Scam of the day – April 14, 2014 – The last income tax scam of the season

April 14, 2014 Posted by Steven Weisman, Esq.

Tomorrow is April 15th which is the last day for filing your federal income tax return unless you are a procrastinator who has filed an extension.  Identity thieves and scammers love income tax season as it provides them with an opportunity for a wide variety of scams to steal your money.  I have described these scams in numerous Scams of the day.  As the income tax season comes to an end, scammers and identity thieves are busy with one last scam about which I want to warn you.  It starts with you receiving an email that appears to come from the IRS Taxpayer Advocate Service in which you are told that there is a problem with your recently filed federal income tax return and that IRS computers have found errors in your return.  In order to resolve the problem, you are told to click on a link in the email that purports to take you to the IRS Taxpayer Advocate Service website where you are told you will find information about the problem and the name of the taxpayer advocate assigned to your case.  If you click on the link, you will not go to the IRS Taxpayer Advocate Service, which is a real organization.  Instead you will be sent to a legitimate looking, but phony website that will solicit you to provide information that will enable the identity thief behind this scam to make you a victim of identity theft.


The easy way to avoid this scam is to remember that the IRS will never initiate contact with taxpayers by email.  If you get an email, text message or phone call purporting to be from the IRS initiating contact about anything, you can be sure that it is a scam.  As a general rule, however, it is important to recognize that whenever you get an email, phone call or text message, you can never be sure of who is contacting you and whether or not they are legitimate.   Therefore never provide information to anyone who contacts you in this manner and do not click on links or attachments in unsolicited text messages or emails which may either be seeking personal information from you to be used to make you a victim of identity theft or will automatically when you click on the link download keystroke logging malware on to your computer that will steal the information from your computer and again use it to make you a victim of identity theft.

Scam of the day – April 13, 2014 – AT&T bill scam

April 13, 2014 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes directly from my email where I received the following email purporting to be from AT &T.  This is an example of a phishing email that may appear to be from a legitimate source, but is from an identity thief.  As with many phishing scams it implies that there is an emergency, namely in this case, a problem with my billing information that could result in the termination of my account.  The email then provides a link for me to go to in order to provide the necessary information to maintain my account.  DO NOT CLICK ON THE LINK.  Clicking on the link will either take you to a page where you are asked to provider personal information that would be used to make you a victim of identity theft or it will cause keystroke logging malware to be installed on to your computer or other device that would steal your personal information and make you a victim of identity theft.  In this particular phishing scam there are many indications that it is a scam.  First is that it came from an email of a private individual and not from AT&T.  In fact, the email probably was sent as part of a botnet where an unsuspecting victim’s computer was hacked and used to send out these scam emails.  Another indication is that the email is not directed to me by name, but rather to me as “Dear customer.”  In addition there is not identification of my particular account.  Finally, and most tellingly are the spelling errors such as the incorrect spelling of the word “failure” and “result.”


“Dear customer,

 We noticed that your billing information has recently change as we are unable to process
your last month bill.

 Please update your billing information by clicking on our secure server below to avoid termination of your AT&T line.

 Note: Faluire to update your billing information will rezult to termination of your Line and you wont be able to restore your number.

Best regards,
AT&T© 2014 AT&T Inc.All rights reserved.”


Never click on links in emails or text messages unless you are absolutely sure that they are legitimate and do not provide personal information in response to an email unless you are absolutely sure that both the request is legitimate and that the request is actually coming from the real company.  When I first received this email I could tell right away that it was a scam.  However, if I had any thought that it might be legitimate, I would call the company, in this case AT&T at a telephone number that I know is correct in order to inquire about the email.

Scam of the day – April 12, 2014 – Heartbleed password reset scams

April 12, 2014 Posted by Steven Weisman, Esq.

By  now everyone is aware of the Heartbleed security flaw in the Open SSL  security technology that has been used by two-thirds of the world’s websites to encrypt communications between computer users and these websites.  Where until recently we were under the impression that our passwords as well as all information communicated using this technology including credit card numbers when buying something on these websites were secure and protected, we now learn that this flaw, which has existed for two years permits a hacker to get access to all of this information and use it to make us victims of identity theft.  Experts including myself are advising people to change their passwords although it cannot be emphasized enough that you should not change your passwords until the websites have implemented the security measures necessary to patch this problem.  Fortunately, the software necessary to do just that is available.  However, you should confirm with all websites where you have done business and use a password that the website has indeed updated their security before you change your password because otherwise you may be merely turning your new password over to an identity thief.

A new scam, however has arisen from the Heartbleed affair as identity thieves are sending emails to people posing as legitimate websites, such as Amazon in which the identity thief posing as the legitimate company tells you that you need to change your password and provides a link in the email for you to do so.  The emails look legitimate, but they are phony.  If you click on the links two things can happen and they both are bad.  You will either be prompted to provide personal information that will be used to make you a victim of identity theft or merely by clicking on the link, you will download keystroke logging malware that will steal information from your computer and make you a victim of identity theft.


As I constantly advise you, never click on links in emails unless you are absolutely sure that they are legitimate.  In this case, you may get a legitimate email from a company with which you do business prompting you to change your password and to initiate the process by clicking on a link.  However, you have absolutely no way of knowing whether or not the email is legitimate or a phishing scam.  The best thing to do in this situation is to ignore the email and instead go directly to the website of the particular company at an address you know is correct and change your password there.  In this way, you can be sure that you are not providing information to an identity thief.  When Target sent emails to customers with a link to access credit monitoring after its major data breach last year, you could not be sure if the email was from Target or not.  Savvy computer users just went directly to the Target website where they could access the free credit monitoring without the risk of providing information to an identity thief.

Scam of the day – April 11, 2014 – Windows XP support scams

April 11, 2014 Posted by Steven Weisman, Esq.

Scammers and identity thieves are quite adept at taking advantage of whatever concern people may have at any particular time and, as you are aware, the announcement by Microsoft that it would no longer be issuing security updates for the Microsoft XP operating system has left many consumers concerned about what they should be doing if they are still using that system on their computers, laptops or tablets.  Scammers and identity thieves have been taking advantage of this situation by starting to contact people by phone claiming that they are a part of Windows Helpdesk, Windows Service Center, Microsoft Tech Support or any of a number of different entities and that they can help by providing updates remotely or by directing them to websites where they can sign up for help.  All of these offers are phony.  Neither Microsoft nor any other entity connected to Microsoft is making unsolicited calls to consumers.  Allowing the caller to get remote access to your computer will only result in the identity thief getting access to the personal information contained in your computer which will be used to make you a victim of identity theft.  When you are directed to websites, in other variations of the scam you are prompted to provide your credit card which will be used to steal from you or you will be prompted to provide personal information that will be used to make you a victim of identity theft.


Remember, anyone who makes an unsolicited call to you offering to help you with your Microsoft XP is not connected with Microsoft or any related company.  As always, you can never be sure of who is calling you whenever you receive a phone call even if your Caller ID indicates it is a legitimate caller.  Caller ID can be manipulated by scammers through a technique called spoofing.  The best thing you can do is to consider upgrading to another operating system.  Windows XP is outdated and continued use of it will make you vulnerable to various hacking scams.  You can go directly to Microsoft at to learn what other options may be available to you.

Scam of the day – April 10, 2014 – Serious security danger on the Internet of Heartbleed

April 10, 2014 Posted by Steven Weisman, Esq.

The term “Heartbleed” sounds serious and it is.  Heartbleed is the name of the recently discovered security flaw in the Open SSL encryption security technology that is used by up to 2/3 of websites on the Internet.  An indication that the website you are communicating with uses Open SSL is the presence of the tiny padlock icon next to the website address.  Another indication of the use of Open SSL being used is the letter “s” appearing after the initial “http” at the beginning of a website address.  The padlock and the “s” indicated to people communicating with websites that your communications were encrypted and safe from hackers.  Now we have discovered that this encryption technology had been cracked by attackers as long as two years ago.  This means that your communications online with your bank and retailers may have been compromised.  Many websites that have used the Open SSL encryption technology including Amazon and Facebook have fixed the problem or are working on it.  There are patches available.


The first thing that you should do is to change your passwords at websites you have used that utilized the Open SSL encryption because your password may be in the possession of hackers.   However, do not change your password until you have confirmed with the Website that it has patched the security flaw.   Heartbleed is a good reminder to us all that we should change our passwords on a regular basis as well as have different passwords for every website where we use a password so that if one gets hacked, identity thieves would not have the passwords for all of our other accounts.  It doesn’t have to be a difficult task as just adding or changing a letter or two can do the trick if you have a good, complex password with letters both capital and small as well as figures and signs.  Also, again as we all should be doing, monitor all of your accounts regularly for evidence of fraudulent use.

Here is a helpful link you can go to in order to check and see if the websites you go to were among those affected by Heartbleed.  One word of caution, this is not guaranteed by its creator to be 100% accurate:

For people who have websites that use Open SSL, here is a link to the notice from the Department of Homeland Security with the links to rectify the situation.

Scam of the day – April 9, 2014 – Follow up on ATM danger

April 8, 2014 Posted by Steven Weisman, Esq.

Yesterday Microsoft officially ended technical support for its Windows XP program, which is still used by 95% of the world’s ATMs.  Many people are justifiably concerned about the security of the ATMs that they use and if it is safe to still use them or are they in serious jeopardy of having their accounts hacked.  Although April 8th was the day that Microsoft indicated that it would no longer issue technical updates to the Windows XP operating system, some ATMs work on a variation of the Windows XP operating system called Windows Embedded.  Security updates for Windows Embedded will continue to be issued until January 12, 2016.  In addition, some major banks have made private arrangements for security updates from Microsoft for Windows XP.  JPMorgan, for instance has made private arrangements with Microsoft for updates for another year.  However, the basic fact is that Microsoft is stopping further updates of Microsoft XP because it is an outdated system and the cost of constantly patching it does not make sense.  Anyone using Windows XP whether commercially or privately should update to another operating system as soon as possible.


Ask your bank what it is doing about the Windows XP operating system and if they tell you that they are still able to use it in the short run, ask them what their intentions are in the long run because security patches are not a solution to the vulnerabilities that have already been identified in the Windows XP operating system.   If your account is hacked due to a flaw in the Microsoft XP operating system running an ATM that you use, you will not be responsible for any funds lost if you notify the bank right away and it is a good idea to monitor your account online every few days to make sure that it is secure. If you use Windows XP on your home devices, you too are at risk and should update your operating system to another system as soon as possible.

Scam of the day – April 8, 2014 – Latest security update from the Department of Homeland Security

April 8, 2014 Posted by Steven Weisman, Esq.

As regular followers of Scamicide know, whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security.  Today’s software update applies to Apple’s Safari browser.


Here is a link to the latest release from the Department of Homeland Security with links to this important security update:


Scam of the day – April 7, 2014 – Multi-million dollar bank hacking conspiracy broken

April 7, 2014 Posted by Steven Weisman, Esq.

A few days ago, Robert Dubuc and Oleg Pidtergerya pleaded guilty to a number of criminal counts in charges brought against them in federal court.  The conspiracy of which they were a part is very telling of the danger that threatens the international banking system.  The scheme began before the two defendants ever got involved.  Ukrainian hackers gained illegal access to the bank accounts of more than a dozen large financial institutions and companies, including Automatic Data Processing, Inc (ADP), Citibank, E-Trade, JP Morgan Chase Bank, Pay Pal, TD Ameritrade and TIAA-CREF.  Once the hackers gained access to the accounts, they transferred funds stolen electronically from these accounts to bank accounts and pre-paid debit cards that they controlled.  At this point they then progressed to the cashing out phase of the scam by which people known as “cashers” would withdraw the funds from the new accounts through ATM withdrawals and bank withdrawals after which the funds were sent to the two Ukranian hackers behind the scam.  Dubuc and Pidtergerya were cashers.


Banks and other financial institutions have not been particularly forthright when it comes to disclosing the successful hacking of their accounts.  Nor has their security been as good as it has to be.  Where this leaves us as customers is that we need to be particularly vigilant in monitoring our accounts at all times for signs of fraudulent purchases.  Sometimes we are our own worst enemy such as when we unwittingly download keystroke logging malware through clicking on tainted links or downloading dangerous malware that steals the information from our computers, smartphones, tablets and other portable electronic devices and then uses this information to make us victims of identity theft and access our accounts.  It is important to monitor all of your financial accounts more often than monthly.  It is also important to maintain the most up to date security software on all of our electronic devices and finally, it is up to us to use caution whenever we are online and not to click on links unless we are absolutely sure they are legitimate.

Scam of the day – April 6, 2014 – FTC shuts down telemarketing scam

April 6, 2014 Posted by Steven Weisman, Esq.

The FTC has obtained injunctions closing down a major telemarketing scam that stole more than twenty million dollars from senior citizens.    The telemarketing used promises of various services including, ironically, fraud protection.  Other services being sold were legal services and prescription drugs.  In addition, in other instances, the scammers impersonated government officials and bank employees.  In those calls, the scammers tricked their victims into providing their bank account information which was then used by the scammers to access the victims’ bank accounts and steal their money.  The primary defendant is Ari Tietolman and various companies he operated including First Consumers, LLC, Standard American Marketing, Inc. and PowerPlay Industries, LLC, Patient Assistance Plus, Legal Eye and Fraud Watch.


You can never be sure of who is calling you on the phone so you should never give personal information over the phone to anyone whom you have not called.  Even if your Caller ID appears to show that the caller is who he says he is, you cannot trust your Caller ID because it can be manipulated through a technique called spoofing to make it appear as if the call is legitimate when it is not.  If you are interested in a service or product about which you are informed in a telemarketing call, you should ask them to send you written material and then investigate the company and the product or service before considering committing.   If a call asking for personal information appears to you to possibly be legitimate, you should still not provide the information over the phone to the caller, but rather hang up and call the real company with which you do business to see if the original call was a scam.

Scam of the day – April 5, 2014 – Shredding company employee implicated in identity theft

April 5, 2014 Posted by Steven Weisman, Esq.

For years I have advised everyone to shred any documents they have containing personal information before discarding them.  Identity thieves have been known to go through the trash of individuals, companies and government agencies looking for documents that contain personal information such as credit card numbers or Social Security numbers that can be used for identity theft purposes.  Mere horizontal shredding may not be sufficient to protect you.  There have been many instances where identity thieves were able to piece together horizontally shredded documents to get the information they seek. It is far better to use a cross shredder that will render the documents unusable by anyone seeking to obtain information from the documents.  Although, many individuals will have their own shredders at home, many companies use the services of shredding companies that will come to the company’s location and either pick up the materials to bring back to the shredding company’s headquarters to be shredded or shred the material right at their customer’s location using a truck with shredding machinery incorporated into the truck.  Recently some identity theft was traced back to a Texas shredding company Cintas Document Management that picked up documents to be brought back to the Cintas’ headquarters to be shredded.  Police are investigating one particular rogue employee who it is thought took the documents he was supposed to bring back to Cintas for shredding and instead used the documents to get information which he used to make some customers victims of identity theft.


If you are doing shredding of your documents at home, you should use a cross-shredder.  If you are having your documents shredded by a shredding company, you are better off hiring a company that sends a truck to your company to shred the documents at your company’s site while you watch.