Posts Tagged: ‘keystroke logging malware’

Scam of the day – May 13, 2015 – What to do if your email is hacked

May 13, 2015 Posted by Steven Weisman, Esq.

Yesterday I told you about a scam which starts when you receive an email that appears to come from one of your friends, but in actuality is coming from a scammer who has hacked into your friend’s email account is sending out messages that appear to come from your friend touting a product.  We have all received these emails and hopefully, you just immediately delete them after informing your friend that his or her email account has been hacked and scam emails are being sent to everyone on his or her email address list.

But what do you do if you are the person whose email has been hacked?

TIPS

1. Change your password on your email account. If you use the same password for other accounts, you should change those as well.
2. Change your security question. I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Report the hacking to your email provider.
4. Contact the people on your email list and tell them you have been hacked and not to click on links in emails that appear to come from you. 5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program. This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
6. Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
7. Get a free copy of your credit report. You can get your free credit reports from www.annualcreditreport.com. Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.
7. Consider putting a credit freeze on your credit report. You can find information about credit freezes here on Scamicide.com

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.

TIPS

The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to http://www.irs.gov/Individuals/Electronic-Filing-PIN-Request where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – February 23, 2015 – Chase Online bill pay scam

February 23, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email, however, I am sure many of you have received this, as well.  It is a phishing email that is intended to lure the recipient into providing personal information that will be used to make that person a victim of identity theft.  As typical with this type of phishing email, it is intended to make you think there is an emergency to which you must respond.  It looks pretty official, but there are some telltale signs that it is a scam.  First, is that although I did not include the email address of the sender, the email address is that of a private individual, not Chase although often identity thieves will use email addresses that appear to be official.  In this case, undoubtedly the email address used is part of a botnet whereby identity thieves have infiltrated the computers of innocent victims and then use their computers and email accounts to send out the fraudulent email.  Another telltale sign is that the email is directed to me, not by name, but rather as “Dear Customer.”   However, even if the email was directed to you by name, you couldn’t trust it because when JP Morgan Chase was hacked in the last year, the hackers stole names and email addresses.   Finally, the email appears to have been sent by Christopher Polumbo.  Christopher Palumbo is a Vice President at Chase, however, the email to me misspells his name.  However, it is easy to see how people would fall for this scam and provide the information that would enable an identity thief to gain access to your account.

Here  is a copy of the email I received.

“Dear Customer, 
We are writing to let you know that the service(s) listed below will be deactivated and deleted if your profile is not verified within 7 business days. Previous notifications have been sent to the Billing Contact assigned to your account.
As the Primary Contact, you must renew the service(s) listed below:

SERVICE: Chase Online and Bill Pay services. 
What you need to do:

1. Log in to your account through our enhanced security server www.Chase.comby clicking the URL.
2. 
Enter your user ID and Password (that you selected during the online enrollment process). 
3. 
Enter the requested information and your Chase Online and Bill Pay services will be renewed. 
If you have not signed up for online access, you can enroll easily by clicking “Enroll” at the bottom of the Login page. 
Please do not reply to this message directly but click on the URL. For questions, please call Customer Service at the number on the back of your card. We are available 24 hours a day, 7 days a week.

Sincerely,

Christopher Polumbo
Chase Online(SM)
Fraud Prevention Team

This site is directed at persons in the United States only. Persons outside the United States may visit International Banking . 
Links to third party sites are provided for your convenience by JPMorgan Chase. JPMorgan Chase neither endorses nor guarantees any offerings of the third party providers, nor does JPMorgan Chase make any representation or warranty of any kind about the content, use of or inability to use, the third party sites.

© JPMorgan Chase Bank, N.A. Member FDIC ©2015 JPMorgan Chase & Co.; Co”

TIPS

As I have warned you many times, you should never click on links in emails or text messages or provide information in response to such emails or text messages unless you have absolutely confirmed that the communication is legitimate, which is easy to do by merely contacting the company.  In this case, you could just contact Chase at the telephone number on your credit card or bank statement.  Providing information without confirming that the communication is legitimate gives the identity thief all that they need to make you a victim of identity theft.  In other variations of this phishing email, merely by clicking on the links provided will result in keystroke logging malware being downloaded on to your computer which can steal your personal information from your computer and then enable its use for purposes of identity theft.  Even if you have good security software installed on your computer or other electronic device, as you should, this may not protect you from keystroke logging malware because the latest malware is always at least a month ahead of the latest security software updates.  Remember my motto, “Trust me, you can’t trust anyone.”

As for this particular Chase phishing email, if you receive it, Chase requests that you forward it to them at abuse@chase.com.

Scam of the day – February 21, 2015 – Child predator email scam

February 21, 2015 Posted by Steven Weisman, Esq.

Parents are always concerned about the dangers posed by child predators so it is easy to understand that so many people are falling victim to a scam that starts when the parents receive a phony email warning about a child predator now living in their community.  The email appears to be an official notification generated based on the email recipient’s zip code.  The email promises to provide more specific information about the predator threat by clicking on a link provided in the email.  Clicking on the link takes the victim to the website of a company that provides localized reports on child predators.  Unfortunately, clicking on the link also downloads keystroke logging malware that will steal the information from your computer or other electronic device and use it to make you a victim of identity theft.

TIPS

Once again, it is important to remember that you should never click on links in emails or text messages regardless of how legitimate they may appear unless you have absolutely confirmed that the email or message is legitimate.  Regardless of how legitimate it may appear, the chances of downloading dangerous keystroke logging malware that can lead to your becoming a victim of identity theft is just too great.  For free information about sex offenders in your area, you can go to the National Sex Offender Public Website set up by the Department of Justice.  Here is a link to their website: http://www.fbi.gov/scams-safety/registry

Scam of the day – February 16, 2015 – Turbo Tax scam update

February 16, 2015 Posted by Steven Weisman, Esq.

As I reported to you previously, earlier this month following a rash of fraudulent state income tax filings using Turbo Tax software in nineteen states, Turbo Tax temporarily suspended electronic state income tax filings through Turbo Tax.  Although the matter is still under investigation, it does not appear that Turbo Tax was hacked.  More likely it is that identity thieves who already obtained the Social Security  numbers of their victims were using Turbo Tax’s convenient software to file fraudulent return in which they claim phony refunds.  On the federal level, this is a 5.2 billion dollar problem annually.  Now, enterprising identity thieves are sending out phishing emails that appear to be sent by Turbo Tax in which the email recipient is told that there is a problem with the person’s electronically filed income tax return and that they need to click on a link and provide personal information in order to rectify the problem.  This is a scam that is intended either to lure the victim into downloading keystroke logging malware that will steal personal information from the victim’s computer or other electronic device and use that information to make the person  a victim of identity theft or to lure the victim into providing the personal information directly to the identity thief posing as Turbo Tax.

TIPS

Whenever you get an email or a text message either asking for personal information directly or instructing you to click on a link, you should not respond until you have absolutely confirmed that the email or text message is legitimate.  Making a counterfeit email look official is child’s play so even if the communication looks legitimate, you should not trust it.  The better course of action is to contact the company directly at a telephone number, email address or website that you know is legitimate to confirm whether the original communication was legitimate.  Scammers and identity thieves always take advantage of the latest public concerns to convince people to provide information used to make them victims of identity theft.

Scam of the day – February 13, 2015 – Valentine’s day scams

February 13, 2015 Posted by Steven Weisman, Esq.

Tomorrow is Valentine’s day, which is a very important day to many people including scammers and identity thieves who always manage to find an opportunity in whatever is going on to scam you out of your money.  There are many Valentine’s day scams, but the most prevalent are phony florists, online dating scams, phony Valentine’s day electronic greeting cards and delivery scams.

Scammers set up phony florist websites or send you an email purporting to be from a local florist with a great deal you merely have to click on to in order to save a great deal of money on flowers.

Online dating scams are plentiful with most revolving around quickly professing true love for you and then asking for money.

Electronic greeting cards are a great way to send a Valentine’s day card at the last minute when you forgot to get one ahead of time, but phony electronic greeting cards can be filled with malware and if you click on the link to open the card, you will infect your computer or other electronic device with malware that will steal your personal information and use it to make you a victim of identity theft.

A common delivery scam operating on Valentine’s day involves a delivery of a gift basket of wine and flowers to you, however the person delivering the gift basket requests a small payment, generally five dollars or less, as a delivery fee because alcohol is being delivered.  The person delivering the basket will only accept a credit card as payment.  When you turn over your credit card, the scammer then takes down the information and runs up charges on your credit card.

TIPS

Never trust an online florist or other retailer until you have checked them out to make sure that they are valid.  Otherwise, you might be turning over your credit card information to a scammer.  It is also important to remember, as I constantly warn you, that you can never be confident when you receive an email, particularly one with a link in it or an attachment to download, if the person sending you the email is who they claim to be.  Clicking on links sent by scammers can download keystroke logging malware on to your computer or other electronic device that will, in turn, enable the identity thief to steal personal information from your computer and use it to make you a victim of identity theft.  Always confirm the legitimacy of an email or text message before clicking on links contained in the message.

As for online dating scams, of course you should be wary of anyone who immediately indicates he or she is in love with you and then asks for money.  Some other telltale signs of an online romance scam include wanting to communicate with you right away on an email account outside of the dating site, claiming to be working abroad, asking for your address and poor grammar which is often a sign of a foreign romance scammer.  Many romance scams originate in Eastern Europe.

Never trust an online greeting card, particularly if it does not indicate from whom it is being sent.  Be very wary of a card sent by “an admirer.”  Even if you recognize the name, confirm that it was really sent from that person before you click on the link and open the card.

In regard to the delivery scam, there is no special delivery charge for alcohol so if someone requires a payment for such a delivery and on top of that won’t accept cash, merely decline the gift.

Happy Valentine’s day and be safe.

 

Scam of the day – February 3, 2015 – Affordable Care Act phishing scam

February 3, 2015 Posted by Steven Weisman, Esq.

Recently the United States Computer Emergency Readiness Team which is a part of the Department of Homeland Security issued a warning about a phishing scam related to the Affordable Care Act, commonly referred to as Obamacare.  Since its inception, there has been much confusion about many aspects of the Affordable Care Act and scammers are taking advantage of this confusion by sending emails to their intended victims that purport to come from a federal agency involved with the Affordable Care Act in which the person receiving the email is asked for personal information or directed to a website by way of a link that, if clicked on, will cause keystroke logging malware to be downloaded on to the victim’s computer or other electronic device that will enable the scammer to steal the personal information of the victim and make him or her a victim of identity theft.

TIPS

The rules to follow in order to avoid becoming a victim of this scam are simple and easy to follow.  Never provide personal information in response to an email, text message or phone call from someone until you have confirmed that the communication is legitimate.  You can never trust any communication to be from who it purports to be until you have independently confirmed that it is both legitimate and that there is a legitimate need for your personal information.  You can determine whether or not a communication is legitimate or not through a phone call or other communication with the real company or agency that the communication purports to be. Don’t use the phone number, website or email address supplied to you in the communication itself.  You cannot trust it.

Also, never, and I mean never, click on links in any email or text message until you have again confirmed that the communication is legitimate.  Even if the email address from which the message is that of a legitimate company or agency, their email could have been hacked, so never click on a link until you have independently confirmed that it is legitimate.

Finally, make sure you have a good firewall as well as anti-virus and anti-malware software on all of your electronic devices and keep these security programs updated with the latest patches.

Scam of the day – January 10, 2015 – Scam videos of the Charlie Hebdo terrorist attacks

January 10, 2015 Posted by Steven Weisman, Esq.

The fear and concern following the attack by terrorists that attacked the offices of the satirical magazine Charlie Hebdo and a Jewish supermarket in Paris is finally over after 53 hours.  The aftermath of the attacks include the deaths of twelve people at Charlie Hebdo’s offices and four more innocent people at the supermarket.  All three terrorists whose attacks were coordinated are also dead.  Much of the public around the world have been glued to their televisions and computers watching the events unfold.  Among the people whose attention has been focused on these events were scammers who are always looking to capitalize on events that capture the public’s interest.  If patterns follow, you can expect that you will be receiving emails, text messages or social media communications promising “shocking video” of these attacks.  Again, the familiar pattern is that you are told that these are exclusive videos that you can see nowhere else.  We have seen this type of scam following major natural and unnatural disasters in including Tsunamis and plane crashes.  Once you click on the links in the various communications, you end up downloading keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft.

TIPS

Regardless of the purported source of any email, text message or social media communication, you can never be sure that the source is indeed who it says it is or that it is legitimate.  Never ever click on links in any form of communication unless you have absolutely confirmed that it is legitimate.  The risk is too high.  Even if your electronic devices are protected by anti-virus and anti-malware software, the best security software is always at least a month  behind the latest viruses and malware.  If your curiosity gets the best of you, limit your search to legitimate news websites and, even then, make sure that you type in the website address correctly so you don’t get misdirected to a phony phishing website that appears to be the legitimate website that you seek, but actually is a scam website that will try to lure you into clicking on tainted links.  Google searches are also a dangerous way to look for “shocking video” due to the fact that merely because a website may turn up high on a Google or other search engine search, does not mean that the website is legitimate.  All it means is that the person creating that website was good at Search Engine Optimization (SEO) which is knowing how to adapt the makeup of a website to place high in the algorithms used by search engines to rank websites for searches.

Scam of the day – January 9, 2015 – Post holiday delivery scam

January 9, 2015 Posted by Steven Weisman, Esq.

Although the holiday shopping season is essentially over, there are still many people who may have ordered gifts at the last minute that are just starting to arrive and scammers are taking advantage of this situation.  Reports are surfacing of people receiving communications purporting to be from national retailers either by email or social media messages in which the people receiving the messages are told that their delivery is ready for pickup or delivery.  The messages and emails often look quite legitimate and carry the logo of the particular retailer from whom the message appears to be sent.  As is an essential part of this type of scam, the email or social media message contains a link which you are advised to click on for more delivery information and that is where the problem starts.  Clicking on the link either will take you to a website that asks for personal information used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will have unwittingly downloaded keystroke logging malware that will steal all of the information from your computer and use it to make you a victim of identity theft.

TIPS

Just as the IRS does not initiate contact with taxpayers by telephone so that if you get a call purporting to be from the IRS you know it is a scam, so do retailers not communicate about deliveries with customers by way of Facebook and other social media.  It certainly is important to keep track of all of your legitimate orders from retailers so if you get such an email message, you can ignore it, knowing you do not have a delivery, but even if you have any question that it may be a legitimate message, you still shouldn’t click on any link without confirming that it is legitimate and the best way to do that is to call or go to the website of the company directly at a telephone number or website address that you know is correct.  Don’t use the phone number or website address provided in the email. Remember, “trust me, you can’t trust anyone.”