Scam of the day – December 31, 2015 – American Express phishing email scam

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links  or downloading attachmentscontained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  Here is a copy of a new phishing email that appears to come from American Express that is presently circulating.  This particular one is not particularly convincing.   It does not address the person receiving the phishing email by name, but rather by the generic “Dear American Express User.”  In addition, as is common with many scams which often originate out of the country where English may not be the first language of the scammer, the grammar is not good.

“Dear American Express User,

During our server routine  update we noticed you enter wrong detail. We implore you

to download the attached file  to re-verify your details.

NOTE: You are strictly advised to match your information correctly to avoid service suspension.

Thank you for your continued Card Membership

Sincerely,

American Express Customer Care”

TIPS

An indication that this is a phishing email is that the email address from which it was sent had nothing to do with American Express, but most likely was from a computer that was part of a botnet of computers controlled remotely by the scammer.   As with all phishing emails, two things can happen if you click on the links or download the attachments provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call American Express at the telephone number found on the back of your card and you will be able to confirm that it is a scam.

Scam of the day – May 10, 2014 – Mothers’ Day scams

Although for many of us, Mothers’ Day is an opportunity to show our mothers how much we love and appreciate them, for scam artists, the only criminals we refer to as artists, it is yet another opportunity to scam people.  One common Mothers’ Day scam involves an email that you get offering Mothers’ Day gifts such as flowers, jewelry, shoes or clothing at tremendously discounted prices.  All you need to do is to click on a link to order online.  The problem is that many of these offers are indeed scams.  If you click on the link, one of two things can happen and both are bad.  Sometimes the link will take you to an order form where you provide your credit card information, but never get anything in return.  Instead your credit card information is used to make you a victim of identity theft.  Even worse is the other possibility which is by clicking on the link, you will unwittingly download a keystroke logging malware program that will steal all of the personal information stored on your computer and use that information to make you a victim of identity theft.  Another Mothers’ Day scam involves e-cards which are great, particularly for those of us who forget to get a Mother’s Day card until the last minute.  Again, however, identity thieves will send emails purporting to contain a link to an electronic Mothers’ Day card, but if Mom clicks on the link, she will download that dangerous keystroke logging malware that I just described.

TIPS

It is always dangerous to buy anything online from any store or company with which you are not familiar.  Check out the company with the Better Business Bureau, your state’s Attorney General, the Federal Trade Commission or just on Google to see if the company is legitimate.  Even then you are better going directly to the company rather than dealing with a company through an email that may just be a forgery of an email from a legitimate company.  As always, if  the offer you receive sounds too good to be true, it usually is.  As for e-cards, never open an e card unless it specifically indicates who sent the card.  Phony e cards will not indicate the name of the sender.  If the email card states that it is from “your son” or “your daughter,” don’t open it until you have confirmed with your child that they indeed did send that particular e-card.  You can’t trust an e-card that indicates it comes from someone where only the first name is used because that too may be a scam.  The best course of action is to always confirm with the purported sender that they have sent you an e-card before you open it.

Scam of the day – May 8, 2013 – Iron Man 3 scam

The movie Iron Man 3 is already a huge hit with early box office figures setting records around the world.  Pirated versions of movies being distributed on the Internet is a major problem for the movie industry, but it is also a major problem for consumers.  I don’t condone buying cheap bootlegs of movies over the Internet; that is a crime.  However, I understand that many people will be tempted to purchase or even get for free what they think are pirated versions of popular movies.  Scammers understand this too, which is why there are already more than a hundred websites, not connected with the studio that produced Iron Man 3, claiming that they have copies of Iron Man 3 for purchase or free in some instances.  These sites require you to download a file containing a video player.  The problem is that by downloading this video player, you may be downloading keystroke logging malware along with or instead of the promised video player.  This malware can steal all of your personal information from your computer including credit card numbers, bank account numbers and passwords and turn you into a victim of identity theft.  Facebook is also being used by the identity thieves to spread links for free copies of Iron Man 3 that indeed may well be tainted with malware.  Many of these links ask for your credit card, which you should not provide and end up giving you nothing.  Other links lure you in with the promise of a free streaming of Iron Man 3, but then take you through a survey for which the scammer gets paid and at the end you still do not get a copy of Iron Man 3.

TIPS

Never click on links or download files unless you know what you are clicking on or downloading is legitimate.  Obviously you cannot trust someone who is promising to provide you with a pirated product.  The risk of downloading malware is just too great.  Pay your money and go to the movie in the theater or if you want a home version, it won’t be too long before the movie is legitimately available online.

Scam of the day – May 7, 2013 – Ransomware update

I have previously warned you about this type of  scam on December 3, 2012, January 19, 2013 and as recently as March 26, 2013, but today’s update is because now it is personal.  When I went to turn on my computer today I was locked out and a Ransomware scam was facing me on my computer.  Ransomware scams occur when you find that you are unable to use your computer and you receive an email message or a notice on your screen, as I received, indicating that your use of your computer has been frozen due to illegal activity being detected on your computer.  A common variation of this scam being done now purports to be from the Department of Homeland Security and its National Cyber Security Division.  The version I got purported to be from the FBI.  Even scarier was the fact that it had control of my computer camera and a photograph of me appeared at the top of the phony notice.   In the notice I was told that I needed to pay a fine before my computer would be unfrozen and I would be able to have access to it again.  In fact, the freezing of my computer has not been done by the Department of Homeland Security, the FBI or any other governmental agency.  It was done by a scammer who installed malware on my computer either through a tainted website, download or link that I had gone to  It is for this reason, that I am always reminding you never to click on links and download attachments unless you are absolutely positive that they are legitimate.  And even though I follow my own advice, somewhere I got caught.

TIPS

The best way to deal with ransomware is to avoid it in the first place.  Maintain a good firewall on your computer and install and maintain up-to-date security software.  Also, never click on links or download attachments unless you are absolutely sure that they are legitimate.  Even if the link or download is in an email or a Facebook posting that appears to come from a friend of yours, their account may have been hacked and the communication may be from a scammer.  Never pay a ransom to regain control of your computer.  There is no guarantee that the criminal who froze your computer will let you off the hook.  Rather, have a computer professional go through your computer to find the source of the problem and resolve it.  It is also important to remember that no legitimate agency will freeze your computer and make you pay a fine to unfreeze it.  In my case, my security software was not able to stop the malware from initially freezing my computer, but when, through the use of free software from Malwarebytes, I was unable to unfreeze my computer, I was able to do a security scan and find that my security software had stopped the keystroke logging malware that the scammer had attempted to download to my computer.  Had I not had such software, my computer’s information would have been at the mercy of the scammer.

If you are a victim of ransomware, here are a couple of free links that can help you.   The first  is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover.  The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware.  This was what I used to get rid of the malware freezing my computer.  The link is www.malwarebytes.org.  It is free although there is also an updated version, which I use.

Scam of the day – October 16, 2012 – New telephone scam

Telephone scams are nothing new.  The grandparent scam, which occurs when a grandparent gets a phone call from a scammer posing as a grandchild and pleading for money because they have gotten into trouble in another country still is an effective scam despite years of warnings.  In addition, there are many scams that also use the telephone as the mode of contacting the intended scam target.  The latest, which has been concentrated to date in Florida, but can be expected to spread throughout the country involves a parent or sibling receiving a telephone call telling him or her that a family member has gotten involved in an automobile accident.  The call purports to be from the person who has been involved in the accident with the target’s family member.   In the version of this scam currently going on in Florida, the caller tells the family member in Spanish or in English with a Spanish accident that his motorcyle was damaged and that he will kill the family member unless money is wired to him.  The area code on most of these calls  is 787 which is Puerto Rico with some of the calls even originating in prison there.  The FBI is presently investigating the matter.

TIPS

Phone scams are dramatically on the rise because they work.  Never send money to anyone who calls you in regard to an emergency pertaining to a friend or a family member until you have actually confirmed that it is accurate.  Contact the friend or family member.  Contact the police or hospitals in the area where the event is alleged to have happened.  What you will find is that it is a scam.  Never wire money in response to a telephone call.  Wiring is the preferred method of payment for scam artists because it is all but impossible to retrieve.  Be skeptical and keep your money.  Trust me, you can’t trust anyone.

Scam of the day – September 13, 2012 – Foreign investment Ponzi scheme

Recently Carmelo Provenzano and Daniel Dragan pleaded guilty to crimes related to operating a Ponzi scheme through which they scammed investors out of millions of dollars.  They lured their victims into investing in two phony hedge funds “Caxton Capital Management” and CCP Pro Consulting, Inc.” that they claimed brought returns of more than 170% through the use of a secret computer algorithm that directed their investments in foreign currencies.  Their scam was remarkably similar to the original scam of Charles Ponzi who said he had a secret formula that took advantage of fluctuations in the values of foreign currencies.  As with Ponzi, early investors of Provenzano and Dragan got paid from the funds invested by later investors, which gave the investment the appearance of legitimacy while the two then took most of the money to fund a lavish lifestyle.

TIPS

It bears repeating.  If it looks too good to be true, it usually is.  Anyone being promised a return of 170% should be skeptical.  Additionally, you should never invest in anything that you do not understand, a mistake that investors have made in many Ponzi schemes including the Ponzi scheme of Bernie Madoff.    It also is helpful to check out the history of the people asking for your investment dollars as well as never invest with anyone unless there is an independent custodian who holds the investment in order to avoid having the same person both manage and hold the investment which is a recipe for disaster since it makes it easy for the scammer to hide his or her crimes.

Scam of the day – August 18, 2012 – Publishers Clearing House prize scam

The famous Publishers Clearing House will be awarding its annual prize soon and scammers are taking advantage of this fact by telephoning people to tell them that they have won a huge prize, but they have to purchase a prepaid gift card or prepaid credit card and provide the number to the caller in order to be able to claim the prize.  If you do so, you will end up losing the money that you paid for the card to the scammer.

TIPS

As I have often said, it is hard enough to win a contest that you have entered; it is impossible to enter a contest you have not entered.  However, many people do enter the Publishers Clearing House contest so you may find it credible to be contacted by someone purporting to be with Publishers Clearing House to tell you of your lucky day.  The fact is that Publishers Clearing House will only notify you by regular mail or in person.  They will not contact you by phone or by email and they will never ask for any administrative fees or other costs to be paid to claim your prize.

Scam of the day – August 6, 2012- Wireless phone cramming

Many of you may be familiar with the scam of “cramming” where unauthorized charges are added to your phone bill.  Often due to phone bills being so lengthy and confusing, people may not spot small recurring bills for services that they do not recognize and just ignore them while the scammer continues to steal the victim’s money.  Since October of 2011, customers have been permitted to block third party billing on their landlines, however, the ability to add such third party charges on your smart phone is still legal and abused by scammers who do this for illegal purposes.

TIPS

Sometimes cramming is the result of a scammer just getting the information to access your phone and add charges, but other times, people may not realize that they have given permission for such additional charges in the fine print contained on documents, such as a contest form, that they might find at a fair or other public event.  The lesson is to first, always read the fine print of anything you sign and second to read your smart phone bills carefully each month and make sure that you understand what every charge is for and dispute any charges that are bogus.

Scam of the day – July 27, 2012 – Olympic scams part 3

Another type of scam that will be prevalent during the Olympics will be found on your Facebook page and other social media that you use.  You may find a message with a link to a rare video of something spectacular or intriguing that just went on at the Olympics.  Best of all, the video is being sent to you by a trusted friend.   Unfortunately, what may have happened is that it is not your trusted friend at all who has sent you the link to the video that captures your interest.  Instead, your friends Facebook account most likely has been hacked (it is an easy thing to do) by a scammer who lures you into clicking on the link and downloading a keystroke logging malware program that will steal all of your information including credit card numbers, your Social Security number and your bank account passwords from your computer.

TIPS

As I always say, trust me you can’t trust anyone.  Before you download or click on what purports to be extremely rare video footage of something that captures your interest, first make sure that the person who sent it to you really did send it to you.  And then you still shouldn’t download it because it may merely mean that your friend is unwittingly passing on malware without knowing it.  If the video is legitimate, you wil be able to find it on a legitimate news media website.