Scam of the day – September 12, 2017 – IRS warns tax professionals about new ransomware attack

The IRS has issued a warning to tax professionals about a new IRS themed ransomware attack presently being sent by email.  If someone were to click on the link in the email, ransomware would be downloaded that would encrypt and lock the information of the person falling for the scam leaving the victim facing the dilemma of having to pay a ransom in order to retrieve his or her computer data or face the threat of having the data destroyed.

Here is a copy of the email presently being circulated.  As phishing emails go, this one is not particularly convincing.  It is filled with grammatical and punctuation errors which often are a sign that the scam originated in a country where English is not the primary language.

IRS questionnaire text with IRS and Department of Justice logos

TIPS

The IRS does not initiate contact with taxpayers or tax professionals by email or text messages to request personal or financial information.  In addition, to avoid all kinds of malware including ransomware, you should never click on links in emails or text message unless you have confirmed that the email or text message is legitimate.  Specifically to protect yourself from ransomware, individuals as well as companies and government agencies should backup all data regularly and make sure that security software is constantly updated with the latest security patches.

Scam of the day – September 11, 2017 – Social media tech support scams

As with any technology that we use, there usually comes a time when you need some tech support for large or small problems that may occur. Unfortunately, for much social media, you will not readily find a telephone number to call and speak to a real person about your problem. However when that happens, unfortunately many people turn to the Internet to search for a tech support telephone number and end up getting a telephone number for a scammer who will induce the victim to make a payment, often by iTunes gift cards, which are particularly popular with scammers these days.  Other times the scammers trick their victims into providing personal information that can be used to make the person a victim of identity theft.

TIPS

Among the social media services that do not provide tech support by phone are Facebook, Instagram, Snapchat and Twitter.  Here are links to tech support for those social media services:

Facebook:  https://www.facebook.com/help/

Instagram: https://help.instagram.com/

Snapchat: https://support.snapchat.com/en-US

Twitter: https://support.twitter.com/

Scam of the day – September 10, 2017 – Further important Equifax updates

It is unusual here at Scamicide to discuss the same scam for multiple consecutive days, however, the massive Equifax data breach story is continually evolving, affects you and warrants such coverage.

Under pressure from New York Attorney Eric Schneiderman and others, Equifax has removed the waiver of your rights to participate in a class action from the contract you must agree to in order to obtain free identity protection services from its TrustedID  program.  Therefore it makes sense to sign up for the program, which you can do here.

https://www.equifaxsecurity2017.com/enroll/

While Equifax also represented that you could find out from them whether or not you were specifically involved in the data breach, that representation is not accurate.  Numerous people have used fake names to test the system and in each instance were told that they probably were affected by the data breach.  This is mildly upsetting, but no more than that.  The sheer size of the data breach is so large and the potential harm so great that you should assume that you were affected.

TIPS

The advice as to what to do is still the same.  You should put a credit freeze on your credit reports at all of the three major credit reporting agencies.  Fraud alerts are worthless.  In addition, you should get copies of your credit reports from each of the three major credit reporting agencies to look and see if you have already been a victim because it is important to remember that this data breach has gone on for months.  You have the right to a free copy of your credit report from each of the three credit reporting agencies once each year.  What many of us do is stagger the request among the TransUnion, Equifax and Experian by requesting one every four months.

You can get your free copies of your credit reports by using this link.

https://www.annualcreditreport.com/index.action

Here are links to each of the credit reporting agencies for information about how to put a credit freeze on your credit reports: 

Scam of the day – September 9, 2017 – Important update about the Equifax data breach

The massive data breach that occurred at credit reporting agency Equifax, between last May and July is a story that is continuing to evolve. If you are one of the approximately 143 million people whose personal information was compromised, you face a serious threat of identity theft. Equifax is offering credit monitoring and other services to the victims of the data breach through its identity protection company, Trusted ID, however, if you read the fine print in the agreement you will find that in order to get the free services you must  waive your rights to be a part of any class action against Equifax and must resort to binding arbitration for any claims against Equifax.  New York Attorney General Eric Schneiderman has already indicated that he believes that requiring such a waiver in this instance is illegal and he has demanded Equifax to remove the language from the agreement.  The agreement does also provide that if you notify Equifax within 30 days of accepting the terms that you wish to opt out of arbitration you can do so, but at the moment, your rights against Equifax are far from clear.

TIPS

So what should you be doing?  It will certainly take some intense investigation, but there may well be cause for a class action against Equifax.  However, in the meantime your primary concern should be protecting yourself from identity theft and the first thing you should do is get copies of your credit report from each of the credit reporting agencies and review them to see if there is any evidence of identity theft. Regardless of whether you find any such indications, the next thing you should do is put a credit freeze on your credit reports at each of the three major credit reporting agencies.

You can get your free copies of your credit reports by using this link.

https://www.annualcreditreport.com/index.action

Here are links to each of the credit reporting agencies for information about how to put a credit freeze on your credit reports: 

September 8, 2017 – Steve Weisman interviewed on WJAR about protecting your phone

Here is  link to a story in which I was interviewed by Consumer Reporter Emily Volz on NBC 10 News in Providence, Rhode Island about dangers we all face on our cell phones and what we can do to protect ourselves.

http://turnto10.com/i-team/consumer-advocate/thieves-are-stealing-phone-numbers-accessing-sensitive-information

Scam of the day – September 8, 2017 – Massive data breach at Equifax

Yesterday Equifax, one of three major credit reporting agencies announced that it had been victimized by a data breach between mid May and July that resulted in personal information of approximately 143 million Americans being stolen.  To put this number into perspective it accounts for nearly 44% of the entire population of the United States.  The compromised information included names, Social Security numbers, birth dates and more.  This information puts the victims of the data breach in serious danger of identity theft.  In the past when major data breaches such as this have occurred, the cybercriminals sell the information to other cybercriminals on the Dark Web.  To date, we have not yet seen this information being sold, but it will be.

Equifax is offering to affected customers a free year of credit monitoring and the ability to freeze your Equifax credit report.  To find out if your records were affected by the breach, click on this link provided by Equifax

Potential Impact

TIPS

If you have been affected by the data breach, you should sign up for the free services offered by Equifax and definitely should freeze your credit report at all of the credit reporting agencies because the information stolen puts you in jeopardy of identity theft at all of the credit reporting agencies.

Even if you have not been a victim of the data breach, you should consider taking this as the opportunity to put a credit freeze on your credit reports. Credit freezes are the best thing you can do to protect yourself from becoming a victim of identity theft.

To get started, it’s best to first understand the laws and fees governing credit freezes in your state. The National Conference of State Legislatures describes the credit freeze laws for each state. 

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them for information about how to get a credit freeze: 

Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.

Scam of the day – September 7, 2017 – Sports talk host charged with concert ticket scam

Yesterday, popular New York sports talk radio host Craig Carton, half of the popular WFAN morning talk show “Boomer and Carton” was arrested and charged along with a co-conspirator, Michael Wright with securities fraud, wire fraud and conspiracy in regard to a scam in which they allegedly tricked investors into giving them money to be used to purchase large blocks of concert tickets to major concerts of artists such as Adele and Katy Perry that would then be sold on the secondary ticket market for large profits.  However, according to the FBI, the entire scheme was a scam with no tickets being purchased and the money being used to pay off Carton’s gambling debts and other personal expenses.  As is typical of any Ponzi scheme, earlier investors were paid with funds from later investors.

In addition to the criminal charges, the Securities and Exchange Commission (SEC) also brought civil securities charges based on the same scam against Carton and Joseph Meli.  If Meli’s name sounds familiar it may be because I wrote in January 30, 2017’s Scam of the day about him being sued by the SEC in regard to a similar type of scam involving non-existent tickets to hit Broadway shows such as Hamilton.

TIPS

Ponzi schemes have been an effective fraud tactic for more than a century because they are effective.  It may seem to a potential investor that the scheme is legitimate because he or she can see earlier investors earning profits.  However, those profits are illusory.

Never invest in anything unless you totally understand the investment and have also investigated the people seeking your money.  Before investing with anyone, you should investigate the person offering to sell you the investment with the Securities and Exchange Commission’s Central Registration Depository.  This will tell you if the broker is licensed and if there have been disciplinary procedures against him or her.  You can also check with your own state’s securities regulation office for similar information.  Many investment advisers will not be required to register with the SEC, but are required to register with your individual state securities regulators.   You can find your state’s agency by going to the website of the North American Securities Administrators Association.   You should also check with the Financial Industry Regulatory Authority (FINRA) for information about the particular  investment adviser.  It is also important to remember that you should never  invest in something that you do not completely understand.  This was a mistake that many of Bernie Madoff’s victims made.  You also may want to check out the SEC’s investor education website at www.investor.gov.  Scammers can be very convincing and it may sound like there is a great opportunity for someone to make some money, but you must be careful that the person making money is not the scam artist taking yours.

Scam of the day – September 6, 2017 – Pacemakers recalled due to risk of hacking

By now, we are all familiar with the Internet of Things which presently includes 5 billion devices and is expected to grow to 25 billion devices by the year 2020.  The Internet of Things is the popular name for the technology by which products and devices are connected and controlled over the Internet.  The range of products that are a part of the Internet of Things is tremendous and includes, cars, refrigerators, televisions, fitness bands, webcams, toys and even medical devices.  The Internet of Things offers tremendous opportunities for constructive and efficient use of these products, but as with any technology connected through the Internet, also provides an opportunity for hackers to exploit the technology for their own criminal purposes.

While hacking of medical devices sounds like something out of fiction, in 2007, former Vice President Dick Cheney was so concerned about hackers that he had the Internet connection on his pacemaker disabled.  In September 2015, the FBI issued a warning saying that “Once criminals have breached such devices, they have access to any personal or medical information stored on the devices and can possibly change the coding controlling the dispensing of medicines or health data collection.”

Now the Food and Drug Administration (FDA) has issued a recall of 465,000 pacemakers due to the vulnerability of the devices to being hacked and controlled by criminals.  Fortunately, the recall can be accomplished with a remote adjustment of the devices and will not require surgery.  Six different types of pacemakers all made by Abbott and sold under the name of St. Jude Medical are covered by the recall.  Here is a link to the FDA’s recall with more specific information.

https://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm573669.htm

TIPS

Earlier this year the FDA issued recommendations for security steps to be taken for Internet connected medical devices, however it should be noted that these are not regulations, but only recommendations.  So what can you do to protect yourself in the meantime? The most important thing you can do is find out if any Internet connected medical devices you may have comply with the FDA’s security regulations.  You should also find out what information is stored on your device and how it is accessed.  Also learn about the use of password protection and make sure that your device is not still using a default password.  If your device uses an open wifi connection, you should change it to operate exclusively on a home network with a secured wifi router.  If your device is capable of transmitting data, make sure that the transmissions are encrypted.

Scam of the day – September 4, 2017 – More checks being sent to victims of Kevin Trudeau

Last June, I told you about the Federal Trade Commission (FTC)  sending 6.3 million dollars in refunds to people who were scammed into buying Kevin Trudeau’s book, “The Weight Loss Cure ‘They’ Don’t Want You to Know About.”  The book was sold through infomercials that touted it as a simple and effective plan that would enable you to lose dramatic amounts of weight while still eating whatever foods you wanted.  The truth is that the diet was a far from simple starvation diet that also required daily injections of difficult to obtain prescription drugs.  Although Trudeau was ordered to repay cheated consumers millions of dollars in 2009, it was not until a court-appointed receiver was able to locate significant money hidden by Trudeau that money just became available to partially compensate consumers for their losses.   Last June I told you that if more of Trudeau’s funds were to be located,  further payments would be made by the FTC in the future, as well and that is what has happened.  The FTC is now sending out a second round of checks to the victims of Trudeau’s scam.  If you were someone who bought this book, go to the tab at the top of this page designated “FTC Scam Refunds” for more information about getting and cashing your refund check.

TIPS

The truth is that there are no quick fixes when it comes to weight loss and you should be wary of any product that promises you can lose tremendous amounts of weight quickly without dieting or exercise.  You should also be wary of any weight loss product that is sold exclusively either over the Internet or through mail-order advertisements.  It is also important to remember that no cream that you rub in your skin can help you lose substantial weight and no product can block the absorption of fat or calories.  The best course of action is to ask your physician about the effectiveness of a particular weight loss product or program before you reduce your wallet in an effort to reduce your waistline.