Scam of the day – January 30, 2013 – Justin Bieber fondling scam

Many people, myself not being one of them, are intrigued by Justin Bieber.  By any measure he is an international celebrity and a person in whom many people have great interest.  It is no surprise therefore that when reports surfaced earlier this week about pictures of Justin Bieber fondling a fan at a meet-and-greet in Miami on his latest tour, many people went searching on the Internet for the pictures.  A picture purporting to be a real picture did appear for a while on, but was later taken down. Both Bieber and the young girl, identified only as “Jocelyn” deny that anything inappropriate happened regardless of what the photograph may appear to show.  The problem is that many people will now be searching online for the photograph and may end up at websites that are not trustworthy and unwittingly download keystroke logging malware that will steal all of the information from their computers when the click on links that purport to lead them to the photograph, but instead merely trick them into downloading the dangerous malware.


Whether it is pictures of Justin Bieber or, as often is the lure, the promise of nude photos of celebrites such as Katherine Webb, Miley Cyrus, Princess Kate Middleton, or Emma Watson who represent some of the most popular searches, you must be very careful when clicking on links or downloading photographs from websites that may or may not be legitimate.  My advice is to stick to legitimate, well-known websites if you must search for such pictures because the risk is just too great that you will end up downloading dangerous malware.  In addition, you should also recognize that much of the time, such pictures may not even exist.

Scam of the day – January 21, 2013 – Income tax scam season has begun

The good news according to the IRS is that their crack teams of forensic accountants prevented the payments of 1.5 billion dollars in fraudulent tax refund checks last year.  The bad news, however is that a report done for the Treasury Department predicts that the IRS will pay more than 21 billion dollars in fraudulent tax refund checks over the next five years.  Even worse news is that if an identity thief manages to file a tax return using your name and Social Security number before you do, it could be well over a year before you get your legitimate tax refund.  Tax identity theft is getting worse, not better and you can’t depend on the IRS to protect you.  Identity thieves who manage to steal your name and Social Security number are filing early returns with phony W-2s and getting huge refunds while your refund gets stuck in bureaucratic hell when you file your legitimate tax return.


Their are several keys to protecting yourself from tax identity theft.  First, file early and beat the identity thieves to the punch.  Second, keep your personal information, particularly your Social Security number as protected as possible.  Identity thieves will often try to trick you into providing your Social Security number as when they tell you that you have won a contest that you have never entered  and need your Social Security number for reporting purposes.  Protect your computer’s security with a strong firewall and security software that is constantly updated.  Don’t click on links or attachments unless you are sure they are legitimate.  This is a primary way that identity thieves install keystroke logging malware on your computer through which they can steal all of the information from your computer.

Scam of the day – January 8, 2013 – Airline scams update

Airline scams continue to be a big money maker for scam artists, the only criminals we refer to as artists.  Back on June 6, 2012 in my “scam of the day” I alerted you about a scam involving a phishing email purportedly from US Airways with a phony itinerary for a flight you never booked.  The email even had a phony, but good replica of the official US Airways logo.  In the email, you were instructed to click on a link for further details, which if you did, would end up downloading on to your computer a keystroke logging program that would steal all of the information from your computer and end up making you a victim of identity theft.  In November 3, 2012’s  “scam of the day” I warned you about a scam involving Delta airlines and a phony email notification that an airline ticket purchased from Delta was ready for printing on line by downloading the attachment to the email.  This action too would have downloaded a keystroke logging malware program.  Recently,  on their corporate websites, Southwest Airlines and American Airlines also acknowledged phishing scams involving similar phony communications.


Email messages purporting to have links for free airline tickets, such as recent Southwest Airline scam emails have done are scams.  Email messages purporting to have attached invoices or receipts for airline tickets you actually have not ordered, such as recent Delta Airlines scam emails have done are scams.  These messages also have been coming as Facebook postings or even as postcards with notices of free airline tickets available by going to a phony website.  These too are scams.  There are no free lunches nor are there any free airline tickets.  If you haven’t ordered tickets, you do not have tickets to download.  Basically, you should remember my advice to never download an attachment or click on a link unless you are positive it is legitimate.  When in doubt, and you should usually have a healthy dose of doubt, you should check with the real company at a phone number or online at an address that you know is accurate and not click on a link in the questionable email in order to find out if the email is legitimate.  You will find it is not.

Scam of the day – January 7, 2013 – Most dangerous websites

Phishing is the name of the scam whereby you are lured to a phony website that appears to be legitimate, however when you click on links in these phony websites, download material from these websites or provide information to these websites, you put yourself in danger of identity theft or of downloading dangerous keystroke logging malware that can steal all of the information on your computer including credit card numbers, your Social Security number, passwords and various account information.  In addition, you may unwittingly have your computer taken over as a part of a botnet (for more information about botnets, check out other postings on or in “50 Ways to Protect Your Identity in a Digital Age”) whereby your computer is made part of the botnet circulating scams around the world.


Recently Trend Micro issued a list of the most common websites that were the subjects of phony phishing websites during the past month.  The top ten websites of which you should be particularly wary of to make sure that you are dealing with the legitimate company are:  PayPal, Wells Fargo, Visa, Citibank, Bank of America, Aol, Yahoo, Hotmail, Gmail and Mastercard.  Things to look out for to avoid phishing websites are when you are directed to a website through an email that does not refer to you by name or if the email contains spelling errors or poor grammar that may indicate the email is coming from a foreign scammer (or a poorly educated American scammer).  A good rule to follow is to not click on links in emails or text messages to go to a website.  If you consider the email or message worth following up on, go to the website of the legitimate company by typing the URL that you know is correct into your browser.

Scam of the day – January 5, 2013 – Email hacking

Today’s scam of the day is prompted by a friend of mine having her email account hacked into.  In her particular situation, it was not as bad as it could have been.  It was hacked into and then used as a part of a botnet to send out relatively harmless advertising spam.  However, hacked email accounts can also subject you to more sinister problems such as identity theft as when your computer becomes infected with a keystroke logging malware program that can steal all of the information from your computer.  For many people the first sign that their email account has been hacked is when friends start calling or emailing telling you that they have received a suspicious email that appears to come from you.


The first thing you should do is make sure that your Firewall and security software are current and operative.  You should not take any further steps until you are sure that your computer is secure and that is not infected with a keystroke logging malware program because if it is, you are merely continuing to communicate with your hacker.  Send out an immediate blast email to everyone on your email list to let them know that your email account has been hacked and that despite what they might have been told in an email that appeared to come from you, you are not marooned in London and in need of cash.  That needy traveler scam is one that hacked email accounts are often used for.  Using a clean computer, log into your email account and make sure that your settings have not been changed such as where your email is being forwarded to another email address.  If any of your settings have been changed, delete those changes and put your own settings back into effect.  Set new a new password for your email account and make sure it is a secure one.  You can find more detailed information about this in my book “50 Ways to Protect Your Identity in a Digital Age.”  Finally, do a little soul searching.  Most likely, you invited the hacker in by clicking on a tainted link or downloading tainted material.  Remember my motto, “trust me, you can’t trust anyone.”  You should never download material or click on a link unless you are absolutely positive it is legitimate and not infected.  Merely because something appears to come from a friend does not mean it is legitimate.  After all, your friends are receiving links in emails that appear to be from you because your account was hacked.

Scam of the day – December 18, 2012 – Newtown charity scams and similar charity scams

As I warned you, the very day after the horrible shootings at the Sandy Hook Elementary School in Newtown, Connecticut, scammers and identity thieves will be preying upon both our best and worst instincts in response to the tragedy.  People seeking videos and photographs of the event may find themselves clicking on links that purport to provide you with such material, but may only end up downloading keystroke logging malware that will steal all of the information from the computers of the curious people who will find themselves becoming victims of identity theft.  Go back to Saturday, December 15ths “Scam of the Day” for more particulars.  The next step in scams stemming from the murders will be the pleas for charitable contributions for the victims and others similarly situated.  You should always be wary when anyone asks you for a charitable donation, but particularly when a charitable solicitation quickly follows an emotional event such as the killings in Connecticut.  You will want to make sure that you are giving to legitimate charities that will use your contribution wisely rather than giving your money to a scammer or a “legitimate” charity that misuses your donations by paying its administrator inordinately large salaries.  Particularly during this time of the year, you will likely find yourself being solicited by various police and firefighter charities.  Many of these are scams and it is important to know the difference between a legitimate charity and a phony one.


Whenever you are contacted by a charity whether by text, phone, email or otherwise, you can never be sure that the person contacting you legitimately represents the charity or that the charity itself is legitimate.  If you are charitably inclined, you should not respond directly to the person or entity soliciting you, but rather first, confirm that the charity itself is legitimate.  At this time of year there are many charities that contact you, particularly those purporting to represent firefighters and local police that are scams.  Many phony charities have similar names to legitimate charities, particularly those purporting to collect for local fire and police departments. You should always check out the legitimacy of the charity first before considering making a contribution.  A good place to find out if a charity is legitimate or merely has a name that sounds legitimate is  This website also will provide you with information as to how much of the charity’s collected donations actually are applied to its charitable works and how much goes to administrative fees and salaries.  As a general rule of thumb if a charity spends more than 25% of its donations on salaries and administrative costs, you may wish to contribute to another charity.

Scam of the day – December 15, 2012 – Sandy Hook Elementary School shooting identity theft threat

Yesterday’s horrible news of the tremendous loss of life as a result of the actions of  deranged gunman Adam Lanza killing adults and children at the Sandy Hook Elementary School in Newtown, Connecticut is, unfortunately, just the type of story that often leads to people becoming victims of identity theft.  As some people search for information to help them better understand what happened while others scour media for exclusive photographs or videos of the events out of a macabre curiosity, both groups of people can become easy victims of identity theft schemes quickly constructed by media savvy identity thieves who will use all forms of media from text messages, emails, social media postings and search engine directed phony websites to entice people to click on links contained within these various forms of communication that will purport to provide information, photographs or videos about the shootings, but instead will only result in the people who click on these links unknowingly downloading dangerous keystroke logging malware that can read all of the information contained on the computers of those people clicking on the tainted links.  The information stolen in this manner can include passwords, Social Security numbers, credit card numbers, bank account numbers and other information that will lead to the identity theft of these people.


First and foremost, it is important to have good firewalls and security software installed and kept up to date on all of your electronic devices including your computers, smart phones, iPads and other portable devices that you use.  Many people may think to protect their home computers, but fail to protect their portable devices even though they may use these devices as much and even more than their home computers.  Second, you should not click on any link unless you are sure that it is legitimate and even if the link is contained in what appears to be a text message or social media posting of a friend, you can’t be sure that your friend has not had his or her account hacked into by an identity thief in order to make you more trusting than you should be of the message being sent.  Additionally, even if you receive a test, email or social media posting that actually is from a friend of yours, it may merely be passing on to you a tainted link that your friend does not realize they are helping to spread after receiving it themselves from a source that they should not have trusted.  Frankly, the safest course of action is not to click on any links from anyone that try to appeal to your curiosity about major public events such as this, but rather limit your search for information to legitimate news websites that you can be confident are not likely to contain tainted or inaccurate information.  As for those people who lust after disturbing videos and photographs that they think they will only be able to access from “special” sources, those special sources are usually phony as are the videos and photographs that they provide, however, the malware that you get from them is very real and dangerous.

Scam of the day – December 12, 2012 – PayPal holiday scams

Many people use PayPal for safe online holiday shopping which is why scammers and identity thieves often pose as PayPal in an effort to steal money or the identity of their victims.  The scam generally begins with an email that purports to acknowledge payment by you for something that you have obviously not purchase.  A link in the email, however, is provided if you wish to dispute the charge.  Don’t click on the link.  As I have told you many times before clicking on links which you are not sure are secure places you in danger of identity theft by taking you to a website where you are prompted to provide information that can make you a victim of identity theft or even worse, clicking on the link can result in your downloading a keystroke logging malware program that will steal all of the information from your computer including passwords, credit card numbers, bank account information and your Social Security number.


If you receive such an email, remember that you can never be sure when you receive an email whether it is legitmate or not.  If you have any questions, you should contact the company, such as PayPal directly through their official website, an email directed to an address that you know is correct or by phone at a number that you know is correct.  It is also important to remember that PayPal and other legitimate companies will not ask for your Social Security number or PINs.