to steal all of the personal information from my computer and make me a victim of identity theft.

TIPS

A real e card will always tell you from whom it was sent.  Phony e cards, such as the one described in the email sent to me do not name the person who sent you the card.  The link in the phony email also had nothing to do with legitimate e card companies.  The safest route to follow if you get such an email is to ignore it if it does not tell you from whom the card is being sent, but even if it does give a first name, you should still be skeptical.  Contact the person to confirm that they indeed sent you an e card before clicking on the link to take you to the card.

Scam of the day- September 1, 2012 – Latino foreclosure scam

The California Department of Real Estate is issuing a warning to Spanish speaking consumers to be wary of home foreclosure rescue scams.  Desperate times call for desperate measures and many homeowners who have been hurt by the weakened economy are having difficulty keeping current with their mortgage payments.  These people are preyed upon by scammers who take advantage of their victims’ desperation by offering loan modifications or other mortgage assistance in return for an advance fee.  Once the fee has been paid, these scammers vanish.  In California and other states with significant Spanish speaking populations, Latino scammers are preying upon people sharing the same cultural heritage.  Often the victims trust these scammers because they speak the same language and appear to be “like us.”  This is a common type of fraud called “affinity fraud” which is perpetrated by scammers who share some similar characteristic with their victims, such as ethnicity, race, religion or otherwise.

TIPS

Never pay an up front fee for assistance with your mortgage.  If you are having trouble paying your mortgage, speak directly with the lender or retain a lawyer to act on your behalf.  If you are ever approached by someone “like you” who offers such assistance or anything else, such as an investment opportunity, you should be even more skeptical not less skeptical.  Do your due diligence and check out this person and his or her program before getting involved.  Too often it will be a scam.

Scam of the day – August 31, 2012 – Hurricane Isaac scams

Scammers and identity thieves are always there to take advantage of every natural disaster and Hurricane Isaac which has wreaked havoc in the Gulf coast will be no exception.   Scammers and identity thieves will prey upon the victims of the storm, claiming to be either insurance claims representatives or FEMA employees.  They will require personal information from the victims in order to process their claims, but all that will happen is that the storm victims will then become identity theft victims.  As for those of us who were not affected by the storm, but want to assist the victims through charitable donations, there will be plenty of phony charities ready to take our money without ever helping the real victims of the storm.

TIPS

If you are contacted by someone claiming to be an insurance claim representative or FEMA representative, don’t trust their identification cards.  Those can be forged.  Confirm the identity of anyone seeking information from you with your insurance company or FEMA itself.  Also remember, your insurance company has no need for your Social Security number which an identity thief will most likely ask for.  As for making charitable contributions, check out the charity on the free website www.charitynavigator.org which will not only tell you if the charity is legitimate or not, but also tell you how much of what you give actually goes to the needy.

Scam of the day – August 30, 2012 – California man sentenced for identity theft

Recently, Boris Toumasian was convicted of multiple offenses involving identity theft and sentenced to federal prison for a term of five years.  Toumasian, who had worked at a BP gas station, installed skimmers on the gas pumps at the gas station.  For those of you new to this website/blog who might be unfamiliar with skimmers, they are small devices that are used to read and store the information from your credit cards.  In this case, the skimmers were installed over the legitmate card swiping mechanism on the gas pumps at the gas station where Toumasian worked.  Toumasian took the information gathered from the skimmer and transferred it to American Express Gift cards which he then used to make purchases using his victims’ credit and debit card accounts.

TIPS

Sometimes skimmers are used by identity thieves who are employed in legitimate stores, restaurants and other establishments where you would pay by providing your credit or debit card to the employee.  They run your card through the skimmer at the same time that they legitimately charge your card for the service or product purchased.  Other times, skimmer devices are installed over credit card swiping mechanisms such as you would find at an ATM or gas pump.  When you hand your card to a clerk for a purchase, try to watch your card at all times.  When you use your card by way of a card swiping mechanism, look to see if the mechanism appears to have been tampered with in any way.  Also, make sure that you carefully check your monthly credit card statements and bank statements each month to discover as quickly as possible if you have become a victim of identity theft.  Identifying a loss early is particularly important when using a debit card which does not provide the same level of legal protection that a credit card does.