Scam of the day – March 19, 2013 – Philadelphia identity thief sentenced

The FBI recently announced that identity thief Lawrence Fudge was convicted and sentenced for running an identity theft ring in Philadelphia for at least six years before being caught.  Fudge obtained personal information  from rogue employees he bribed in banks and insurance companies who accessed their company’s records and gave the information about their customers to Fudge who used it to both steal money directly from the victims’ bank accounts as well as use their names and credit to open accounts in his victims’ names which he used to make purchases for himself.

TIPS

You are only as secure as the weakest security of a company with which you do business.  This is an unfortunate fact of life.  However, recognizing this fact, it is important to both limit the personal information you provide companies with which you do business as much as possible as well as make sure that you regularly monitor all of your accounts such as bank accounts on a monthly basis, at least.  You also should get a free copy of your credit report from each of the three credit reporting agencies as is your right under federal law.  The law permits you to get a free copy from each of these companies, TransUnion, Experian and Equifax once a year, however, a smart tactic is to get a free report from one of them and then four months later a free report from one of the remaining companies and finally four months after that a free copy from the last of the companies so that you can get free copies every four months.  Review these reports carefully to uncover any signs of identity theft.

Scam of the day – September 6, 2012 – The truth about the hacking of 12 million Apple device records

Earlier this week, AntiSec, a hacking group often associated with the larger, more familiar international hacking group Anonymous, posted on line a file that contained a million of what they said was twelve million U.D.I.D. numbers they said they had for various people’s Apple mobile devices such as iPads and iPhones.  They alleged they had obtained these by hacking into the laptop of FBI agent Christopher K. Stangl who is the supervisory agent of the F.B.I.’s Cyber Action Team.  As a part of his job, Agent Stangl has tried to recruit hackers to come and work with the F.B.I.  Apple’s U.D.I.D.s are forty character strings of letters and numbers that are uniquely assigned to each Apple mobile device.  AntiSec said that it was releasing this information to show the world that the F.B.I was using this information to track people.  Armed with a person’s U.D.I.D., someone could track the location of the device.  In the past app developers also used U.D.I.D.s to track customers as they went from one app to another.  However, Apple banned developers from doing this a year ago.  The truth is that the information being posted by AntiSec is accurate, however, Apple says that it did not provide this information to the F.B.I. and the F.B.I said that it had not collected the data.

TIPS

Although this was a very real breach of security, AntiSec could have gotten this information from any number of sources by hacking into Apple itself, video game makers who had the information,  app developers, AT &T or even a file from the F.B.I who may have obtained such information in a legitimate investigation into data breaches.  The truth also is that if your U.D.I.D. was compromised, you are at very little risk of harm.  In order to use this information to make you a victim of identity theft would take additional information such as your email address and your date of birth.  Perhaps the primary lesson for us all to take from this incident is to guard our personal information as much as possible.  For instance, don’t include your birth date on your Facebook page.  Keep your personal information that is public as limited as possible so that identity thieves don’t have an easy time assembling the seemingly innocuous information about you and using it to turn you into a victim of identity theft.

Scam of the day – July 9, 2012 – Extortion email scam

The FBI as well as Canadian law enforcement agencies are reporting an upsurge in an extortion type of malware that is unwittingly downloaded by victims on their computers through standard phishing tactics.  Once the malware is installed, the computer freezes and a message appears that the computer user has been identified by the Justice Department as accessing illegal child pornography or illegally downloading music.  In order to unlock the computer, the victim is told he or she must pay a $100 fine through the a prepaid money card service.  The problems don’t stop there, however, as the malware also may contain keystroke logging programs that can further make you a victim of identity theft.

TIPS

The first thing to remember is that you should not pay the demanded ransom.  Legitimate law enforcement does not make demands for payments in this fashion.  Have your computer security software do a scan to locate and remove the malware.  You may need to have a computer professional clear your computer of the malware.   People who have not maintained their computer’s security software and firewall up to date are the most at risk for this particular scam.

Scam of the day – July 6, 2012 – Extreme botnet internet risk to 277,000 computers

In November of 2011, the FBI broke up a botnet scam by which seven Eastern European scammers since 2007 had turned more than 500,000 computers worldwide into a botnet of malware infected computers that redirected the victims’ web browsers to sites designated by the scammers that enabled them to earn more than fourteen million dollars in affiliate and referral fees.    The insidious malware used also prevented infected computers from downloading security software that could detect and cure the problem.  When the FBI shut down the operation last November, they took control of the servers used by the scammers and set up temporary servers to permit the infected computers to still have Internet access.  However, come July 9th, those temporary servers will be turned off and if your computer is one of the 277,000 still estimated as being infected, you will lose all Internet service.

TIPS

Fortunately all you need to do is to go to http://www.dns-ok.us/ to determine if you are infected.  You do not need to download any software to determine if your computer is infected and your computer will not be scanned.  If you find that your computer is infected go to http://www.dcwg.org/fix for help in clearing your computer of the malware. Don’t wait until the last minute.

Scam of the day – June 29, 2012 – FBI scam

The late Johnny Carson used to host a television show entitled Who Do You Trust?”  If there are any English teachers reading this, they know it should have been “Whom Do You Trust,” but why quibble?  I bring up this trip down memory lane because if there is anyone people do trust, it is FBI director Robert Mueller.  Consequently when you receive an email from him endorsing the legitimacy of a particular lottery or notifying you of a possible inheritance, you might be considering trusting the email.  Don’t.  Despite the fact that the emails look quite official with photographs of Director Mueller the FBI seal and other legitimate looking trappings, the emails are always scams.  Sometimes they ask for personal information for various reasons and sometimes they provide links for you to click on.

TIP

The FBI does not endorse lotteries or inform you of inheritances.  The FBI will not be sending you emails asking for personal information.  Any links you click on contained in such email will most likely contain malware that will steal the information from your computer and make you a victim of identity theft.  If you do get such an email, the best thing you can do is to either ignore it or forward it to the real FBI.

Scam of the day – May 31, 2012 – New malware problem

The FBI has just issued a warning about a particular type of malware attack originating from Russia and the Ukraine.  Through phishing or some other technique, the victim is lured into downloading malware at which point a pop up warning comes up which appears to be from the Department of Justice and indicates that the victim’s computer has been identified by the Computer Crime & Intellectual Property Section of the Deparment of Justice as having visited websites containing child pornography and other illegal content.  The malware also locks the victim’s computer.  The victim is informed that in order to have their computer unlocked they must pay a $100 fine through prepaid electronic payments such as MoneyPack or Paysafecard.  But the problem doesn’t end there.  This malware also contains a keystroke logging malware program that will steal all of the information from your computer.

TIP

Always beware of phishing scams luring you to phony websites and keep your security software up to date to help identify phishing websites.  If you find that you have been victimized by this particular scam, notify your bank, credit card companies and any other financial institution where you may have information regarding those accounts on your computer that your security has been breached.  Have a computer security service remove the malware from your computer.

 

Scam of the day – May 15, 2012 – FBI impersonation scam

The Federal Bureau of Investigation (FBI) is one of our more trusted institutions of government so people usually trust what they are told by FBI agents.  Unfortunately, too many people also trust what they are told by scammers who are merely impersonating FBI agents.  Recently there has been a large increase in scams that originate with an email purporting to be from the FBI informing the victim that they have inherited money or have won a lottery.  A good question to ask yourself at this point is why would the FBI be informing you of an inheritance or a lottery win?  The emails then direct you to another purported government agency where you run two risks.  The first risk is clicking on a link to a phony government agency that ends up with your unwittingly downloading keystroke logging malware that will steal all of the information from your computer including credit card numbers, Social Security numbers and account passwords.  The second risk is that when you go to the phony government website, you are instructed to pay various administrative fees and other fees to claim the inheritance or prize that you never get.

TIPS

Remember the FBI is not going to contact you about inheritances or lotteries.  Also, never click on links from emails, the source of which you are not absolutely sure is legitimate.  Finally, if you have any doubt, call the FBI at a number that you know is correct so that you can confirm that the email is a scam.

Scam of the day – May 11, 2012 – Dangers of hotel internet connections

The FBI has just issued a warning to people traveling out of the country about malware being secretly installed on the laptop computers of people staying at hotels offering Internet connections in their hotel rooms.  The installation of the malware, which has included dangerous keystroke logging programs that can steal all of the information from your computer occurs when in the course of connecting to the hotel Internet system a pop up appears informing you that you need to update a commonly used software product.  The software the pop up refers to is legitimate.  This pop up is not.  It is a phony pop up and when you click on it to install the newest update, instead you are downloading dangerous malware.

TIP

Update your software at home or at work on your own Internet service to avoid these problems.  If you need to update your service while abroad, go directly to the website of the software vendor and download a safe version.

Scam of the day – March 13, 2012 – Law firm scam

According to a report released yesterday by the FBI, a number of law firms have been victimized by a scam in which the law firm receives an email from an overseas business seeking to hire the law firm to collect debts owed to the overseas company.  A standard retainer agreement is sent by the overseas company along with a certified check.  The law firm is instructed to deduct its initial retainer costs and wire the remainder of the funds back to China, Korea, Ireland or Canada, typically.  Of course, for regular scamicide readers, you have already guessed that the “certified check” was counterfeit and that even if the law firm waited the few days for the check to receive provisional credit from the bank where the law firm deposited the check, the check ultimately bounced and the money wired from the law firm to the overseas company is gone forever.

In another variation of this scam, the initial solicitation comes from a lawyer in another country seeking assistance with a collection.  The scammers use the names of real attorneys so if the American law firm checks out the legitimacy of the foreign lawyer, it would appear to check out.  Of course, if the American law firm actually called the foreign lawyer, they would learn that it was a scam.

TIP

The essence of this scam and many other scams is an overpayment to you of an apparently “certified check” where you are asked to send the diffference to the scammer.  There is never a reason to accept an overpayment check.  That is a red flag that there is a scam involved.  If you do accept a certified check, always contact the issuing bank to make sure that the check is legitimate and even then, do not consider the transaction as being complete until the check has fully cleared and not just provisionally been cleared.