Scam of the day – July 24, 2015 – Major identity thief convicted

July 23, 2015 Posted by Steven Weisman, Esq.

Hieu Minh Ngo has pleaded guilty to a number of identity theft related charges in the Federal District Court of New Hampshire and been sentenced to 13 years in prison.  Between 2007 and 2013 Ngo obtained access to as many as 200 million consumer records from large data brokers including Court Ventures, which is 2012 was acquired by Experian, one of the three major credit reporting bureaus.  Ngo was able to access these records by posing as a private investigator.   Putting this number into perspective, it represents 60% of the population of the United States.   He then sold to identity thieves comprehensive packages of consumer data, referred to in the world of identity thieves as “fullz,” made up of individuals’ names, credit card numbers, Social Security numbers, birth dates bank account numbers and bank routing numbers, on black market websites he operated called and  According to the Justice Department, Ngo sold fullz to 1,300 identity thieves, who in turn committed large numbers of identity theft including 65 million dollars in income tax identity theft alone.  Ngo could have been sentenced to 24 years in prison, but through a plea bargain got a reduced sentenced in return for his cooperation in identifying his former identity thief customers.

Now, a class action lawsuit has been filed in the Federal District Court for the Central District of California against Experian alleging it was negligent in failing to protect its consumer data from Ngo.  The class action is seeking to have Experian ordered to notify all affected consumers, provide free credit monitoring services to affected consumers and establish a fund to reimburse those who became victims of identity theft due to Experian’s negligence.  I will keep you informed as further developments in this case occur.


This case is yet another example of how vulnerable we all are to identity theft because we are only as secure as the companies and governmental agencies that have our personal information.  One thing, however, we can all do to protect ourselves is to put a credit freeze on our credit reports at each of the three major credit reporting bureaus, which will prevent access to our personal credit records and the information contained therein.  Go to the Archives section of Scamicide for further information about how to put a credit freeze on your credit reports.

Scam of the day – July 23, 2015 – FTC accuses Lifelock of misleading consumers

July 23, 2015 Posted by Steven Weisman, Esq.

In a recent court filing in the Federal District Court of Arizona, Lifelock, one of the most well known companies offering identity theft protection services has been accused by the Federal Trade Commission (FTC) of failing to live up to a settlement Lifelock made in 2010 with the FTC as well as 35 state attorneys general regarding charges that Lifelock used misleading and deceptive advertising as well as failing to adequately protect the security of the personal data of its customers.  According to the FTC, Lifelock violated the 2010 settlement by failing to maintain a comprehensive information security program to protect its users’ sensitive personal data, including credit card numbers, Social Security numbers and bank account numbers as well as by falsely advertising that it protected consumers’ sensitive data with the same high-level safeguards as financial institutions.  Lifelock has publicly disputed the allegations.


If the charges are proved to be true, this would be very disturbing to Lifelock customers because any company holding such tremendous amounts of personal information would be a prime target of hackers and identity thieves.  It is also important to remember that neither Lifelock nor any of the other identity theft protection services are able to truly protect you from identity theft.  They merely help you take certain steps to reduce your chances of becoming a victim of identity theft and help you monitor your accounts to let you know sooner if you become a victim of identity theft.  In fact, none of the identity theft protection services assist you in putting a credit freeze on your credit report which may be the single best step you can take to protect yourself from identity theft.  You can find instructions for putting a credit freeze on your credit reports here in the Archives of Scamicide.   None of the things that any of these companies do for you are things you cannot do for yourself at less cost.  In fact, although it is obviously self-serving, the cost of my book “Identity Theft Alert” in which I provide you with precise steps you can take to help protect yourself from identity theft is less than a month’s cost of most identity theft protection services.

Scam of the day – July 22, 2015 – Ashley Madison website hacked

July 22, 2015 Posted by Steven Weisman, Esq.

Ashley Madison, the website for people seeking to have extra-marital affairs that uses the slogan, “Life is Short.  Have an affair” has been hacked by a group calling itself Impact Team.  Impact Team has already released a small amount of the information stolen and has threatened to publicly release all of the data it has stolen from Ashley Madison, which claims to have 37 million members.  According to Impact Team, the information it has includes names,  addresses, sexual interests and credit card details of Ashley Madison’s members as well as employee documents and emails.  In an interesting twist, Impact Team is not demanding ransom from Ashley Madison in return for not releasing the rest of the stolen information, but rather is demanding that Avid Life Media, the company that owns Ashley Madison permanently take Ashley Madison and another similar website it owns named Established Men offline.  Impact Team also took issue with a $19 charge that Ashley Madison charged its customers who wished to have their information deleted.  According to Impact Team, even after paying the charge, their information was not fully deleted.  In response, Ashley Madison says that they do delete the information and that they will now waive the fee.  Here is a link to Ashley Madison’s press release about the data breach and their new policy about deleting information.


Perhaps the biggest takeaway from this matter as millions of Ashley Madison customers wait in fear that their affairs will be exposed is that your personal information is only as safe as the places that have your personal information with the worst security.  It also is obvious that the more places that have your personal information, the more at risk you are.  Therefore you should limit the places that have your personal information as much as possible.  In addition, you should not leave your credit card on record with a company for convenience sake even if it is one with which you do much business.  Unless you agree to have your credit card information saved, companies with which you use your credit card are not allowed to store that information.  People may also consider using aliases rather than their real names when doing business online.

Scam of the day – July 21, 2015 – National Taxpayer Advocate report criticizes IRS on income tax identity theft response

July 20, 2015 Posted by Steven Weisman, Esq.

The National Taxpayer Advocate (NTA) is an internal watchdog for consumers within the IRS.  Each year the NTA is required to issue two reports.  A few days ago Nina Olson, the National Taxpayer Advocate issued her midyear report and it was not very complimentary in regard to the response of the IRS to victims of income tax identity theft.  Income tax identity theft where an innocent taxpayer’s Social Security number is used by the thief to file an income tax return in the name of the victim claiming a substantial refund based generally upon counterfeit W-2s results in not only losses to the IRS and, by extension the federal treasury, but also causes the victim’s tax return to be flagged and investigated in great detail before the innocent victim finally receives his or her legitimate income tax refund and it is here that the National Taxpayer Advocate found the IRS to be failing.  With present IRS filters, more than 600,000 legitimate returns of taxpayers were screened and frozen as suspicious last year, but the IRS’ programs for completing the investigations of those returns and getting the innocent victims their rightful refunds are seriously lacking.  Only 17% of telephone calls from innocent taxpayers whose tax returns had been frozen as suspicious were even answered and during three consecutive weeks during filing season  this figure dropped to 10%.

In addition, although the IRS has made some progress in assisting the innocent victims of income tax identity theft in getting their legitimate refunds, it still takes, on average, 278 days to resolve the claim of a victim of income tax identity theft although the IRS routinely tells taxpayers that they can expect their claims to be resolved within 180 days.


So what should you do if you are a new victim of income tax identity theft?    Filing a police report immediately is very important in order to document your claim.  Although this is the era of electronic communications, the next thing you should do is mail to the IRS a paper tax return with an attached Form 14039 Identity Theft Affidavit and the police report.  According to the IRS, this will shave an average of 54 days off the time it takes the IRS to process your claim.   Your case will then be assigned to an IRS employee to assist you with clearing your name and getting your refund. As a victim of identity theft, you also are eligible to receive an Identity Protection Personal Identification Number (IP PIN) to use for future income tax returns to protect you from becoming a victim again of income tax identity theft.  You also should put a credit freeze on your credit report because if someone is able to file an income tax return on your behalf, they have access to your Social Security number which they could also use to access your credit report and obtain credit in your name.  Putting a credit freeze on your credit report will thwart future attempts by an identity thief to access your credit.  You can find information about credit freezes and how to put one on your credit reports at Experian, Equifax and Transunion by going to the Archives section of Scamicide.

Scam of the day – July 20, 2015 – UCLA Health System hacked affecting 4.5 million people

July 19, 2015 Posted by Steven Weisman, Esq.

The parade of data breaches at major health care providers continues as I predicted in my USA Today column last December.  Here is a link to that column.

The present data breach is of the UCLA Health System and it may have been going on undetected since September of 2014 until recently being discovered.  The information that may have been compromised is a treasure trove of data for identity thieves.  It included names, Social Security numbers, medical records, ID numbers and addresses on 4.5 million people.  But, as I always say, things aren’t as bad as you think — they are worse.  The stolen data was totally unencrypted making the threat to the people in the UCLA Health Systems computers more serious.

Medical identity theft can not only result in your financial life being threatened.  The mixing of medical records of the victim of the identity theft with the medical records of the identity thief utilizing the medical insurance can potentially be deadly, such as when a person might receive the wrong blood type in a transfusion or a drug to which they may be seriously allergic.  Again, compounding the problem, it can be extremely difficult or even impossible to remove the identity thief’s medical information from the victim’s medical records after the problem has been discovered due to quirks in the medical privacy laws.


If you are one of the people affected by this data breach, UCLA will be notifying you by regular mail and will explain your options.  They will not be notifying people by email or text messages so if you receive such a communication, you should not click on any links contained in the email or text message because they have been sent by an identity thief as a phishing email attempting to lure you into downloading malware by clicking on the link.

Those people affected will be offered free credit monitoring for a year.  They also should monitor their financial and medical insurance accounts carefully for early indications of fraud.  Putting a credit freeze on their credit reports would also be a good step to take.  You can find more information about credit freezes here in the Scamicide archives.

Here is a link to a press release by UCLA which describes the data breach and your options.

Scam of the day – July 19, 2015 – CVS online photo center hacked

July 18, 2015 Posted by Steven Weisman, Esq.

Pharmacy chain CVS has apparently suffered a data breach in its online photo business and consequently has temporarily taken it off line while it investigates the matter.  Here is a copy of their announcement.

“We have been made aware that customer credit card information collected by the independent vendor who manages and hosts may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.

Customers who provided credit card information for transactions on are advised to check their credit card statements for any fraudulent or suspicious activity and to call their bank or financial institution to report anything of concern.

Customer registrations related to online photo processing and are completely separate from,, on line bill pay and our pharmacies. Financial transactions on,, and in-store are not affected.

Nothing is more central to us than protecting the privacy and security of our customer information, including financial information. We are working closely with the vendor and our financial partners and will share updates as we know more.

For more information, call 1-800-SHOP-CVS.”

However, the story does not end there. is operated by PNI Digital Media, a third party vendor that also operates the online photo business for Walmart Canada which discovered a similar data breach last week.  In fact, PNI also operates online the photo businesses of Sam’s Club, Walgreens, Rite Aid and others including Costco’s photo center which also took its online photo business off line as a precautionary measure.  Anyone who has used the online photo services of any of these companies should be particularly vigilant at this time as it certainly appears that a security flaw in PNI Digital Media’s computer software or systems is being exploited to steal credit and debit card information.


One of the most important takeaway from this is that when choosing whether to use your credit card or debit card for retail transactions, you should always pick your credit card.  Your liability for unauthorized use of a credit card is limited by federal law to no more than $50 and most credit card companies will not even hold you responsible for even that amount.  However, your liability for unauthorized use of your debit card can potentially be unlimited if you do not promptly notice and report the fraudulent use of your card thereby putting your entire bank account tied to your debit card in jeopardy.  In addition, even if you notice and report the unauthorized use of your debit card immediately, your bank account is frozen while the bank investigates the matter thereby temporarily taking away your own access to your bank account.  Limit your debit card use to ATMs.

Specifically for those people who have used the services of any of the affected companies, you should monitor your credit card use online to be on the look out for any fraudulent use.

Scam of the day – July 18, 2015 – Ingenious text message gmail scam

July 18, 2015 Posted by Steven Weisman, Esq.

It is not surprising that scam artists are the only criminals that we refer to as artists.  Some of their scams are truly ingenious.  Today’s scam starts when you receive a text message from Google with a verification code.  Immediately thereafter and before you can even respond to the first text message, you receive a second text message that states, “Google has detected unusual activity on your account.  Please reply with the verification code sent to your mobile device to stop unauthorized activity.”  Many people have been merely following those directions and promptly send the verification code they just received.  However, by doing so, the victim has just turned over his or her gmail account to a scammer who can scour the account for information to be used for identity theft purposes.

What actually went on was that a hacker with the victim’s email address and cell phone number went to login on the victim’s gmail account and clicked on the “Forgot password” link prompting a verification code to be sent to the victim’s cell phone.  Immediately thereafter the hacker sent the original message that appears above pretending that he or she is Google so when the victim responds by sending the verification code, he or she is actually sending it to the hacker who then uses it to access the victim’s gmail account.


Never send a verification code to anyone through an email or a text message.  The only place you should use a verification code is when you login online.  If like the victim of this scam, you receive a verification code sent to you on your cell phone that you did not request, notify your email provider because that is an indication that someone is trying to hack into your account.

Scam of the day – July 17, 2015 – Yet another Nigerian email scam

July 16, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes right from my email and I am sure that it has appeared in the email boxes of many of you.  Although it may appear that the Nigerian email scam began in the era of the Internet, the basis of the scam actually goes back to 1588 when it was known as the Spanish Prisoner Scam.  In those days, a letter was sent to the victim purportedly from someone on behalf of a wealthy aristocrat who was imprisoned in Spain under a false name.  The identity of the nobleman was not revealed for security reasons, but the victim was asked to provide money to obtain the release of the aristocrat, who, it was promised would reward the money-contributing  victim with great sums of money and, in some circumstances, the Spanish prisoner’s beautiful daughter in marriage.

Today’s scam of the day is yet another variation of what has come to be known as the Nigerian letter scam.  In the various versions of this scam circulating on the Internet today, you are promised great sums of money if you assist a Nigerian in his effort to transfer money out of his country.  Variations include the movement of embezzled funds by corrupt officials, a dying gentleman who wants to make charitable gifts or a minor bank official trying to move the money of deceased foreigners out of his bank without the government taking it.  the example below of the email I received may not even be from Nigeria, but the scam is the same.  Although generally, you are told initially that you do not need to contribute anything financially to the endeavor, you soon learn that it is necessary for you to contribute continuing large amounts of money for various reasons, such as various fees, bribes, insurance or taxes before you can get anything.  Of course, the victim ends up contributing money to the scammer, but never receives anything in return.

Here is a copy of the email, I recently received:

Dear Friend,
With due respect to your person and much sincerity of purpose . I have a business proposal which I will like to handle with you. $35 million USD is involves. But be rest assured that everything is legal and risk free as I have concluded all the arrangements and the legal papers that will back the transaction up. Kindly indicate your interest as to enable me tell you more detail of the proposal.
Waiting for your urgent response.
Yours Faithfully,
Dr.Lincoln Bah Bah


This is a simple scam to avoid.  It preys upon people whose greed overcomes their good sense.  The first thing you should ask yourself is why would you be singled out to be so lucky to be asked to participate in this arrangement.  Since there is no good answer to that question, you should merely hit delete and be happy that you avoided a scam.  As with many such scams, which are originating outside of the United States, the punctuation and grammar are often not good.

Many people wonder why cybercriminals and scammers send out such ridiculously obvious scam letters that anyone with an ounce of sense would recognize as a scam, but that may be intentional on the part of the scammer because if someone responds to such an obvious scam, they are more likely to fall prey to the scam.

Scam of the day – July 16, 2015 – Adobe Flash update issued, but is it too late?

July 16, 2015 Posted by Steven Weisman, Esq.

This is the third day in a row that the Scam of the day has involved Adobe Flash, but this is such an important topic and the new developments have been happening so rapidly, it warrants the coverage.  Adobe Flash is a hugely popular plug-in used for watching videos on your computer or smartphone.  Over the years it has also proven to be fertile grounds for hackers who have numerous times exploited vulnerabilities in it to hack into and take over the computers and smartphones of individuals, businesses and government agencies.  Shortly after Adobe released a new security patch following the discovery of yet another vulnerability by security company FireEye which reported its discovery to Adobe to give them the opportunity to develop a patch, we learned about two more Adobe Flash vulnerabilities by way of the information  made public when the spyware company The Hacking Team became a victim of a very public hacking.  The Hacking Team had been exploiting the Adobe Flash vulnerabilities for its own end.  Now, Adobe has come up with a patch for the latest Adobe Flash vulnerabilities to become known, but for many of us, this is too little and too late.  As I urged you yesterday, I think you should uninstall Adobe Flash and switch to a different video viewing plug-in.  There is little reason to believe that future vulnerabilities will not be discovered in  Adobe Flash and exploited by hackers and other criminals.  Exploit kits, which are packets of computer code that exploit these vulnerabilities are being sold by criminals to other criminals to enable them to hack the computers and smartphones of unsuspecting victims.  A sad commentary on the effectiveness of these Exploit kits is that many of them are still being used against vulnerabilities in Adobe Flash for which patches have already been developed and made available, but people, companies and government agencies have been lax in installing the patches to protect themselves.


If you are still interested in using Adobe Flash, here is a link to the latest security patch to remedy the most recently discovered vulnerabilities.

However, my advice still is to uninstall Adobe Flash and install a different plug-in for video viewing.

Another important lesson is to make sure that you update all of your software as soon as security patches and updates become available.  Delaying in doing so puts you at much greater risk of being hacked and identity theft.  Here at Scamicide, we will continue to provide you with the latest security patches and updates as they become available.

Scam of the day – July 15, 2015 – Time to stop using Adobe Flash

July 15, 2015 Posted by Steven Weisman, Esq.

In an update on the continuing saga of the danger to all of us presented by continuing vulnerabilities in the  Adobe Flash browser plugin for watching videos, Mozilla, the maker of the popular Firefox browser has blocked Adobe Flash from use on Firefox as a security protection to Firefox users.  This came just a day after Facebook’s head of security went on record saying that Adobe should stop making Flash because it is too flawed.  Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.


Some alternative plugins you may wish to consider include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: while GNU Gnash can be downloaded free at this link: