Scam of the day – February 3, 2015 – Affordable Care Act phishing scam

Recently the United States Computer Emergency Readiness Team which is a part of the Department of Homeland Security issued a warning about a phishing scam related to the Affordable Care Act, commonly referred to as Obamacare.  Since its inception, there has been much confusion about many aspects of the Affordable Care Act and scammers are taking advantage of this confusion by sending emails to their intended victims that purport to come from a federal agency involved with the Affordable Care Act in which the person receiving the email is asked for personal information or directed to a website by way of a link that, if clicked on, will cause keystroke logging malware to be downloaded on to the victim’s computer or other electronic device that will enable the scammer to steal the personal information of the victim and make him or her a victim of identity theft.

TIPS

The rules to follow in order to avoid becoming a victim of this scam are simple and easy to follow.  Never provide personal information in response to an email, text message or phone call from someone until you have confirmed that the communication is legitimate.  You can never trust any communication to be from who it purports to be until you have independently confirmed that it is both legitimate and that there is a legitimate need for your personal information.  You can determine whether or not a communication is legitimate or not through a phone call or other communication with the real company or agency that the communication purports to be. Don’t use the phone number, website or email address supplied to you in the communication itself.  You cannot trust it.

Also, never, and I mean never, click on links in any email or text message until you have again confirmed that the communication is legitimate.  Even if the email address from which the message is that of a legitimate company or agency, their email could have been hacked, so never click on a link until you have independently confirmed that it is legitimate.

Finally, make sure you have a good firewall as well as anti-virus and anti-malware software on all of your electronic devices and keep these security programs updated with the latest patches.

Scam of the day – December 31, 2014 – ICANN suffers data breach

Many of you may not be familiar with the acronym ICANN which stands for the Internet Corporation for Assigned Names and Numbers, however everyone is familiar with what they do.  ICANN is the international organization that administers all website domain names.  ICANN recently disclosed that it had been hacked since November.  Fortunately, the extent of the hacking and data breach was minimal and passwords were not stolen since they were maintained in an encrypted manner by ICANN.  The hackers did, however, manage to obtain the names, addresses, email addresses and phone numbers of ICANN customers.  ICANN is in the process of notifying those people whose data was compromised.  The danger posed by this information falling into the hands of scammers is that it can be exploited by a technique called “spear phishing” where specific people are targeted in emails that appear to be from legitimate sources and directed to them personally by name, such that the victim is more likely to trust that the email is legitimate and be lured into clicking on links contained in the email or text message that contain malware that will enable the scammer to steal the personal information of the victim and use that information to make the person a victim of identity theft.

TIPS

Remember my motto, “trust me, you can’t trust anyone.”  Regardless of whether an email or text message appears to be legitimate, you should never click on links until you have absolutely confirmed that the message is legitimate and the link is legitimate.  Even if the email or text message is addressed to you personally and appears to come from someone or some business or agency with which you have a relationship, you can never be sure that the communication is legitimate and the risk of downloading keystroke logging malware is too great to trust such communications until you have absolutely confirmed that such communications are legitimate.  Additionally, it is important to keep your anti-malware and anti-virus software up to date remembering that your security software will always be at least a month behind the latest malware threats.

Scam of the day – September 13, 2014 – Iggy Azalea sex tape

Iggy Azalea, the popular, young Australian rapper is at the center of a controversy regarding the existence or non-existence of a sex tape.  Steven Hirsch of the adult film company Vivid Entertainment which has released numerous other celebrity sex tapes says that he has obtained such a video, while Azalea now admits that the video may indeed be legitimate after initially denying that it was genuine.  Meanwhile, to no one’s surprise supposed leaks of the tape are purportedly turning up on the Internet where the curious can put themselves in serious risk of identity theft by clicking on links in emails, text messages or social media postings promising to take you to the purported tape.  Other times, you may find yourself being prompted online to update your video capabilities on your computer or other electronic in order to view the video.  Again, this is just a ruse to lure you into downloading dangerous keystroke logging malware that will steal information from your computer and use it to turn you into a victim of identity theft.

TIPS

Without even getting into the question of the morality and ethics of looking for material such as this or the stolen videos of Jennifer Lawrence, Kate Upton and other celebrities, the truth is that you cannot trust any text message, email, social media posting that promises you such tantalizing material.  The chances are just too great that by clicking on any of these links or downloading attachments you will be downloading malware that will be used to steal your identity.  As for websites that turn up on Google and other search engines promising to provide you with these videos, scammers are adept at manipulating the algorithms used by search engines to rank websites so that although you may think you are looking at a legitimate website, you are not.  It is also important to remember that even if you have kept your anti-malware and anti-virus software up to date, that is of little consolation since these security software programs are always at least a month behind the latest malware and viruses.  If you need to satisfy your curiosity for gossipy material, stick to legitimate websites such as www.tmz.com.

Scam of the day – May 23, 2014 – Pirated movies can lead to identity theft

Finding bootleg versions of popular movies on the Internet is an easy task, but as a recent study by Intelligent Content Protection, an anti-piracy consulting service found, it comes with a risk and that risk is identity theft.  In its study of thirty of the top pirate websites for downloading pirated versions of popular movies, it found twenty-nine of them contained malware of some sort.  Although not all contained the kind of keystroke logging malware that, when installed on your computer, will permit an identity thief to steal all of the information on your computer and make you a victim of identity theft, the risk of such malware is high.

TIPS

Besides the fact that it is both illegal and morally wrong to steal intellectual property such as movies without paying for them, the risk of unwittingly downloading dangerous keystroke logging malware when you go to an illegal pirate site is just too high.  Even if you have anti-malware software and anti virus software on your computer, these programs are only about 5% effective in protecting you from the very latest strains of malware.  So the lesson is clear.  Avoid these pirate websites not just because it is the right thing to do, but also to protect yourself from identity theft.

Scam of the day – March 19, 2014 – Missing Malaysian airline scam

The mysterious disappearance of Malaysian Airlines Flight 370 has captured the attention of people around the world so it should come as no surprise that scammers and identity thieves are using this event as an opportunity to steal people’s identity through malware infected phony news reports, photos and videos.  In 2011 similar scams tied to the Japanese Tsunami were common.  Throughout the Internet and on social media including Facebook and Twitter links to phony stories, photos and videos are appearing with tantalizing headlines such as “Shocking video, Malaysian Airlines missing flight MH 370 found in Sea,” “Malaysian Airlines missing flight MH 370 found in Sea – 50 people alive saved” and “CNN UPDATE Breaking – Malaysian Airplane MH 370 Already Found.  Shocking Video.”    Some phony links even promise videos of the plane in the Bermuda Triangle.  Unfortunately, if you click on these links, all you will succeed in doing is unwittingly downloading keystroke logging malware that will steal your personal information from your computer, laptop, tablet or smartphone and use that information to make you a victim of identity theft.

TIPS

Never click on links unless you are absolutely sure that they are legitimate because they may well be just a lure to get you to unknowingly install malware on your computer, laptop or smartphone.  When looking for information upon which you can rely in regard to anything, stay with websites that you know are legitimate news sites.  Also, make sure that you have proper anti-malware and anti-virus software on all of your electronic devices and keep that software up to date with the latest security patches and updates.  The creators of malware and viruses are often ahead of the makers of anti-malware and anti-virus software, but it is important to keep your devices as safe as possible.

Scam of the day – March 17, 2014 – 4G phone systems vulnerable to hackers

Faster smart phone service is a selling point for today’s smart phones.  The new 4G technology can be up to 100 times faster than 3G networks and that sounds like a good thing.  And it is.  For both you and hackers because 4G technology which is also known as LTE technology was specifically designed to provide the fast sending and receiving of data; it was not designed for security purposes.   3G networks use a SS7 protocol for sending signals.  This protocol is difficult to hack, while LTE networks are faster and can handle more traffic than SS7 networks, but are easier to hack.

TIPS

Until, 4G networks are made safer, you may wish to stay with a 3G network for more secure use of your smart phone.  Regardless of what network you use, you should make sure that you have installed good anti-virus software and anti-malware software as well as encryption software.  Also, make sure that you keep your security software constantly updated with the latest patches.   When choosing a new phone, always do your research as to which phone will provide you with the best security.

Scam of the day – November 25, 2013 – Smartphone banking scam

Many of us use our smartphones for so many more tasks then merely speaking on the phone.  Smartphones have become the fast and convenient way for 300 million people to do their banking.  They also have become the fast and convenient way for scam artists and identity thieves to steal the money from your bank account by planting (with your assistance) malware on your smartphone that not only can read all of the information on your smartphone including your banking passwords and other personal information, but can even change the way your bank account balances appear to you on your smartphone so you are not aware that your account has been stolen by an identity thief.

TIPS

The primary way that identity thieves and scammers install the necessary malware to get access to your bank account and steal your money is by luring you into unwittingly downloading the malware that gives them control over and access to the information in your smartphone.  Most often they do this by a technique called phishing which I have described many times previously in Scamicide.  Phishing occurs when you are lured into clicking on a link or downloading an attachment that appears to be legitimate, but in fact is riddled with malware.  The malware is contained in the link or download material that is often contained in an email that appears to be from a company with which you do business or a trusted friend when in fact, the email is from an identity thief.  It is for this reason that I am constantly warning you not to click on links or download attachments unless you are absolutely sure that they are legitimate.  Just because it appears to come from a friend of yours does not make it legitimate.  His or her email could have been hacked making it appear that the communication and the link are legitimate when they are not.  This technique is called spear phishing.  That is why I always tell you to confirm that the email is legitimate regardless of how good it looks before you download anything or click on a link.

In addition, you should make sure that your smartphone as well as all of your electronic devices are protected with the latest anti-virus and anti-malware software and that you keep these security programs constantly updated with the latest security patches and updates.  In addition, you may even want to consider having a separate smartphone for online banking and other financial transactions on which smartphone you do not do any text messaging or emails in order to avoid falling prey to phishing.