Scam of the day – October 19, 2012 – New IRS scam

Many of us pay our taxes online and many of us have a refund deposited electronically into our bank accounts.  It is a quick and efficient way to pay your taxes and get your refund safely.  However, scam artists are aware of this and are sending out phony emails purporting to be from the IRS telling their victims that their refund deposit failed and asking the potential victim to click on a link for the details of how to remedy the situation.  Of course, if you click on the link, what you will end up doing is downloading keystroke logging malware that will enable the scammer to steal all of the information from your computer.  Some of the notices are even followed up with another email telling you that it is a second notice and that your refund is being cancelled unless you click on the link to remedy the situation.  Don’t click on the link.

TIPS

Never click on links unless you are positive that it is legitimate and even then you cannot be sure, if it is something being sent by a friend that they are not passing on something to you that they do not realize is infected.  In regard to this particular phishing scam, although the email looks legitimate, it does not include your name and the address line on the email  and indicates it was sent from an email address other than the IRS.  However, even if the email address appears to be from the IRS, it is easy to spoof or copy the address to make it appear that it is from the IRS.   The safe thing to do if you have any questions as to the legitimacy of such an email is to call or email the IRS.

Scam of the day – October 18, 2012 – Capital One scam

Today’s scam of the day is another that comes right from my email.  Earlier this week I received an eamil that appeared to come from Capital One with a short message that read “There is a new document available online for your account” and instructed me to click on a link to get to the document.  If I had done so I would have downloaded a virus, possibly a keystroke logging malware program that could steal all of the information from my computer.

TIPS

Although the forged email looked quite legitimate and carried the logo of Capital One, at closer look there were some clues that this was a scam starting with the fact that it addressed me as “Dear Customer.”  Any email from a company that does not use your name should immediately make you skeptical.  In addtion, the scammer who copied the four paragraphs of fine print found at the bottom of legitimate emails from Capital One neglected to take out the email address to which the original email was sent so the email to me indicates that it was being sent to a different address than mine which was another tell tale clue.  The bottom line is that you should never click on links regardless of from whom they come unless you are absolutely sure they are legitimate.  Just to be extra sure I sent a copy of the email to Capital One who promptly responded to me that the email I had been sent was a scam.

Scam of the day – October 7, 2012 – Hulk Hogan sex tape scams

Celebrity sex tapes are nothing new.  From Pamela Anderson to Paris Hilton to Kim Kardashian and others, the public’s thirst for sex tapes sometimes made without and almost always distributed without the knowledge of the celebrity is always great.  The latest of the sex tapes to hit the Internet is a sex tape that apparently was done surreptitiously of former WWE wrestling champion Hulk Hogan who is shown in a thirty minute tape having sex with a woman who has been identified by some as the ex-wife of Hogan’s best friend.  A number of legitimate websites are showing a one minute portion of the tape, but you can probably expect soon that the full thirty minute tape will be appearing on the Internet.  But beware.  Scammers, as they have done with other celebrity nude shots or sex tapes,  most recently with the topless shots of Kate, the Duchess of Windsor will be sending out emails, Facebook messages and tweets that lure you to phony websites that when you click on the link necessary to watch the tape will download dangerous keystroke logging malware on your computer that can steal your information and make you a victim of identity theft.

TIPS

Never trust links that come in emails, tweets or Facebook messages.  Even if they come from friends who you trust, you must remember my motto, “trust me you can’t trust anyone.”  Your friends may have had their email account, Twitter account or Facebook account hacked into by an identity thief and the message that you are getting may be from the identity thief, not your friend.  And that message may well contain keystroke logging malware.  In addition, even if your real friends pass on a link, they may be unwittingly passing on a link that they do not realize will cause you to become a victim of identity theft.  The best course of action, if you are intent upon seeing the video is to go only to websites that you know are legitimate.

Scam of the day – October 2, 2012 – White House spearphishing hack

Yesterday, a White House spokesman confirmed that a computer network used by the White House Military Office that deals with military support for various White House functions was hacked into last month purportedly by Chinese hackers through the common scammers technique called “spearphishing.”  You can read in more detail about spearphishing in my “scam of the day” of September 11, 2012, which can be accessed in the scamicide archives.  Phishing occurs when you receive an email message or other communication that takes you to a phony website or link that automatically will download malware, such as a keystroke logging program called Trojan Horse that will steal all of the information from your computer and can help make you a victim of identity theft.  Spearphishing is a particularly insidious variation of phishing.  It occurs when you get an email message or other communication that appears to be from someone you know that contains a link or an attachment that when you download it automatically downloads the malware I previously described.  People often let their guard down when they receive an email or other communication from someone that they know even though it is easy to hack into someone’s email and steal their identity to send out these kinds of specially targeted spearphishing emails.  Too often they trust that the email is genuine and either click on the link or download the attachment without being sure that it is legitimate.  Often this can bring terrible results.

TIPS

Remember my motto:  Trust me, you can’t trust anyone.  Never download attachments or click on links unless you are absolutely are sure that the email or other message is absolutely legitimate.  When in doubt (and you should always have some doubt) you should confirm with the person that you think sent you the email that it is legitimate.  It may seem a bit paranoid, but remember, even paranoids have enemies.  If the White House can fall for this scam, so can you, so be extra careful.

Scam of the day – July 25, 2012 – Olympic scams part 1

With the Olympics only a few days away, many of us are excited about watching this great event, but our excitement should also be tempered by awareness of the many scams that will emanate from the Olympics and the media coverage of it.  Over the next few days, I will discuss some of the scams of which you should be aware.  Many phony websites will be set up to provide Olympic coverage and may even appear high on the list of your search engine searches.  These phony websites will carry some legitimate information and videos, but while you are watching a pop up window will appear to inform you that your computer has been infected, but that you can click on the pop up to clear your computer of the virus.  Don’t do it.  By clicking on the pop up, you will be, in fact, downloading keystroke logging malware that can read and steal all of the information on your computer, such as your passwords, Social Security number and credit card numbers leading to identity theft.

TIPS

When looking for information and coverage of the Olympics stay with websites that you know are legitimate and if you do go to a site where the pop up scenario telling you that your computer has been infected occurs, don’t click on the pop up because you have no idea what will happen when you do.  If your computer security software has been constantly updating you should be fine.  Even if you have not been updating your security software, leave the website immediately without clicking on the pop up and do a scan with your own computer security software.

Scam of the day – July 23, 2012 – Aurora Colorado shootings scams

As distasteful as it is to imagine, there will be a number of scams that will be occurring during the upcoming days and weeks related to the shootings at the theater in Aurora, Colorado where the opening night of the new Batman movie was being screened.  These scams follow a pattern of scammers taking advantage of the public curiosity and obsession whenever a major event happens, such as the killing of Osama bin Laden or the Japanese Tsunami.  One of the most common forms that these scams will take will be emails or messages on your Facebook page with links to “exclusive” video footage of some intriguing aspect of the event.  Often the link sent to you on your Facebook page will be from a “friend” although it will, most likely not be from a real friend, but from a friend whose Facebook page has been hacked into and taken over so that you trust the message when you receive it.  As I always say, trust me, you can’t trust anyone and you can trust me on that.  If you click on these links, they will download keystroke logging malware that will steal all of your personal information from your computer and make you a victim of identity theft.

TIPS

Never click on links that you get from friends on Facebook or emails until you have confirmed that they have actually sent you the link and even then you probably are better off considering whether the link that they are sending came from a reliable source or are they unwittingly passing on malware.  Get your videos and other information only from sources that you know are legitimate and keep your computer security software up to date.

Scam of the day – July 2, 2012 – New text message identity theft threat

The Missouri Attorney General is warning people about phony text messages that people are receiving on their smartphones saying that the person receiving the text has just won a free Walmart or Costco gift card.  However, when people click on the link they receive no prize, but they do download on to their smartphone keystroke logging malware that can enable the identity thief who sent the text  message to steal personal information from their phone that can lead to their becoming a victim of identity theft.

TIPS

By no means is this threat unique to Missouri, this identity theft scheme is being used throughout the country.  Never trust any text message or email message that tells you that you have won a contest that you have not entered and never click on any link unless you are absolutely positive that the link is legitimate.  Trust me, you can’t trust anyone.  If you have any doubts, check with your local attorney general or the real company that is supposedly sponsoring the contest.