Scam of the day – November 1, 2012 – Phony Amazon email scam

A new scam has recently emerged that begins when you receive an email purportedly from Amazon informing you that “Your acount has been closed because of too many failed login attempts.  Please download and fill out the form below to reactivate your account.”  If you download the form and provide the personal information requested you will have turned over your information to an identity thief who can then use this information to make you a victim of identity theft.  Unlike many phony emails that contain exact replicas of logos for the companies that the email is purportedly to be from, this scam email does not contain anything except text.

TIPS

Do not respond to this email by providing any information or clicking on any links.  Amazon does not ask for you password, bank account information, credit card information, PIN, Social Security number, mother’s maiden name or any other identifying information.  If you are asked for any of this information in an email, you cn be sure that the email is not from Amazon.  If you ever receive a similar email and have any doubts as to its authenticity, merely call the company to find out if the email was legitimate.  Providing information or clicking on links that can download keystroke logging malware can put you in great danger of identity theft.

Scam of the day – October 29, 2012 – New IRS scam

The IRS is warning people about a new scam that uses a website that appears to be the IRS’ e-Services online registration page.  The real IRS e-Services website does not provide anything for taxpayers, but does provide web-based products and information for professional tax preparers.  Many people are fooled by phony IRS websites that have URLs that are close to the IRS’ URL of www.irs.gov.  Some may have IRS in the URL, but end in .com, .net or .org.  The only official IRS website is www.irs.gov, but even there if you get an email that appears to be from the IRS you should disregard it because the IRS does not contact taxpayers by email and under no circumstances will the the IRS contact you by email, social media or text messages requesting personal information such as your bank account information or your Social Security number.

TIPS

Never click on links in emails, texts or  social media messages unless you area absolutely sure that the link is legitimate.  And even then you should consider not clicking on a link until you have verified that indeed it was sent by a legitimate sender and even then you cannot be sure that the link is being sent to you by someone who is passing on a tainted link.  The link may take you  to a legitimate website that requests personal data from you, however, if the communication is from a scammer, the information you provide can lead to identity theft.  Remember, if it is the IRS contacting you, they would already have your Social Security number and they don’t need or ask for you bank account information.  By clicking on links from scammers, you also risk downloading dangerous keystroke logging malware programs that can steal all of the information from your computer and lead to you becoming a victim of identity theft.

Scam of the day – October 23, 2012 – eFax Scam

It is relatively easy to make an email appear to come from a legitimate company, copying their logo and other material that will make an email from a scammer/identity thief appear to come from the legitimate company.  Phony emails purporting to be from companies such as UPS, the United States Postal Service, FedEx and Western Union have been a standard way that identity thieves and scammers lure people into clicking on a link in the email and downloading a keystroke logging malware program that will steal all of the information from your computer including passwords, credit card numbers and more that will be used to make you a victim of identity theft.  The latest version of this scam is one that purports to come from the legitimate company eFax, but in fact is from a scammer who copies an eFax communication.

TIPS

Never click on links that you are not sure are in legitimate emails.  If in doubt, call the company to confirm whether or not the email is legitimate.  Many of these emails are addressed not to you by name but rather to “Dear Customer,” which is an indication that it is not legitimate.  You can also pass your mouse over the link to see where it is sending you, but even then the URL that it shows may have been spoofed or copied from one that appears to be legitimate.  It is also important to keep your computer security software up to date.  The present eFax phony email is coming from Australia, which is not where eFax is located.

Scam of the day – October 20, 2012 – Miley Cyrus sex tape scam

Curiosity killed the cat, but for we humans, it can too often lead to identity theft, which although certainly not as bad as death, can be pretty devastating.  The latest scam appealing to our curiosity is now appearing on Facebook pages where you will find an announcement about a breaking news story regarding a secret sex tape of Miley Cyrus.  If you click on the link in order to view the tape, a request for you to prove that you are over 18 appears.  When you fill in the information requested, it can not only lead to your identity theft, but can also allow the identity thief to steal your Facebook information so that Facebook messages from the scammer/identity thief will appear to be coming from you which will make your friends more likely to trust the message and end up becoming victims of identity theft themselves.  By the way, there is no such sex tape.

TIPS

Never trust links provided by anyone on your Facebook page or anywhere else without checking out their validity first.  Links luring you with promises of sex tapes of Miley Cyrus or nude pictures of princess Kate Middleton, the wife of Prince William (which do actually exist) or anything else that would tempt you to click on the link are an effective way for identity thieves and scammers to trick you into downloading viruses or keystroke logging malware that can steal all of the information from your computer and make you a victim of identity theft.  If you want to check out the veracity of a gossip, a safe place to go is www.tmz.com.  And of course, as I always say, “trust me, you can’t trust anyone;”  even if you receive an email, text or Facebook message from someone you trust, you can’t be sure that either they have been hacked and the message is coming from a scammer or they are inadvertently passing on tainted links that they don’t realize contains a virus.

Scam of the day – October 19, 2012 – New IRS scam

Many of us pay our taxes online and many of us have a refund deposited electronically into our bank accounts.  It is a quick and efficient way to pay your taxes and get your refund safely.  However, scam artists are aware of this and are sending out phony emails purporting to be from the IRS telling their victims that their refund deposit failed and asking the potential victim to click on a link for the details of how to remedy the situation.  Of course, if you click on the link, what you will end up doing is downloading keystroke logging malware that will enable the scammer to steal all of the information from your computer.  Some of the notices are even followed up with another email telling you that it is a second notice and that your refund is being cancelled unless you click on the link to remedy the situation.  Don’t click on the link.

TIPS

Never click on links unless you are positive that it is legitimate and even then you cannot be sure, if it is something being sent by a friend that they are not passing on something to you that they do not realize is infected.  In regard to this particular phishing scam, although the email looks legitimate, it does not include your name and the address line on the email  and indicates it was sent from an email address other than the IRS.  However, even if the email address appears to be from the IRS, it is easy to spoof or copy the address to make it appear that it is from the IRS.   The safe thing to do if you have any questions as to the legitimacy of such an email is to call or email the IRS.

Scam of the day – October 18, 2012 – Capital One scam

Today’s scam of the day is another that comes right from my email.  Earlier this week I received an eamil that appeared to come from Capital One with a short message that read “There is a new document available online for your account” and instructed me to click on a link to get to the document.  If I had done so I would have downloaded a virus, possibly a keystroke logging malware program that could steal all of the information from my computer.

TIPS

Although the forged email looked quite legitimate and carried the logo of Capital One, at closer look there were some clues that this was a scam starting with the fact that it addressed me as “Dear Customer.”  Any email from a company that does not use your name should immediately make you skeptical.  In addtion, the scammer who copied the four paragraphs of fine print found at the bottom of legitimate emails from Capital One neglected to take out the email address to which the original email was sent so the email to me indicates that it was being sent to a different address than mine which was another tell tale clue.  The bottom line is that you should never click on links regardless of from whom they come unless you are absolutely sure they are legitimate.  Just to be extra sure I sent a copy of the email to Capital One who promptly responded to me that the email I had been sent was a scam.

Scam of the day – October 7, 2012 – Hulk Hogan sex tape scams

Celebrity sex tapes are nothing new.  From Pamela Anderson to Paris Hilton to Kim Kardashian and others, the public’s thirst for sex tapes sometimes made without and almost always distributed without the knowledge of the celebrity is always great.  The latest of the sex tapes to hit the Internet is a sex tape that apparently was done surreptitiously of former WWE wrestling champion Hulk Hogan who is shown in a thirty minute tape having sex with a woman who has been identified by some as the ex-wife of Hogan’s best friend.  A number of legitimate websites are showing a one minute portion of the tape, but you can probably expect soon that the full thirty minute tape will be appearing on the Internet.  But beware.  Scammers, as they have done with other celebrity nude shots or sex tapes,  most recently with the topless shots of Kate, the Duchess of Windsor will be sending out emails, Facebook messages and tweets that lure you to phony websites that when you click on the link necessary to watch the tape will download dangerous keystroke logging malware on your computer that can steal your information and make you a victim of identity theft.

TIPS

Never trust links that come in emails, tweets or Facebook messages.  Even if they come from friends who you trust, you must remember my motto, “trust me you can’t trust anyone.”  Your friends may have had their email account, Twitter account or Facebook account hacked into by an identity thief and the message that you are getting may be from the identity thief, not your friend.  And that message may well contain keystroke logging malware.  In addition, even if your real friends pass on a link, they may be unwittingly passing on a link that they do not realize will cause you to become a victim of identity theft.  The best course of action, if you are intent upon seeing the video is to go only to websites that you know are legitimate.

Scam of the day – October 2, 2012 – White House spearphishing hack

Yesterday, a White House spokesman confirmed that a computer network used by the White House Military Office that deals with military support for various White House functions was hacked into last month purportedly by Chinese hackers through the common scammers technique called “spearphishing.”  You can read in more detail about spearphishing in my “scam of the day” of September 11, 2012, which can be accessed in the scamicide archives.  Phishing occurs when you receive an email message or other communication that takes you to a phony website or link that automatically will download malware, such as a keystroke logging program called Trojan Horse that will steal all of the information from your computer and can help make you a victim of identity theft.  Spearphishing is a particularly insidious variation of phishing.  It occurs when you get an email message or other communication that appears to be from someone you know that contains a link or an attachment that when you download it automatically downloads the malware I previously described.  People often let their guard down when they receive an email or other communication from someone that they know even though it is easy to hack into someone’s email and steal their identity to send out these kinds of specially targeted spearphishing emails.  Too often they trust that the email is genuine and either click on the link or download the attachment without being sure that it is legitimate.  Often this can bring terrible results.

TIPS

Remember my motto:  Trust me, you can’t trust anyone.  Never download attachments or click on links unless you are absolutely are sure that the email or other message is absolutely legitimate.  When in doubt (and you should always have some doubt) you should confirm with the person that you think sent you the email that it is legitimate.  It may seem a bit paranoid, but remember, even paranoids have enemies.  If the White House can fall for this scam, so can you, so be extra careful.

Scam of the day – July 25, 2012 – Olympic scams part 1

With the Olympics only a few days away, many of us are excited about watching this great event, but our excitement should also be tempered by awareness of the many scams that will emanate from the Olympics and the media coverage of it.  Over the next few days, I will discuss some of the scams of which you should be aware.  Many phony websites will be set up to provide Olympic coverage and may even appear high on the list of your search engine searches.  These phony websites will carry some legitimate information and videos, but while you are watching a pop up window will appear to inform you that your computer has been infected, but that you can click on the pop up to clear your computer of the virus.  Don’t do it.  By clicking on the pop up, you will be, in fact, downloading keystroke logging malware that can read and steal all of the information on your computer, such as your passwords, Social Security number and credit card numbers leading to identity theft.

TIPS

When looking for information and coverage of the Olympics stay with websites that you know are legitimate and if you do go to a site where the pop up scenario telling you that your computer has been infected occurs, don’t click on the pop up because you have no idea what will happen when you do.  If your computer security software has been constantly updating you should be fine.  Even if you have not been updating your security software, leave the website immediately without clicking on the pop up and do a scan with your own computer security software.