Scamicide

Scam of the day – May 21, 2013 – Eminem stabbing scam

Steven Weisman, Esq. — Tue, 21 May 2013 00:21:17 +0000

People are always interested in gossip, photos, videos, stories and news about celebrities. Unfortunately, scam artists know this and take advantage of our curiosity to lure us to click on links that promise to provide photographs and videos as well as interest grabbing stories about the celebrities who fascinate the public. It is for this reason that former Harry Potter actress Emma Watson is the most dangerous woman on the Internet. One out of every eight searches for photographs of Emma Watson will end up downloading malware that can be used to make you a victim of identity theft. The most recent manifestation of our fascination with celebrities to scam us is a scam that is presently circulating on the Internet involves rapper Eminem. Many people are finding on their Facebook page a photograph of a stabbed person’s back along with a message that states “Rapper Eminem left nearly DEAD after being stabbed 4 times in NYC! Warning, 18+! It was all caught on surveillance video! Click the pic to play the video!” The truth is that Eminem was not stabbed. In fact, the same photograph was used in 2011 as a part of a scam in which the photograph was purported to be a shot of the back of Justin Beiber following a stabbing attack. If you click on the video, one of two things may happen, both of which are not good. The most benign result is that you will be directed to a website where you are promised prizes if you complete a survey. The truth is that you won’t get any prizes, but the scammer gets paid for everyone who takes the surveys. The second, more dangerous result is that when you click on the link, you will unwittingly download keystroke logging malware that can steal all of the data from your computer and use it to make you a victim of identity theft.

TIPS

Do not click on links or download attachments unless you are absolutely sure that the source is legitimate. The risk is too great. Stick to legitimate websites with which you are familiar and don’t fall for the lures of emails with attachments that promise you stories, photos or videos of famous people. For celebrity gossip, stick to websites that you know are legitimate such as TMZ. It is also important to make sure that you keep all of your computers, smart phones, tablets and other portable devices protected by security software that is up to date.

Scam of the day – May 20, 2013 – Critical Microsoft updates

Steven Weisman, Esq. — Mon, 20 May 2013 00:34:08 +0000

As I often tell you, it is critical to keep your software programs updated with the latest security patches. Identity thieves and scammers are constantly locating and exploiting flaws in the software we all use in an effort to steal from us, make us victims of identity theft or gain control of our computers to make them a part of a bot net of zombie computers that they can use to spread viruses and malware as well as attack companies. Consequently I regularly report on the latest software security updates for you to download. Microsoft recently announced new updates for Windows, Internet Explorer, NET Framework, Lync, Microsoft Office and Microsoft Windows Essential. Since everyone uses at least one of these programs, it is important for you to update your programs.

TIPS

Here is a link you can trust to the official Microsoft updates that you should download as soon as possible: https://www.us-cert.gov/ncas/alerts/TA13-134A

If you have not already done so, you should consider making future updates automatic. Links to enable you to do this can be found on the page that I am linking you to above.

Scam of the day – May 19, 2013 – Fidelity phishing scam

Steven Weisman, Esq. — Sun, 19 May 2013 00:23:55 +0000

Phishing, as I have described on Scamicide and in my book “50 Ways to Protect Your Identity in a Digital Age” is the name for the tactic used by identity thieves by which you are lured to a phony website to provide information used to make you a victim of identity theft. Phishing often starts with an email from a company with you do business or a federal or state agency. The email indicates that there is some problem or other matter to which you must give your immediate attention and a link is provided for you to purportedly go to the website of the company or agency, however, in fact, you are either sent to a phony website for the company or agency where information is solicited that will be used to make you a victim of identity theft or, even worse, by clicking on the link you download a keystroke logging malware program that steals all of the information from your computer including your Social Security number, credit card number, passwords and other information used to also make you a victim of identity theft.

Recently, I received an email purportedly from Fidelity Investments. As phishing attempts go, this one was pretty flawed. The email address from which it came was not an email address of Fidelity Investments. In fact, it was that of a private person who most likely was a part of a botnet by which his computer was being manipulated by an identity thief. If you want more information about botnets, you can check out the archives of Scamicide or read about them in my book “50 Ways to Protect Your Identity in a Digital Age.” Other flaws in the phishing email were the lack of my name appearing anywhere which indicates that it is just a general phishing email sent out to many people by the identity thief, and the lack of a Fidelity logo.

Here is a copy of the email I received. DO NOT CLICK ON THE LINK.

“Account Status NotificationWe have noticed unusual activity on your account. Due to this, we need you to verify your account information for more efficient use of our Banking system: Please confirm your account information today by clicking on the link below: https://fidelity.secure.com/Logon.aspx?LOB=RBGLogon=user=&email&Security Adviser
©

TIPS

Never click on links in emails unless you are sure they are legitimate. Unfortunately, you can never be sure when you receive an email if the email is legitimate so you should always be skeptical and make it a habit not to click on links until you have verified that they are legitimate by contacting the company or agency that is indicated as having sent the email to confirm whether or not the email and link are legitimate. Look for the telltale signs that it is a phony, such as an email address for the sender that is not that of the real company or agency and the failure to direct the email to you directly by name. You can contact the company or agency by phone or email directly to confirm whether or not the email you receive was legitimate. Finally keep your Firewall and security software up to date to help protect you from viruses and malware. Security software is certainly not perfect, but it does help.

Scam of the day – May 18, 2013 – Washington State Administrative Office of the Courts hacked

Steven Weisman, Esq. — Sat, 18 May 2013 00:01:50 +0000

In just the latest installment of a state or federal agency having its records hacked, the Washington State Administrative Office of the Courts recently disclosed that months earlier its website was hacked and that as many as 160,000 Social Security numbers and a million driver’s license numbers may have been stolen. Although the hacking occurred in the Fall of 2012 and the Winter of 2013, the breach of data security was only confirmed by state officials in April. The breach was traced, as it often is, to a software flaw. In this case the flaw was with and Adobe software system called ColdFusion. Adobe has created a security patch to resolve the problem, but for the victims of the hacking, this is of little consolation.

TIPS

If you have had any dealings with the Washington State Administrative Office of the Courts, you should contact them to see if your information may have been among the information stolen. If so, you should put a credit freeze on your credit report to stop access to your credit report without your expressed direction. You can find information about how to put on a credit freeze in the list of scam topics on Scamicide as well as in the archives of Scamicide. You should also monitor all your financial accounts closely for early indications of identity theft. You can get additional information as to how to protect yourself from identity theft in my book “50 Ways to Protect Your Identity in a Digital Age” which can be ordered from Amazon at a great price by clicking on the picture of the book on the right hand side of the front page of this blog.

Scam of the day – May 17, 2013 – Facebook romance blackmail scam

Steven Weisman, Esq. — Fri, 17 May 2013 00:01:24 +0000

Recently a 21 year old college student in France accepted a Facebook “friend request” by a beautiful, young woman or at least he thought the friend request came from a beautiful, young woman. Their relationship blossomed on line with frequent messages and photographs that they sent to each other for weeks. The tenor of the message became increasingly romantic and even erotic until finally, the college student agreed to his “friend’s” suggestion that they do stripteases for each other using their webcams. She suggested that he go first which he willingly did. She did not reciprocate. Instead, she, if indeed she was even a she, blackmailed him by sending him emails demanding payment of ransom or else the blackmailer would post the video taken of the striptease online as well as send it to the young man’s friends and family. The frightened victim paid three payments before he stopped and alerted the authorities who through their investigation believe that the blackmail scam is the work of scammers located in the Ivory Coast.

TIPS

One would hope that the risk of “relationships” totally on line and even then without the use of Skype or webcams to see who you are really communicating with would have become more apparent after the embarrassing Manti Teo scam in which he was led to believe he had a relationship with a woman who he never met and he later found out never existed. Transmitting an erotic video is a dangerous thing to do even if you know the person to whom you are sending the video. The risk of it becoming public is great, which can occur merely by your lover being hacked. However, sending such a video to someone you have never met or even seen except in a photograph that you cannot verify is accurate is definitely risky business. This also serves as a reminder that accumulating as friends large numbers of people about whom you know nothing is dangerous. Be selective in friending people on Facebook.

Scam of the day – May 16, 2013 – Medical identity theft update

Steven Weisman, Esq. — Wed, 15 May 2013 01:01:59 +0000

In my book “50 Ways to Protect Your Identity in a Digital Age” and in a number of Scamicide “scams of the day” I have warned you about the dangers of medical identity theft which was again in the news recently with the indictment of an Ohio man who is charged with stealing the identity of a South Carolina man and using his identity and his insurance to obtain more than $300,000 of medical services at the Ohio State University Wexner Medical Center. It has been estimated that medical identity theft by which someone’s medical insurance is accessed by an identity thief costs health care providers up to 7 billion dollars a year. However, the cost to someone who is a victim of medical identity can be much worse than just lost money. The medical identity thief’s medical information, such as blood type and other information gets mixed into the medical records of the medical identity theft victim thereby leaving the medical identity theft victim facing the possibility of receiving improper treatment based on false information in his or her tainted medical file. This is potentially life threatening. Often medical identity theft is an inside job where rogue employees of a medical facility sell the medical insurance information of their patients to identity thieves.

TIPS

The medical industry has a long way to go to insulate patients’ insurance and medical information from the prying eyes of identity thieves. However, one promising step that is starting to be used is biometrics such as iris scanners to make sure that the person using medical information is the real insured. I discuss this in detail in “50 Ways to Protect Your Identity in a Digital Age.” With medical identity theft at epidemic proportions, it is important for the medical industry to take greater steps to reduce or eliminate medical identity theft. We can do our part by asking our medical care providers what they are doing to prevent medical identity theft and to encourage them to use iometric identifiers such as iris scans as a part of that effort.

Scam of the day – May 15, 2013 – Latest aol email phishing scam

Steven Weisman, Esq. — Tue, 14 May 2013 12:01:14 +0000

Everyone uses email which is why emails from identity thieves posing as your email provider are a constant threat. Below is a copy of an email that I recently received from an identity thief. DO NOT CLICK ON ANY OF THE LINKS. This phony email follows a familiar pattern. It indicates that there is an emergency that requires my immediate action. The emergency may relate to an unpaid bill or a security problem or as indicated in the phony email below, a termination that I did not request. The identity thief counts on the victim to react emotionally and immediately click on the links provided. If you do click on the links one of two things can occur and both of them are bad. The first is that you are asked for information such as your email address, credit card number or other personal information that is then used to make you a victim of identity theft. This is called “phishing” when you are lured to a phony website that gathers information from you. The second thing that can happen is even more insidious. By clicking on the link, you may unwittingly download a keystroke logging malware program that will steal all of the information from your computer including your Social Security number, password, credit card numbers and banking information. The identity thief will then use this information to make you a victim of identity theft.

Here is a copy of the phony email I received.

“Scheduled Maintenance
Dear AOL Customer,

You submitted a request to terminate your AOL Mail Account and the process has started by our AOL Mail Team, Please give us 3 working days to close your AOL Mail Account.

To cancel the termination request click http://cancel.mail.aol.com/neo/cancel?

All folders contains on your AOL Mail Account including (Inbox, Sent, Spam, Trash, Draft, Folders) will be deleted and access to your AOL Mail Account will be Denied.

If you wish to terminate your present AOL Mail Account, you can Sign Up for a new AOL Mail Account by clicking. http://edit.aol.com/registration?

For further help please contact support

Regards,

AOL Mail Account Services
_________________________________________________________________
Please do not reply to this message. Mail sent to this address cannot be answered”

TIPS

When AOL communicates with its customers about their accounts, they do so by AOL Certified Mail, which will appear as a blue envelope in your inbox and will have an official AOL Mail seal on the border of the email. This particular email had neither and didn’t even have an AOL logo appear on the email. Whenever you get an email, you cannot be sure of from whom it really comes. Never click on a link unless you are absolutely sure that it is legitimate. The better course of action is to contact the real organization that the email purports to be from at an address or phone number that you know is accurate in order to find out if the communication was legitimate or not. Additionally, it is important to always keep your Firewall and security software up to date to help protect you from the latest viruses and malware although, as I have reminded you many times, security software will only protect you about 5% of the time from the newest viruses and malware. It usually takes the security software companies about a month to catch up with security patches and updates to the latest threats so don’t depend on your security software to provide you with total protection.

Scam of the day – May 14, 2013 – 9/11 charity scam

Steven Weisman, Esq. — Tue, 14 May 2013 00:01:11 +0000

Recently the New Jersey Attorney General announced charges of theft by deception and conspiracy against two men who claimed to be firefighters who were working at a firehouse close to the World Trade Center Towers on 9/11 when they were hit by the terrorist flown airplanes. The charges relate to sales by the men of 9/11 memorial T-shirts which they sold for $20 each and represented that all of the proceeds went to the families of the victims of the attack on the World Trade Center. The men sold the T-shirts from a truck painted with the names of police and firefighters who died in the September 11, 2001 attacks. The truth is that the men who are not New York firefighters pocketed all of the money they received from the sale of the T-shirts and the families of the police and firefighters who died on 9/11 received nothing. Phony charities set up by scammers to take advantage of the public’s generosity and willingness to help those in need following a tragedy such as the Newtown Connecticut school shooting or the Boston Marathon bombing has become a common reprehensible scam tactic. TIPS Unfortunately, my motto “trust me, you can’t trust anyone” is too often correct. When it comes to charitable donations, you can never be sure that a particular charity is legitimate until you have checked them out. The website www.charitynavigator.org is a great and free resource which can help you to identify not only whether or not a charity is legitimate, but also how much of what is collected by a “legitimate” charity goes toward paying its own salaries and administrative expenses. Some “legitimate” charities appear to exist primarily for their own well being rather than that of the people whom they say they are helping. If you are contacted by a charity by phone, email or letter, even if the name of the charity is a legitimate one, you cannot be sure that the communication is not a forgery or a scam. The best thing to do if you are interested in giving to a particular charity is to check out the charity’s real website for instructions as to how to contribute.

Scam of the day – May 13, 2013 – FTC refunding 1.7 million dollars to victims of government grant scam

Steven Weisman, Esq. — Mon, 13 May 2013 00:01:27 +0000

Unfortunately, it is not very often that I get an opportunity to tell victims of a scam that they can get some of their money back, but today is one of those happy exceptions. In 2009 the Federal Trade Commission first took action against a number of phony websites that promised that they could provide the consumer with tools to be able to easily locate fifteen billion dollars worth of free grant money and to qualify for those grants. The websites looked official with pictures of President Obama and Vice President Biden. The one-time charge was indicated to be between 99 cents and $2.78, however people signing on for the service actually ended up being charged monthly fees of $70 per month for unrelated services. To make things worse, the information provided about obtaining grants was misleading, false or useless.

TIPS

Under a settlement with some of the scammers and court orders regarding the others by which the scammers approximately 1.7 million dollars is being paid to the FTC to be paid back to 22,764 victimized consumers. The money is being administered by Gillardi & Co. a third-party refund administrator. Checks are being sent now and must be cashed within 60 days of receipt. It is expected that victims can expect to receive about 80% of the money they paid for the worthless service. If you have been victimized by this scam and have not been contacted by the FTC, you should contact them at 1-877-FTC-HELP (1-877-382-4357) or go to the FTC’s website at www.ftc.gov.

In the future, you should always be skeptical of any service that sounds too good to be true. Scammers sometimes say that they are from the Federal Grants Administration, but in truth, there is no such entity. Government grants are not easy to get and if you have to pay money to obtain a free grant, it isn’t free. The government does not charge for lists of grant providers. If you are truly interested in information about federal grants, the only place to go is the federal government’s grant website of www.grants.gov.

Scam of the day – May 12, 2013 – Bank text message scam

Steven Weisman, Esq. — Sun, 12 May 2013 01:00:22 +0000

Everyone texts including scammers and identity thieves. A recent text message scam that has resurfaced involves a text message from “Credit Card Services Alert” and it informs you that your debit card has been deactivated. The text message provides you with a telephone number to contact. If you respond by calling the number, you will reach an automated service informing you that you have reached the card activation center. It then asks you for you credit card number, expiration date and security code. Anyone providing this information is sure to become a victim of identity theft. Your bank or credit card issuer will not contact you in regard to problems by a text message so if you do receive such a text message, you should immediately delete it.

TIPS

Whenever you receive a text message, email, letter or telephone call, you can never be sure of who is communicating with you. If you have even the slightest thought that the message may be real, you should not respond to the text, email, or caller directly, but rather contact the bank or other organization that they pretend to represent at a telephone number that you know is accurate in order to inquire about the legitimacy of the communication, whereupon you will promptly be informed that it was a scam. Remember, texts and email messages or phone calls can appear to come from legitimate companies, but that does not mean that it is not a fake. I received a very real looking email message about a problem with my bank account, however, there was only one problem. I didn’t have an account at that bank so I merely deleted the email. You should too.