Posts Tagged: ‘Identity Theft’

Scam of the day – August 19, 2015 – IRS hacking worse than originally reported

August 19, 2015 Posted by Steven Weisman, Esq.

Earlier this week, the IRS announced that the hacking of its “Get Transcript” program, which they had originally announced in May and which was the subject of my Scam of the day for May 28th was far worse than they originally disclosed.  While originally, the IRS stated that 104,000 people were affected by the IRS data breach, now the IRS is saying that the number of people affected is more than 300,000.  As a result of the data breach, the IRS indicated it paid more than 50 million dollars in fraudulent returns filed using the information stolen from the IRS’ “Get Transcript” program.  The”Get Transcript” program enables taxpayers to get copies of their federal income tax returns from previous years.  People often use this service to get copies of earlier income tax returns for uses such as when they apply for a mortgage or financial aid for college.  The IRS shut closed this service when it became aware that vulnerabilities in the system resulted in hackers attacking the system from mid February until May posing as legitimate taxpayers and getting copies of  income tax returns which could provide information that would enable the hackers to steal the identities of their victims and file phony income tax returns in the names of their victims and claim bogus refunds.

Although many people were surprised at this hacking, Scamicide readers were not among them because here at Scamicide, we exposed this vulnerability in the “Get Transcript” program in our Scam of the day for April 3, 2015.  Apparently, the IRS doesn’t read Scamicide.  Maybe it should.

The problem with the system was in the authentication process used by the IRS to limit access to this information to the taxpayer who is seeking his or her own income tax returns.  In order to access the income tax returns, the system required the inquirer to provide his or her name, Social Security number, birth date, address and other personal identity verifications, such as what was your high school mascot or when you got a mortgage. The problem is that, in many instances, this information can be gathered by a diligent hacker from public data bases, social media where people provide this information to hackers, and data breaches.

TIPS

If you are one of the people affected by this data breach, you will get a letter, not an email, from the IRS and will be offered free credit monitoring services.  These letters will not require you to provide any personal information in response.  Any communication you get that purports to be from the IRS that requests that you provide personal information is not from the IRS, but from another scammer.

A lesson for all of us is to remember to try to protect the privacy of your Social Security number as best you can.  Most identity theft starts with the identity thief obtaining and exploiting the victim’s Social Security number.  Don’t provide it to companies with which you do business unless you absolutely must do so.  Medical care providers routinely ask you to provide this, but they have no need for this and the health care industry has been among the worst in protecting its data from being hacked.

The verification process of using personal identity verification information is fundamentally flawed in today’s world.  Better systems should be used, such as dual factor authentication where a code is sent to your smartphone when you need to access an account.

Scam of the day – August 1, 2015 – Six Nigerians extradited to the United States to face fraud charges

August 1, 2015 Posted by Steven Weisman, Esq.

As a result of a joint effort of American law enforcement agencies with law enforcement agencies of South Africa, six Nigerians were extradited from South Africa to the United States to face a variety of fraud charges including conspiracy to commit mail fraud, wire fraud, bank fraud, conspiracy to commit identity theft and conspiracy to commit money laundering.  The six Nigerians are Oladimeji Seun Ayelotan, Rasaq Aderoju Raheem, Olusequn Seyi Shonekan, Taofeeq Olamilekan Oyelade, Olufemi Obaro Omoraka and Anuoluwapo Segun Adegbemigun and they along with fifteen others are accused of operating a number of scams including online romance scams using the online dating site Seniorpeoplemeet.com and scams in which they would convince their victims to ship and receive goods purchased with stolen credit card and banking information as well as depositing checks and wiring the proceeds out of the country as ways of laundering funds obtained through scams and identity theft.

TIPS

A little common sense and skepticism can go a long way in protecting you from becoming a victim of scams.  Online romance scams can be avoided to a great extent by recognizing that someone who immediately falls in love with you and soon thereafter needs you to send money for whatever reason is most likely a scam.  In addition, you may wish to do a reverse image search to see if the photo that has been provided to you is actually the person who they say they are.  Here is a link to Tineye http://tineye.com/ one of the websites where you can do such a reverse image search.  Of course, in some instances, the romance scammer may also be stealing the name of the person whose photo they stole, but that is not often the case.

As for work-at-home scams which are also rampant, it just makes sense that being sent goods and being asked to then send them somewhere else has no legitimate purpose as does depositing money into your account and then being asked to wire the money elsewhere.  These are merely transparent attempts at money laundering.  Don’t get involved.

Scam of the day – July 9, 2015 – Spyware company hacking leads to discovery of critical new Adobe Flash flaw

July 9, 2015 Posted by Steven Weisman, Esq.

It was only a week ago that I told you about a critical vulnerability in the popular Adobe Flash software so many people use for viewing videos.  Now following the embarrassing hacking and data breach at the Italian spyware company Hacking Team which sells spyware to governments, it has been learned that among the 400 gigabytes of files, source code and emails stolen and made public was source code for Adobe Flash software that can be and has been exploited by hackers to take control of computers running Adobe Flash.  Unlike the previous Adobe Flash flaw, which was discovered by security company FireEye, which notified Adobe in timely fashion to enable them to produce a security update, the new flaw discovered by Hacking Team had been kept secret by them which allowed them to exploit the vulnerability with its own spyware.  Since the time of the making public of this software vulnerability, enterprising hackers have already started selling kits on black market websites to other hackers that enable them to hack into computers running Adobe Flash.   Everyone using Adobe Flash is extremely vulnerable to identity theft and having their computer data stolen.

TIPS

Adobe Flash has been a constant target of hackers and some people are just choosing to disable it and use other video viewing software.  Some alternatives include LightSpark, Unity Web Player, GNU Gnash, and Silverlight.  Silverlight can be downloaded directly from the Microsoft website.  Adobe Flash has just released a security patch to fix the flaw.  Here is a link to the critical security patch to fix your Adobe Flash software: https://www.us-cert.gov/ncas/current-activity/2015/07/08/Adobe-Releases-Security-Updates-Flash-Player

 

Scam of the day – July 8, 2015 – Harvard hacked: what does it mean to you?

July 8, 2015 Posted by Steven Weisman, Esq.

Harvard University recently announced that it had been hacked for the second time in just four months.  The data breach appears to be limited to the Faculty of Arts and Sciences and Central Administration information technology networks and, fortunately, does not appear to have compromised either research data or personal information of students and faculty, such as Social Security numbers.  More and more colleges and universities are targets of hackers, as I described to you most recently in May 16th’s Scam of the day regarding the major data breach at Penn State.  American engineering schools, including MIT, and Carnegie Mellon, have been targets of Chinese state sponsored hacking for many years.  The goal of these hackings have been to gain information for both commercial and national defense purposes.  However, colleges in general are targeted by hackers seeking personal information for purposes of identity theft.  One reason that colleges and universities are such a tempting target for identity thieves is that they gather and retain so much personal information on applicants, students, faculty and alumni.  Making the problem worse is that college and university computer networks are generally readily accessible by so many people that it becomes difficult to secure these networks.

TIPS

I have written many times of the extreme vulnerability of colleges and universities, which gather and keep much personal information for which they have no real need, such as the Social Security numbers of applicants to the schools or Social Security numbers of alumni.  Coupled with lax security at many colleges and universities, this gathering and keeping of personal information for which the schools have no need puts the people whose information is affected in great danger of identity theft.  It is important for all of us to always inquire as to any company or agency that has personal information of ours as to what they do to keep this information secure.

For those people who may have been affected by the Harvard data breach, here is a link to Harvard’s official announcement of the data breach with details of the breach as well as suggestions for action by those affected.  http://security.harvard.edu/cyber-alert/faqs

Scam of the day – July 6, 2015 – Windows 10 update scams

July 5, 2015 Posted by Steven Weisman, Esq.

The new Windows 10 operating system is coming.  It is scheduled to start being released on July 29th.  However, if you are a user of Windows 7 or Windows 8.1 you are eligible to receive the new Windows 10 operating system for free.  Microsoft is letting these customers reserve the new operating system now.  Microsoft is notifying customers through a new icon on your taskbar or a popup message as indicated in the screen photo below.  Clicking on the message will take you to a page where you can sign up by merely providing your email address.  Once Windows 10 is available Microsoft will then download it to your computer. Over the years Microsoft has issued new operating systems after years of patches and updates of the previous operating systems.  When it became too cumbersome and difficult to patch the old operating systems, new ones were released.  Unfortunately, many individuals and companies still use the old operating systems, such as Windows XP although they were warned for years that new security update would no longer be issued after a specific date.  People and companies continuing to use the old operating systems, particularly Windows XP have become easy targets for hackers exploiting the vulnerabilities of the older operating systems.

W10_Laptop_AUX_Build_16x9_en-US_070115-01

TIPS

The release of Windows 10 will be exploited by scammers and identity thieves.  In particular you may receive emails or text messages with links or downloads that purport to be of Windows 10.  Don’t trust them.  Microsoft is not contacting people by emails or text messages regarding Windows 10.  Any email or text message, regardless of how legitimate it may look, that purports to be from Microsoft asking you to download an attachment or click on a link to install your Windows 10 is a scam.  If you click on those links or download those attachments all you will succeed in doing is downloading keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft.  Microsoft will  also not be calling you on the phone to install Windows 10 either, so if you get a telephone call in which the caller represents that he or she is from tech support at Microsoft to help you download Windows 10, just hang up.  The call is from an identity thief only seeking to get access to your computer and its data.

Scam of the day – June 8, 2015 – Woman steals identity of 83 year old man to pay for breast augmentation

June 8, 2015 Posted by Steven Weisman, Esq.

Just when you think you have heard everything, something new comes along and that is just what happened recently when 39 year old Brandie Bloor was convicted of fraud and identity theft stemming from her theft of the identity of an 83 year old man, taking out a loan in his name and then using the proceeds to pay for a tummy tuck, liposuction and breast implants.  The crime came to light when the identity theft victim started receiving notices that he was behind in his loan repayments.  At first, Bloor said that she too was a victim of identity theft and that she was not the person who received the cosmetic surgery, however, an identifying rose tattoo on her abdomen gave her away.  She then said that she earned the money as an escort for the senior citizen, but this lie too was soon disproved.  This is not Ms Bloor’s first brush with the law.  Among her convictions are fifteen for forgery alone.  She has pleaded guilty and is now awaiting sentencing.

TIPS

The first inkling that the victim got that he was a victim of identity theft was letters from the loan company about a loan he had never taken out.  Whenever you receive any communication about a debt that you have not incurred, you should not delay in contacting the creditor to dispute the bill and then check your credit report for other indications that your identity has been stolen and your credit affected.  In my book “50 Ways to Protect Your Identity and Your Credit” I describe the steps you need to take to correct mistakes in your credit report.

Scam of the day – May 4, 2015 – Hacking group threatens Cape Coral, Florida police

May 4, 2015 Posted by Steven Weisman, Esq.

Just three days ago I told you about an FBI warning to police departments around the country that hackers are actively attempting to not only hack into the computers of the police departments, but also searching the Internet for personal information on police officers and then making this information public, which can put the officer in danger of identity theft or worse.  This tactic which is called “doxing” has now been used against the Cape Coral, Florida Police Department.  Hackers claiming to be in the notorious hacking group, Anonymous posted videos online threatening members of the Cape Coral, Florida Police Department with doxing in response to a recent conviction of Travis Robey on charges of violently resisting a police officer stemming from an incident last June.  Hackers, claiming to be part of Anonymous posted personal information about members of the Cape Coral Police Department including their names, addresses and phone numbers, which they said they obtained by hacking into the computers of the Cape Coral Police Department.  The Cape Coral Police Department denies that their computers have been hacked and are conjecturing that Anonymous managed to get this information from public sources.

TIPS

There are many lessons to be learned from this.  As I have reported in the past, police departments have become a frequent target for hackers including those who have used Ransomware to prevent police departments from being able to access their data unless they pay a ransom as well as malicious hackers who use doxing to put officers in jeopardy.  In many instances, the information obtained is information that can be found through social media or public data sources and this should serve as a stern warning to all of us to be more careful about the personal information that we put on social media or share with other public sources.  The less information that is available about you on line, the safer you are from identity theft and other personal threats.

Scam of the day – April 17, 2015 – Mass email service hacked

April 16, 2015 Posted by Steven Weisman, Esq.

Many people may not be aware of SendGrid, but there is a good chance that you have received an email from them.  SendGrid is a mass email service that is used by 180,000 companies worldwide including Uber, Pinterest, Spotify and Foursquare when companies wish to send mass email messages to their customers, such as when a company wants to alert customers to a service update. When you receive an email from SendGrid or other such mass email services, it appears that the message is being sent by the company with which you have an account, but it actually comes from SendGrid or other mass email services.  Last week one of the companies that uses SendGrid had its SendGrid account hacked in an attempt to hack into the company’s account with Coinbase, a Bitcoin exchange.  Although the company, unnamed by SendGrid, had its account with Coinbase hacked,  according to SendGrid no Bitcoins were stolen.  Last year a similar attack aimed at stealing Bitcoins from another SendGrid client, ChunkHost was foiled because, Chunkhost used dual factor authentication, preventing the hacker from accessing the Bitcoins in Chunkhost’s account even after the hackers had managed to steal ChunkHost’s password.  More and more hackers are trying to hack into the accounts of users of mass email services such as SendGrid because it enables the hacker to make his or malware containing message appear to come from a trusted source.

TIPS

Remember my motto, “trust me, you can’t trust anyone.”  Merely because an email or text message appears legitimate or appears to come from a trusted email address is no reason to trust the message and click on links contained in the email or text message or download attachments to such emails or text messages.  The risk is too great.  Never click on links or download attachments unless you are absolutely sure that they are safe and legitimate.  Even if you are protected by the latest security software, you are still not safe because the most updated anti-malware and anti-virus software is always at least a month behind the latest malware.

Scam of the day – March 14, 2015 – Latest Security updates from the Department of Homeland Security

March 13, 2015 Posted by Steven Weisman, Esq.

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  The recent discovery and then patching of the FREAK vulnerability is a good example of how important it is to update your software with the latest security patches as soon as possible.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.

TIPS

Here is the link to the Department of Homeland Security software updates: https://www.us-cert.gov/ncas/bulletins/SB15-069

Scam of the day – February 23, 2015 – Chase Online bill pay scam

February 23, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email, however, I am sure many of you have received this, as well.  It is a phishing email that is intended to lure the recipient into providing personal information that will be used to make that person a victim of identity theft.  As typical with this type of phishing email, it is intended to make you think there is an emergency to which you must respond.  It looks pretty official, but there are some telltale signs that it is a scam.  First, is that although I did not include the email address of the sender, the email address is that of a private individual, not Chase although often identity thieves will use email addresses that appear to be official.  In this case, undoubtedly the email address used is part of a botnet whereby identity thieves have infiltrated the computers of innocent victims and then use their computers and email accounts to send out the fraudulent email.  Another telltale sign is that the email is directed to me, not by name, but rather as “Dear Customer.”   However, even if the email was directed to you by name, you couldn’t trust it because when JP Morgan Chase was hacked in the last year, the hackers stole names and email addresses.   Finally, the email appears to have been sent by Christopher Polumbo.  Christopher Palumbo is a Vice President at Chase, however, the email to me misspells his name.  However, it is easy to see how people would fall for this scam and provide the information that would enable an identity thief to gain access to your account.

Here  is a copy of the email I received.

“Dear Customer, 
We are writing to let you know that the service(s) listed below will be deactivated and deleted if your profile is not verified within 7 business days. Previous notifications have been sent to the Billing Contact assigned to your account.
As the Primary Contact, you must renew the service(s) listed below:

SERVICE: Chase Online and Bill Pay services. 
What you need to do:

1. Log in to your account through our enhanced security server www.Chase.comby clicking the URL.
2. 
Enter your user ID and Password (that you selected during the online enrollment process). 
3. 
Enter the requested information and your Chase Online and Bill Pay services will be renewed. 
If you have not signed up for online access, you can enroll easily by clicking “Enroll” at the bottom of the Login page. 
Please do not reply to this message directly but click on the URL. For questions, please call Customer Service at the number on the back of your card. We are available 24 hours a day, 7 days a week.

Sincerely,

Christopher Polumbo
Chase Online(SM)
Fraud Prevention Team

This site is directed at persons in the United States only. Persons outside the United States may visit International Banking . 
Links to third party sites are provided for your convenience by JPMorgan Chase. JPMorgan Chase neither endorses nor guarantees any offerings of the third party providers, nor does JPMorgan Chase make any representation or warranty of any kind about the content, use of or inability to use, the third party sites.

© JPMorgan Chase Bank, N.A. Member FDIC ©2015 JPMorgan Chase & Co.; Co”

TIPS

As I have warned you many times, you should never click on links in emails or text messages or provide information in response to such emails or text messages unless you have absolutely confirmed that the communication is legitimate, which is easy to do by merely contacting the company.  In this case, you could just contact Chase at the telephone number on your credit card or bank statement.  Providing information without confirming that the communication is legitimate gives the identity thief all that they need to make you a victim of identity theft.  In other variations of this phishing email, merely by clicking on the links provided will result in keystroke logging malware being downloaded on to your computer which can steal your personal information from your computer and then enable its use for purposes of identity theft.  Even if you have good security software installed on your computer or other electronic device, as you should, this may not protect you from keystroke logging malware because the latest malware is always at least a month ahead of the latest security software updates.  Remember my motto, “Trust me, you can’t trust anyone.”

As for this particular Chase phishing email, if you receive it, Chase requests that you forward it to them at abuse@chase.com.