Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – June 14, 2019 – New Adobe Flash Security Update

Adobe has just issued new security updates for the popular, but intensely flawed Adobe Flash software. Last year Adobe confirmed that it will stop updating and distributing Adobe Flash at the end of 2020 although frankly, it would be wise for you to migrate away from this very vulnerable software program as soon as possible. In 2010 Steve Jobs loudly complained about Adobe Flash’s lack of security and would not allow it to used on iPhones, iPods and iPads due to its serious susceptibility to being hacked. Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House. Adobe will still be issuing security patches until the end of 2020, but now is a good time to move away from Adobe Flash if you have not already done so.
It is always important to update all of the software you use with the latest security updates and patches as soon as they are available. Numerous hacks and data breaches could have been avoided if individuals as well as companies installed security updates when they became available. Hackers take advantage of the fact that many of us procrastinate installing security software to our great detriment. The major data breach at Equifax that affected 148 million people involved a security flaw in Apache software for which a patch had already been issued months earlier, but Equifax had not yet installed.

TIPS

If you are going to continue to use Adobe Flash, it is imperative that you update your software with the latest security patches when they are issued.  Here is a link to the latest updates for Adobe Flash.
https://helpx.adobe.com/security/products/flash-player/apsb19-30.html

However, it may well be time for you to replace Adobe Flash to avoid future problems.
Here is a link to a website with alternative plugins you may wish to consider to replace Adobe Flash.
http://alternativeto.net/software/flash-player/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 13, 2019 – Game of Thrones Scams

The final episode of HBO’s “Game of Thrones” was viewed legally by 19.3 million people, however millions more tried to and are continuing to try to illegally download the final episode as well as earlier episodes of the eight year series without paying.   Many of these websites that appear to offer free access to Games of Thrones episodes were created by scammers who use the promise of free Games of Thrones episodes to trick people into providing information that can be used for purposes of identity theft.  Many of these scammers are using the same methods I described in early May when scammers used similar tactics to scam people looking to illegally download and view the  Avengers: Endgame movie  Don’t be tempted to use these illegal sites.  Attempting to stream an illegal version of Game of Thrones is not only illegal and unethical, but it could also lead to your being scammed out of money.  An online search for websites promising to provide  Game of Thrones episodes for free will take you to sites  that appears to provide the show, but a few moments after the episode  starts, it stops and a pop up, shown below appears requiring you to set up an account.  The pop up says that the account is free and that all you need to do is provide your email address and a password.

Creating an account on a fake Game of Thrones requires providing e-mail address and a password

Once you do this, you are then instructed to provide a credit card number and the CVC security code on the back of the card merely to verify that you are located in a country where the website is licensed to distribute the show.   Unfortunately, the website does not provide Game of Thrones episodes.  The few minutes of what you initially see of the movie are just scenes taken from the readily available trailers for the show.  So not only do people falling for this scam not get to see the movie, they end up providing their credit card information to the scammers in addition to providing a password, which, in too many instances, is the same password the scam victim uses for other online services such as online banking.  The moral of this story is that trying to view a pirated version of a popular  show or movie for free will only cause to put you in danger of identity theft.

TIPS

The first and foremost tip is not to do use illegal streaming services.  They are illegal and what they are doing is also unethical.  Don’t trust search engine searches to provide you with legitimate websites for streaming services.  A prominent position in a Google or other search engine search only means that the websites appearing high were adept at understanding the algorithms used to position websites.  Never provide a credit card as a means of verification.  It is only a means of payment and as for the justification in this particular scam that the credit card was needed to verify that you are located in a country where the website is licensed to distribute the movie, pirated versions are not licensed anywhere.  Finally, as always, you should have unique passwords for all of your online accounts so that in the event that a password on one of your accounts is hacked or otherwise compromised, all of your accounts will not be in jeopardy.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 12, 2019 – Romance Scams Getting Worse

Looking for love and romance are basic human drives and scammers take advantage of this with numerous romance scams. According to the Federal Trade Commission (FTC) in 2015 8,500 romance scams were reported to the FTC.  Last year that number rose to 21,000 and that figure is probably lower than the real number of people who were victims of these scams.  According to recent FBI statistics, this scam has become the second most common scam with losses to victims increasing to more than 262 million dollars last year. Most of these  romance scams are online and involve some variation of the person you meet through an online dating site quickly falling in love with you and then, under a wide variety of pretenses, asking for money.

However sometimes, as just recently occurred in Georgia the scams are done in person rather than totally online.  In the Georgia case a woman lost $80,000 to a romance scam that was done in person by a man who told his victim that his name was John Hill, but who police say has used five different names in perpetrating this scam over the last two and half years in Delaware, Maryland, New Jersey and Virginia.  The victim met Hill through Match.com.  Hill told his victim that he was a millionaire and immediately after meeting her professed his love and they were engaged within a week.  He told her that they should buy a home to live in together, which is the pretense he used to get her to pay him $80,000.  As soon as she turned the money over to him, he vanished.  Police are still looking for him.

Romance scams, however,  are not limited to the United States, but occur worldwide. Recent figures from Hong Kong show the incidents of romance scams have also increased dramatically in the past year. Last October a joint operation of Hong Kong, Malaysian and Singaporean law enforcement arrested 52 people involved in an international online romance scam in which millions of dollars were stolen from their victims.

TIPS

There are various red flags to help you identify romance scams.  I describe many of them in detail in my book “The Truth About Avoiding Scams.” The most important thing to remember is to always be skeptical of anyone who falls in love with you quickly online without ever meeting you and early into the relationship who then asks you to wire money to assist them with a wide range of phony emergencies.

Here are a few other things to look for to help identify an online romance scam.  Often their profile picture is stolen from a modeling website on the Internet.  If the picture looks too professional and the person looks too much like a model, you should be wary.  Particular phrases, such as “Remember the distance or color does not matter, but love matters a lot in life” is a phrase that turns up in many romance scam emails.  Also be on the lookout for bad spelling and grammar as many of the romance scammers claim to be Americans, but are actually foreigners lying about where they are and who they are.  Of course you should be particularly concerned if someone falls in love with you almost immediately.  Often they will ask you to use a webcam, but will not use one themselves.  This is another red flag.  One thing you may want to do is ask them to take a picture of themselves holding up a sign with their name on it.  In addition, ask for a number of pictures because generally when the scammers are stealing pictures of models from websites, they do not have many photographs. Ask for the picture to be at a particular place that you designate to further test them.  If you meet someone through a dating website, be particularly wary if they ask you to leave the dating service and go “offline.”

In the case of the Georgia woman who met her scammer in person, you should still check out his photo using Google’s “search by image” feature in order to see if he or she turns up as a different person.  Both online and offline, be wary of anyone who falls so completely in love with you quickly and follows that up with any request for money.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 11, 2019 – Are Binary Options a Scam?

Convicted Ponzi schemer Bernie Madoff who stole 50 billion dollars from unsuspecting victims may be the last person from whom you would accept investing advice, but in fact, his advice, as contained in a 2014 jailhouse interview Madoff gave to the Wall Street Journal does have good advice for people hoping to avoid the fate of Madoff’s many victims. With great “chutzpah,” in the interview Madoff blamed his victims for their losses.  He said that his investors were “sophisticated people” who should have known better.  “People asked me all the time, how did I do it.  And I refused to tell them, and they still invested.  Things have to make sense to you.  You should ask good questions.”  About this he is correct. No one should ever invest in anything that they do not totally understand. And this leads us to binary options.  Binary options are a legitimate form of investment, but while they offer potential rewards, they also carry the risk of losing your entire investment.  There also are many instances where the sales of binary options have been done without complying with registration requirements and with fraudulent promotional advertising  and improper disclosures.

TIPS

The bottom line is that Bernie Madoff was right about one thing.  No one should ever invest in anything without totally understanding the investment and the inherent risks.  If you understand binary options and still wish to invest (I would say gamble) in them, that is fine, but all investment decisions should be made  only after being properly informed. You may want to check out the SEC’s investor education website at www.investor.gov.

Before investing with anyone, you should also investigate the person offering to sell you the investment with FINRA’s Central Registration Depository.  http://www.finra.org/industry/crd   This will tell you if the broker is licensed and if there have been disciplinary procedures against him or her.  You can also check with your own state’s securities regulation office for similar information.  Many investment advisers will not be required to register with the SEC, but are required to register with your individual state securities regulators.   You can find your state’s agency by going to the website of the North American Securities Administrators Association.http://www.nasaa.org/2709/how-to-check-out-your-broker-or-investment-adviser/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 10, 2019 – Tech Support Refund Scam

Tech support scams are among the most common of scams and they cost consumers millions of dollars each year.  In the most common variations of this scam, the victim is scammed into responding to a pop-up on his or her computer or a telephone call purportedly from one of the major tech companies and is convinced that there is a problem with their computer that they need to pay for.  In a new version of the tech support scam, people are reporting receiving phone calls purportedly from Microsoft, Apple or other computer companies informing them that their company is going out of business and that the customer is due a refund on a tech support plan they have.  The scammer then asks for bank account information in order to be able to wire funds to the customer’s bank account.  In other instances the scammer asks for remote access to the customer’s computer.  This is a scam.  If you turn over your bank account information, it can lead to the scammer stealing money from your bank account and providing remote access to your computer can enable a scammer to steal information from your computer that can be used to make you a victim of identity theft.

TIPS

Providing remote access to anyone to your computer can lead to a myriad of problems including identity theft and the downloading of ransomware.  Neither Apple, Microsoft or any of the other tech companies ever  ask for remote access to your computer to fix problems.  The most common tech support scams start with popups on your computer that provide notices of security problems that contain telephone numbers for you to call to fix the problem,   Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided. If your screen freezes, all you need to do is just turn off your computer and restart it. If you are concerned that you may be experiencing a real security problem you can contact tech support at the real tech companies directly by phone or by email using the phone number and email addresses you find on their respective websites.

The refund scam may appear legitimate because your Caller ID may indicate the call is coming from Microsoft or some other legitimate company, but, as I have told you many times before, through “spoofing” the scammer can make the call appear to be legitimate when it is not.  The bottom line is you can never be sure who is calling you so you should never provide personal information to a caller unless you have absolutely confirmed the legitimacy of the call.

As for Microsoft or Apple going out of business, that is so unlikely that it would be a major news story so you can discount anyone calling and telling you that who also asks for personal information.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 9, 2019 – Mortgage Closing Scams Surging

I have been reporting to you about this particular scam preying upon home buyers for three years.  Earlier this week, the Consumer Financial Protection Bureau (CFPB) issued a warning about the scam and its dramatic increase. The scam targets people involved in the purchase and sales of residential real estate. The scam begins with the hacking into the email accounts of any of the various people involved in the sale.  This can be either the buyer, seller, lawyers, title company, real estate agent or  mortgage banker.  Unfortunately, hacking into email accounts is a relatively easy thing for a skilled identity thief to do.  The hackers then monitor the communications regarding the progress of the sale of a particular piece of real estate and when the time is right,  generally posing as one of the lawyers, title company or bank mortgage officer, the scammer will email the buyer, telling him or her that funds necessary to complete the sale need to be wired to the phony lawyer’s, title company’s or banker’s account provided in the email.  Everything appears normal so unsuspecting buyers too often are wiring the money to the cyberthieves who then launder the money by moving the funds from account to account to make it difficult to trace the funds. According to the CFPB these scams have increased 1,100 percent between 2015 and 2017 causing losses of almost a billion dollars in 2017.

TIPS

Even if you are not involved in buying or selling a home, it is always a good idea to protect your email account from being hacked.  This means having a strong password and security question.  You can find information about how to pick strong passwords and security questions here in the Scamicide archives as well as in my book “Identity Theft Alert.”  Maintain good anti-virus and anti-malware software on all of your electronic devices including your computer as well as your smartphone and keep your security software up to date with the latest security patches as soon as they are made available.  Don’t click on links in emails or text messages that may contain malware that can steal your personal information from your electronic devices.

Don’t use public WiFi for any financial or business purposes.  Use a virtual private network to encrypt your data when using your electronic devices in public.  Never provide personal information in response to an email regardless of how legitimate it may appear until you have independently confirmed that the email is legitimate.  Finally, whenever you are asked through an email or text message to wire funds as a part of a real estate or other business transaction, don’t do so until you have confirmed that the request and the account to which you are being asked to wire the funds are legitimate.  Appearances can be deceiving so always confirm.  It may seem a bit paranoid, but remember, even paranoids have enemies.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 8, 2019 – FCC Makes New Proposal Regarding Robocalls

Over the years I have written numerous times about the problems presented by robocalls and with good reason.  Automated robocalls which, for commercial purposes, are illegal, are the number one consumer complaint reported by the public to the Federal Trade Commission (FTC) at a cost to consumers of billions of dollars each year. The ease by which illegal robocalls may be made by computers accounts for much of the problem.   According to a report by the security firm Hiya, the number of robocalls worldwide have  recently gone up 325% from just the previous year to an astounding 85 billion robocalls last year. Robocalls are the basis for numerous scams including, impostor scams where the caller poses as an IRS agent, bank official or credit card company.  According to the Hiya report the top ten countries for robocalls are Spain, UK, Italy, France, Argentina, USA, Mexico, Brazil, Chile and Australia.

Earlier this week, the FCC passed a new rule that allows cell phone carriers to automatically drop robocalls through the use of technology that is able to identify illegal robocalls and block them. The rule leaves it up to the mobile phone carriers as whether they will charge their customers for this service although the FCC has encouraged the carriers to provide these services at no cost.  Unfortunately, this rule, while helpful, is no panacea.  The present technology used to block robocalls relies on blacklists of phone numbers previously used by robocallers for illegal calls.  This technology is not effective against “spoofed” calls where the call is made to appear as if it is coming from a legitimate number as where you receive a call that appears on your Caller ID as if it is coming from the IRS when in fact, it is coming from a criminal’s phone number.  In addition, the rule may result in the blocking of legitimate robocalls such as those you receive from your pharmacy or doctor’s office confirming an appointment.

TIPS

As I first reported to you in the May 16th Scam of the day,  Verizon has just come up with new services to help its customers avoid illegal robocalls.  The new Call Filter service offers spam alerts and new protections from robocalls for its wireless customers.  Customers will receive alerts when a call is most likely a scam.  The new Call Filter service will also automatically block robocalls based of the customer’s preferred risk level.  The Call Filter service is offered in a free version and an enhanced version that among other things will enable customers to create a personal robocall block list.  For more information about the Call Filter Services and how to sign up go to https://www.verizonwireless.com/solutions-and-services/call-filter/

There are a number of other options for preventing robocalls including a number of apps that for free or a small fee will  reduce and in some instances prevent robocalls.
Samsung’s SmartCall informs you if the call you are receiving is from a known robocaller. This feature is available with newer Samsung Galaxy phones. Here is a link to information about SmartCall and instructions as to how to activate this app.
http://www.samsung.com/levant/apps/smart-call/

Google also has a spam blocker that will warn you when you are receiving a robocall and your screen will turn red. Here is a link to information about the app and how to install it.
https://play.google.com/store/apps/details?id=com.google.android.dialer&hl=en

AT&T also offers free apps to block robocalls on iPhones and Android phones. Here is a link to information about these apps.
https://www.att.com/features/security-apps.html?partner=LinkShare&siteId=TnL5HPStwNw-yrUS1uDw9WGvN._xt67yew&source=ECay0000000CEL00O

Verizon’s CallerName ID is a free service for iPhones and Android phones that will alert you to suspected robocallers. Here is a link to Verizon’s app.
https://www.verizonwireless.com/solutions-and-services/caller-name-id/

T-Mobile offers a free scam blocker of known robocallers for Android phones which you can activate by merely dialing #662#

Sprint offers a paid service to protect your iPhone or Android phone from robocalls. For more information, use this link
http://explore.t-mobile.com/callprotection

For landlines as well as smartphones there are a number of apps such as Nomorobo, Truecaller, Hiya, RoboKiller and YouMail that offer robocall blocking for free or for small monthly charges. Here is a link to those apps. I have used Nomorobo for years and find it to be tremendously useful

https://www.nomorobo.com/
https://www.truecaller.com/
https://hiya.com/
https://www.robokiller.com/
https://play.google.com/store/apps/details?id=com.youmail.android.vvm&hl=en_US

https://www.youmail.com/home/apps

Finally, you can just choose to ignore any calls that come from numbers you do not recognize.   This is a good option.  If they are legitimate calls, they will leave a message and you can call them back.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 7, 2019 – Texans’ DeAndre Hopkins Instagram Account Hacked

Earlier this week, the Instagram account of Houston Texans’ wide receiver DeAndre Hopkins was hacked and taken over for about nine hours before he was able to regain control of his account.  Unfortunately, the hacking not only resulted in the loss of his older photos,  but in addition, he also lost more than 20,000 followers.  The hacker replaced Hopkins’ photos with those of a Turkish model Kardelen Toprak.  Losing your Instagram account to a hacker is a threat to everyone, but there are some basic steps you can and should take to protect the security of your Instagram account.

TIPS

The best thing you can do to protect your account is to take advantage of the dual factor authentication protocol offered by Instagram.  If you are attempting to access your Instagram account from your phone, computer or other device that you normally use, you don’t need to to do anything more than type in your password, but to prevent someone who may have stolen your password from accessing your account, Instagram will send a code to your cell phone that must be used to access your account if you or someone else attempts to access your Instagram account from a different device. Here is a link that explains how the Instagram dual factor authentication protocol works. https://help.instagram.com/566810106808145

In addition, it is important to have unique, distinct passwords for each of your online accounts.  This is important because if somehow your password is compromised as in a data breach, the passwords to your other accounts will not be known.  Having unique passwords for each of your accounts is not as difficult as it may seem.  You can either use a password manager or you can have a base password that you adapt for each of your account.  Start with a phrase such as IDon’tLikePasswords which has capital letters, small letters and a symbol.  Then add a couple more symbols so in our example your password would be IDon’tLikePasswords!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus,  in our example your Instagram password could be IDon’tLikePasswords!!!INST.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 5, 2019 – Important Adobe Acrobat Updates.

Adobe has just issued new security updates for the popular Adobe Acrobat reader.  It is important to always install updates all of the software that you use as soon as security patches and updates become available  While the latest Adobe updates do not relate to the popular, but intensely flawed Adobe Flash program, this is a good time to remind you about issues involving Adobe Flash.  Adobe will stop updating and distributing Adobe Flash at the end of 2020 although frankly, it would be wise for you to migrate away from this very vulnerable software program as soon as possible. In 2010 Steve Jobs vociferously complained about its security and would not allow it to used on iPhones, iPods and iPads due to its serious susceptibility to being hacked. Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House. Adobe will still be issuing security patches until the end of 2020, but now is a good time to move away from Adobe Flash if you have not already done so.

It is always important to update all of the software you use with the latest security updates and patches as soon as they are available. Numerous hacks and data breaches could have been avoided if individuals as well as companies installed security updates when they became available. Hackers take advantage of the fact that many of us procrastinate installing security software to our great detriment. The major data breach at Equifax that affected 148 million people involved a security flaw in Apache software for which a patch had already been issued months earlier, but Equifax had not yet installed.

TIPS

Here is a link to the new update for Adobe Acrobat and other Adobe products. https://www.us-cert.gov/ncas/bulletins/SB19-147

However, it may well be time for you to replace Adobe Flash to avoid future problems.

Here is a link to a website with alternative plugins you may wish to consider to replace Adobe Flash.
http://alternativeto.net/software/flash-player/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories