Here is a link to an interview I did with Bernadette Duncan, the talented host of “The Writer’s Group” radio show.
Financial exploitation of the elderly is a significant problem in the United States today. Recognizing this problem in 2016, the North American Securities Administrators Association (NASAA) passed a model act entitled “An Act to Protect Vulnerable Adults From Financial Exploitation” which in varying forms was enacted into law by four states in 2016 and more in 2017 with Texas becoming the latest state to pass such a law. The Texas version of the law became effective today.
The law requires various financial professionals such as brokers and in some instances, bankers to report suspicions of elder financial exploitation coupled with the authority to temporarily delay disbursements of funds while the suspicions are investigated. The states passing these laws are taking important steps to protect their elderly citizens from becoming victims of scams, such as mystery shopper scams and phony lottery scams.
Seniors have long been a favorite target of scammers both because they have money and are often more trusting of scammers which makes them more vulnerable. In fact, recent studies have shown there is a part of our brain that controls skepticism that becomes less viable as we age thereby making the elderly more susceptible to scams.
If your state is not one of the states that has passed or is considering this model legislation, I urge you to contact your state legislators to pass this law.
Some scams are just so outrageous that it is puzzling that people fall for them, however, according to the Federal Reserve Bank of New York, scammers are contacting people and telling them that they can pay their bills through “secret accounts” or “Social Security trust accounts” using routing numbers from Federal Reserve Banks. The victims of the scam are told that in return for supplying their personal information including their Social Security number they will be given a bank account number at a Federal Reserve Bank that can be used to pay bills without having to pay anything into these accounts.
The truth is that individual people do not have accounts at the Federal Reserve Banks. These banks are only used by other banks for business purposes. Using the secret account number and routing number supplied by the scammers will not only result in a bounced check, but also identity theft.
This is a good example of “if it sounds too good to be true, it is.” The victims of this scam will not gain access to a secret bank account, but will have supplied all of the information a criminal needs for purposes of identity theft. Never provide personal information to anyone unless you have confirmed that the transaction and the people with whom you are dealing are legitimate. In this case, neither are legitimate.
An Arkansas mail carrier has pleaded guilty to identity theft related charges in federal court and is facing a sentence of up to ten years in federal prison. Michael Hearns conspired with six other identity thieves who filed phony income tax returns using the names and Social Security numbers of people whose Social Security numbers they stole. Using counterfeit W-2s, the identity thieves claimed large refunds, which were to be paid through debit cards and checks. This is where Hearns came in. The phony tax returns used addresses on Hearns’ postal route so when the fraudulent refunds were mailed by the IRS, they were retrieved by Hearns.
Income tax identity continues to be a major problem for the IRS although the situation has improved somewhat this year. The key to protecting yourself from becoming a victim of income tax identity theft is to not only protect the privacy and security of your Social Security number as best you can, but also to file your income tax return as early as possible to prevent an identity thief from filing one and getting a refund before you do.
Hurricane Harvey, which first hit Texas four days ago has brought devastating rains, wind and flooding. This kind of natural disaster brings out the best in us as many people are quick to donate to charities to help the survivors of the storms and the families of the victims. This kind of natural disaster also brings out the worst in scammers who are quick to take advantage of the generosity of people by contacting them posing as charities, but instead of collecting funds to help the victims of the storms, these scam artists steal the money for themselves under false pretenses. Charities are not subject to the federal Do Not Call List so even if you are enrolled in the Do Not Call List, legitimate charities are able to contact you. The problem is that whenever you are contacted on the phone, you can never be sure as to who is really calling you so you may be contacted either by a phony charity or a scammer posing as a legitimate charity. Similarly, when you are solicited for a charitable contribution by email or text message you cannot be sure as to whether the person contacting you is legitimate or not.
Never provide credit card information over the phone to anyone whom you have not called or in response to an email or text message. Before you give to any charity, you may wish to check out the charity with www.charitynavigator.org where you can learn whether or not the charity itself is a scam. You can also see how much of the money that the charity collects actually goes toward its charitable purposes and how much it uses for fund raising and administrative costs. Here is a link to charitynavigator.org with a list of a number of highly rated charities helping in the Hurricane Harvey relief effort. https://www.charitynavigator.org/index.cfm?bay=content.view&cpid=5239
Recommended charities include Americares, International Relief Teams, Direct Relief, GlobalGiving, Save the Children and the American Red Cross.
Last week the FBI arrested Chinese national Yu Pingan in Los Angeles where he came to attend a technology conference. Yu was charged with distributing and using malware including the rarely used Sakula malware program used in the massive data breach against the Office of Personnel Management (OPM) in 2014 and 2015 that resulted in huge amounts of personal information including Social Security numbers and fingerprints of more than 20 million present and former government employees being stolen.
It is interesting to note that while the Sakula malware is quite sophisticated, to a great extent Yu’s arrest was as a result of his failing to do little to hide his name in communications regarding the use of the malware. An indication of Yu’s hubris is that he felt confident enough in his anonymity to attend a conference in the United States, which ultimately led to his arrest.
This arrest signals the continuing efforts the FBI is putting into apprehending cybercriminals. It also serves again as a warning to all of us to remember that despite our best efforts to protect our personal data, we are only as secure as the places that hold our personal data with the weakest security, which is why, whenever possible, you should limit the amount of personal information you provide institutions and companies with which you do business.
Gold is becoming an increasingly popular investment with concerns that the stock market’s record setting rally may have peaked. In addition, in times of political turmoil, such as we are experiencing at this time, gold becomes more attractive to investors. Unfortunately, along with legitimate gold merchants, there are many scammers who often contact their victims by telephone or email as well as through radio, television and online advertisements. Sometimes these scammers sell overpriced gold or even sell gold that they never deliver to their victims.
An essential rule of investing is to never invest in anything that you don’t fully understand. Another important thing to remember is that merely because an advertisement appears in legitimate media, such as television and radio does not mean that the company doing the advertising is legitimate. Most media do little or no investigation into whether or not an advertiser is scamming the public.
Specifically for prospective gold purchasers, you should make sure that the dealer selling you gold is a reputable dealer which you can do by checking out the dealer with the American Numismatic Association at its website www.Money.org. Also do not have the dealer store your gold for you. Always take delivery of the gold yourself. Finally, only do business with dealers that offer a buy-back guarantee within 72 hours. As for gold sellers who contact you by phone and pressure you to buy, you should just hang up the phone.
Here is a link to my latest column which describes how putting a credit freeze on your credit reports can be the best thing you can do to protect yourself from becoming a victim of identity theft.
The Business Email Compromise scam continues to be an effective scam perpetrated against many companies, however recently one alleged criminal operating this scam has been arrested. Daniel Adekunie Ojo, was charged with fraud and identity theft in regard to using this scam against school systems in Connecticut and Minnesota.
Generally this scam involves an email to the people who control payments at a targeted company. These people receive an email purportedly from the CEO, company attorney or even a vendor with which the company does business requesting funds be wired to a phony company or person. At its essence, this scam is remarkably simple and relies more on simple psychology instead of sophisticated computer malware. Often the scammers will do significant research to not only learn the name of the key employees involved with payments within a company, but also will infiltrate the email accounts of company employees for a substantial period of time to learn the protocols and language used by the company in making payments. The scammers also gather information from the company’s website and from social media accounts of its employees, all in an effort to adapt their message to seem more legitimate.
In a variation of this scam, Ojo, posing as a school official asked for W-2s of all employees and received thousands of these documents which he used for purposes of income tax identify theft by filing phony income tax returns in the names of his victims and collected phony refunds based upon counterfeit W-2s that he submitted with the phony tax returns.
In order to avoid this scam, companies should be particularly wary of requests for wire transfers made by email. Wire transfers are the preferred method of payment of scammers because of the impossibility of getting the money back once it has been sent. Verification protocols for wire transfers and other bill payments should be instituted including, dual factor authentication when appropriate. Companies should also consider the amount of information that is available about them and their employees that can be used by scammers to perpetrate this crime. They also should have strict rules regarding company information included on employee social media accounts that can be exploited for “spear phishing” emails which play a large part in this scam. Finally, employees should be specifically educated about this scam in order to be on the lookout for it.
Companies should also be protective of personal information such as W-2s and should not provide it electronically unless they have confirmed that the request for the documentation is legitimate.
There is a reason scam artists are the only criminals we refer to as artists. They can be incredibly good at what they do. Unfortunately, what they do is try to con us and steal our money and identities.
This is a time of the year when many tax professionals are receiving updates of their tax preparation software from their software providers. Knowing this, scammers are targeting CPAs and other tax professionals with phishing emails that appear to come from the tax professional’s software provider with the subject line indicating “Software Support Update.” In these emails, the scammers tell their intended victims that they need to revalidate their login credentials. The scammers provide a link to a phony website that looks like the software provider’s webpage, but is a fake. If the tax professional falls for this scam and provides his or her login information, the scammers will use this information to access the victim’s account and get at their client’s confidential information which can then be used for purposes of identity theft.
While the email address from which the email is sent may in some circumstances look legitimate, upon close observation you will see that it is not really from your software provider and in some instances, the email will be sent from a botnet of hacked computers such that the email address sending the email is that of an individual totally unrelated to the software company. In addition, no tax preparation software providers insert links in emails for their clients to validate passwords. In addition, you should never click on any link unless you have absolutely verified that it is legitimate. The risk of all kinds of malware including ransomware is too great. If you are a tax professional and you receive such an email and think that it might be legitimate, you should contact your software provider by email or phone to confirm that this was a scam.