Scam of the day – December 15, 2018 – Phony Bombing Threats Being Sent in Large Numbers

Law enforcement officials throughout the country and throughout the world are reporting bomb threats being sent to millions. The targets of the emails are generally universities, other schools, media outlets, courthouses and private businesses. The targeted victims of the scam are told that unless they pay a ransom payment of $20,000 in Bitcoin by the end of the day in which the threat is received, they will be bombed. Law enforcement agencies throughout the country including the New York City Police Department, the Oklahoma City Police and the Massachusetts State Police have all investigated this threat as have law enforcement agencies in other countries. No bombs have been found and the threats have been deemed not credible.

While this scam is unlikely to target individual Scamicide readers, it has much in common with the grandparent scam, in which grandparents are called on the telephone and tricked into sending money to help a grandchild purportedly in trouble, the phony kidnapping scam and sextortion scams in which the target of the threat is told that the extortionist has compromising web cam photos of the victim of the threat. It is extremely easy to contact massive numbers of people with baseless threats that may seem very real, but a thoughtful, unemotional response can help you recognize these scams.

TIPS

Bomb threats should always be taken seriously and should be immediately reported to the police, however, bomb threats asking for ransom are generally scams and if the law enforcement agency informs you that these threats are being sent out in vast numbers, you can be confident that it is most likely a scam.

As for the grandparent scam, sometimes the scammers do not know the name of their victim’s grandchildren, but often they do.  Sometimes they get this information from perusing obituaries which may name grandchildren by name so merely because the correct name is used in the call is no reason to believe the call.  Don’t respond immediately to such a call without calling the real grandchild on his or her cell phone or call the parents and confirm the whereabouts of the grandchild.  If a medical problem is the ruse used, you can call the real hospital.  If legal problems are the ruse, you can call the real police.  You can also test the caller with a question that could be answered only by the real grandchild, but make sure that it really is a question that  only the real grandchild could answer and not just anyone who might read the real grandchild’ s Facebook page or other social media.  As I always say, “trust me, you can’t trust anyone.”

Never wire money unless you are absolutely sure about to whom you are wiring the money and it is not a scam.  Once you have wired money, it is gone forever.  Also,  students traveling abroad should register with the State Department’s Smart Traveler Enrollment Program at https://travelregistration.state.gov/ibrs/ui.  This program can help with communications in an emergency situation.

In regard to the phony kidnapping scam, always be skeptical if you receive such a call.  Never wire money to anyone for anything unless you are totally convinced that what you are doing is legitimate because unlike paying for something with a credit card, once your wired funds have been sent, they are impossible to get back.  Talk to the alleged kidnapper as long as possible, thereby giving someone else with you the time to call  or text the alleged kidnap victim on his or her smartphone.   If the purported kidnapping victim is a young child, call the school to confirm that he or she is safe.   You also could ask the kidnapper to describe your relative as well as provide information, such as his or her birth date, which could be found on a driver’s license, however, it is important to remember that much of this kind of information may be available through social media or elsewhere on the Internet. It also can be helpful for the family to have a code word to use to immediately recognize that this is a scam. If the kidnapper can’t provide the code word, it is clear that it is a scam.

Many of these kidnapping scams are originating in Puerto Rico or Mexico so be particularly skeptical if you receive the telephone call from Puerto Rican area codes 787, 939 or 856.  Also be wary of calls from Mexico which has many area codes which can be found by clicking on this link.  http://dialcode.org/North_America/Mexico/

While the massive reported emails threatening to release compromising videos taken from your computer’s web cam have generally been scams in which the extortionist had no videos it is not difficult to hack into the webcam of a computer from afar.  The same types of tricks used to get people to unwittingly download keystroke logging malware that enables the hacker to gather all of the personal information from your computer to be used to make you a victim of identity theft can be used to get you to download the malware that enables the hacker to  take control of your webcam.  Never click on links in emails or download attachments unless you are absolutely positive they are legitimate.  They may be riddled with malware.  Also, install and maintain anti-malware and anti-virus software on your computer and other electronic devices.  For external webcams that are not a built-in component of your computer, a red light will signal that the camera is operating.  Be aware of this.  It is a good idea to merely disconnect the external webcam when you are not using it or merely take a post-it and cover the webcam’s lens whenever you are not using it.   Last year a photograph taken in 2015 was made public showing Pope Francis using his iPad with a sticker over the built in web camera.  This simple technique is also used by Mark Zuckerberg,  former FBI Director James Comey and me.  It is a simple and easy solution.   For built in webcams, they too will generally have a blue light to indicate that it is operating, however, again, it is a good idea to merely cover the lens when you are not using it.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 14, 2018 – Fraudulent Business Coaching Scammer Settles with FTC

Working at home sounds very appealing.  No commute and you get to work in your pajamas.  What could be more convenient than that? Last July I told you that the FTC sued nine corporations and three individuals involved in the selling of business education products online, through direct mail and at live events. They operated under the acronym MOBE which stands for My Online Business Education and promised to provide a “simple 21-step” system that would make their customers wealthy with little effort or skills. While initial registration in the system only cost about $49, victims of the scam were lured into enrolling in higher membership levels at a cost of as much as $29,997. According to the FTC, the entire operation was a scam and people were thwarted when they tried to get their money back through the company’s promised 100% risk-free guarantee. A judge issued a temporary restraining order against the company stopping it from continuing to do business. Now, one of the defendants in the case, Susan Zanghi has settled with the FTC. Along with turning over frozen assets to the FTC, she is also permanently banned from ever selling or marketing business coaching or investment opportunities. The FTC’s case continues against the other defendants.

Years ago, stuffing envelopes was a common work at home scam. That scam has been updated by other scammers to offers of being paid to read emails, but it remains a scam.  The range of work at home scams is constantly changing and evolving, but the result is always the same – rarely are these work at home schemes legitimate nor do they provide any income except for the scammers who operate them.  Often the advertisements for these work at home scams appear in legitimate media that have not checked out the legitimacy of the advertisements they run.

Recently there has been an upsurge in a work at home scam that actually makes you an accomplice to a crime.  Your job is to receive goods, often electronics that have been shipped to you, inspect them and then reship them to an address provided to you by your new employer.  The problem is that these goods have been purchased with stolen credit cards and you have just become an accomplice to the crime when you ship them to someone else who will then sell them to turn the merchandise into cash.  The term scammers use to describe the people doing the reshipping is a “mule” and it can get you into a lot of trouble.  The companies offering this type of work may seem legitimate, but they are not.

TIP

As always, if it sounds too good to be true, it usually is.  Check out work at home scams with the big three – your local attorney general, the Better Business Bureau and the FTC.  And as always, you can Google the name of the particular company offering you the work at home program with the word “scam” next to it and see what turns up.  As for reshipping scams, they are always a scam and you should steer clear of them.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 13, 2018 – Freezing Your Children’s Credit Reports

In September a new federal law went into effect that permits consumers to freeze and unfreeze their credit reports for free. You can now freeze and unfreeze your credit at each of the major credit reporting bureaus at no cost. In addition, this new law is the first national law to protect children from identity theft. Parents can now create and freeze credit reports for their minor children. Child identity theft has become a major problem and until now only 29 states permitted the establishing and freezing of credit reports for children.

Child identity theft has grown as a problem in recent years. According to Javelin Strategy and Research, a million American children became victims of identity theft last year at a cost of 2.6 billion dollars in total losses to the families. Children have become a prime target of identity thieves who, if they are able to get identifying information on a child, such as the child’s Social Security number, can open a credit report on behalf of the child and obtain credit in the child’s name.  The identity thief never pays back the money accessed through the child’s credit and the child is burdened with a bad credit report that can have a harmful effect on the child when he or she applies for credit, applies for a job, applies for a scholarship or seeks to rent an apartment.  Often the identity theft is not discovered until years after it first happens which makes it more difficult to remedy.

For more information about credit freezes check out this article I wrote for the Saturday Evening Post which described credit freezes in detail.

http://www.saturdayeveningpost.com/2017/08/23/health-and-family/business-and-technology/con-watch-credit-freezes-best-protection-identity-theft.html

TIPS

Here are links to the three major credit reporting bureaus with forms and instructions for freezing your children’s credit reports. Unlike freezing your own credit reports, children’s credit reports must be done through the mail.

https://www.transunion.com/credit-freeze

https://www.experian.com/blogs/ask-experian/requesting-a-security-freeze-for-a-minor-childs-credit-report/

https://assets.equifax.com/assets/personal/Minor_Freeze_Request_Form.pdf

Once you have frozen your children’s credit, be sure to keep the PIN and information on how to unfreeze your credit reports in a safe place.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 12, 2018 – Holiday Pet Scams

Pets, particularly puppies are a popular holiday gift. People buy dogs or other pets online and although they think they are taking proper precautions, they often end up getting nothing in return for the money that they wire to the scammer who may have a website or other way of marketing their non-existent pets with photographs and false information. Often the scammers hook their victims for more and more money, such as when even after the victims has paid for the non-existent dog the victim is asked for further fees for a special crate to transport the dog along with additional transportation company fees.

A study of the Better Business Bureau entitled “Puppy Scams: How Fake Online Pet Sellers Steal from Unsuspecting Pet Buyers” describes this scam in detail and indicates that this scam largely originates in the the African country, Cameroon.

https://www.bbb.org/globalassets/article-library/puppy-scam-study/puppy-scams-bbb-study-20170901.pdf

TIPS

Anyone can have a website that appears to be legitimate and anyone can even steal the name of a legitimate animal breeder. Always check into the reputation of the breeder with the Better Business Bureau, your state’s attorney general and even Google the name with the word “scam” to see if a legitimate breeder’s name that is being used has been stolen for scams previously. Be wary of anyone who asks you to wire money because that is a telltale sign that a scam is going on because once the money is wired, it is impossible to get it back. If you are told that a courier company is being used to transport the animal, check out the company to make sure it is legitimate and actually shipping the dog. There also are a number of ways such as using the website http://www.tineye.com to search the photos sent to you of the dog to see if they appear elsewhere other than the website attempting to sell you a puppy. If so, this is a good indication that you are being scammed. Also, always get a veterinarian report on any animal before you consider buying it. Finally, you are always going to be better off buying a pet that you can see in person prior to buying the pet.

Here is a link to a television interview I did about holiday pet scams:https://turnto10.com/i-team/consumer-advocate/12-scams-of-christmas-phony-pet-breeder

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 11, 2018 – Online Coupon Scams

Everyone loves coupons and like many things in our lives, coupons which used to be found commonly in newspapers and magazines have migrated online. During the holiday shopping season online coupons scams are particularly common. Although the coupons appear everywhere, Facebook has become a particular hotbed for phony online coupons. The phony coupons look quite legitimate which means nothing because it is very easy to copy the a company’s logo and make the coupon appear to be legitimate. The way that many phony coupon scams work is that in order to qualify for the coupon, you must complete a survey in which you are required to provide much personal information that is used to make you a victim of identity theft. In other versions of the scam, the scammer actually asks for your credit card numbers. In yet another version of the scam you are required to buy many costly items in order to claim your “free”coupon. Many of the coupon scams also require you to forward the coupon to friends which make the phony coupons look more legitimate when they are received by your friends. Ultimately, in all of these scams, the coupons are worthless and you get nothing, but the opportunity to become a victim of identity theft.

Here is a link to a television interview I did about holiday coupon scams. https://turnto10.com/i-team/consumer-advocate/12-scams-of-christmas-phony-coupons

TIPS

If the coupon appears too good to be true, it usually is a scam. No company could cover the cost of giving away vast numbers of valuable coupons although sometimes, participants in legitimate surveys are promised a chance to win a coupon in a drawing.  Facebook is a favorite venue for scammers perpetrating this type of scam because often unwary victims will unwittingly share the scam with their friends.  One way to determine if a coupon is legitimate is to look for the expiration date found on most coupons.  The best place to go to find out if a coupon is legitimate is to go to the company’s website to see what real coupons are being offered.  

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 10, 2018 – Marriott Data Breach Update

Last week the hotel chain Marriott announced that it had suffered a major data breach involving its Starwood guest reservation database. Starwood is a group of hotels bought by Mariott in 2016 and includes such well known hotel chains as the St. Regis, Westin, Sheraton and W Hotels. While the data breach was discovered in early September by Mariott, the data breach had been ongoing since 2014. Present estimates are that the total number of people affected by the data breach is an astounding 500 million. Of those people 327 million had personal information including names, phone numbers, email addresses, and birth dates stolen. Millions more also had credit card information compromised. Marriott and law enforcement authorities are investigating the matter. Marriott is also sending emails to affected guests. Now the early stages of the investigation are tending to indicate that the data breach is most likely the work of Chinese government hackers who may have launched the attack to gather intelligence information rather than for profit. If this is correct, it would explain why a data breach that has been going on for so long had not yet resulted in credit card fraud.

TIPS
Marriott has set up a website with updated information about the website. If you had stayed at a Starwood hotel between 2014 until now you should check out the website for more information. Here is the link: https://answers.kroll.com/

Marriott is offering Internet monitoring services at no charge for a year through WebWatcher to people affected by the data breach. Go to the website indicated above for information about enrolling in the program if you were a Starwood customer during the time of the data breach.

If you were affected directly by this data breach, your credit card may be used for fraudulent purposes so you should monitor your credit card statements regularly, although if the recent disclosure of the hacking being done by Chinese operatives for intelligence gathering purposes, the threat of credit card fraud is somewhat diminished. However, regular credit card monitoring is something that we all should be doing.  This is also a good time to remind you that the laws that protect you from liability for fraudulent credit card use are much stronger than the laws that protect you if your debit card is fraudulently used. You should not use your debit card for anything other than an ATM card. Cybercriminals also use the information gathered in data breaches such as this to form the basis of scams that start with spear phishing emails which are emails specifically tailored with information about you and your interests. These spear phishing emails will attempt to lure you into either providing personal information that can be used to make you a victim of identity theft or to click on links containing harmful malware. Everyone should be skeptical of any email asking for personal information or prompting you to click on a link. Never provide such information or click on links until you have confirmed that the email is legitimate.

This also is a good time for you to freeze your credit reports if you have not already done so. Freezing and unfreezing your credit reports is still the best single act you can do to protect yourself from becoming an identity theft victim and since federal legislation went into effect in September, you can freeze and unfreeze your credit reports for free.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 9, 2018 – Web Cam Scam Evolution

For a couple of years, people have been receiving extortion emails in which the intended victim is told that his or her computer and web cam have been hacked and that they have video of you watching porn online. They threaten to send the videos to people on your contact list unless you pay a ransom in Bitcoin or some other cryptocurrency. The truth is that while it is possible to hack into someone’s webcam, these letters are being sent out as mass mailings without the videos they claim to have. The scammers’ hope is that some people will be fearful enough to send the ransom. Now the scam has evolved whereby in order to appear as a more legitimate threat, the scammer includes in the email a password you have used. Again, however, this email extortion threat is baseless, however, the password that is included in the email is indeed one that you have used. It was obtained by the scammer from one of the many data breaches in which passwords were stolen. This emphasizes the need to have unique passwords for all of your online accounts so that if there is a data breach in which your password is compromised, it will not pose a threat to all of your online accounts.

This scam also illustrates the vulnerabilities of webcams to being hacked. There have been a number of scams of which I have reported in which people’s webcams have been hacked and compromising videos taken. Often when people install webcams, they use easily obtained default logins and passwords.  These default passwords are easy to find online.  Generally, when you hook up anything wireless to your router, it comes with a password and login so it is critical that whenever you install any of these Internet of Things devices, you should change the password and login to protect yourself, which leads us to my second concern – routers.  A study by security company Avast found that about 80% of Americans do not properly secure their routers, leaving themselves vulnerable to being hacked.  Many people still use either default passwords or easily guessed passwords, such as “password” for their routers.

TIPS

As we connect to the Internet through more and more devices that are a part of the Internet of Things, it becomes increasingly important to be cognizant of maintaining proper security in all devices including, of course, routers and webcams.  Laziness can have dire consequences.  Never use default logins and passwords.  As soon as you install any device that accesses the Internet, make sure that you protect yourself with secure logins and passwords.

It is not difficult to hack into the webcam of a computer from afar.  The same types of tricks used to get people to unwittingly download keystroke logging malware that enables the hacker to gather all of the personal information from your computer to be used to make you a victim of identity theft can be used to get you to download the malware that enables the hacker to  take control of your webcam.  Never click on links in emails or download attachments unless you are absolutely positive they are legitimate.  They may be riddled with malware.  Also, install and maintain anti-malware and anti-virus software on your computer and other electronic devices.  For external webcams that are not a built-in component of your computer, a red light will signal that the camera is operating.  Be aware of this.  It is a good idea to merely disconnect the external webcam when you are not using it or merely take a post-it and cover the webcam’s lens whenever you are not using it.   Last year a photograph taken in 2015 was made public showing Pope Francis using his iPad with a sticker over the built in web camera.  This simple technique is also used by Mark Zuckerberg,  former FBI Director James Comey and me.  It is a simple and easy solution.   For built in webcams, they too will generally have a blue light to indicate that it is operating, however, again, it is a good idea to merely cover the lens when you are not using it.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”