Tag Archives: scam

What in the Heck is Smishing?

You’ve probably heard of “phishing” – when hackers send bogus messages to your email, hoping that you’ll reply or click a link so that they can get their hands on your information. But there’s a new version of this scheme that’s gaining prevalence, and it targets your smartphone. This scam is called “smishing” as in “phishing via your SMS (text) messages.”IMG_1698

One of the most popular smishes takes the form of a “Congratulations! You’ve won X prize from X company! Reply to this message to receive your reward!” text message to your smartphone. Do not reply to messages like this! Even if you figure out that it’s a scam and you really want to reply with something like “Go blank! your blank! you scamming blank!” – don’t do it. Yes, it would be cathartic, but the act of replying will only affirm to the smishers that your phone number is active, and you’ll receive more of this type of message (plus you’ll probably just be replying to a robot anyway, and robots are unfazed by profanity).

These “congratulations” messages, if replied to, may also ask you for your credit card information to allegedly pay for the shipping and handling costs of your prize. Never give out this information in a situation like this. Many messages like these have claimed to be from Walmart or Target. The Walmart messages have been used by smishers so frequently that at one point the company issued a statement saying that they absolutely never send consumers messages asking for sensitive information via text.

Another smish is one that will claim to be from your bank or another seemingly credible or important institution. The message will claim to be urgent and will request a reply. If you receive a text like this, do not reply via text message. Instead, look up the phone number for the bank or company and call them directly.

Other tips related to smishing prevention:

  • If a text message comes from the number 5000, it’s a smish. It’s safest to delete it without even opening it.
  • You may want to set up a text alias with your provider. This will allow you to receive and send texts, but the texts that you send will show up under your “alias” rather than your real number. It’s like having a secret phone number. Then you can block incoming texts to your “real” number and give family and friends your alias. Ask your service provider about how a text alias works.
  • Never give any sensitive information (your social security number, bank account information, etc) to anyone that you don’t absolutely trust.

Don’t let yourself get smished! If you’re receiving any messages that might be from smishers, report them to your service provider. You may also want to report suspicious messages to the Federal Trade Commission.

Sources:

http://www.nbcnews.com/technology/technolog/smishing-text-messages-seek-your-credit-card-info-947348

http://netsecurity.about.com/od/secureyouremail/a/Protect-Yourself-From-Smishing-Attacks.htm

http://learningcenter.statefarm.com/safety-2/family-1/avoid-the-dangers-of-smishing/

Skype Spam/Scam from Scum: Rory Gilbert-mrrorygilbertel@gmail.com

This is new.

I’m being scammed/spammed via my Skype account from a Rory Gilbert.

Of course, it’s simple for scummy scammers to create thousands of fake Skype accounts and send out scams and spam like this.

In any case, if you hear from this particular Rory Gilbert on Skype, you should know that this is a scam.

Note that he never uses my name.  He’s just looking for anyone with the common last name of Kraft.

The typical NIgerian 409 Fraud Scam, perpetuated via Skype.
The typical NIgerian 409 Fraud Scam, perpetuated via Skype.
[11:33:48 AM] Rory Gilbert: Hello  Kraft

I am sorry to contact you unannounced through this medium. I am Mr. Rory Gilbert a former staff of Barclays bank dubai, United Arab Emirate . I write you this proposal in good faith hoping that I will rely on you . In 2006, one Mr. Daniel Kraft

who has same name as yours and who has your country in his file as his place of origin, made a fixed deposit for 36 calendar months, valued at $18,400,000.00 with my bank. I was his account officer before I rose to the position of Manager Director now. The maturity date for this deposit contract was 16th of January 2009. Unfortunately, while on a business trip ,he died in a deadly earthquake that occurred on May 12, 2008 in Sichuan province of China which killed at least 68,000 people.
Since the last quarter of 2009 until today,the management of Barclay’s bank have been finding a means to reach him so as ascertain if he will want to roll over the Deposit or have the contract sum withdraw .Since September 2009,when I discovered that this will happen , I learnt of his death ,so I have tried to think up a procedure to preserve this fund and use the proceed for charity .

Some directors here have been trying to find out from me the information about this account and the owner, but I have kept it closed because, I know that if they become aware that Mr Daniel is now late, they will corner the funds for themselves. Therefore, I am seeking your co-operation to present you as the one to benefit from his fund at his death since you have the same name, so that my bank head quarters will pay the funds to you. I have done enough inside bank arrangement and you only have to put in your details into the information network in the bank computers and reflect you as his next of kin.

I am not a greedy person, so I am suggesting we share the funds equal, 50/50% to both parties My share will assist me to start a charity organization to help the poor and also own a company which has been my dream.
Let me know your mind on this and please do treat this information as TOP SECRET. We shall go over the details once I receive your urgent response strictly through my personal email address,  mrrorygilbertel@gmail.com Have a nice day,and may GOD bless you.
Best regards,

MR. Rory Gilbert.
mrrorygilbertel@gmail.com

 

I have blocked this user on Skype and reported the message as abuse.

I suggest you do the same.

Your Grandparents May Be Victims of Identity Theft

Over the holidays, I did a lot of visiting with my grandparents. When I told my grandmother that I have been writing stories about identity theft protection, she mentioned a scam that she had heard about concerning identity thieves targeting senior citizens.

New Scam

Apparently, scammers are currently trying to steal from your grandparents. The new scam preys on unsuspecting grandparents who are concerned about the well-being of their loved ones. It works like this; senior citizens are sent an email or issued a phone call saying that their grandchild is in trouble and needs to be wired money.

The email or phone call will provide an address to wire money to, which thieves promptly intercept. And just like that, grams and pops are out a chunk of retirement money.

You’re a Winner! … Or Not

Another popular scam aimed at senior citizens is one that calls them to notify them that they have won a lottery or a prize and then asks them to provide checking account information so that their prize can be deposited. Thieves then clean out grandma’s checking account. A popular name used by scammers is one that is clearly recognizable by many older people – Publisher’s Clearing House.

Easy Target

Senior citizens are often targeted to by victims of identity theft for a number of reasons. First, because they are less likely to regularly monitor their credit report. Senior citizens are also less likely to be as

someone wants to steal from your grandma.  Image provided by Flickr creative commons user Beny Schlevich

tech-savvy, making them easier targets for online phishing. They also may have life-savings and other retirement funds that are attractive to thieves who are looking to make a buck.

A New York Times article from September of 2012 cites the FBI as warning that senior citizens are also targeted by identity thieves because, culturally, people who were raised in the 1940’s and 50’s were brought up to be polite to strangers and trusting.

Prevention

Senior citizens should be cautioned not to accept prizes that they are informed about over the phone or online, especially if they have not entered into any sweepstakes or contests. The caller or suspicious email may also ask for them to send money first to collect their prize or ask for sensitive information like a social security number. Phone calls like this should be considered especially suspicious if they originate from an overseas phone number or an unknown email sender.

They should also be in close contact with their bank to check on the status of their checking and savings accounts. Many senior citizens are not aware that they have become victims of identity theft until debt collectors start calling to demand payments for transactions that identity thieves have made in their name.

Talk to the older people in your life about the prevalence of identity theft and how to prevent scammers from taking their hard-earned money.

Sources:

http://www.identitytheft.info/seniors.aspx

 

Too Good to be True: Federal Grant Scams

This federal agend was a Sly Fox flickr-edenpicturesI received a very strange phone call today. My caller ID said that the number was “unavailable.” I usually ignore calls from numbers that I don’t recognize but today I was feeling froggy and decided to answer it.

An unfamiliar man’s voice with a very thick accent asked if he was indeed speaking with Ally Levise. Frowning and feeling irritated that someone was about to try and sell me something, I told him that yes, he was.

I absolutely hate telemarketing calls – I feel bad being mean to telemarketers or hanging up on them because, well, telemarketers are just trying to make a dime like the rest of us.

There’s no need to yell at them or try and ruin their day.

It’s politeness to the point of inconveniencing myself.

It’s irritating.

With my identity confirmed, the man proceeded to tell me that he was from the Federal Reserve and that I had been awarded a grant of $7,000 from the federal government.

I waited a beat, expecting him to tell me that first I had to subscribe to three different magazines.

“Okay… what do I have to do?” I humored him. Continue reading Too Good to be True: Federal Grant Scams

Smartphone Users Under Attack From Malware

While many smartphone users take extreme care to protect their computers from malware and viruses, the same can’t be said for their smartphones. Many users think of their phones as a mini computer, but still fail to take the proper precautions for protection. With the latest round of malware affecting Android smartphones, it’s plain to see that something needs to be done. Let’s take a closer look at the latest threats as well as how to protect your smartphone.

 The Latest Malware Scams

Two malware scams have recently came to the forefront and it seems the attacks are being targeted at Android smartphones. Named Loozfon and FinFisher, these threats can not only affect your phone, but may affect the phones of your contacts as well. The first piece of malware in question, Loozfon, uses the promise of online work from home jobs to lure smartphone users to the website, where the malware is loaded onto the phone. The malware then accesses the information of the user’s contacts and the user.

FinFisher is a bit different in that the spyware is installed onto the phone in order for the attacker to be able to remotely control the phone. The malware may be placed on the phone after visiting a certain website or the user may receive a text message with a link that leads to a supposedly important update. Of course, both of these scams are just two of the newest malware scams to affect smartphone users. There are many more out there waiting for the opportunity to infect your phone.

How to Keep Your Smartphone Safe Continue reading Smartphone Users Under Attack From Malware

New E-Mail Scams and Warnings: Citadel Malware Want to Extort Money

The FBI warns of another new virus making its rounds on the Internet and it does more than just try to shut down your computer. It also attempts to get money and credit card information from those affected.  When the computer is rebooted or restarted, a screen comes up telling the user that they have violated federal laws and that they now owe a fine.  Once the fine is paid, the virus continues working in the background and can steal credit card or banking information.

The following are the details of this virus attack:

Citadel Malware
This new Citadel malware has been established strictly to extort money from users who do not know any better.  When the computer is restarted or rebooted, an official looking screen from the FBI informs the computer user that the computer’s IP address has been locked. It states that this is due to child pornography or other misuse of the internet.  The user then must send $100 to the FBI as a fine through a throwaway prepaid money card.  This is called “ransomware” and is not something that the federal government has put on the computer.

Ransomware
Ransomware is a virus that specifically asks those who are affected to pay money to unlock their computer.  Once the amount requested has been paid, the computer is unlocked and can be used again.  Neither the FBI nor any other government agency would lock a computer due to any Internet browsing activity.  If they think there is something going on that requires their attention, they will seize the computer from the home and take it to their lab for further investigation.  Never pay a ransom such as this, no matter how official it may look.

Eradicating the Virus
If your virus protection software is not up to date then you need to do so immediately before you get the virus.  In the event that it is already on the computer, it must be taken to a professional who can get rid of the virus.  The only other way to remove it is to download software but that is not practical when the computer is locked.  Never send any money to anyone who states that is the only way to unlock the computer.  You also should also contact your banking institutions and let them know you have the virus and then file a complaint here.

The FBI reminds us:

To report potential e-scams, please go the Internet Crime Complaint Center and file a report. Note: the FBI does not send mass e-mails to private citizens about cyber scams, so if you received an e-mail that claims to be from the FBI Director or other top official, it is most likely a scam.

If you receive unsolicited e-mail offers or spam, you can forward the messages to the Federal Trade Commission at spam@uce.gov.

It is never fun getting a virus but most virus protection software can handle finding and removing the small ones.  This type of ransomware malware is relatively new and your virus protection needs to be up to date in order for it to be productive.  If you do get this virus, take your computer immediately to a professional who can safely and completely remove it and then file a complaint with the Internet Crime Complaint Center.

 

 

Guest post by Lisa Mason.  Lisa Mason is a freelance writer and VP of Special Media for Social Media Sun.

Counterfeit check fraud schemes target U.S. law firms

Press release from the FBI 

03/12/12—The IC3 continues to receive reports of counterfeit check schemes targeting U.S. law firms. The scammers contact lawyers via e-mail, claiming to be overseas and requesting legal representation in collecting a debt from third parties located in the U.S. The law firms receive a retainer agreement and a check payable to the law firm. The firms are instructed to deposit the check, take out retainer fees, and wire the remaining funds to banks in China, Korea, Ireland, or Canada. After the funds are wired overseas, the checks are determined to be counterfeit.

In a slight variation of the scheme’s execution, the victim law firm receives an e-mail from what appears to be an attorney located in another state requesting assistance for a client. The client needs aid in collecting a debt from a company located in the victim law firm’s state. In some cases, the name of the referring attorney and the debtor company used in the e-mail were verified as legitimate entities and were being used as part of the scheme. The law firm receives a signed retainer agreement and a check made payable to the law firm from the alleged debtor. The client instructs the law firm to deposit the check and to wire the funds, minus all fees, to an overseas bank account. The law firm discovers after the funds are wired that the check is counterfeit.

Law firms should use caution when engaging in transactions with parties who are handling their business solely via e-mail, particularly those parties claiming to reside overseas. Attorneys who agree to represent a client in circumstances similar to those described above should consider incorporating a provision into their retainer agreement that allows the attorney to hold funds received from a debtor for a sufficient period of time to verify the validity of the check.

True crime examples include:

This Charleston law firm reported being “scammed” out of $390,000 with this type of scheme.  Other law firms in the area report similar methods of being approached. These cases were tracked to Japan, Canada and Nigeria.

The Attorney General of Michigan offers this information on counterfeit check fraud schemes, which targeted not only law firms but individuals, mystery shoppers, and hotels.

The California Bar Journal provides this article  and warns that not only could the law firm be “on the hook” for the outstanding funds with the bank due to a counterfeit check scheme, but that they could possibly come under investigation by the California State Bar Association and how scams like this damage a law firm or attorney’s reputation.

One variation on the counterfeit check cashing scheme involves Continue reading Counterfeit check fraud schemes target U.S. law firms

Don’t play games with your online and mobile banking

Last month the FBI warned consumers about a new online backing hoax as warning consumers about, called “Gameover.”  Gameover is a malware (software designed to hurt your computer and to steal information) that comes to you via an email message, supposedly from National Automated Clearing House Association, the Federal Reserve or the FDIC.

How does Gameover work?

The message attempts to trick you into logging into “your account” or a reasonably, believable fake site, and basically handing over your information as you log in.  Gameover takes over your computer and is able to obtain usernames, addresses, passwords and then of course, your money.  But that’s not the best part of this “game.”   The “bad guys” then attempt to make sure you can’t head over to bank account in a new window or tab and use their link instead by creating a Denial of Service attack.  a DDOS attack shuts down a business or person’s website using a botnet at the server so the link “in” maybe the only way you see to handle your personal finance emergency.

No mystery to these mystery shoppers

The newest investigations have uncovered that once the money is stolen Continue reading Don’t play games with your online and mobile banking

Slow down! That’s not a real traffic ticket it’s a scam

With the use of cameras at lights it is not unheard of to get a traffic ticket in the mail.  I admit, I recently received one, including a really bad photo) as I went through a light, lost and looking for signs.  My first in over 15 years, but that’s beside the point. However, there’s a new scam in town coming to your straight from your email.  This email message claims to be a traffic ticket from New York and it directs you to “click” the link to open your ticket, see your charges and find out how to pay the fine.   At first glance it looks “legit.”  It even has a return address @nyc.gov.

There are a great many people who would fear that somehow they got notice of a traffic ticket, whether they have driven in New York or not.  Maybe they sent it to you because of a data entry mistake on the driver’s license input.  What if they suspend your license? But before you panic stop and think about these things.

Have you driven in New York?

How on earth did they track your email address by your driver’s license?

and

Could this possibly be a scam?

The answer to the third question is yes, it is a scam.  But not the type you might think.  Instead of a “spam” scam which most likely would be trying to harvest your credit card number for credit card fraud it’s actually a Trojan, a hidden virus that will gather information from your computer and drop more malicious content. This virus is  identified as “Troj/Invo-Zip and it is described as one ” that could allow attackers access to your Windows system and give them the ability to drop more malicious files on it.

Internet security firm Sophos received many messages today on their Facebook page about the email scam/virus from all over the world.  I think it’s safe to say anyone that received it in Thailand is just going to ignore it.

How can you be safe from viruses and email scams?  Remember just because a link is there doesn’t mean you have to “click” it especially when it is a fake ticket.   Keep your antivirus programs updated and but the brakes on email scams by simply not opening them.

 

Another Gold Mining and Gold Investment Scam

We’ve long been warning that as the price of gold and silver and various other commodities picks up, new scams will come along similar to all the phishing and Nigerian fraud emails which have been going around for years.

In the case of this gold mining fraud email, Berewa Mining (with an @yahoo.co.uk address?) is asking you to confirm your address is real by sending them a response.

While they are not asking for more than a reply email at this point, this is the first step in a series of steps in which they will attempt to gain your trust, seducing your better nature into believing that they really do have gold dust or gold to export, which they will “give” to you, if you’ll only give them:

– Your bank account details
– Your social security number
– An address where you can receive some package and re-send it along to them

We don’t know the endgame here. But if you receive an email from berewamining01@yahoo.co.uk, or an email that looks like the one below, know that it’s highly suspect and very likely a scam.

If you actually want to buy gold or silver, do it through reputable companies like GoldMoney or Apmex.

GoldMoney

APMEX

————————————–
SCAM EMAIL BELOW
————————————–

From: Berewa Mining
Date: Sat, May 28, 2011 at 6:04 AM
Subject: gold
To:

Dear Sir,

I am writing to you as a Miner and Miner’s representative We have offices in Dakar Senegal and free town sierra Leone & Banjul the Gambia,Guinea Conakry as well as Burkina Faso.

our firm is ready to do business with any interested person or persons who is ready to exploit in our field of business.

I have the mandate to arrange for prospective buyers who are interested to buy our diamonds and gold here,we have fine uncut stones, (assorted Parcels) sizes from 1.5 to 17carrat and colors are from (D TO I), AND PURITY IS CRYSTAL CLEAR,(v v s 1, v v s 2, e.t.c.
Our prices are moderate and negotiable, we take our products through all the various processes ( bank, customs and Kimberly certificate) in the interest and safety of our customers because our customers interest comes first.

We give you the best deal ever around the sub-region .
You will not be disappointed for doing business with us.
Your reply will be appreciated and treated with urgency

Yours truly,
Koroma