Posts Tagged: ‘Phishing’

Scam of the day – April 13, 2014 – AT&T bill scam

April 13, 2014 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes directly from my email where I received the following email purporting to be from AT &T.  This is an example of a phishing email that may appear to be from a legitimate source, but is from an identity thief.  As with many phishing scams it implies that there is an emergency, namely in this case, a problem with my billing information that could result in the termination of my account.  The email then provides a link for me to go to in order to provide the necessary information to maintain my account.  DO NOT CLICK ON THE LINK.  Clicking on the link will either take you to a page where you are asked to provider personal information that would be used to make you a victim of identity theft or it will cause keystroke logging malware to be installed on to your computer or other device that would steal your personal information and make you a victim of identity theft.  In this particular phishing scam there are many indications that it is a scam.  First is that it came from an email of a private individual and not from AT&T.  In fact, the email probably was sent as part of a botnet where an unsuspecting victim’s computer was hacked and used to send out these scam emails.  Another indication is that the email is not directed to me by name, but rather to me as “Dear customer.”  In addition there is not identification of my particular account.  Finally, and most tellingly are the spelling errors such as the incorrect spelling of the word “failure” and “result.”


“Dear customer,

 We noticed that your billing information has recently change as we are unable to process
your last month bill.

 Please update your billing information by clicking on our secure server below to avoid termination of your AT&T line.

 Note: Faluire to update your billing information will rezult to termination of your Line and you wont be able to restore your number.

Best regards,
AT&T© 2014 AT&T Inc.All rights reserved.”


Never click on links in emails or text messages unless you are absolutely sure that they are legitimate and do not provide personal information in response to an email unless you are absolutely sure that both the request is legitimate and that the request is actually coming from the real company.  When I first received this email I could tell right away that it was a scam.  However, if I had any thought that it might be legitimate, I would call the company, in this case AT&T at a telephone number that I know is correct in order to inquire about the email.

Scam of the day – April 3, 2014 – AT&T phishing scam

April 3, 2014 Posted by Steven Weisman, Esq.

Many people use AT&T for their phone service so when identity thieves indiscriminately call people and tell them that for merely completing a survey on AT&T’s website, sums of money ranging from $100 to $350, depending upon the particular scammer calling, would be credited to the person’s AT&T account, the identity thieves stand a good chance of finding AT&T customers among their calls.  The websites to which the potential victim is directed are, of course, phony.  This type of scam where you are directed to a phony website is called phishing.  When you go to the phony website, many of which have names that appear to resemble that of the real AT&T website, such as or, you will be directed to provide personal information, which will then be used to make you a victim of identity theft.  Alternatively you may be prompted to click on links that will download keystroke logging malware on your phone, which will gather information from your smartphone and use it to make you a victim of identity theft.


Never provide information to anyone over the phone or in response to a text message or email that you have not contacted because you can never be certain that they are who they purport to be.  Never click on links that purport to take you to a website because when you click on the link, you may be downloading keystroke logging malware or other malware.  Instead, if you believe that the initial communication has a chance of being legitimate, merely contact by phone or online the company at an email address, phone number or website that you know is legitimate.  In the case of this particular scam, a quick call to AT&T would let you know that this is a scam call to avoid.

Scam of the day – March 14, 2014 – New Citibank email scam

March 14, 2014 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email.  Citibank is a popular bank with more than 200 million customers throughout the world, therefore identity thieves can feel pretty confident that when they send out an email blast that many of the people receiving the email will, in fact, be Citibank customers.  This particular scam email follows a familiar pattern.   It presents what would be a reasonable reason for responding by clicking on the link; in this case it is to add security features to your account to help prevent the very types of identity theft that this scam is actually attempting to perpetrate.  It looks pretty official and the message doesn’t even have grammatical or spelling errors.  However it is a total scam.  If you click on the link in these types of scams one of two things will happen.  Either you will be sent to a phony but official looking website where you will be prompted to provide personal information that will end up being used to make you a victim of identity theft or merely by clicking on the link, you will download keystroke logging malware programs that will steal the information from your computer or other device and use that information to make you a victim of identity theft.  This identity theft tactic is called phishing.

Here is the email that I received.  DO NOT CLICK ON THE LINK.

“Dear Esteemed Customer,
We have added extra security to your Citi account to prevent identity   theft on your account.To secure your Citi account, click the link below:
Note: You need to login using your email address and password to access   before you can access the secured Citi network.
Best regards,   Citi Customer Service”


Regardless of how official an email or a text message may appear, you should never click on any links or download any attachments unless you are absolutely sure that it is legitimate.  In the case of this particular email, it was sent from an address that was not an email address of Citibank which was a sure indication that it was a scam.  Rather, it was sent from a computer address hacked into a botnet of compromised computers so that the identity thieves can send out phony emails that are difficult to trace back to the criminals.  However, even an email originating from a legitimate looking email address, can be merely a phony email.  In this particular case, if you have any thought that it might be legitimate, you should call or email Citibank at a telephone number or email address that you know is legitimate to confirm that it is a scam.  Also, make sure that you keep your anti-malware and anti-virus software up to date on all of your electronic devices.


Scam of the day – March 12, 2014 – More AOL scams

March 12, 2014 Posted by Steven Weisman, Esq.

Although it is nowhere near as popular as it once was, America Online (AOL) is still used for email by more than 2.5 million people and that means that it will be a target for identity thieves and hackers who are constantly sending out new “phishing” emails attempting to lure people into clicking on tainted links that are infected with malware.  When the unwary receiver of the email clicks on the link, he or she unwittingly downloads keystroke logging malware on to his or her computer or other device that will steal personal information from the victim’s device and use it to make the person a victim of identity theft.   Phishing is the name for the tactic when an identity thief sends a message that looks like it is from a legitimate source and persuades the victim to respond by either clicking on a link that will download malware or into providing requested personal information that will be used to make the person a victim of identity theft.  Here are a couple of examples of AOL phishing emails presently being circulated.  DO NOT CLICK ON THE LINKS.

Dear Valid User,

Your account was accessed from a device we did not recognize at (Ireland )  09:00 Irish Standard Time). If you did not check it from another device, please CLICK HERE to your account.

Sincerely, Aol Service.”


Click here now to confirm the validity of your account.

 Thanks again for choosing our Service.
Sincerely, America Online Team”
You will notice that the first example had a good reproduction of the AOL logo and what appears to be a legitimate reason to contact you.  The second example is pretty shoddy and does not appear terribly official.  It is also important to note that in both instances, these emails are being sent from email addresses that were stolen by hackers who hacked into and took control of the email accounts of legitimate AOL users.  However, the addresses do not indicate anything to make you think that it is an official address for AOL as a company.  The key lesson to remember, however, is that regardless of how legitimate an email looks that contains an email or an attachment, you should never click on the link or download the attachment until you have confirmed that it is legitimate.  You can never be sure when you receive an email or text message as to who is really sending it.  The best course of action is to always confirm that it is legitimate before clicking on any link or downloading any attachment.  In this case a call or email to the real AOL should have been done by anyone who had the slightest thought that the emails might have been legitimate.

Scam of the day – March 6, 2014 – Verizon Wireless scam

March 6, 2014 Posted by Steven Weisman, Esq.

“Spoofing” is the name for the tactic used by identity thieves to make a call that you receive appear to come from a legitimate source, when, in truth it is from a scammer who has merely managed to make it look like the call is legitimate.  Many people are reporting receiving calls on their smart phones or landlines that on Caller ID appear to be from “Technical Support” and carrying a telephone number that is a real number for Verizon Wireless technical support.  The call received is an automated robocall that informs you that you have are eligible for a $54 reward and then directs you to the website  This website is a phony website which lures you into providing personal information that is then used to make you a victim of identity theft.  In other variations of this scam, merely by clicking on a link on the phony website, you will unwittingly download keystroke logging malware that will steal the personal information from your computer and use this information to make you a victim of identity theft.   This type of scam by which a legitimate-looking, phony website tricks you into providing personal information or clicking on tainted links is called “phishing.”


You can never trust a phone call to actually be from whom the caller says.  Spoofing is easy to accomplish by identity thieves.  Don’t be tricked into trusting a telephone call.  In addition, robocalls are illegal so you should never trust a prerecorded call.  Nor should you click on links that you are not sure are legitimate.  If you have any thought that the original contact might be legitimate, contact the company directly at a website address or telephone number that you know is accurate to inquire about the particular matter.

Scam of the day – January 26, 2014 – FBI warns retailers of future hacks

January 26, 2014 Posted by Steven Weisman, Esq.

Recently the FBI issued a warning to retailers throughout the country warning them that the type of recent hacking of their credit and debit card payment systems that was used against Target and Neiman Marcus can be expected to be used against many more retailers in 2014.  The malware used in these attacks infects point of sale systems (POS) such as credit card swiping devices and, in some instances, cash registers at check-out counters.  This malware, referred to as a “RAM scraper” intercepts the information on the card’s magnetic stripe in the brief moment before the data is encrypted and then transmits the information to the hacker.  This type of malware is presently being sold to identity thieves on the black market for as little as $1,000 or as much as $6,000 for more advanced editions of the malware, which must then be downloaded on to the company’s computer system, most often through sophisticated phishing tactics or an insider co-conspirator.  Presently the retailers do not have security software capable of preventing such attacks.  At the present time they can only attempt to identify the attack as soon as possible in order to then take the steps to remove the malware.  Although Target has gotten most of the publicity for its attack, smaller retailers with less sophisticated systems are probably more at risk and, in fact, may already have had their security breached, but not yet recognized the attack.

So what does this mean to you?


You may wish to discontinue using the self-swiping device present at many stores and instead ask the clerk to swipe your card directly through the cash register, which is somewhat more secure.  I say somewhat because the cash registers are also able to be hacked, but they are somewhat less vulnerable and more secure than the credit card self-swiping devices we use in stores.  Perhaps the most important thing you can do is, as I have advised you previously, refrain from using your debit card for shopping because the consumer protection laws regarding debit cards are much weaker than the laws regarding fraudulent use of your credit card.  Potentially the entire bank account to which you have tied your debit card is at risk if you are a victim of a Target-like hacking, not to mention the inconvenience even if you identify the breach immediately.


Scam of the day – January 16, 2014 – Debit card phishing scam

January 16, 2014 Posted by Steven Weisman, Esq.

Recently customers of St. Anne’s Credit Union, BankFive, Bristol County Savings Bank, Mechanics Cooperative Bank, Taunton Federal Credit Union and Bridgewater Savings Bank in Massachusetts have been receiving telephone calls purportedly from their banks in which the caller tells the person answering the call that the caller works for his or her bank and that there has been a security breach of the customer’s account at the bank and that the account has been frozen for security purposes.  The customer is then told that in order to resolve the situation and make the account available to the customer again, the customer must confirm their debit card number and PIN.  Of course, the calls are not coming from the customers’ banks.  They are coming from scammers seeking this information in order to access the accounts of the people receiving the calls.  In truth, not only are the calls not coming from the banks, many of them are coming from scammers who are not even located in the United States.  Although this scam has recently been reported in Massachusetts, you can expect it to spread rapidly around the country.


Your real bank will not ask for your debit card number of PIN on the phone.  Whenever you get a telephone call, text message or email requesting such information, you should refuse to provide it because you can never be sure that the communication is legitimate.  In fact, in all circumstances, this will merely be a scam attempting to get your personal information in order to make you a victim of identity theft.  If you have any thought that the communication might be legitimate, call your bank at a number that you know is legitimate to inquire as to the status of your account.

Scam of the day – January 12, 2014 – Phony court summons scam

January 12, 2014 Posted by Steven Weisman, Esq.

Reports are coming from around the country of people receiving phony emailed court summons from courts in various major cities such as New York, Houston, St. Louis, Washington DC and others in which the person receiving the email is prompted to click on an attachment to obtain further details.  This scam, like many, is a phishing attempt to get people to click on a link or download an attachment that will result in the person receiving the email either providing personal information that can be used by the scammer for purposes of identity theft or will cause the person downloading the attachment to unwittingly download a keystroke logging malware program that will provide the identity theft with all of the information in the victim’s computer which would also be used to make the person a victim of identity theft.  In either case, nothing good can come from downloading the attachment.

Here is a copy of one of the recent emails currently being circulated:

“Notice of appearance,

Hereby you are informed that you are due in the court of Houston

on the 19 of January, 2014 at 09:00 am for the hearing of your case.

You are kindly asked to prepare and bring the documents relating to the case to Court on the specified date.

Please, download the copy of the court notice attached herewith to read the details.

Note: The case may be heard by the judge in your absence if you do not come.”


Many people are comfortable ignoring these emails merely because they provide no precise information about a particular case or court.  In addition, if they refer to a city or state where you have never been, you can also be pretty sure that it is a scam.  However, as I constantly advise you, under no circumstances should you ever download an attachment or click on a link unless you are sure that it is legitimate.  If you have any thought that the email might be legitimate, you should call the court for further information.  In addition, it is important not to provide personal information online unless you are sure that it is legitimate and required.  Finally, make sure that your security software is maintained up to date with the latest patches.

Scam of the day – December 27, 2013 – Syrian Electronic Army update

December 27, 2013 Posted by Steven Weisman, Esq.

I first reported to you about the Syrian Electronic Army last summer when this organization hacked into the New York Times, the Washington Post and a number of other major American companies.  More recently, in October I told you about the SEA’s hacking into President Obama’s Twitter and Facebook accounts.  In perhaps its most disruptive attack, the SEA hacked into the Associated Press’ Twitter account this past April and sent out a phony tweet about explosions at the White House.  The response to this phony and false tweet included a temporary drop in the stock market as the market responded to the fake news story with panic.  This group, which may or may not be sponsored or controlled by the Syrian government of President Bashar al-Assad, certainly is philosophically aligned with his government.

Earlier this week, the FBI warned many companies about new cyberattacks being made by the SEA at this time.  The cyberattacks begin with an innocuous looking email that purported to contain a link to a CNN article about the Syrian revolution.  The email also directed the recipients of the email to a phony Google log-in page which required the person receiving the email to input his or her username and passwords.  This phishing type scam appears to be how the SEA manages to gain access to the websites and data bases of their targets.  Once the SEA has the usernames and passwords, it is able to often use that information to infiltrate the computers of the companies of their victims.


The lesson here is not just for major companies that may be targets of the Syrian Electronic Army, but is one for all of us.  This tactic used by the SEA is also used by scammers and identity thieves whose goal it is to get access to the information in your computers, laptops and smartphones for purposes of identity theft.  By luring you to click on a tainted link or download or tricking you into providing usernames and passwords, these identity thieves and hackers manage to get you to turn over the keys to your kingdom.  As I often say, “trust me, you can’t trust anyone.”  Never click on links or download attachments which may be riddled with malware unless you are absolutely sure that they are legitimate.  Merely because a link or attachment is in an email that appears to come from someone you know, you cannot be sure that your friend’s email has not been hacked by an identity thief.  Always confirm that a link or attachment is indeed accurate before ever clicking on the link or downloading.  Also, jealously guard your username and passwords.  Again, make sure that anytime you are asked for them, that the inquiry is legitimate and not just a cleverly worded phishing attempt.

Scam of the day – December 19, 2013 – Playstation 4 and Xbox One targeted by hackers

December 18, 2013 Posted by Steven Weisman, Esq.

Computer security company Kaspersky Lab recently disclosed that it had found that hackers have been targeting the new Playstation 4 and Xbox One gaming consoles in large numbers.  However, owners of these two systems are not alone.  According to Kaspersky, there are an estimated  34,000 cyber attacks on gaming systems each day through the world.  The country with the largest number of gaming cyber attacks is Spain wtih Poland a relatively close second.  The hackers are after gamers’ usernames and password which they then sell on the black market.  This also poses a larger problem of identity theft for hacked gamers due to the fact that too many people use the same usernames and passwords for multiple accounts, putting their security in jeopardy if that information falls into the hands of an adept identity thief.


As with so many  instances of hacking, the way that hackers gain access to your smartphone, computer, laptop or gaming console is through phishing techniques that lure people into downloading tainted attachments or clicking on infected links.  As I constantly remind you, never click on links or download attachments unless you are absolutely sure that they are legitimate and even if they appear to come in a text or an email from someone you trust, your friend’s smartphone or email account could have been hacked so it appears a message containing a link or an attachment is coming from someone you trust when in fact, it is coming from an identity thief or hacker who has infected the link or attachment with keystroke logging malware that will steal the information from your computer, smartphone or other device and make you a victim of identity theft.