Scam of the day – August 26, 2013 – Missing children scam

August 26, 2013 Posted by Steven Weisman, Esq.

The FBI recently issued a warning about a new scam email that is presently being circulated that carries “Search for Missing Children” as the subject line and appears to come from the National Center for Missing and Exploited Children.  The National Center for Missing & Exploited children is a legitimate organization, however, the email that is presently being circulated is not from the real organization, but rather is from an identity thief.   This missing children email is not just a hoax, it is a scam.   The email invites the reader to download an attachment, however if the reader does so, he or she will only succeed in downloading three malware files including one that carries a keystroke logging malware program that can steal all of the information contained in your computer and make you a victim of identity theft.

TIPS

Remember my motto.  Trust me, you can’t trust anyone.  Merely because an email appears to be from a legitimate source does not mean that it is indeed legitimate.  The email address from which the email is sent may closely resemble the email address of a legitimate company or agency or it may even be the real email address that has been hijacked by a hacker.  In any event, never download an attachment or click on a link in any email until you have confirmed that the email is legitimate by contacting directly the real person, agency or company that the email purports to be from.  Also, never provide personal information in response to an email because again, you cannot be sure that the email is legitimate.  Before providing any personal information in response to an email, check again with the real person or entity that appeared to send you the email to make sure that it is legitimate.

Scam of the day – August 25, 2013 – Washington Post hacked

August 25, 2013 Posted by Steven Weisman, Esq.

Recently the Washington Post newspaper was hacked by the Syrian Electronic Army, a group of hackers who support embattled Syrian President Bashar al-Assad.  The hackers gained access to the Washington Post’s website such that people who went to the Washington Post’s website were automatically redirected to the website of the Syrian Electronic Army, the hackers.  Hackers always look for the weakest points to attack a company or agency’s security.  In this particular case, a Washington Post employee was targeted through a sophisticated phishing attack to access the employee’s password information.  Hacks such as this are increasing dramatically and while in this case, the attack was only for political purposes, in other instances, the hacking is done to obtain access to data of the targeted company that can be used for harmful identity theft.

TIPS

Far too many companies are still not taking the necessary security steps to protect their data and access to their computers.  Why is this of interest to you and me?  The answer is that even if you are doing the best you can to protect the privacy and security of your personal data, you are only as safe as the company or agency with the weakest security that holds your personal data.  Consequently, you should limit the companies that hold your personal data as much as possible and inquire of those that do hold your personal data as to what they do to keep that information secure.

Scam of the day – August 24, 2013 – Kim Kardashian, Paris Hilton, Michelle Obama become identity theft victims – what it means to you

August 24, 2013 Posted by Steven Weisman, Esq.

Recently, Kim Kardashian, Kris Jenner, Ashton Kutcher, Paris Hilton, Joe Biden, Michelle Obama, Hillary Clinton, Bill Gates, Beyonce, Mel Gibson and FBI director Robert Mueller all became targets of identity theft with Kris Jenner alone losing more than $70,000 and all because they do not regularly read Scamicide.com.  Go back through the Scamicide archives to March 14, 2013 and you will find that day’s Scam of the day in which I told you how some foreign hackers were able to steal the identities of twenty-three famous politicians, celebrities and sports figures including the aforementioned people.  What happened was that the hackers hacked into the website www.annual credit report.com and got access to their victims’ credit reports which provided a treasure trove of personal information that, in the hands of an identity thief, could cause serious harm to the people whose information was stolen.  Instead of quietly using this information as most identity thieves would do, these hackers publicized the information on the Internet which is where  according to federal law enforcement agents Floridians Luis Flores and Kyah Green obtained the information and used it to steal the identities and the money of a number of public figures before they were recently arrested.

TIPS

Why this is important to you is that the reason that the initial hacker was able to get into their victims’ credit reports was due to a flaw in the authentication process at www.annualcreditreport.com.  Without going into the details, the manner in which the security questions were set up made it easy to crack, particularly where much of the information required to be answered in order to access the accounts could be found throughout the Internet.  Certainly public figures have much personal information available on the Internet for people to readily search out.  Sarah Palin had her email account hacked when the hacker was able to answer her security question about where she met her husband by just going to Wikipedia.   You may think that you are not a public figure and that your personal information is not readily available, but think again.  Too many people put too much personal information about themselves on social media, which then becomes fertile ground for someone trying to steal your identity.  The lesson is that less is more.  The less personal information that you make available on social media, the more you protect yourself from identity thieves.  Trust me, you can’t trust anyone.

Scam of the day – August 23, 2013 – Latest mystery shopper scam

August 23, 2013 Posted by Steven Weisman, Esq.

Mystery shopper scams continue to victimize innocent people.  One reason for the large number of mystery shopper scams is that mystery shopping actually is a legitimate job.  There are companies that do anonymous shopping at retailers and are paid for describing their experience in order for the particular retailer to learn how to improve its retail sales experience.  However, these jobs are few and far between.  More often you will answer an advertisement or an email soliciting you as a mystery shopper.  After you sign up, you are sent a check (in one recent mystery shopper scam, the check was $2,000) and asked to use the money to make specific purchases, keep a portion of the remainder of the check as your payment and then wire the rest back to the mystery shopper company.  Herein is the essence of the scam.  The check that you are sent is counterfeit, but the funds you wire back to the mystery shopper company from your checking account are real and you lose that money.  Recent mystery shopper scams appearing in North Carolina and elsewhere are using the names of legitimate companies, such as the Bernhardt Company, a furniture manufacturer.  By the way, Bernhardt Company does not hire mystery shoppers.

TIPS

Legitimate mystery shopper companies do not solicit buyers through emails.  If you get an email recruiting you, it is a scam.  Legitimate mystery shopper companies will not send you a check and ask you to wire money back to them.  This is a common scam.  It relies on the fact that banks give provisional credit to a deposited check in a few days while it may take much longer for a check to actually clear or be found to be a counterfeit, in which case, the amount your account was credited with is taken back by the bank, however the money you sent to the scammer from your account has been already deducted and gone forever.  It is a good rule not to do business with anyone who provides you with a check for more than what is owed you and asks for you to refund him or her the difference.   You can investigate legitimate mystery shopper companies at the website of the Mystery Shopping Providers Association at http://www.mysteryshop.org/

Scam of the day – August 22, 2013 – Adoption scams

August 21, 2013 Posted by Steven Weisman, Esq.

Adoption fraud scams have been perpetrated by scammers for many years and they continue to take advantage of vulnerable people seeking to adopt a child, particularly from overseas.  Many of these scams start with advertisements on Facebook, Craigslist or other social media.  Recently a Pennsylvania woman answered an online advertisement and when she responded to the advertisement, she was told that she needed to pay $3,900 plus air fare to be able to adopt a child from the African country, Cameroon.  Had she paid the money, all she would have ended up with was a fruitless wait at the airport for a child that would never come.  Many adoption scams are more complex than the Pennsylvania scam, often phony domestic or foreign adoption agencies or facilitators.

TIPS

Always make sure that the person or agency that you are dealing with is licensed in your state.  In regard to foreign adoptions, investigate the legitimacy of the agency with the United States Department of State.  Never agree to an adoption without seeing the child in person.  Adoptions are complex matters and it is always a good idea to be represented by a lawyer experienced in adoption matters who can do much of the investigation of the legitimacy of the adoption for you.

Scam of the day – August 21, 2013 – University of Michigan phishing scam

August 21, 2013 Posted by Steven Weisman, Esq.

A recent phishing scam uncovered at the University of Michigan is very much worth reporting because the same tactic is being used throughout the country at many other colleges, universities and companies.  The scam started with emails to University of Michigan employees.  The emails appeared to be from the University of Michigan, but in fact, they were from identity thieves.  The emails informed the recipient of the necessity of updating the recipient’s account with the University, however, other emails use other pretenses, such as security problems.  In all instances, the emails are intended to induce the unwary victim to provide personal information, such as passwords to the identity thief who would in this case then used the information to access the victim’s employee records and change the address to which the employee’s wages would be electronically deposited such that it went to an account of the identity thief.  This scam by which identity thieves pose as someone they are not in order to induce you to provide personal information to them is called “phishing.”

TIPS

The lesson is the same regardless of whether you are connected with the University of Michigan or not.  Never provide personal information to anyone unless you are absolutely sure that the request for information is legitimate.  Whenever you receive a request for personal information by email, text message, mail or phone, you can never be sure as to who is sending you that communication.  Counterfeiting communications to make them appear legitimate is easy to do.  Before ever providing such information in response to any communication, contact the person or company at an email address or telephone number that you know is accurate to confirm whether or not the original request was a scam.

Scam of the day – August 20, 2013 – Indictments in huge international penny stock fraud

August 20, 2013 Posted by Steven Weisman, Esq.

Penny stocks are low-priced, thinly traded stocks that are often used as the tool for scammers to take advantage of unwary investors.  Because they are so thinly traded, scammers are able to manipulate the prices so that they temporarily are able to artificially inflate the price of the stock and then sell shares they purchased at low values thereby achieving a huge profit.  Scammers manipulate the stock market through telephone calls, emails, chat rooms, social media and news releases touting the stock as a great investment.  Often they purport to have inside information about a huge increase in the value of the stock that is about to occur.  Sometimes, the victims of this communications barrage receive emails that appear to be intended for someone else that has inside information indicating the stock is about to sharply rise.  These communications lure unsuspecting investors into buying the stock and thereby for a short period raising the value of the stock.  The scammers then sell their stock at the manipulated high price.   When the truth becomes known, the value of the stock shares plummet and the investors are left with a tremendous loss.  This scam is called “pump and dump.”  Recently nine people were indicted by the Department of Justice following an FBI investigation in regard to one of the largest international penny stock frauds in history in which investors in 35 countries lost more than 140 million dollars.  Among the companies that were used in this scam were Resource Group International and RainEarth, Inc..  This scam was also compounded as the scammers went back to some of the victims representing that they were lawyers who would help the victims reclaim the lost money through lawsuits.  These scammers then charged the victims advance fees to join the non-existent lawsuits.

TIPS

Investing is always risky and investing in penny stocks is particularly risky.  Any investment is only as good as the information upon which the investment is made.  Never make an investment without reliable information gleaned from legitimate, reliable sources.   Always be skeptical of insider information which cannot not only be unreliable, but also can be illegal.   For more detailed information about how to avoid investment scams and where to go for investment information that you can trust, check out my book “The Truth About Avoiding Scams” which can be purchased by clicking on the icon on the right hand side of this page.

Scam of the day – August 19, 2013 – New sweepstakes scam

August 19, 2013 Posted by Steven Weisman, Esq.

Sweepstakes and lottery scams are always among the most prevalent and effective scams used to steal money from unwary victims.  The essence of many of these phony lotteries is the same.  You are notified that you have won a lottery that you never entered, but have to pay various fees and taxes before you can claim your prize.  In some variations of this scam, you are actually sent a counterfeit check for an amount that is more than the amount you are asked to pay.  You are instructed to deposit the check and then wire the fees back to the contest sponsors.  Although it may be hard to imagine people falling for these scams, many people do indeed become victims of these scams.  Recently Joseph Nkunzi and Safia Ahmed were arrested in Washington after being indicted for running a phony lottery scam in which a 78 year old California woman was scammed out of $182,000 after being told on the phone that she had won 8.8 million dollars from the North America Prize Pool.

TIPS

As I always tell you, it is hard enough to win a legitimate lottery; it is impossible to win one that you have not entered.  That should be the first sign that the lottery is a scam.  In addition, legitimate lotteries do not charge you fees in order to claim your prize.  Lottery winnings are, indeed, subject to income taxes, but those taxes are either deducted from the winnings before you receive the rest of your prize or they are the responsibility of the prize winner.  Lottery sponsors never collect tax payments from winners on behalf of the IRS.  Also, as I have described in many “Scams of the day,” you should also be skeptical when you receive, for whatever purpose, a check for more than what you may owe someone who then asks for you to send the overage back to the sender.  This is a red flag that you are dealing with a counterfeit check and a scam.

Scam of the day – August 18, 2013 – Urgent Microsoft security updates – How to prevent identity theft

August 17, 2013 Posted by Steven Weisman, Esq.

Identity thieves and hackers are constantly working to discover and exploit vulnerabilities in the various computer software that we use in our computers, laptops, tablets, smartphones and other portable devices  to make you a victim of online identity theft therefore it is extremely important that as flaws are discovered and patches for these flaws issued that you download the necessary security patches as soon as possible.  Identity thieves and hackers rely on the fact that many people do not keep their security software up to date and exploit this fact.  Recently Microsoft has issued new security patches for discovered vulnerabilities in various Windows programs that millions of people use.  The United States Computer Emergency Readiness Team, which is a part of the Department of Homeland Security regularly issues alerts regarding software patches you need to install and recently they issued such an alert for Windows software.

TIPS

Here is a link to the Security Advisory issued by the United States Computer Emergency Readiness Team which, in turn, provides secure links that you can trust that will take you to the necessary Microsoft security downloads.  https://www.us-cert.gov/ncas/current-activity/2013/08/15/Microsoft-Releases-Security-Advisory

Scam of the day – August 17, 2013 – Animal Control Officer scam

August 17, 2013 Posted by Steven Weisman, Esq.

A  new scam that is making its way around the country starts with a phony Animal Control Officer coming to your home and informing you that there have been complaints against your dog and that they will impound your pet unless a fine is paid immediately.  This particular scam has been very effective in retirement communities in Florida, but is being done elsewhere as well.  The Animal Control Office is a phony even though he or she may have a uniform, a badge or an identification card.  If you pay the scammer money to avoid the impoundment of your dog, all you will succeed in doing is losing your money.

TIPS

No legitimate Animal Control Officer will come to your door unannounced and demand a payment and threaten to take your dog if you do not comply.  If someone comes to your home making that threat, you should call by phone the real Animal Control Officer for your jurisdiction to confirm that this person is a scam artist.  Trust me, you can’t trust anyone.  Merely because someone shows you apparent credentials does not mean anything.  Those documents can be counterfeited.