Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – December 6, 2019 – Russian Hacking Group Evil Corp. Face Criminal Charges

Russians Maksim Yakubets and Igor Turashev who the Justice Department allege operated an international cybercrime organization known as Evil Corp (which sounds like it should be the villain in an Austin Powers movie) were charged yesterday with stealing 100 million dollars from people and businesses throughout the United States.  Both Yakubets, who drives a Lamborghini with a license plate that reads “Thief” in Russian, and Turashev are unlikely to be extradited to the United States from Russia.

The manner in which they operated their scheme was simple and effective.  They sent malware infected spear phishing emails to their targeted victims which included a luggage business in New Mexico and a dairy in Ohio.  When their victims clicked on links in the spear phishing emails, a malware known as Dridex would be unwittingly downloaded on to the computers of their victims where the malware would seek and harvest the banking credentials of their victims.  Armed with this information Yakubets and Turashev would electronically access their victims’ bank accounts and transfer funds to another account from which the funds would then be transferred ultimately to Russian accounts controlled by Yakubets and Turashev.

TIPS

Phishing and the more specifically targeted spear phishing are the primary way that victims of many scams are lured into unwittingly downloading harmful malware such as Dridex or ransomware, for example.  While many of us have become skeptical of basic phishing emails that we receive that try to trick us into clicking on links, more advanced spear phishing which takes phishing to another level uses personal information about the targeted victims to tailor the phishing email to appear more legitimate and entice the victim into clicking on the link.  Spear phishing has become an even larger problem with the great number of data breaches which have resulted in personal information being stolen that can be leveraged into spear phishing emails.

The lesson is to remember my motto, “trust me, you can’t trust anyone.”  Never click on any link in an email or text message unless you have absolutely confirmed that it is legitimate.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 4, 2019 – CISA Extortion Scam

The Cybersecurity and Infrastructure Security Agency (CISA) is a federal agency created in 2018 that works with both the public and private sectors to build and maintain our nation’s infrastructure and protect it from cyberattacks.  CISA recently issued a warning to the public to be aware of scammers calling people on the phone posing as a CISA employee who indicates to the person receiving the call that he or she had committed improper computer activities.  The caller then demands the payment of money in order to resolve the accusations.  This is just the latest incarnation of the infamous impostor scam where victims are called by people who falsely represent that they are with various governmental agencies such as the IRS or the Social Security Administration (SSA) and demand payment for imaginary infractions or request information under some false pretense.  Due to the ease of spoofing, by which the scammer is able to manipulate your Caller ID to make it read as if the call really is coming from a legitimate source, this scam is readily perpetrated and, unfortunately, has proven to be a successful scam tactic.

TIPS

In regard to this particular version of the impostor scam, CISA is recommending people not to respond or try to contact the caller if they leave a message.  They also urge people not to pay anything to the caller.  Finally, they urge people to report the scam to their local FBI field office.  Here is a link to where you can find information about how to contact your local FBI field office.  https://www.fbi.gov/contact-us/field-offices/field-offices

In regard to the impostor scam in general, it is important to remember that you can never be sure when you are contacted by phone, text message or email as to who is really contacting you.  Therefore you should never give personal information to the person contacting you nor should you make any payment in response to the communication.  It is also important to remember that neither the IRS nor the SSA will ever initiate contact with you by phone, text message or email.  They will only contact you initially by regular mail.  If you do get a call that you think might be legitimate from any governmental agency or business, you should merely contact that agency or business directly through your phone or your computer to confirm whether or not the original contact was a scam.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 3, 2019 – Holiday Wine Exchange Scam

Illegal pyramid schemes take many forms.  A few weeks ago I warned you about the Secret Sister Gift Exchange. I first reported to you about this scam in 2015. It seems harmless enough when you see it come up in your email or on social media, such as Facebook and Twitter where it has increasingly been found lately.  It is often titled the “Secret Sister Gift Exchange” which generally starts when you are  provided  a list of six people.  You are told to send a gift worth at least ten dollars to the first person on the list, remove that person’s name from the list, move the second person on the list to the first position, add your name to the end of the list and then send the list to six of your friends.  In theory, you will receive thirty-six gifts for your small contribution of ten dollars.

So where is the harm?

First of all, it is a blatantly illegal chain letter and violates Title 18 of the United States Code, Section 1302.  In addition, like all chain letters, ultimately, it is destined to fail because it is a pyramid scheme where eventually we run out of people on the planet. For the last couple of years a Holiday Wine Exchange pyramid scheme has been turning up on Facebook, Instagram and other social media.  This pyramid scheme operates just like the Secret Sister Gift Exchange except you are directed to send bottles of wine.  There are many scammers using this scam and some of them are interested in gathering personal information from you that they use to make you a victim of identity theft.

Here is a copy of one of the posts used in this scam.

Wine-Exchange

TIPS

Avoid all chain letters regardless of the guise under which you receive them.  They are illegal.  In addition, although in some instances this particular chain letter is turning up on Facebook pages, it is a violation of your Facebook terms of agreement, so you potentially face the loss of your Facebook account if you participate in the scheme.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 2, 2019 – A Variety of Gift Card Scams

Buying a gift card as a gift is both an easy way to purchase a gift for someone and a good way to make sure that the gift is something that the receiver of the gift can actually use and enjoy.  It definitely is a win-win situation.  However, scammers are always ready to take any good thing and turn it into a scam. The most common gift card scam involves scammers going to racks of gift cards in stores and using handheld scanners that are easy to obtain, read the code on the strip of the card and the number on the front.  They then put the card back in the display and periodically check with the retailer by calling its 800 number to find out whether the card has been activated and what the balance is on the card.  Once they have this information they either create a counterfeit card using the information they have stolen or order material online without having the actual card in hand.

In some instances, the scammers don’t even bother to scan the barcode, but rather use what is called a brute force attack by using software that will try out huge numbers of possible bar code numbers and PINs to see if any of them match legitimately issued gift cards.  They strike gold when they find one or more that match legitimate cards.

Another gift card scam occurs when scammers place a sticker with the barcode of a a gift card that the scammers possess over the actual barcode of the gift card in the rack.  Thus when the card is taken by the gift card purchaser to the checkout counter to have the card activated, the funds used to purchase the gift card are credited to the card of the scammer.  It is not until the gift card purchaser tries to use his or her card that it is discovered that there are no funds credited to the card.

Some retailers, in an effort to reduce gift card fraud put a PIN on the gift card so that if the card is used online, the user must have access to the PIN which is generally covered and must have the covering material scratched off in order to be visible.  Unfortunately, many purchasers of gift cards are not aware of this so they don’t even notice that the PIN on the card that they are purchasing has already had the covering material scratched off by the scammer who has recorded the PIN.

Finally, you may be tempted to buy a gift card at a discounted rate at one of many online sites that enable people to sell their unwanted gift cards from particular retailers.  While there are many legitimate sites that will allow you to do this, it is not a good idea to buy a card from these sites because the card you buy may have been stolen or the value of the card may already have been used.

TIPS

When buying a gift card, only purchase cards from behind the customer service desk and if the card is preloaded, always ask for the card to be scanned to show that it is still fully valued.  This avoids all of the problems of tampering with the card before it is sold.

Always inspect the card carefully to make sure that the barcode has not been tampered with in any fashion and that the PIN is still covered.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 1, 2019 – Phony Retail Websites

Imagine Andy Williams singing, “It’s the Most Wonderful Time of the Year” and it may indeed be the most wonderful time of the year for many people, but it is not so wonderful if you have been scammed by cybercriminals who really do find the holiday shopping season to be the most wonderful time of the year – for them.  Many of us do much of our gift shopping online, which is a simple and convenient way to shop, particularly with stores so crowded during the holiday season.  Scam artists, the only criminals we refer to as artists are adept at constructing phony retail websites that appear to be legitimate.  In these websites, which sometimes are counterfeit sites of legitimate retailers, they offer popular products at extremely low prices.  However shopping at these bogus websites will only result in your credit or debit card information being stolen while you never get the product you ordered.

TIPS

If an offer sounds too good to be true, it usually is.  Scammers always pick the most popular and expensive items to lure people into sending them money for goods that never are delivered. You may wish to restrict your shopping to well-known, legitimate retailers and even then, make sure you are actually on their websites and not that of a scammer.  You can do this by going to https://www.whois.com/whois/ where you can find out who actually owns the website where you are considering shopping.  If, for instance, the Target website you are considering using is registered as being owned by someone in Nigeria, you can be sure it is a scam.  You also can go to www.resellerratings.com/ for reviews about particular merchants to find out if they are legitimate.

Even when shopping on a website that you are sure is legitimate, it is important to remember that while your liability for fraudulent use of your credit card is limited by federal law to no more than $50, your liability for fraudulent use of your debit card which is tied to  your bank account is unlimited if you do not promptly discover and report the fraud so always use your credit card for shopping whether you are shopping online or offline.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – November 30, 2019 – A New Facebook Lottery Scam

During the years that I have been writing Scamicide I have written many times about various Facebook scams.  The reason for this is that with 2.8 billion users, Facebook is obviously popular and anything popular with that many people will be sought after as a vehicle for scammers to scam people. People are reporting being contacted through Facebook and told that their name is included on a list of winners of a Facebook lottery.  Often the message appears to come from a trusted friend when the truth is that the trusted friend’s account had been hacked and used to send out the message to lure people into becoming victims of the scam.  Once you click on a link in the message, it takes you to a phony Facebook Lottery website filled with photos of other lucky winners.  You are then prompted to search for your name on a winner’s list on the website.  Of course, your name appears.  You are then instructed to complete a Status Verification form, after which you are told that you will need to pay various delivery and insurance fees before you can receive you prize.  You also may be asked for personal information.  Ultimately, there is no prize, the money you send to cover insurance and delivery fees is lost forever and if you provide personal information, it is used to make you a victim of identity theft.

TIPS

A strong password and security question can help increase your security on Facebook.  Unfortunately, however, a very simple flaw in Facebook procedures allows a hacker to get access to your account and the ability to change your password after the hacker is unable to answer your security question merely by having the hacker provide three “friends” with Facebook accounts to whom Facebook will send security codes that the hacker can use to gain access to your account and change your password.  The hacker, of course, has already set up Facebook accounts for three phony “friends” to whom Facebook will send the security codes which can be used to hack your account.  Other times, the personal information that is readily available about people on line is sufficient to answer the security question.  Regardless of how the account is hacked into, the result can bring an increased risk of identity theft to your real friends who may trust a message from you that contains a link with dangerous keystroke logging malware that can result in your real friend’s computer being infiltrated and all of the information on it stolen such as Social Security number, account passwords and credit card numbers that can result in identity theft.

Be careful what personal information you put on Facebook.  Always consider how that information can be used against you to make you a victim of identity theft.  When setting up a security question, pick an answer that is nonsensical to protect it from hackers, such as “Where did I go to High School?” with an answer of “blue.”  Finally and most importantly, never, and  I mean never, click on links in messages that you receive unless you are absolutely sure that they are legitimate.  Merely because a message appears to be from a friend does not mean that the friend actually sent it.  His or her account may have been hacked or they may even be passing on tainted material without knowing it.  Never click on a link until you are absolutely sure that it is legitimate.  Call your friend to confirm that the message was from them and confirm from where they got the link they are sending to make sure that it is legitimate.  It may seem paranoid, but even paranoids have enemies.

As for this phony lottery scam, as with all lottery scams, it is important to remember that it is hard to win a lottery and it is impossible to win one that you have never entered.  Also, no legitimate lottery asks for payments in order to claim your prize.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – November 29, 2019 – Another Major Ransomware Attack

It has only been a couple of days since I wrote about another major ransomware attack and now there has been another to report to you about. Ransomware is the name for malware that once installed on a computer, often unwittingly through clicking on links in spear phishing emails, encrypts and locks all of the victim’s data. The cybercriminal who sent the ransomware then threatens to destroy the data unless a bounty is paid. This time the victim of the attack is the company Virtual Care Provider, Inc (VCPI) which provides computer services to 110 nursing homes in 45 states around the country.  After infecting the 80,000 computers maintained by VCPI with the Ryuk malware strain through phishing emails, the cybercriminals are demanding a Bitcoin ransom equivalent to 14 million dollars.  Among the records blocked by the ransomware are critical medical records for VCPI’s nursing home residents.

Like all forms of malware, ransomware must be downloaded on to your computer in order to cause problems.  This is generally done by luring people to click on links or download infected attachments contained in spear phishing emails.

While we are aware of the many ransomware attacks targeting hospitals, government agencies and companies, it is important to remember that ransomware attacks also occur against individuals as well so it is important to take steps to protect yourself from this threat.

TIPS

Because ransomware attacks as well as most other types of malware attacks are spread through phishing emails that lure unsuspecting people into clicking on malware infected links or downloading attachments tainted with malware, you should never click on links in emails  or download attachments unless you have absolutely confirmed that the email is legitimate.  Ransomware attacks are not limited to cities and large institutions.  They are also used to attack individuals and extort money from them.

You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.  Many past ransomware attacks exploited vulnerabilities for which patches had already been issued.   The No More Ransom Project has a website that provides decryption tools for some of the older versions of ransomware that are still being used.  Here is a link to their website  https://www.nomoreransom.org/en/decryption-tools.html  It is important, however, to remove the ransomware before downloading and using the decryption tools.  This can be done using readily available antivirus software.  It is also important to remember that even if you have the most up to date security software on your computer and phone, it will not protect you from the latest zero day defect malware which is malware that exploits previously undiscovered vulnerabilities.

Another precaution you should follow is to regularly back up all of your data on at least two different platforms, such as in the Cloud and on a portable hard drive.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – November 28, 2019 – Get Ready for Black Friday

Happy Thanksgiving to everyone.  We all have much for which we should be thankful.  Tomorrow is the official start of the holiday shopping season.  This day is often referred to as Black Friday, which traditionally is one of the biggest shopping days of the year. This fact is not lost on scammers who will be as pervasive as ever. Over the next few weeks, I will be focusing the Scams of the day on the many holiday season scams about which we should all be aware. If you are shopping in a brick and mortar store tomorrow or any  other day throughout the year, you should use a credit card rather than a debit card because of the possibility of skimmers which are small devices being used by criminals working as sales clerks that will capture your credit card number which will then be used to make fraudulent purchases. Whenever possible you should use your chip credit card because it is not susceptible to skimmers, however, some retailers still have not switched to chip technology so your credit card’s vulnerable magnetic strip will be used to process the purchase  . As for using your credit card rather than your debit card, it is important to remember that while your liability for fraudulent use of your credit card is limited by federal law to no more than $50, your liability for fraudulent use of your debit card which is tied to  your bank account is unlimited if you do not promptly discover and report the fraud.

I will be discussing safe practices for online shopping in a future Scam of the day, but a new development this year warrants mention. The FBI has issued a warning about what it calls E-skimming, which occurs when criminals infect the websites of numerous retailers in a manner that they are able to capture your credit card or debit card information when you enter it into the website.  It is important to note that while your chip card will protect you if you make purchases using it at a brick and mortar store that has updated its credit card processing equipment to handle chip credit cards, you cannot use your chip for online purchases.

TIPS

For the reasons discussed above, try to use your credit card as a chip card whenever possible and always watch your credit card when it is being processed at a brick and mortar store. Don’t let it out of your sight because that is when you run the risk of a rogue clerk running it through a skimmer. Refrain from using your debit card except as an ATM card. Finally, in regard to the E-skimming threat, you should regularly monitor your credit card statement online rather than waiting for a monthly paper bill to be delivered to you so that if your credit card was compromised and your data stolen, you will be able to discover and report the problem to your credit card issuer quickly and avoid more problems.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – November 27, 2019 – Ransomware Attacks Hundreds of Veterinary Hospitals Around the World

I have written many times about ransomware because it continues to be a major problem for businesses, governments and individuals alike.  Ransomware is the name for malware that once installed on a computer, often unwittingly through clicking on links in spear phishing emails, encrypts and locks all of the victim’s data.  The cybercriminal who sent the ransomware then threatens to destroy the data unless a bounty is paid.  In 2017 we experienced two massive ransomware attacks against millions of computers around the world.  These were the infamous WannaCry and Peta ransomware attacks. Later, the city government of Atlanta becoming a victim of ransomware when some of its systems were frozen using the infamous SamSam family of malware that has been used successfully against a number of companies and municipalities. In its 2018 Verizon Data Breach Report, Verizon, which gathered data from 65 organizations in 65 countries, found that ransomware, which was only the 22nd most common malware in 2014, is now the number one most common malware used by cybercriminals.  Earlier this year, it was revealed that 23 municipalities in Texas were victimized by simultaneous ransomware attacks by a single hacker.

Now, National Veterinary Associates, a California company that operates more than 700 veterinary hospitals around the world  was hit by a ransomware attack on more than half of their hospitals.  The strain of ransomware used was the very effective Ryuk ransomware strain which was first used in August of 2018

Like all malware, ransomware must be downloaded on to your computer in order to cause problems.  This is generally done by luring people to click on links or download infected attachments contained in spear phishing emails.

While we are aware of the many ransomware attacks targeting hospitals, government agencies and companies, it is important to remember that ransomware attacks also occur against individuals as well so it is important to take steps to protect yourself from this threat.

TIPS

Because ransomware attacks as well as most other types of malware attacks are spread through phishing emails that lure unsuspecting people into clicking on malware infected links or downloading attachments tainted with malware, you should never click on links in emails  or download attachments unless you have absolutely confirmed that the email is legitimate.  Ransomware attacks are not limited to cities and large institutions.  They are also used to attack individuals and extort money from them.

You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.  Many past ransomware attacks exploited vulnerabilities for which patches had already been issued.   The No More Ransom Project has a website that provides decryption tools for some of the older versions of ransomware that are still being used.  Here is a link to their website  https://www.nomoreransom.org/en/decryption-tools.html  It is important, however, to remove the ransomware before downloading and using the decryption tools.  This can be done using readily available antivirus software.  It is also important to remember that even if you have the most up to date security software on your computer and phone, it will not protect you from the latest zero day defect malware which is malware that exploits previously undiscovered vulnerabilities.

Another precaution you should follow is to regularly back up all of your data on at least two different platforms, such as in the Cloud and on a portable hard drive.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories