Posts Tagged: ‘Identity Theft’

Scam of the day – November 11, 2015 – Indictments unsealed in major cybercriminal enterprise

November 11, 2015 Posted by Steven Weisman, Esq.

Yesterday federal prosecutors unsealed a 23 count 68 page indictment of three men, Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein on charges related to a massive and intricate list of cybercrimes including, security fraud, identity theft, computer hacking, wire fraud and money laundering that earned them hundreds of millions of dollars.  Among the companies they are accused of hacking into are J. P. Morgan Chase, from which they stole personal information of 83 million people, E*Trade, Scottrade and Dow Jones.  They are accused of using the stolen data to advance securities frauds in which they manipulated the price of the stocks.  They also are accused of operating illegal online gambling websites from which they made millions of dollars every month and running their own financial operations by which they processed millions of dollars of illegal transactions for other criminals for a fee.  Their money was laundered through more than 75 shell companies, banks and brokerage accounts around the world. The indictments trace back their criminal activities to 2007.  Their actions were extremely complex and we can expect more and more details to emerge in the days and weeks ahead.


This case again emphasizes the fact that each of us is only as secure as the places with the weakest security that hold our personal information.  However, many of the victims of the stock frauds the defendants are alleged to have committed became victims when they trusted emails that appeared to be legitimate urging them to invest in various stocks.  The lesson is to never trust an email with a stock tip regardless of from whom it appears to come.  Never invest in a stock until you have thoroughly and independently investigated it.

Scam of the day – November 8, 2015 – More AOL phishing scams

November 8, 2015 Posted by Steven Weisman, Esq.

I have written about AOL phishing scams many times, but an abundance of AOL phishing emails that are presently being circulated make this a topic worth writing about again. Reproduced below are three of them, the last of which is a phishing email about a generic account that doesn’t even attempt to tell you the name of your email carrier.   Scammers and identity thieves send out phishing emails to lure people into clicking on links in these emails that will either download keystroke logging malware on to the victim’s computer that will enable the identity thief to steal personal information from the victim’s computer and use it to make him or her a victim of identity theft or by clicking on the link, the victim will be directed to an official looking page requesting personal information under some legitimate sounding guise.  If the victim provides the requested personal information, it is used to make him a victim of identity theft.

Dear Member,Your mail-box might be shutdown within 24hrs due to your recent termination request. To cancel RE-SET , Log-in and wait response from Aol.


Webmail 2015 Security Team”


​​​​​​​​​​​​​​Account Termination

​Dear A0L User,

We received your request to terminate your A0L Mail Account and the process has started by our A0L Mail Team, Please give us 2 working days to close your A0L Mail Account.
​​please if you did not wish to termination , click below and sign in to cancel the termination request :”

This last one is not specific to AOL, but contains many of the same phishing elements:

Dear User,
Your E-mail has exceeded the storage limit. You can not send or receive new messages until you re-validate your mail.  To re-validate the mailbox:- = Click to restore

Thank you!
Mail Administrator.”


Phishing emails such as these always wish to create a sense that immediate action is required in order to avoid some negative event such as your account being closed.  These particular emails are easy to identify as scams.  None of them came from an email address that was connected with an email provider.  In fact, they all came from personal email addresses that were probably those of innocent victims of a botnet where a cybercriminal takes control of the computers of innocent people and uses those computers to send out phishing emails and other such communications.  None of the emails reproduced above carried a company logo although, this is easy to counterfeit and shouldn’t be something that makes you consider such emails to automatically be legitimate if you do receive an email with an official corporate logo.  Finally, such phishing emails often contain, as these do, grammatical or spelling errors.  You should never click on any link or provide any personal information in response to an email unless you are absolutely sure that it is legitimate and safe to provide the requested information.  The best thing you can do is to contact the company that is purporting to be sending the email and inquire as to the legitimacy of the email you received.

Scam of the day – October 30, 2015 – Florida identity thief nabbed by own stupidity

October 30, 2015 Posted by Steven Weisman, Esq.

According to comedian Ron White, there is no cure for stupid, which can explain the recent arrest of an identity thief in Florida who attempted to use a phony Florida driver’s license as the photo identification required by a Verizon clerk when the identity thief attempted to purchase four iPhones at a cost of $2,600.  When the clerk got suspicious after looking at the license, the identity thief made a hasty retreat.  The clerk turned the driver’s license over to police officer Alan Correa who immediately knew that regardless of how legitimate looking the license appeared, it was a fake.  Officer Correa knew because the date of birth indicated on the license was September 31, 1989.  As any school child knows, thirty days have September, April, June and November.  There is no September 31st.  When later arrested, the identity thief, the true identity of whom, the police are still trying to determine, was found to have in his possession six other fake Florida driver’s licenses and seven phony credit cards with names matching each of the six licenses in his possession and the one left at the Verizon store.


Counterfeit identifications and credit cards can be obtained that look quite legitimate, but simple mistakes such as this identity thief made will often become the criminals downfall.

Scam of the day – October 23, 2015 – Sun Trust phishing email

October 23, 2015 Posted by Steven Weisman, Esq.

As phishing emails go, the email reproduced below is very legitimate looking.  This email comes directly from my own email account. DO NOT CLICK ON THE LINK.    The email is a scam and if you click on the link, you will either be prompted to provide personal information that will be used to make you a victim of identity theft or alternatively, merely by clicking on the link, you will download keystroke logging malware that will steal your personal information from your computer or smartphone and use it to make you a victim of identity theft.  The email address from which it was sent is close enough to the real email address of Sun Trust to make it appear genuine.  The logo which was on the email I received also was a good copy, but it is important to remember that it is a simple matter to counterfeit a logo.  One indication that it is a scam is that it is addressed to me as a Sun Trust Client rather than by name, however, for all intents and purposes, this is a well constructed phishing email tailored to induce the person receiving it to click on the link and provide the requested information.

Here is a copy of the email.

Image result for suntrust logo

“Dear SunTrust Client:
SunTrust has developed a number of online and offline security measures to help protect you and your identity. In addition to using advanced security technologies, such as encryption, firewalls and virus protection, we employ teams of security experts focused solely on fraud protection and identity theft prevention.
SunTrust is committed to helping you keep your online transactions safe and secure. By following our recommended best practices, you can help mitigate the risk of fraud and unauthorized access. Use this checklist to verify that you are following our recommended security standards and best practices.
Authentication/Computer Security
Click on Sign on to confirm your personal and account information.
Install and keep anti-virus and security software up to date on your computer.
Security software helps protect your personal and account information from unauthorized access.
Consider using a personal firewall as it can help prevent attacks against your computer.
Install software patches, operating system updates, legitimate third party application updates, and hotfixes.
Secure your home or office wireless network.
Please do not reply to this email. You received this email because you signed up for SunTrust Online Delivery Service. You can update your online preferences anytime within Online Banking.By replying to this email, you consent to SunTrust’s monitoring activities of all communication that occurs on SunTrust’s systems.  This is a service email sent by SunTrust Bank. If you no longer wish to receive messages of this type, please unsubscribe here.SunTrust Bank, Member FDIC. ©2015 SunTrust Banks, Inc. SunTrust is a federally registered service mark of SunTrust Banks, Inc. How can we help you shine? is a registered service mark of SunTrust Banks, Inc.
 This email was sent on behalf of SunTrust Customer Care, 1575 Lemon Farris Road, Cookeville, TN 38506″
Although this email looks legitimate it is important to remember that your bank is not going to ask you to confirm your personal and account information, however an identity thief will.  In addition, emails from your bank directed to you will come addressed to you by name rather than generically as “Dear Customer.”  Finally, you should never click on any link in an email or text message or provide information in response to an email, phone call or text message until you have confirmed that it is legitimate and the only way to do this if you receive such an email is to contact the company by phone at a number that you know is accurate to find out for yourself whether or not the communication is a scam.  In this case, because I am not a customer of Sun Trust, I already knew it could not be anything but a scam. Trust me, you can’t trust anyone.


Scam of the day – October 4, 2015 – Scottrade hacked in massive data breach

October 4, 2015 Posted by Steven Weisman, Esq.

For the third day in a row our Scam of the day involves a major data breach, which is somewhat ironic since October is National Cyber Security Awareness Month.  Certainly the millions of people affected by the data breaches involving T-Mobile, Experian, Trump Hotels and now Scottrade have become more aware of cybersecurity than perhaps they wished to be.  Discount brokerage firm Scottrade just announced that it was the victim of a massive data breach that occurred between late 2013 and early 2014.  Like so many corporate data breaches, the company itself never discovered the hacking.  Rather, in this case it was the FBI that discovered the data breach in August of 2015.  Approximately 4.6 million customers of Scottrade were and are affected by the data breach. Although we are being told by Scottrade that the data lost was limited to names and addresses, it is still a bit too soon to be truly comfortable that the data breach was indeed limited to this information.  The company waited until now to announce the data breach at the request of the FBI so as not to jeopardize their investigation.  Affected customers are now being contacted by Scottrade.  As is so often the case, Scottrade is offering a year of free credit monitoring to affected customers although since the hacking took place so long ago, this may be a bit late for this type of response to be considered timely.  Here is a link to Scottrade’s webpage containing information about the data breach, which also contains information about how to apply for the free credit monitoring if you were affected by the data breach.


If you were affected by the data breach and wish to sign up for the free credit monitoring service, you should call AllClearID at 855-229-0083 between 8:00 a.m. and 8:00 p.m. Central Time Monday through Saturday.  However, as I have said many times before, credit monitoring does not protect you from identity theft, it only lets you know sooner that you are a victim.  It is similar to if you were crossing the street and got hit by a truck and someone came over to you lying in the street to tell you that you just got hit by a truck.  A better step to consider is to put a credit freeze on your credit report which is possibly the best thing you can do to help protect yourself from identity theft.  You can find information about credit freezes and how to put one on your credit reports at each of the three major credit reporting agencies by going to the Scamicide archives and typing in “credit freeze.”

If you became a customer of Scottrade after February of 2014, your information was not compromised.

Although Scottrade will be notifying affected customers, so will scammers with emails in which they pose as Scottrade and attempt to lure you into clicking on links or providing information that will put you in danger of identity theft.  Trust me, you can’t trust anyone.   Never click on a link unless you are absolutely sure that it is legitimate.  In the case of Scottrade customers, you are better off calling them directly rather than clicking on a link or providing information in response to an email or text message.

Scam of the day – September 26, 2015 – Employment recruiter scams

September 26, 2015 Posted by Steven Weisman, Esq.

Searching for a job is much easier today with all of the resources of the Internet, however, unfortunately, it is also easier for scammers to search for victims posing as employment recruiters using the resources of the Internet.  The phony recruiters often reach out to people on social media such as LinkedIn, Twitter and Facebook.  Many people provide personal information to these scammers who then use that information to make the job seeker a victim of identity theft.  Often the scammers will copy the logo of legitimate companies so that their emails may look legitimate.


As I always say, “trust me, you can’t trust anyone.”  You can never be sure when you receive an email, text message or communication by way of social media who is really contacting you.  For this reason, you should never provide personal information to a recruiter unless you have absolutely confirmed they are legitimate.  You can do this by contacting the HR department of the real company they may only be pretending to represent.   Real job postings can also be found on the websites of legitimate companies so if someone claims to be recruiting for a company that does not list such a job as being offered by the company on its website, you can expect that the recruiter is a scammer or identity thief.

Scam of the day – September 21, 2015 – Dangerous new development in Ashley Madison hacking

September 20, 2015 Posted by Steven Weisman, Esq.

By now everyone is aware of the major data breach at the Ashley Madison, the dating site for married people seeking to have an affair, in August the hackers followed through with their threat and released 9.7 gigabytes of the stolen data including email addresses, credit card transaction details, partial credit card numbers, addresses and even dating profiles.  Now a new and potentially dangerous development has been uncovered by the hacking group known as CynoSure Prime which discovered vulnerabilities in the password security algorithms used by Ashley Madison that put the passwords of 11.7 million users of Ashley Madison in danger of being hacked.  Ashley Madison switched over to a secure encryption program for protecting passwords in 2012, however, anyone who used Ashley Madison prior to June 14, 2012 continued to have their passwords protected by the weaker and more hackable security program used at that time.  Particularly, because many people use the same password for all of their accounts including online banking, those early users of Ashley Madison are in extreme danger of identity theft by hackers who can readily discover their passwords and use them to gain access to the online accounts of the early Ashley Madison users.


The lesson here for early users of Ashley Madison is to change their passwords to all of their accounts as soon as possible.  The lesson to the rest of us is to remember that you should always have a distinct and unique password for each of your online accounts.  It should be a complex password so that it cannot be broken by simple brute force attacks that use millions of guessable combinations such as any word in the dictionary or such common passwords as 123456.  One good way to pick a complex password is to pick a phrase, such as “I Don’t like passwords” and turn it into the basis for a password by making it IDon’tLikePasswords.  This password is already complex in that it has words and a symbol.  Now add a couple of symbols at the end of the password so it may read IDon’tLikePasswords!!! and you have an easy to remember, but strong password.  Now you can just adapt it for each of your online accounts with a few letters to identify the account.  Thus, your Amazon password can be IDon’tLikePasswords!!!Ama and you have a strong, but easy to remember password.

Scam of the day – September 13, 2015 – Another major health care data breach

September 13, 2015 Posted by Steven Weisman, Esq.

Health insurer Excellus Blue Cross/Blue Shield became the latest major health insurer to disclose that it had suffered a data breach affecting 10.5 million people.  The compromised information may include names, birth dates, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information.  This hacking, which was just announced, but has been going on since December of 2013 is the fourth major health care data breach this year with anthem Blue Cross/Blue Shield being the largest, having affected upwards to 80 million people.  As I warned everyone in my USA Today column in which I made my cyberpredictions for 2015, the health care industry is tremendously vulnerable to data breaches and we can expect these data breaches to continue.  Here is a link to that column.

A recent audit of health care companies and insurers showed that more than 81% of these companies have suffered a data breach in the last two years alone and that number only relates to the data breaches that have been discovered.  There may have been more that remain undiscovered.

The potential consequences of medical company data breaches can be tremendous to affected individuals.  The medical records of an identity thief accessing your medical insurance can become intermingled with your medical records such that you can mistakenly receive improper treatment, such as a potentially deadly blood transfusion of the wrong blood type.


Excellus will be sending out snail mail letters to those people affected by the data breach shortly.  If you receive an email purportedly from Excellus asking you to click on links for information about the data breach, it is a phishing email aimed at getting you to download malware on to your computer and make you a victim of identity theft.  As many hacked companies do, Excellus is offering two years of free credit monitoring, however these services will do nothing to protect you from identity theft.  In order to do that, I suggest that you put a credit freeze on your credit report at each of the three major credit reporting agencies in order to prevent someone who already has your personal information such as your Social Security number from accessing your credit report to run up debts in your name.  You can find information about how to do a credit freeze in the Scamicide Archives.  For more information about the Excellus data breach, you can either call their toll free hotline number of 877-589-3331 or got their website by clicking on this link.

Scam of the day – August 19, 2015 – IRS hacking worse than originally reported

August 19, 2015 Posted by Steven Weisman, Esq.

Earlier this week, the IRS announced that the hacking of its “Get Transcript” program, which they had originally announced in May and which was the subject of my Scam of the day for May 28th was far worse than they originally disclosed.  While originally, the IRS stated that 104,000 people were affected by the IRS data breach, now the IRS is saying that the number of people affected is more than 300,000.  As a result of the data breach, the IRS indicated it paid more than 50 million dollars in fraudulent returns filed using the information stolen from the IRS’ “Get Transcript” program.  The”Get Transcript” program enables taxpayers to get copies of their federal income tax returns from previous years.  People often use this service to get copies of earlier income tax returns for uses such as when they apply for a mortgage or financial aid for college.  The IRS shut closed this service when it became aware that vulnerabilities in the system resulted in hackers attacking the system from mid February until May posing as legitimate taxpayers and getting copies of  income tax returns which could provide information that would enable the hackers to steal the identities of their victims and file phony income tax returns in the names of their victims and claim bogus refunds.

Although many people were surprised at this hacking, Scamicide readers were not among them because here at Scamicide, we exposed this vulnerability in the “Get Transcript” program in our Scam of the day for April 3, 2015.  Apparently, the IRS doesn’t read Scamicide.  Maybe it should.

The problem with the system was in the authentication process used by the IRS to limit access to this information to the taxpayer who is seeking his or her own income tax returns.  In order to access the income tax returns, the system required the inquirer to provide his or her name, Social Security number, birth date, address and other personal identity verifications, such as what was your high school mascot or when you got a mortgage. The problem is that, in many instances, this information can be gathered by a diligent hacker from public data bases, social media where people provide this information to hackers, and data breaches.


If you are one of the people affected by this data breach, you will get a letter, not an email, from the IRS and will be offered free credit monitoring services.  These letters will not require you to provide any personal information in response.  Any communication you get that purports to be from the IRS that requests that you provide personal information is not from the IRS, but from another scammer.

A lesson for all of us is to remember to try to protect the privacy of your Social Security number as best you can.  Most identity theft starts with the identity thief obtaining and exploiting the victim’s Social Security number.  Don’t provide it to companies with which you do business unless you absolutely must do so.  Medical care providers routinely ask you to provide this, but they have no need for this and the health care industry has been among the worst in protecting its data from being hacked.

The verification process of using personal identity verification information is fundamentally flawed in today’s world.  Better systems should be used, such as dual factor authentication where a code is sent to your smartphone when you need to access an account.

Scam of the day – August 1, 2015 – Six Nigerians extradited to the United States to face fraud charges

August 1, 2015 Posted by Steven Weisman, Esq.

As a result of a joint effort of American law enforcement agencies with law enforcement agencies of South Africa, six Nigerians were extradited from South Africa to the United States to face a variety of fraud charges including conspiracy to commit mail fraud, wire fraud, bank fraud, conspiracy to commit identity theft and conspiracy to commit money laundering.  The six Nigerians are Oladimeji Seun Ayelotan, Rasaq Aderoju Raheem, Olusequn Seyi Shonekan, Taofeeq Olamilekan Oyelade, Olufemi Obaro Omoraka and Anuoluwapo Segun Adegbemigun and they along with fifteen others are accused of operating a number of scams including online romance scams using the online dating site and scams in which they would convince their victims to ship and receive goods purchased with stolen credit card and banking information as well as depositing checks and wiring the proceeds out of the country as ways of laundering funds obtained through scams and identity theft.


A little common sense and skepticism can go a long way in protecting you from becoming a victim of scams.  Online romance scams can be avoided to a great extent by recognizing that someone who immediately falls in love with you and soon thereafter needs you to send money for whatever reason is most likely a scam.  In addition, you may wish to do a reverse image search to see if the photo that has been provided to you is actually the person who they say they are.  Here is a link to Tineye one of the websites where you can do such a reverse image search.  Of course, in some instances, the romance scammer may also be stealing the name of the person whose photo they stole, but that is not often the case.

As for work-at-home scams which are also rampant, it just makes sense that being sent goods and being asked to then send them somewhere else has no legitimate purpose as does depositing money into your account and then being asked to wire the money elsewhere.  These are merely transparent attempts at money laundering.  Don’t get involved.