Scam of the Day
Scam of the day – March 3, 2020 – Happy Birthday Charles Ponzi
Had he not died in 1949, today would have been Charles Ponzi’s 138th birthday. Scam artists around the world should probably honor the man who perfected the scheme that bears his name that has been used by many scammers to steal billions of dollars from unwitting victims who made the mistake of investing their money with such criminals. Although, Ponzi was not the first to use the technique of paying off early investors with the investments of later investors in an effort to make a total sham look as if it is a profitable business, that dishonor should go to Sarah Howe who first used this scheme in the 1870s, it was Ponzi in 1920 who perfected the scam to steal millions of dollars from unwary investors in his scheme through which he told them that he was able to take advantage of fluctuating currency values to purchase international postal reply coupons at a discount and then sell them at face value in the United States. Ponzi promised, and delivered to early investors, a 50% profit on investments within 45 days and a 100% profit within 90 days. Of course, the entire scheme was a total fake, but eager investors blinded by their greed flocked to him to invest. Eventually, as ultimately always happens in a Ponzi scheme, the scam was exposed and Ponzi went to prison. However, the list of criminals still using this prototype of a scam continues to this day including such famous Ponzi scheme criminals as Allen Stanford, Tom Petters, Norman Hsu, Lou Pearlman and, of course, the biggest of them all, Bernie Madoff who swindled people out of more than 50 billion dollars using this time honored scheme.
TIPS
So how do you protect yourself from falling prey to a Ponzi schemer? There are a number of things you can do including always investigate the credentials of any investment adviser you are considering using. You can check on individual investment advisers with the SEC, your own state’s securities regulators and the Financial Industry Regulatory Authority (FINRA). However, that would not have protected you from being swindled by the likes of Allen Stanford or Bernie Madoff. Also, you should never invest in anything that you do not totally understand. Bernie Madoff actually had the gall to blame his victims for being scammed by him because he said that if any of them had researched what he had told them he was doing, they would have known that what he was doing was impossible.
Another important way to avoid a Ponzi schemer is to never use an investment adviser who is also the custodian of your funds. This is a recipe for disaster. The role of an investment adviser or manager should be solely that of advising and making trades. The custodian of the actual investments should be a separate broker-dealer regulated by the Financial Industry Regulatory Authority (FINRA) and backed by the Securities Investor Protection Corp. (SIPC). Never invest in anything that you don’t totally understand and be particularly wary of investments that promise huge returns or no risk of ever losing money even when market conditions are poor.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – March 2, 2020 – FTC Sues Online Trading Academy
The Federal Trade Commission (FTC) has sued the investment training company Online Trading Academy (OTA) and its principals for fraud and has obtained a temporary restraining order shutting it down and freezing its assets while the lawsuit proceeds. The Online Trading Academy lured people largely through seminars into purchasing its phony investment trading programs for as much as $50,000. According to the FTC, Online Trading Academy scammed victims out of more than 370 million dollars over the last six years. According to the FTC, OTA told people that it had a patented strategy that would enable people using the strategy to make substantial income trading stocks whether the stock market was “going up, down or sideways.” OTA also provided false testimonials from people OTA wrongfully misrepresented as successful traders who used its strategy. Finally, according to the FTC, customers requesting refunds were required to sign contracts preventing them from making negative comments about OTA or reporting them to law enforcement agencies.
TIPS
Never rush into any investment or other opportunity being sold through a seminar until you have carefully investigated the people selling their investment or system as well as the investment or system itself. Always be a bit skeptical as to testimonials which should also be carefully investigated before being relied upon. Before investing with anyone, you should investigate the person offering to sell you the investment with the Securities and Exchange Commission’s Central Registration Depository. This will tell you if the broker is licensed and if there have been disciplinary procedures against him or her. You can also check with your own state’s securities regulation office for similar information. Many investment advisers will not be required to register with the SEC, but are required to register with your individual state’s securities regulators. You can find your state’s agency by going to the website of the North American Securities Administrators Association. https://www.nasaa.org/investor-education/how-to-check-your-broker-or-investment-adviser/ Many investment advisers will not be required to register with the SEC, but are required to register with your individual state securities regulators. You should also check with the Financial Industry Regulatory Authority (FINRA) for information about the particular investment adviser. https://www.finra.org/investors/protect-your-money/ask-and-check
It is also important to remember that you should never invest in something that you do not completely understand. This was a mistake that many of Bernie Madoff’s victims made.Annuities are a legitimate investment, but are both quite complicated and not appropriate for everyone which is why you should make sure that you understand all of the details of an annuity before buying or surrendering one. You also may want to check out the SEC’s investor education website at www.investor.gov. Scammers can be very convincing and it may sound like there is a great opportunity for someone to make some money, but you must be careful that the person making money is not the scam artist taking yours. Additionally, investing with someone merely because you trust them because you have heard them on the radio or television is dangerous.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – March 1, 2020 – National Consumer Protection Week
The week of March 1-7th has been designated by the federal government as National Consumer Protection Week. During this week people are encouraged to learn more about how to protect themselves from fraud, scams and identity theft, which are topics we discuss here at Scamicide.com every day of the year. Fraud, scams and identity theft can harm you in a multitude of ways and with the plethora of data breaches at major companies, government agencies and other institutions, regardless of how careful you are about protecting yourself from identity theft, you are only as safe as the entity with the weakest security that has your personal information. In addition, recent studies have indicated that the increase in data breaches and other cybercrimes has had a significant effect on the mental health of us all with many people feeling helpless and depressed about how vulnerable we are to fraud, cybercrime, identity theft and scams. However, the fact that you are reading Scamicide.com indicates that you are taking matters into your own hands and continuing to learn about how to recognize the threat of identity theft, scams and cybercrime as well as learning how to protect yourself. I urge you to let your friends and family know about Scamicide.com and encourage them to subscribe to our daily emails of the Scam of the day (it is free). So good luck this week and throughout the year. After all, we are all in this together.
TIPS
I have literally provided thousands of tips over the years about how to protect yourself from identity theft, scams, fraud and cybercrime. but here are six tips that are easy for everyone to follow to help protect yourself.
- Use complex, unique passwords for all of your online accounts so that in the event that there is a data breach and the password for one of your accounts becomes compromised, all of your accounts will not become vulnerable to being hacked. Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear. You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts. Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.
- Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account. For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.
- An easy solution to the problem of the answers to knowledge based authentication security questions being too readily available on the Internet is to make the answer to your security question nonsensical. For instance, if your security question is what is your mother’s maiden name, you can pick something ridiculous, such as “firetruck” as the answer. No hacker will ever be able to find the answer to this security question online and it is so silly that you will remember it.
- With your email address commonly known by many scammers, you can expect to receive more and more phishing and more dangerous, specifically targeted spear phishing emails that attempt to lure you into clicking on links containing malware or try to convince you to provide personal information that can be used to make you a victim of identity theft. Never click on links or provide personal information in response to an email or text message unless you are absolutely sure that the email or text message is legitimate.
- Don’t use public Wifi, but rather use a Virtual Private Network (VPN).
- Freeze your credit at each of the three major credit reporting bureaus and freeze the credit reports of your minor children as well.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 29, 2020 – Business Email Compromise Scams Shark Tank Star
I have warned you numerous times in the last few years about the Business Email Compromise scam which continues to be an effective scam perpetrated against many companies. According to FBI figures the amount of money lost to victims of this scam last year reached a record 1.77 billion dollars. Generally this scam involves an email to the people who control payments at a targeted company. These people receive an email purportedly from the CEO, company attorney or even a vendor with which the company does business requesting funds be wired to a phony company or person. At its essence, this scam is remarkably simple and relies more on simple psychology instead of sophisticated computer malware. Often the scammers will do significant research to not only learn the name of the key employees involved with payments within a company, but also will infiltrate the email accounts of company employees for a substantial period of time to learn the protocols and language used by the company in making payments. The scammers also gather information from the company’s website and from social media accounts of its employees, all in an effort to adapt their message to seem more legitimate.
Earlier this week, Barbara Corcoran, one of the stars of the television show “Shark Tank” admitted that her company lost $388,700 to this scam. According to Corcoran, “I lost the $388,700 as a result of a fake email chain sent to my company. It was an invoice supposedly sent by my assistant to my bookkeeper approving the payment for a real estate renovation. There was no reason to be suspicious as I invest in a lot of real estate.” In this case, the scammer didn’t even hack into the email account of Corcoran’s assistant, but rather sent an email from an email address that appeared at first glance to be the email address of Corcoran’s assistant, but upon closer examination was a single letter different, which mistake was not recognized by Corcoran’s bookkeeper who wired the money to pay the phony invoice to the scammers. Once funds are wired, they are lost forever.
TIPS
In order to avoid this scam, companies should be particularly wary of requests for wire transfers made by email. Wire transfers are the preferred method of payment of scammers because of the impossibility of getting the money back once it has been sent. Emails requesting payments to be sent to new bank accounts should also be investigated thoroughly before responding. Verification protocols for wire transfers and other bill payments should be instituted including, dual factor authentication when appropriate. Companies should also consider the amount of information that is available about them and their employees that can be used by scammers to perpetrate this crime. They also should have strict rules regarding company information included on employee social media accounts that can be exploited for “spear phishing” emails which play a large part in this scam. Finally, employees should be specifically educated about this scam in order to be on the lookout for it.
As for us as individuals, we should also be careful about responding to requests for payments, particularly payments requested to be wired. Never send funds in response to an emailed invoice, text message or phone call unless you have absolutely confirmed that the demand for payment is legitimate.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 28, 2020 – FTC Sending Checks to Victims of Tech Support Scam
Tech support scams are a profitable way for scammers to steal your money. I have been warning you about these scams for years. They come in a number of different varieties including pop up ads on your computer and telephone calls purportedly from Microsoft, Apple, Google or other tech companies. In 2015 I told you that the Federal Trade Commission (FTC) along with the Attorneys General of Pennsylvania and Connecticut filed legal action against a company, Click4Support which the FTC alleged stole more than 17 million dollars from unwary consumers by pretending that they represented Microsoft, Apple and others offering unneeded tech support services. That case has now been settled and the FTC is sending out refund checks to victims of the scam. For more information about this refund program, click on the FTC Scam Refunds tab in the middle of the first page of http://www.scamicide.com.
Click4Support used online advertisements and popups that made them appear to be a part of Microsoft or Apple. The ads would lure unsuspecting computer users to call Click4Support and then give Click4Support remote access to the victims’ computers for purposes of identifying viruses, malware and other problems, which were always found whether or not they actually existed. Then Click4Support sold its services either on a one time basis or a long-term service plan at a cost that ranged from $69 to thousands. In return, the victims actually got nothing of value and, in some instances, their computers were harmed.
TIPS
In the phone scams for tech support, it is important to remember that neither Microsoft nor Apple will ever call you about tech support so if someone represents that they are doing just that, it is a scam. Hang up the phone. Don’t trust popup ads for tech support service either. If you have any concerns about your computer’s security contact a reputable computer security company using a telephone number that you have confirmed is legitimate.
Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided. If your screen becomes frozen, all you need to do is just turn off your computer and restart it. If you are concerned that you may be experiencing a real security problem you can contact tech support at Apple or Microsoft directly by phone or by email using the phone number and email addresses you find on their respective websites.
Providing remote access to anyone to your computer can lead to a myriad of problems including identity theft and the downloading of ransomware. Neither Apple nor Microsoft or any of the other tech companies ever provide notices of security problems that contain telephone numbers for you to call to fix the problem.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 27, 2020 – A New Opportunity for IRS Impostor Scams
I have warned you for years about IRS impostor scams which generally involve a phone call, email or text message purporting to be from the IRS in which you are threatened with severe consequences if you do not immediately make a payment to the scammer/IRS agent. Often the scammer requires the money to be paid by gift cards which is a dead giveaway that you are involved with a scammer because the IRS does not take payments through gift cards under any circumstances.
I have often told you that it is easy to determine whether or not the email, robocall, regular phone call or text message is from the IRS because the IRS never initiates contact with people through email, robocalls, regular phone calls or text messages so any such communication you receive is a scam. Even if your Caller ID indicates that the call is coming from the IRS, it is a simple matter for a scammer to “spoof” a call to you and manipulate your Caller ID so that it appears that the call is coming from the IRS when it is really coming from a scammer. Now, however, the IRS has indicated that over the next two months it will be sending IRS agents unannounced to the homes of people with incomes of more than $100,000 per year who have not filed income tax returns to discuss their tax filing and payment obligations. This is going to present a tremendous opportunity for scammers to trick people into paying the phony IRS agent.
TIPS
So how can you determine if that person showing up at your door is really an IRS agent?
Real IRS agents involved with this new program will provide two forms of identification with a serial number and a photo, however, skilled scammers will be undoubtedly able to falsify such documentation. It is also important to know that the IRS will first contact the people who they are targeting in this new enforcement effort by repeated regular mail letters before coming to someone’s home. Ultimately, however, if you are contacted in person by someone purporting to be from the IRS attempting to inform you of your obligation or collect a tax payment, you cannot be sure that the person really is an IRS agent, so you should not provide them with any personal information or make a payment to them in any form. Rather, if you think they may be real IRS employees, you can contact the IRS by phone and discuss your case with someone that you can be confident is a real IRS agent. You can contact the IRS at 1-800-829-1040. Here is a link to the IRS’ website which provides information about contacting the IRS by phone and the information you need to provide. https://www.irs.gov/help/telephone-assistance
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 26, 2020 – Google Chrome Security Updates
As was made abundantly clear by 2017’s massive Wannacry ransomware attack that focused on a vulnerability in the Microsoft Windows operating system for which Microsoft had already issued a security update, constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats. Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices. Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use. Delay in updating your software could lead to disastrous results. However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update. Today’s security update involves serious vulnerabilities in the popular search engine Google Chrome. It is important to remember that while Google will automatically send your computer the updates as soon as they are issued, you need to restart your browser to install the updates. Some people leave their browser open for days at a time so it is important to download and install any Google Chrome security updates as soon as they are available.
TIPS
Here is a link to this recent security update as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/current-activity/2020/02/21/google-releases-security-updates-chrome
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 25, 2020 – Political Phone Call Scams
The 2020 presidential election is less than a year away, and the Democratic candidates as well as President Trump are actively fund raising. Scammers are taking advantage of the public’s interest in the presidential election to make robocalls in which they pose as the president or one of the Democratic candidates asking for donations. This particular scam can easily seem legitimate. Caller ID can be tricked through a technique called “spoofing” to make it appear to your Caller ID as if the call is coming from a candidate or some political organization and recordings of the candidate can also be incorporated into the call to make the call appear more legitimate. Even more significantly, calls from political candidates and other political calls are exempt from the federal Do-Not-Call List, so it would be legal for you to get a call from a politician or political group seeking donations even if you are enrolled in the Do-Not-Call List.
TIPS
Whenever you receive a telephone call, you can never be sure as to who is really contacting you, so you should never give personal or financial information to anyone over the phone whom you have not called. If you do wish to contribute to a political campaign, the best way to do this is by going to the candidate’s official website and make your contribution. Even then, make sure that when you are giving your donation online that the website address begins with https instead of just http. Https indicates that your communication is being encrypted for better security. If you are being asked to contribute to a political organization rather than a candidate, you should definitely do your research to determine the legitimacy of the organization before making a donation.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 24, 2020 – Phony Facebook Lottery Scam
Lottery scams are among the most common scams and although these scams take many different forms, they all have in common that you have won a lottery you never even entered (quite a feat) and that you must now pay money for either taxes or administrative fees in order to claim your prize which never comes. While it is true that lottery winnings are subject to income tax, no legitimate lottery collects tax money from winners. They either deduct the taxes from your winnings or turn all of the money over to you and it is your responsibility to pay the taxes. No legitimate lottery charges administrative fees of any kind for you to claim your prize as well. Facebook is also very popular with scammers and with good reason. Facebook is used by 2.26 billion people so many scams including a variety of lottery scams are tied to Facebook. The truth is that Facebook does not have any lotteries of any kind. Here is a copy of an email sent to a Scamicide reader informing her that she had won the non-existent Facebook Online International Lottery Promotion. A couple of indications that this is a scam is that the address from which it was sent had nothing to do with Facebook and was, most likely part of a botnet of zombie computers used by the scammers to send out these emails. In addition, the email uses the salutation of “Dear beneficiary” rather than the name of the person to whom the email is sent. Here is a copy of the email:
TIPS
It is hard to win any lottery or contest. It is impossible to win one that you have never entered. It also is important to remember that no legitimate lottery requires that you pay them fees to claim your prize or pay them the taxes due on the winnings. Legitimate lotteries either deduct the income taxes from your prize or they pay you the entire amount of the prize and you are responsible for paying the taxes on your own to the IRS. In addition, Facebook does not sponsor lotteries of any kind.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – February 23, 2020 – Massive MGM Data Breach
Recently personal information of 10,683,188 people gathered in a data breach of MGM Resorts hotels turned up on Dark Web websites where criminals buy and sell stolen data. The data included full names, home addresses, phone numbers, email addresses and dates of birth of MGM Resorts customers. It did not include credit card information. MGM has resorts in the United States in Las Vegas, Atlantic City and Detroit as well as resorts outside of the United States in China and Japan. The data breach was discovered last summer by MGM, but relates to travelers who stayed at MGM hotels prior to 2018. Cybercriminals also use the information gathered in data breaches such as this to form the basis of scams that start with spear phishing emails which are emails specifically tailored with information about you and your interests. These spear phishing emails will attempt to lure you into either providing personal information that can be used to make you a victim of identity theft or to click on links containing harmful malware. Everyone should be skeptical of any email asking for personal information or prompting you to click on a link. Never provide such information or click on links until you have confirmed that the email is legitimate.
TIPS
If you stayed at an MGM hotel prior to 2018 you should be particularly skeptical of any email that may ask you for personal information or to click on a link. Indeed everyone should refrain from ever providing personal information in response to an email unless you have absolutely confirmed that the email is legitimate. The same rule applies to clicking on links.
In addition, if you have stayed at an MGM hotel prior to 2018 and you have not frozen your credit reports, this would be a good time to do so.
To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
https://www.transunion.com/credit-freeze/place-credit-freeze
https://www.experian.com/freeze/center.html
Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”