Scam of the day – February 23, 2016 – Oregon man pleads guilty to hacking celebrity email accounts

After pleading guilty to a charge of felony computer hacking, 29 year old Andrew Helton of Portland Oregon is facing a sentence of up to five years in prison when he is sentenced on June 2nd. Between March 2011 and Mary 2013, Helton used a phishing scheme to steal the usernames and passwords of 363 Apple and Google email accounts including those of many celebrities.  Once he had access to his victims’ email accounts he was able to access all of the contents of their email accounts including 161 sexually explicit or nude images of thirteen of his victims, some of whom were celebrities.  It should be noted that Helton did not post any of the stolen photos online and his case is totally unrelated to the stealing and posting of nude photos of celebrities including Jennifer Lawrence and Kate Upton that occurred in September of 2014.

Helton obtained the usernames and passwords of his victims through a simple phishing scheme by which he sent emails to his victims that appeared to come from Apple or Google in which his victims were asked to verify their accounts by clicking on a link which took them to a website that appeared to be a login page for Apple or Google.  Once they entered their information, Helton had all that he needed to access his victims’ accounts.


The type of phishing scam used by Helton is one used by many other scammers as well and it is easy to defend.  Always be skeptical when you are asked to provide your personal information, such as your user name, password or any other personal information in response to an email or text message.  Trust me, you can’t trust anyone.  Always look for telltale signs that the communication is phony, such as bad grammar or the sender’s email address which may not relate to the real company purporting to send you the email.  Beyond this, even if the email or text message appears legitimate, it is just too risky to provide personal information in response to any email or text message until you have independently verified by contacting the company that the communication is legitimate.

In addition, you should not store personal data or any photos or other material on your email account. Store such data in the cloud or some other secure place.

Scam of the day – December 8, 2015 – USAA phishing email

People are reporting a new scam in which you receive a phishing email that purports to be from USAA, the insurer of millions of members of the military as well as many veterans, telling you that you need to click on links in the email in order to view important documents.   Like many phishing emails, the scammer tries to convince you into thinking you must click on a link and provide personal information or suffer dire consequences when the truth is that if you click on the link or provide personal information, you will become a victim of identity theft as the identity thief will use the information you provide to make you a victim of identity theft.  Alternatively, merely by clicking on the link provided in the email, you may download keystroke logging malware that will enable the identity thief to steal all of the information in your computer, laptop or other device and use that information to make you a victim of identity theft.  Here is a copy of the new email that is presently circulating.  DO NOT CLICK ON THE LINKS.  As phishing emails go, this one is pretty convincing and includes a copy of the USAA logo which is easy to copy and include in an email.



Image result for usaa logo

“View Accounts | Privacy Promise | Contact Us

Dear User,

You have new documents on Log on to view your documents.  If you don’t want to receive this e-mail notification when your new documents are posted to, you can change your preferences.
View Your Documents

Thank you,
P.S. Texting and driving … it can wait. Take the pledge to never text and drive.”


Frankly, whenever you get an email, you can never be sure who is really sending it to you.  Obviously if you receive this email and you do not have an account with USAA, you know it is a scam, however, if you receive something like this that appears to come from a company with which you do business, you should still not click on any links contained in the email unless you have independently confirmed with the company that the email is legitimate.  Remember, even paranoids have enemies.



Scam of the day – September 28, 2015 – New iTunes phishing scam

Today’s Scam of the day comes right from my own email account although many people are reporting receiving the same email.  It appears to be from iTunes and indicates that in order to continue to use iTunes, I must verify information in my account.  The email is a scam and works in one of two ways, both of which are bad.  In one scenario if you click on the link to provide information, you will be turning over your personal information to an identity thief who will use the information to make you a victim of identity theft.  Even worse is the other possible scenario which is that when you click on the link, you will unwittingly download a keystroke logging malware account that will permit the identity thief to steal all of the information on your computer and use it to access your credit cards, bank accounts and other financial accounts and use that information to make you a victim of identity theft.  This particular email which is reproduced below contains a number of clues that it is a scam.  Often these emails come from botnet zombie computers that have been hacked into to send out these emails and so the email address from which it was sent will not have anything to do with Apple or iTunes, but will carry the address of the unfortunate person whose email was hacked and taken over.  In my case, the email was sent by a non-business account in the United Kingdom  Also, although it is easy to copy logos, identity thieves, particularly when they are from foreign countries do not use proper grammar or proper English.  For instance, in this email the word “cooperation” is spelled incorrectly.  Finally, the email is addressed merely to “Dear iTunes User” instead of using my name in the salutation thereby indicating that this is being sent out widely to many individuals rather than sent merely to people to whom it would apply if it were legitimate.

Here is a copy of the email I received.  DO NOT CLICK ON THE LINK.

“Dear iTunes User,

Your account requires verification due to our recent upgrade. It is mandatory that you confirm your details through our secure link below.


Thank you for your co-operation.

Sincerely Yours,

iTunes Admin
Copyright © 2015 Apple Inc. All rights reserved”



Never click on a link unless you are absolutely sure that it is legitimate and unfortunately whenever you receive an email or a text message with a link, you cannot be sure that the message is legitimate.  Many times you will receive emails or texts such as this purporting to be from companies that you do not even do business with and you obviously can ignore these.  But if you have any concerns that the email might be legitimate, you still shouldn’t click on the link.  Instead you should call the particular agency or company at a telephone number that you know is accurate to inquire as to whether the email or text message was legitimate.  Chances are that you will find out that it is a scam.  Once, I received a large invoice from a company with which I do business for goods I did not order, but rather than click on the link provided in the email, I went directly to the company’s website to question the invoice.  When the website came up, the first thing I saw was a large announcement that the invoice was a scam and that many people had received these phony invoices.  If I had clicked on the link, I would have become a victim of identity theft.

Scam of the day – September 14, 2015 – Federal government unveils new cybersecurity plan

It is no secret that the federal government, as evidenced by the recent hacking of the Office of Personnel Management (OPM) in which personnel data on 22 million people was stolen, is a target of hackers, both nation-state and ordinary (or perhaps not so ordinary) criminals.  The OPM data breach was initiated as was the Target data breach and 90% of all data breaches through a phishing email.  A phishing email is an email sent by the hacker that appears to be legitimate and lures the victim at the targeted company or agency to click on a link or download an attachment that contain malware that enables the hacker to steal the information contained in the victim’s computer system.  It is fascinating in almost all major data breaches, the most complex and sophisticated malware is downloaded on to the victim’s computer through the simple trickery of phishing.  Here is a link to a column I wrote about this last year.

In response to the OPM and other data breaches, William Evanina, the Director of the National Counterintelligence and Security Center has announced a new campaign to raise the awareness of federal workers to the dangers of phishing and specifically targeted phishing emails referred to as spear phishing.


Phishing and spear phishing represent threats not just to companies and governmental agencies, but to all of us as individuals as well.  Identity theft is often accomplished through individuals being targeted by phishing or spear phishing emails who unwittingly click on links or download attachments that contain keystroke logging malware that enables the identity thief to steal all of the information including passwords, credit card numbers, Social Security numbers and other personal information from the victim’s computer and use that information to make that person a victim of identity theft.  Other types of malware, such as ransomware, which encrypts and locks all of the data in your computer, followed by a threat to destroy your data unless you pay a ransom, is generally downloaded through clicking on a link or downloading an attachment from a phishing email.

The key to avoiding becoming a victim is to never click on a link or download any attachment unless you have absolutely confirmed that the link or attachment is legitimate.  Even if the link is contained in an email from someone you know and trust, it is possible that their email may have been hijacked so you must always be a bit skeptical.  It may seem a bit paranoid, but remember that even paranoids have enemies.