Scam of the day – May 10, 2013 – Hackers attack on banks and credit unions fails – this time

May 10, 2013 Posted by Steven Weisman, Esq.

The hacking group Anonymous had reportedly targeted 130 banks and credit unions for a disruptive Distributed Denial of Service  (DDoS) attack on Tuesday, May 7th, but the attack failed to substantially materialize.  In a DDoS attack, large numbers of computers, remotely controlled by hackers as a BotNet, flood the websites of particular businesses or governmental agencies and shut them down because the websites are unable to handle the huge number of hits on the website.  Tuesday’s attack pretty much failed to materialize.  Although approximately 600 sites were shut down, few of these were inside the United States and if such an attack was indeed made against American governmental agencies, banks and credit unions, the attack was successfully defended.  But this is not to say that business and government have found a way to stop hacking into their computers.  In fact, the attack may not have occurred at all.  It may have merely been a subterfuge to see what the response would be by governmental agencies and businesses.  Additionally, although DDoS attacks are a nuisance, they are rarely more than that, however, larger more insidious attacks may occur while efforts are being focused against repelling the DDoS attack.

TIPS

Large and small businesses are and will continue to be targets for hackers.  If you operate such a business you must take necessary security steps to protect your business from hackers.  As for we, the public, we should do what we can to protect ourselves.  Limit the information available about you at companies with which you do business so if they are hacked, you are not in danger of having your personal information used to make you a victim of identity theft.  Also make sure that you have backup records for all financial dealings and accounts that you have with companies with which you do business so that if an attack either accesses your account or deletes data, you have records that show what you have.  For more information about how to protect yourself, I urge you to consider purchasing my book “50 Ways to Protect Your Identity in a Digital Age” which you can get from Amazon at a reduced price merely by clicking on the link of the book on the right hand side of the front page of Scamicide.

Tags: , , , , ,
Categories: Site Related

Scam of the day – May 9, 2013 – Latest Nigerian letter scam

May 9, 2013 Posted by Steven Weisman, Esq.

I want to share with you as today’s “scam of the day” a scam email that was sent to me a couple of days ago.  It is the latest variation of the Nigerian letter scam.  We are all familiar with the Nigerian letter scam in which under various pretexts you are told that you can receive a large sum of money without any risk and without having to do anything of substance.  It may appeal to our greed and desire for easy riches, but it also should make alarms go off in our heads that this offer is obviously bogus and too good to be true.  This particular incarnation of the letter has a number of red flags that should make you skeptical of similar letters that you may receive.  First is the poor grammar.   Many of these emails originate in foreign countries such as Nigeria where English is a second language, but where official letters still should contain better grammar.  This particular letter never indicates why I should be receiving funds from a murdered family in Syria.   Also interesting is the asking about my profession, particularly because one would think that there would be a screening process for any legitimate offer.    As with all of these types of scams, if you respond, you will be told that some funds are needed for administrative costs, legal fees, bribes or whatever and the amount keeps increasing once you pay them anything.  Ultimately, you receive nothing and lose any money you send to the scammer.  These Nigerian letters still are common because they still work. Don’t be one of their victims.

Here is a copy of the email I received.

 ”VERY URGENT AND CONFIDENTIAL

 
Date :mardi 07 mai 2013
20h00 – 21h00 (GMT+00:00)
De :ibrahimzongo21@yahoo.frMail :From Mr.Ibrahim Zongo.
The Head of File and Auditing Department.
United Bank of Africa (U.B.A).
In West Africa Country
Email:ibrahimzongo21@yahoo.fr
Email:ibrahimzongo21@aol.frTOP SECRET
REMITTANCE OF US$15,200,000.00 CONFIDENTIAL IS THE CASE.This message might meet you in utmost surprise; however, it’s just my Urgent need for foreign partner that made me to contact you for this transaction. I am a banker by profession from West Africa and currently holding the post of director Auditing and accounting unit of the bank.I have the opportunity of transferring the left over Funds ($15.2 million) of one of our bank clients who murdered with his entire family in Syria. Hence; I am inviting you for a business deal where this money can be shared between us in the ratio of 60/40. I will like to inform you that this transaction is 100% risk free, while further details of the transfer will be forwarded to you as soon as I receive your return mail. Your Urgent response is needed for immediate transfer of this fund into your account.what is your profession? send your mobile number for discuss.Note that this transaction will never in any way harm or foiled your good post or reputation in your country, because everything will follow legal process.I am looking forward to hear from you soonest.Yours faithfully,

Mr.Ibrahim Zongo

 
 
TIPS
 
Never respond to such an email.  Outside of the initial skepticism that should have you remembering that if something sounds too good to be true, it usually is, you should also be skeptical of any such ridiculously easy way to get money.  You also should wonder as to why you were chosen to receive such an email.  Although all of these emails are scams, if you want confirmation you can contact me here at Scamicide with a copy of any such email you receive and I can definitively tell you whether the email is a scam.  You also can check with your local police, State Attorney General or the Federal Trade Commission
 
Tags: , , ,
Categories: Site Related

Scam of the day – May 8, 2013 – Iron Man 3 scam

May 8, 2013 Posted by Steven Weisman, Esq.

The movie Iron Man 3 is already a huge hit with early box office figures setting records around the world.  Pirated versions of movies being distributed on the Internet is a major problem for the movie industry, but it is also a major problem for consumers.  I don’t condone buying cheap bootlegs of movies over the Internet; that is a crime.  However, I understand that many people will be tempted to purchase or even get for free what they think are pirated versions of popular movies.  Scammers understand this too, which is why there are already more than a hundred websites, not connected with the studio that produced Iron Man 3, claiming that they have copies of Iron Man 3 for purchase or free in some instances.  These sites require you to download a file containing a video player.  The problem is that by downloading this video player, you may be downloading keystroke logging malware along with or instead of the promised video player.  This malware can steal all of your personal information from your computer including credit card numbers, bank account numbers and passwords and turn you into a victim of identity theft.  Facebook is also being used by the identity thieves to spread links for free copies of Iron Man 3 that indeed may well be tainted with malware.  Many of these links ask for your credit card, which you should not provide and end up giving you nothing.  Other links lure you in with the promise of a free streaming of Iron Man 3, but then take you through a survey for which the scammer gets paid and at the end you still do not get a copy of Iron Man 3.

TIPS

Never click on links or download files unless you know what you are clicking on or downloading is legitimate.  Obviously you cannot trust someone who is promising to provide you with a pirated product.  The risk of downloading malware is just too great.  Pay your money and go to the movie in the theater or if you want a home version, it won’t be too long before the movie is legitimately available online.

Tags: , , , , , , ,
Categories: Site Related

Scam of the day – May 7, 2013 – Ransomware update

May 7, 2013 Posted by Steven Weisman, Esq.

I have previously warned you about this type of  scam on December 3, 2012, January 19, 2013 and as recently as March 26, 2013, but today’s update is because now it is personal.  When I went to turn on my computer today I was locked out and a Ransomware scam was facing me on my computer.  Ransomware scams occur when you find that you are unable to use your computer and you receive an email message or a notice on your screen, as I received, indicating that your use of your computer has been frozen due to illegal activity being detected on your computer.  A common variation of this scam being done now purports to be from the Department of Homeland Security and its National Cyber Security Division.  The version I got purported to be from the FBI.  Even scarier was the fact that it had control of my computer camera and a photograph of me appeared at the top of the phony notice.   In the notice I was told that I needed to pay a fine before my computer would be unfrozen and I would be able to have access to it again.  In fact, the freezing of my computer has not been done by the Department of Homeland Security, the FBI or any other governmental agency.  It was done by a scammer who installed malware on my computer either through a tainted website, download or link that I had gone to  It is for this reason, that I am always reminding you never to click on links and download attachments unless you are absolutely positive that they are legitimate.  And even though I follow my own advice, somewhere I got caught.

TIPS

The best way to deal with ransomware is to avoid it in the first place.  Maintain a good firewall on your computer and install and maintain up-to-date security software.  Also, never click on links or download attachments unless you are absolutely sure that they are legitimate.  Even if the link or download is in an email or a Facebook posting that appears to come from a friend of yours, their account may have been hacked and the communication may be from a scammer.  Never pay a ransom to regain control of your computer.  There is no guarantee that the criminal who froze your computer will let you off the hook.  Rather, have a computer professional go through your computer to find the source of the problem and resolve it.  It is also important to remember that no legitimate agency will freeze your computer and make you pay a fine to unfreeze it.  In my case, my security software was not able to stop the malware from initially freezing my computer, but when, through the use of free software from Malwarebytes, I was unable to unfreeze my computer, I was able to do a security scan and find that my security software had stopped the keystroke logging malware that the scammer had attempted to download to my computer.  Had I not had such software, my computer’s information would have been at the mercy of the scammer.

If you are a victim of ransomware, here are a couple of free links that can help you.   The first  is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover.  The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware.  This was what I used to get rid of the malware freezing my computer.  The link is www.malwarebytes.org.  It is free although there is also an updated version, which I use.

Tags: , , , , , , , , , , ,
Categories: Site Related

Scam of the day – May 6, 2013 – Hotel telephone call scam

May 6, 2013 Posted by Steven Weisman, Esq.

Some of the most simple scams are also the most effective.  Earlier this week a woman staying at a Double Tree Hotel in Skokie, Illinois received a telephone call purportedly from a clerk at the front desk of the hotel informing her that they needed her credit card information again because of a computer error in processing her card.  She obliged and provided the information over the phone and the identity thief who had really called her promptly ran up $5,000 of charges.  This is a common scam that occurs when a hotel guest gets called from someone who says they are a hotel employee and then requests credit card information under any of a number of different pretexts.

TIPS

Whenever you get a telephone call, you can never be sure that the person calling you is who he or she represents himself or herself to be.  If you are in a hotel and receive such a call, you should hang up and either go to the front desk in person or call the front desk at a telephone number that you know is accurate.  Whenever you get a telephone call requesting personal information such as a credit card number for whatever reason, do not give the information to the caller.  Rather, call the company or agency that purported to call you at a number that you know is correct and not a number that the caller gives you.

 

Tags: , , , ,
Categories: Site Related

Scam of the day – May 5, 2013 – Data breaches at small businesses – what it means to you

May 5, 2013 Posted by Steven Weisman, Esq.

Verizon has just released its 2013 Data Breach Investigations Report analyzing data breaches around the world and found that hackers in foreign countries, particularly China, Romania, Bulgaria and Russia are responsible for many of the attacks on businesses large and small resulting in data breaches.  Sometimes the hacks are intended to obtain company secrets while other times the goal is personal information about a company’s customers that can be used to make the company’s customers victims of identity theft.  More and more hackers are targeting small businesses because they are both a treasure trove of information and because many of these companies have lax security making them easy targets for the hackers.  It has been estimated that as much as 80% of the data breaches could be prevented by using two-factor authentication when accessing company computers and their data.  This is not a costly security measure to implement, but most companies still do not do this.

TIPS

As I always tell you, you are only as secure as the company or agency with the weakest security that holds your information.  Therefore it is important that you limit, as much as possible, the companies and agencies that hold personal information about you that can be used to make you a victim of identity theft.  And although it is certainly convenient to leave your credit card number on file with companies with which you do business online rather than input it each time you do business with a particular company online, you are safer not leaving your credit card number in the computers of companies that may be hacked.  You also should inquire of any company that does hold personal information about you as to their security measures to safeguard that information.

Tags: , , , , , , , , , , , , ,
Categories: Site Related

Scam of the day – May 3, 2013 – New gift card scam

May 3, 2013 Posted by Steven Weisman, Esq.

The United States Postal Service has recently uncovered a new gift card scam involving gift cards.  Advertisements in legitimate newspapers and websites have been appearing promising a $500 gas gift card in return for a payment of only $79.95.  Unfortunately, when the victim sends his money for the card, they do not receive the promised gift card, but do receive instructions on how to operate the very scam of which they just became a victim and get others to send money and get nothing in return.

TIPS

Anything that appears to good to be true usually is.   Even if an advertisement appears in a legitimate newspaper or website, that does not mean that the advertisement is legitimate or that the newspaper or website has made any attempt to confirm that the advertisement is legitimate.  Another easy way to identify a potential scam is to Google the name of the person or company along with the word “scam” and see what comes up.  You can also check with your local District Attorney or your state Attorney General if you have doubts as to whether a particular offer might be a scam, but ultimately you should always be skeptical of getting something for far less than it is worth.

Tags: , , ,
Categories: Site Related

Scam of the day – May 2, 2013 – Craigslist scam update

May 2, 2013 Posted by Steven Weisman, Esq.

Often I will remind you about particular types of scams I have mentioned before because they continue to victimize many people.  Earlier this week a Pennsylvania man became a victim of a common Craigslist scam when he put an ad on Craigslist to sell a piece of furniture for $350.  He was contacted by someone who sent him a check for $1,350 and asked the seller to merely deposit the check, deduct the $350 and send the rest back to the buyer by way of a money order.  The check looked legitimate so the seller deposited it and sent the difference back to the buyer.  Unfortunately, the check was a forgery so the seller lost the money he sent to the scam artist posing as a buyer.  Often in these circumstances the check will appear to be a bank check or a certified check, but it is just a forgery.  Other times, the sellers will think they are being prudent by waiting a few days for the check to clear only to learn later that it can take weeks for a check to fully clear and the provisional credit that they are given by the bank after a few days does not mean that the check was not a forgery because once it is recognized as a forgery, the provisional credit is taken away by the bank and the victim is left with a reduced bank account.

TIPS

Whenever you are paid for something that you are selling by a check for more than the amount that is due and that payment comes with a request for you to send the difference back to the buyer, you should consider this a sign that this is a  scam.  Also, anytime you are paid by a check you should wait for the check to fully clear before turning over the sold goods.  Even if the check appears to be a bank check or a certified check, it may well be a forgery so you should contact your bank to make sure that the check has fully cleared before you consider the payment to have been made.  Regardless of the excuse that may be given to you as to the reason for payment by way of a check for more than what is owed, you should be suspicious.  Finally, always be wary when someone requires you to send payment by Western Union or wired from your bank because once those payments have been made, it is impossible to get the money back.

 

Tags: , , , , ,
Categories: Site Related

Scam of the day – May 1, 2013 – Denial of Service attacks

May 1, 2013 Posted by Steven Weisman, Esq.

Distributed Denial of Service (DDos) is the name for a tactic that has increasingly been used by hackers against major financial institutions.  Most recently, online broker Charles Schwab & Co. was disabled and inaccessible by its customers for more than an hour because of such an attack.  Earlier in April, American Express and Wells Fargo were victims of such an attack and, in a major attack a few months ago, the websites of JP Morgan Chase, Bank of America, Citibank and Sun Trust all were temporarily shut down due to a DDoS attack.  A DDos attack is accomplished when a website is flooded with nuisance requests from tens of thousands of computers all being controlled by a single controlling computer.  This network of computer is called a BotNet.  Regular readers of Scamicide are familiar with the term BotNet which has also been called Zombie computers and refers to a network of infected computers that are infected by hackers and then controlled by the hackers to send out their viruses and other malware.  The attacked websites are not able to handle the huge volume of computer hits, which results in the affected website being closed down.  It is thought that many, if not all of these recent DDoS attacks have originated from the same hackers in Eastern Europe and there is concern that this is just the beginning of major computer attacks against American financial institutions.

TIPS

So what does this mean to you?  Although both the government and the private sector are working hard to defend DDoS attacks and, in fact, are making progress in doing so,it can be expected that these and even more sophisticated attacks will be coming against our financial institutions including banks and brokerage houses in which you have money and investments.  You can’t just put your head in the sand, but you can prepare yourself for such attacks.  Make sure that you have backup records of your financial accounts on computer discs rather than just on your hard drive which can be accessed or even destroyed by hackers.  You also can use USB  flash drives and external hard drives.  You can also store information in the cloud, but that brings a range of different security issues.  You also may wish to keep readily accessible paper records of your accounts, but make sure that you keep them secure in your home.  Even friends and family members have been known to steal such documents for identity theft purposes.  Finally, you may wish to inquire of all companies with which you do business as to how they maintain both the security of their records from attack and their online presence.

Tags: , , , , , , , , , , , , , ,
Categories: Site Related
« Older Entries
Newer Entries »