March 5th, 2014
Jackie here. We can learn a lot from the past, especially when it comes to scams. By analyzing the scams of this last year, we can prepare ourselves to better spot scams in the coming year. The Better Business Bureau recently published a rundown of their top 10 scams from 2013. Did you encounter any of these?
- Medical Alert Scam- In this scam a free medical alert system is offered to seniors or their caretakers. A bank account is needed to verify identity. The alert system never arrives and a monthly service fee is charged to the bank account in question.
- Auction Reseller Scam- Have you ever sold an item on eBay? This scam attempts to trick eBay sellers by claiming that there is some sort of emergency that requires the item to ship quickly (an upcoming birthday for example). The shipper agrees to send as soon as payment is received. The scammer uses a fake Paypal email to get the shipper to send out the items for which no payment has been made. This typically occurs with high end and expensive items. We shared the details with you on this scam last October.
- Arrest Warrant Scam- If you receive a phone call about an outstanding arrest warrant asking you to make an immediate wire transfer payment, don’t do it. This is a scam that has been circulating since last year.
- Invisible Home Improvements Scam- Home improvement scams are common. This particular scam makes improvements to areas of your home that you can’t see (like the inside of the chimney). No work is actually done, but the homeowner ends up spending a fortune.
- Casting Call Scam- Do you want to be a star? Don’t fall victim to this scam that tricks aspiring stars into paying fees for casting applications.
- Foreign Currency Scam- Investing in foreign currency might seem like a great way to get rich, but often scammers use the allure of investments to trick unsuspecting consumers. Some consumers even receive foreign currency, but it is often difficult to sell and get a return on your initial investment.
- Scam Texts- Phishing and scam phone calls aren’t your only worries; smishing (or spammy SMS text messages) are a big risk too. Beware of any texts that promise you a prize, that inform you of winning a contest, etc. as they might be a scam.
- Do Not Call Scam- If you read our blog last year, you’ve probably heard of this scam. If you want to sign up for the Do Not Call Registry do so at http://www.donotcall.gov/. Government representatives will not call you for sign ups. You will never need to pay a fee to register your number.
- Fake Friend Scam- When you receive a friend request from an unknown person, don’t accept it. This scam uses fake friends to recommend fishy websites that may lead to malware and ID theft. Before you accept a friend request, make sure you actually are friends with the person in question.
- Affordable Care Act Scam- The biggest scams of last year (and one that will likely continue into this year as well) are various scams relating to the Affordable Care Act. Be on the lookout for these scams and only sign up for health coverage through known and reputable channels. Healthcare.gov is a great resource if you need more information about the Affordable Care Act.
These were the big scams last year; what will this year bring? Stay vigilant and on the lookout for suspicious phone calls, emails, websites and more. These scams were popular last year, but that doesn’t mean they aren’t still hanging around in 2014. Caution is the best way to avoid scams like these.
February 27th, 2014
Jackie here. Like every internet trend, Flappy Bird has generated a trove of scams as scammers seek to cash in on the now forbidden app. Don’t find yourself a victim of a flappy bird scam and possibly identity theft; learn how to spot and avoid potentially dangerous apps. A few minutes of fun isn’t worth compromising your identity.
Released in May 2013 Flappy Bird was a hugely popular app until it was removed from the app marketplaces early this year. The controversy surrounding its removal made the app even more popular. In fact, some people who had the original app installed on their smartphones tried to sell them on eBay for thousands of dollars.
Now that the app is unavailable scammers are cashing in, creating look-a-like apps that secretly rack up phone charges and steal information. Be aware that the original Flappy Bird is no longer available; if you are downloading something called Flappy Bird, it is not a legitimate app. Flappy Bird has been removed by its developer and is not available for sale.
Spotting Malicious Apps
Before you install an app on your device make sure you know what you’re installing. Trend Micro has created a great guide for spotting illegitimate apps. Here are a few tips:
Check the Ratings
User ratings provide great insight into the legitimacy of an app. Popular apps should have many reviews and ratings, so if the one you’re considering does not, it might an imposter. Look at some of the reviews and look for potential problems before you install.
Before you select an app, check it out. Research the app not only in the marketplace, but also online. A quick search may reveal potential problems and scams you should be aware of.
Keep yourself safe from this Flappy Bird scam by choosing your apps carefully and by avoiding malicious ones.
February 21st, 2014
Jackie here. A new hoax is making its way into email inboxes, tricking users into providing their username and password. Be on the lookout for this scam and others like it. Remember, you should never give out personal information in response to an unsolicited email. If you receive a request, delete it or contact the company requesting the information directly (via a verified number or email on their website) email before you reply.
Most people rely on their email accounts, using them for important work messages, contact with family and friends and even keeping tabs on their bank and other accounts. A full email inbox could prove disastrous. This scam preys on the fear of a full email inbox by encouraging its recipients to provide sensitive information in exchange for a storage upgrade. Users are prompted to provide their email username, their password and their birthdate.
If you receive an email like this one, remember that email inboxes often have oodles of storage. Each email provider has different limits, but they are often very generous. For example, Gmail offers 15 GB of storage shared between your email account, Google Drive and Google Photos. You can even check where you are at capacity wise if you are concerned. Yahoo mail offers 1 TB of storage.
Don’t fall victim to this scam. Your email login credentials can be extremely valuable to thieves. Many people use the same username and password combinations across all of their accounts, giving thieves access to everything with just this one email scam. Even if you use varied account passwords, thieves can use email addresses to reset passwords on everything from bank accounts to credit accounts and more.
Be on the alert when you check your email and keep your family safe from identity theft.
February 20th, 2014
Jackie here. Be on the lookout for a new scam involving fake funeral notices. This scam preys on emotion by enticing victims to click on malicious links for more information about a departed family member or friend. If you see a notice like this one, play it safe and click delete. You don’t want to risk ID theft or computer viruses by indulging your curiosity.
Fake funeral notices are popping up in email boxes around the country. The notice usually bears a subject line with something like, “Funeral Notification”. Once they open the email recipients see an official looking email that looks like it comes from a funeral home. While the reported emails at this point all claim to be from a Texas funeral home, this could change as more people become aware of the scam. The email invites the viewer to a celebration of life for a dear friend (name not included in the body of the email) and encourages clicking on the link for more information.
If you receive an email like this one, don’t click on the link. It will direct you to a foreign website that will install malware on your device. The email is not what it seems and is just a clever trick to get people to click on the malicious links within.
February 6th, 2014
Jackie here. Do you check your credit card statement each month? If not, you are just the type of victim the scammers in this new scam are looking for. Check your statements carefully (monthly at least, but more often if you can) and be on the lookout for any charges you didn’t authorize—even small ones.
In this new scam small charges are appearing on credit card statements that appear to originate from an unknown website. Victims of this scam that notice the false charges often visit the listed website for more information. They are directed to a customer service page with a call in number. Upon contacting the company they are promised a full refund (which probably won’t occur). In recent versions of the scam, the reported charges are $9.84, but this is likely to change as more people learn about the scam.
The scammers are preying on the fact that few people check their bank statements. They assume that most people won’t bother to contest (or even notice) such a small charge. The amount taken might appear small, but even small amounts taken from many people can add up to big dollars for the scammers.
How to Protect Yourself
The easiest way to protect yourself from this scam and other similar ones is to check your credit card information often. Write down the purchases you make and compare them with the amounts charged on your card to ensure they match. Report any discrepancies to your credit card company. In most instances you are you are legally entitled to fraud protections should your card be compromised, provided you report the problem quickly.
In addition to watching your statement, be aware that this scam is going around. If you do see a charge from an unknown company, contact your credit card company, not the company in question. Request a new card, even if you’ve been assured the false charge has been cancelled.
Learn more about this scam here.
February 3rd, 2014
Jackie here. Last year we warned you about a tech support scam that was going around. Scammers were contacting people by phone pretending to be from major companies like Microsoft. They would then remotely access the victim’s computer, stealing information and charging for their “services”. While this scam was scary, I recently learned of a new variation on the tech support scam that is even trickier and that has the potential to claim many more victims. Be on the lookout for this scam and never share your financial information or computer login credentials with an unknown caller.
This scam is a follow up to the tech support scam we saw in 2012 and 2013. This time the callers will ask if you’ve recently received tech support. They claim that if you received services you could possibly receive a refund. There are several variations to this scam, including ones where they offer to refund those that were unsatisfied and ones where they claim the company is going out of business and refunding those that have already paid.
The scammer claims they need bank account or credit card information to process the claim. They may ask for remote access to your computer, possibly under the guise of helping you fill out paperwork. This scam has the potential to create double the trouble for those who fell victim to the last scam, as well as reaching new victims.
Avoiding this Scam
Don’t fall victim to this scam or ones like it. If you have paid for phony tech support services, file a complaint with FTC and dispute the charges with your credit card company. Legitimate companies will not call and offer to reverse the charges for you. Never provide your bank account or credit card information to an unsolicited caller.
December 30th, 2013
Jackie here. I recently learned of a new scam fraudsters are using to steal personal information. This scam is a tricky one and could easily fool even the most cautious of consumers into sharing information they shouldn’t. Be on the lookout for spammy emails and remember that banks and credit card companies won’t typically use email to messages that ask for sensitive information.
This scam uses excitement to draw victims in by sending an email indicating they are eligible for a credit line increase. This offer can be especially exciting around the holidays when a little extra spending power is certainly welcome. The email encourages the recipient to click on an email link to activate the new spending limit. Don’t do it; clicking the link could lead to malware, requests for personal information, and a host of other problems.
Avoiding the Scam
While this scam might seem convincing at first, there are ways you can protect yourself. Here are some tips:
- Be Cautious of Emails- Banks, credit card companies, and other financial institutions rarely send account-related information via email. Usually they’ll send an email notification of an update to your account which you can view by logging into their website. If you have questions about your accounts, contact the company directly. They can tell you if you’ve received a credit line increase, etc. without you having to follow a fishy email link.
- Common Signs of Spam- Another way to avoid scams is to look for signs of spam and fraud. Does the email use your name or does it simply address you by email address? Most reputable companies will use your name in an email while scammers may only use your email address. Misspelled words and awkwardly worded text are other common signs of scam emails. In addition, reputable emails will often contain links to the company’s full site, social media accounts, and other legitimate resources.
- Skip the Spam Folder- My email accounts are quite adept at finding and moving scams to the spam folder. While this isn’t a surefire method for identifying scams, I know to be extra cautious of emails I find in my spam folder. Take a look at your spam filter settings to make sure you are making the most of this resource.
Learn more about this scam from the Better Business Bureau.
December 27th, 2013
Jackie here. We talk a lot about social media scams here on the blog. Often it’s spam Facebook or Twitter accounts that are involved in the latest scams. This new scam really stood out since it uses Instagram to trick unsuspecting consumers into sharing personal information. Be on the lookout for this Instagram scam and protect yourself from the potentially devastating consequences.
This scam involves fake Instagram accounts. While many teens and young adults use the site often, businesses may not. This leaves scammers with lots of opportunities to create phony business pages and build up followers. Often, the scammers will create a page (it usually looks legitimate) and host some sort of giveaway to begin attracting followers.
While giveaways are common on social media, you can often spot a phony one by huge prizes, especially if they promise lots of recipients. For example, an offering of a free $250 gift card just for following an Instagram page is probably a scam.
Once the Instagram page has followers they start sending out spam messages asking you to share personal information or click on links. Those that are tricked into doing this may inadvertently load malware to their computers or expose passwords, financial, or personal information.
How to Protect Yourself
While this scam is new to Instagram, it is one you’ve probably seen countless times before on other social media accounts. Protect yourself with these tips:
- Beware of Free- Businesses may do promotions on social media, but odds are they don’t have a specific page solely devoted to freebies. If a page has free or giveaway in its name, it might be a scam. If a giveaway seems too good to be true, it probably is.
- No Photos- Instagram is a photo sharing site. If a business page doesn’t feature unique photos, it’s worth looking twice before following.
- Guard Personal Information- Don’t share personal information like your password with anyone. A legitimate business will never ask for passwords, bank information, etc. in a message.
- Double Check- If you want to interact with a specific business on Instagram, but are unsure if an account is legitimate, call and ask. They’ll be able to direct you to the company’s official pages on all your favorite social media sites. Often businesses will link to their official social media pages from their website.
December 21st, 2013
Tamara here, AllClear ID Investigator. The holidays are here, and even the Better Business Bureau is getting into the spirit by re-creating their annual warning list about common scams during this season, The BBB’s “12 Scam of Christmas.”
BBB’s 12 SCAMS OF CHRISTMAS
On the twelfth day of Christmas,
The scammers gave to me:
Twelve malware e-cards,
Eleven stranded grandkids,
Ten counterfeit gifts,
Eight stolen gift cards,
Seven fake coupons
Six Santa scammers,
Five fake charities,
Four bogus websites,
Three travel scams,
Two phony loves,
And a totally fictitious puppy.
To help you avoid these scams, here are some tips to heed.
• Malware e-cards: That email you got claiming you were sent an e-card, but from someone you don’t know? That’s most likely malware or a virus, which would download itself upon clicking on the attachment or link contained within.
• Stranded grandkids: There are instances where a scammer will hack into an email or other type of social media account and contact the hacked family members and friends claiming to be stranded while traveling and need money. Check with other sources before sending money!
• Counterfeit gifts: So, you found an excellent price on that brand name item for your loved one. Before spending your money, there are a number of ways to ensure the item is legitimate. One of which is making sure to shop at reputable stores and websites.
• Pickpockets: Ensure your pocketbook, wallet, or purse is with you at all times! Even if for a second, do not turn away from your wallet.
• Stolen gift cards: There are a number of ways scammers can get you with a stolen gift card. One way to ensure you’re purchasing a legitimate card is to obtain them from reputable dealers.
• Fake coupons: Every penny counts, but it doesn’t count as much as having your personal information compromised by giving it to a scam artist. Be sure you’re obtaining the deals from the retailer themselves.
• Santa scammers: Before you enter your personal information into a website claiming it will send a letter to your child from Santa, ensure the site it legitimate. It’s probably best to skip any site that asks for an abundance of personal information.
• Fake charities: This time of year charities are included in many people’s gift list. But, be careful. Scammers are aware of that, and will attempt to clone a charity or create a fake charity to finagle the funds from the well intended source.
• Bogus websites: Ensure the site you’re using is legitimate. One way to determine it’s more secure is to look for the “https” in the address bar.
• Travel scams: This time of the year is one of the busiest in terms of travel. When searching for deals, as always, be sure to use a reputable site and ask for references. A quick check of the airline, hotel, or car rental company on the BBB website is always a good step.
So, there it is folks. These tips will help prevent you from being victimized by fraudsters or scammers. Have a good holiday season!
December 20th, 2013
Chris here, AllClear ID Investigator. Overpayment scams are some of the oldest and longest running forms of fraud. The scam can be done several different ways, but the general idea is that you receive a fraudulent check purposefully written for more than what you’re owed. You’re told that it is just a mistake, and to deposit the check, withdraw cash for the amount that you were overpaid, and return the cash to the original sender. It normally takes the bank a few days to determine that the check is fraudulent, by the time they do you have already returned the extra cash to the scammer. The bank then holds you responsible for the full amount of the check, while the scammer gets away with the easy cash.
Know What To Look For
A common overpayment scam to look out for is the “Work From Home Scam”. These scams are made to look like a quick way to get some easy cash, but the old rule of thumb applies here, “If it looks too good to be true, it probably is.” Here’s an example scenario:
You find a job posting online that promises weekly paychecks in exchange for you completing a few simple tasks such as filling out forms or entering data into spreadsheets. The best part is that you never have to leave the comfort of your own home. So you sign up, and spend the week doing the menial tasks that you were assigned. At the end of the week you receive your paycheck, but there’s a problem. You were supposed to be paid $500, but the check is written for $2,500. You then contact your “boss” to report the error. He assures you that it is just a mistake and offers an easy fix. He tells you to just go ahead and deposit the full amount into your checking account and to just return the extra $2,000 in cash. So you deposit the check and withdraw the $2,000 from the account. You return the cash and everyone is happy.
At least until a couple of days later when you get a call from the bank. As mentioned above, they tell you that the check turned out to be fraudulent, and that they are holding you responsible for cashing the check and defrauding the bank. You’re then left to try and explain things to the bank and your local police while the scammer just made an easy $2,000 and is nowhere to be found.
Knowing how these scams work is the first step in protecting yourself from them. Before taking a job online, thouroughly research the company and/or person in charge. The Internet Fraud Watch offers advice for how to avoid getting roped into these scams and working for the wrong person.
December 11th, 2013
Allison here. Anyone who works in logistics, sends cargo, or has cargo to ship across the country needs to pay attention to this scam. Thieves are posing as truckers to load their own vehicles and to steal huge shipments of cargo. Last year, nearly 1,200 cargo thefts were reported, according to CargoNet, resulting in losses of about $216 million. These numbers could be much higher as many incidents go unreported, and this type of cargo theft is growing by about 6 percent each quarter.
About the Cargo Scam
The scam works because the thieves pose as legitimate trucking companies, and with the help of the Internet, they are able to produce insurance policies, fake driver’s licenses, and other documents to appear legitimate. It’s also with the help of the Internet that the thieves are able to find the commodities they want to steal, most often food and beverages, and they show up as if they are going to deliver the goods. Often, the thieves even have the required documents, know what merchandise they are picking up, and where the intended destination is, making them appear to be a legitimate trucking service. Once loaded onto the trucks, the thieves drive away and the commodities dealers don’t know they’ve been scammed until they’re notified that the goods didn’t show up at the intended destination, which is often four or five days after the incident. By that time, the goods are already off the trucks and sold on the black market.
The Risks Involved
This is a type of business identity theft that hurts consumers as well as companies, as customers could get hurt from purchasing the stolen goods. Although food and beverages are most frequently targeted by this scam, pharmaceuticals do make up an estimated three percent of the stolen cargo. In these cases, customers lose the ability to feel confident that their medicine is still up to the quality standards on the pharmaceutical company they are purchasing them from. As for missing food and beverage shipments, they drive up food prices while potentially allowing spoiled and unsafe food into the marketplace. While there is nothing that consumers can do about this scam, it is important to be aware of the possibility that some of the goods we frequently purchase are not free from risks.
For more information, check out this article from Journal Star.
December 2nd, 2013
Jackie here. Lately I’ve noticed a story about a “cash back scam” circulating around Facebook. It seemed a bit fishy to me, so I had to check it out. To keep you safe and informed, I’m sharing what I learned with you all.
This scam starts with a story. It tells of a friend going to the store. They swipe their debit card and decline cash back at the card terminal. The transaction is completed and the tired shopper goes on their way. The next day the receipt is examined and although no cash back was received, the receipt shows a cash back amount. The story claims that this is a tactic cashiers use to steal money from unsuspecting customers. Readers are finally urged to carefully check their receipts to avoid falling victim.
The Truth Behind the Scam
While checking your receipts is always a good idea, this scam isn’t anything to worry about, nor are rumors of the scam anything new. Versions of this scam have been circulating since 2004. It started as an email warning, but is now making the rounds via social media. It is suspected that the scam originated when one customer misunderstood their receipt or requested cash back they didn’t receive. Cashiers cannot alter your cash back preferences from their end or change the amount of cash you’ve requested.
The next time you head out shopping, check your receipt, after all it’s the safest thing to do, but don’t worry about your cashier editing your cash back amount.
November 26th, 2013
Jackie here. I spend a lot of time online which inevitably means I encounter my fair share of scams. From the offer of free airline tickets on Facebook to the promise of a great work from home opportunity with a minimal cash investment, scams are lurking in almost every corner of the internet waiting for unsuspecting victims. Seeing scams isn’t surprising, but seeing how often my friends are fooled is. Learning to recognize scams is an important skill, one that has the potential to save you from the devastating effects of ID theft.
To help you recognize scams and avoid them, I’ve put together some tips that I use to protect myself. Of course, we’re still here to help, but we always want to give our readers as many tools as possible to protect their identities.
One of the easiest ways to identify potential scams is to turn to your favorite search engine. Type in a description of the scam in question and hit search. If it is a scam, there is usually information out there on the internet about it. Another tactic I find useful is highlighting and copying a snippet of text from the potential scam and pasting it right into my browser. Pay attention to the results that come up. Look for scam reports, alerts, etc.
Check Reputable Scam-Busting Sites
Keep up to date on the latest scams by checking out some of the following scam fighting websites. Different scams may be featured on different sites; for the best results check them all regularly.
- Looks Too Good to Be True- If it looks too good to be true, it probably is. This site seeks to inform and educate about scams by sharing scam alerts and victim stories.
- Scam Detector- This website partners with the Better Business Bureau, the Identity Theft Resource Center, and many other organizations to keep people informed about the latest scams. Their weekly listing of the “Top 10 Scams” will help you avoid some of the most common online scams.
- Fraud Avengers- Fraud Avengers also does a great job keeping you up-to-date on the latest scams and fraud attempts.
- Snopes.com- I love using this site to screen potential scams found on social media sites. This site isn’t just for financial scams; I’ve used it to determine if celebrity stories, rumors, and political warnings are true.
Know the Pattern
Scams are a lot like fashion: today’s trends are usually just different versions of previous ones. As a popular scam dies down, another appears. Being aware of past scams will help you recognize new ones. If a link, story or website looks like a scam you remember from the past, it probably is one.
Check the Better Business Bureau
Before making a purchase, signing up for an offer, or working with a new company, check it out. The Better Business Bureau is a wonderful way to screen potential companies and to root out scams in the process. I type in the name of a potential business and their location (you don’t have to use a location if you don’t know it) and then look for the company in the search results. Not every business will appear, but if one does you can find out their rating, the number of complaints the BBB has received and other helpful information.
Bear in mind that some legitimate companies can have bad ratings from the Better Business Bureau; they aren’t necessarily a scam, but they might be lacking in customer service skills or satisfaction.
Learn to Recognize Scams
I’ve gotten pretty good at recognizing potential scams before I ever start researching them. This fact sheet from the ITRC will teach you how to recognize scams for yourself.
Before you share that scam, enter that “contest” or sign up for that “free offer” make sure you protect yourself. Knowing how to recognize a scam will help you avoid ID theft and fraud. Be your own scam detective and help keep yourself and your loved ones safe.
November 23rd, 2013
Ben here, AllClear ID Investigator. The Federal Trade Commission (FTC) has moved to shut down an international network of scammers that sent millions of unwanted text messages, luring consumers in with an offer of “free” gift cards and electronics to entice them into an elaborate scheme designed to take their money and target them with illegal robocalls. These messages promised consumers free gifts or prizes such as gift cards worth $1,000 to major retailers such as Best Buy, Wal-Mart and Target. In most cases it would be impossible for someone to receive this “free” card without spending money, having their credit score hit, and releasing personal information to be sold to marketers.
The complaint names nine defendants who allegedly were involved in operations violating the FTC Act and Telemarketing Sales Rule. According to the complaint, a consumer would follow a link in the unwanted text message and be directed to a site that collected a large amount of personal information. This information ranged from name, address, and telephone number to health information, and would then be sold for targeted marketing purposes. If a consumer was to put in their information for the $1000 gift card they would have to participate in several offers to qualify. These offers would include recurring subscriptions, paying upfront and shipping costs, and even submitting applications for credit that would be reflected on their credit score.
This complaint builds on a nationwide sweep conducted by the FTC in March to crack down on scammers. The FTC files a complaint when it has reason to believe that the law has been violated and that a trial is in the public interest. The FTC works for consumers to prevent fraudulent and unfair business practices, which they feel applies to these robocalling and texting operations.
November 19th, 2013
Jackie here. Every time I get on social media I’m surprised to see how many of my friends are sharing scams, potentially risky links, and more personal information than they should. We talk about social media safety often, but all too often we get online and forget. Even those of us that are fairly savvy at recognizing scams can get fooled as identity thieves and scammers improve their tactics. We might talk about the risks of social media often, but it’s always a good time for a reminder.
I recently read an article written for information professionals about the increasing skill behind online attacks.. Today’s scammers don’t just post a link on someone’s Facebook timeline hoping to get a few clicks. They devise careful plans, created to maximize the number of victims and fool even the most cautious internet user. Although the article was written for those managing company networks, it has some great information we can all use to protect ourselves online.
Friends Aren’t Always as They Seem
Social media feels like a safe place. It’s where we go to chat with friends, network with colleagues, and unwind after a long day. Although you may be choosy about who you friend and which pages you like, accounts can be compromised, so don’t just randomly click on links. Thieves want to increase the odds of potential victims clicking on their infected links. They may steal profiles of users with large followings and distribute their links using the stolen profiles. Friends aren’t the only source of potentially risky links. Scammers may also use trusted profiles of large organizations to distribute their content.
Being vigilant before clicking links is important, but it won’t always keep you safe. In addition, be sure that your computer security is up to date. Install and use anti-virus software, make sure your programs are regularly updated and watch for potential problems. Be aware that friends, favorite businesses, and others may be compromised and sharing risky content. Trust goes a long way into making a scam work; social media scams can be so successful because of the natural trust we place in our friends and associates.
Special Interest Sites Are a Target
Another favorite place for scammers this year is special interest websites. These sites may not have a lot of visits from the general public, but they are a popular place for those with specific interests, careers, etc. Scammers choose targeted victims and then devise plans to compromise them through specific websites they are likely to frequent.
This type of attack is known as a watering hole attack. By poisoning a few select websites and installing malware, scammers can gain access to larger websites with stronger security. For example, thieves may target a company that sells security software and that has access to security certificates and login information for other companies. This type of attack can lead to thieves being able to access information they would otherwise be unable to.
Social media and online threats are constantly changing, but their intent is always the same: to steal information and make a profit. Protect yourself online by being aware of the risks and by closely monitoring your personal information to discover problems quickly.
October 31st, 2013
Jackie here. Not everything you read online is the truth. Take for example the recent rumors of a scam known as the area code scam. According to reports this scam can cost you thousands and you can become a victim by just dialing a phone number. The truth is much less dramatic, although not completely harmless.
Like many other scams, this one starts out with a message designed to lure you in. It might be a voicemail from a stranger explaining that a relative is in trouble and needs your help or informing you that you have recently won a big prize. The message leaves a call back number and urges you to return the call. The return number will start with an unfamiliar area code, typically 809, 284, 649 or 876.
When a potential victim returns the call the scammer may attempt to steal personal information by asking questions or they may simply try to keep the caller on the line as long as possible. Either way, the damage is already done (although if personal information is shared, ID theft could be in the victims near future).
A victim of this scam will notice a problem when their next phone bill arrives. Although these numbers appear to be U.S. area codes, they are not. These area codes are associated with international calls. As such there are special charges that are applied when these numbers are dialed. Some of these area codes may even be the equivalent of an international 900 number, racking up big charges for every minute spent on the line.
You may hear reports that falling victim to this scam will cost you thousands or even tens of thousands. In truth, the charges will probably be less than $100, depending on the amount of time spent on the phone.
What Can You Do?
The best way to avoid this scam is to always check out unfamiliar area codes before dialing. A quick online search can reveal the location of a particular area code, helping you to know where you’re calling before you dial. If you do become a victim to this scam, don’t despair. Often you can get the charges reversed by contacting the carrier where the charge originated. If additional help is needed, contact your phone company. Check your phone bills carefully each month. And of course, never reveal personal information to an unknown caller.
October 29th, 2013
Chris here, AllClear ID Investigator. According to the Federal Trade Commission, military men and women and their families are being targeted more often by identity thieves and scammers. In 2012, the FTC received 62,000 complaints from military families regarding identity theft, and military officials are expecting that number to continue to rise.
The spread of identity theft in the military is widely attributed to the noted over use of social security numbers. It’s common for socials to be used for everything from your military ID card, to checking out gym equipment for recreational use. This is why it is very important for military personnel and their families to continuously make sure that their information isn’t being misused. The best way to do that is to periodically pull and review your credit report.
Every 12 months you are legally allowed to pull one free copy of your credit report from each of the 3 credit bureaus through www.annualcreditreport.com. We typically recommend pulling one of the reports every 4 months so that you can space them out evenly over the course of a year, and keep track of any lines of credit being opened. You can also place fraud alerts and active duty alerts through www.annualcreditreport.com for extra security.
October 24th, 2013
Allison here. We’ve seen those Facebook posts like the one below, warning you of various scams or conspiracies. The general rule with these posts is that they are hoaxes; scam posts meant to scare you that don’t have much truth behind them. That’s not the case with this post. The ATM keypad scam is legitimate.
The ATM keypad scam happens when scammers place a fake keypad over the real keypad of the ATM. You’re able to conduct your transaction without any problems, but the fake keypad transfers your PIN and card information to the scammers. This scam is legitimate, as there are reports of its use in the European Union and in Australia. Although reports of the fake keypad haven’t surfaced in the U.S. yet, there is a similar scam where scammers glue certain keys, rendering them unusable. You find someone at the bank to report the problem, and as you do that, the scammer completes the transaction.
The best way to avoid both scams is to use the touchscreen. In addition, make sure you’re mindful of what ATMs you use—ones at authorized banks may be more secure than those at convenience stores. Of course, you still want to do your best to hide what you’re doing when you are entering your PIN. This extra precaution will guard against prying eyes trying to access your pin.
October 21st, 2013
Jenna here. Our favorite articles this week include a great article about Facebook’s new advertising and privacy permissions for teenagers, a new scam alert warning from the BBB about fake calls from local sheriffs, as well as an article about a proposed NY law designed to help eradicate smart phone theft.
Is Facebook Becoming a Permissive Parent?, Chicago Tribune
Scam Alert–Police Calling? Could Be This New Scam., Better Business Bureau
New York Lawmaker Pushes Bill to Thwart Phone Theft, New York Times Bits
October 2nd, 2013
Jackie here. If you love Netflix as much as I do, you’d be pretty worried if you got an email from the company indicating a problem with your account. You might even take immediate steps to fix the problem, which may in fact make you vulnerable to ID theft due to the latest phishing scam. The Better Business Bureau walks consumers through the red flags they spotted in a recent phishing attempt disguised as an email from Netflix. Check out their post here and keep reading for some tips to help you avoid phishing scams like this one.
In this particular scam, customers receive an email that appears to be from Netflix. The email looks official enough. It features Netflix’s bold red logo and uses an informal writing style characteristic of the company. Unlike many phishing emails, the grammar and English usage are good. The email indicates a problem with the member’s payment method and urges them to click a link to update the information.
As the email isn’t actually from Netflix, the link directs the victim to a site where they provide a credit card number and other information directly to the scammer. This information can then be used to commit fraud or ID theft. As you know, clicking on email links can also lead to sites where malware is installed. This scam could potentially pack a double punch.
Tips for Avoiding Phishing Emails
While some phishing emails are glaringly obvious, others are a lot more subtle. To the casual onlooker, this email could be legitimate, but when you’re on the lookout for scams (and you should always be), you need to look a little more closely. An easy way to avoid any problems is to avoid clicking links in unsolicited emails. It’s much safer to log in to the company’s website and access your account on your own.
Another tip to remember is to avoid using contact information found in a potential phishing email. If you want to verify an email, call the company using a known number, not the one listed in the email in question.
Remember, when it comes to your email inbox, things aren’t always as they seem; phishing emails do a great job of tricking unsuspecting readers into sharing personal and financial information.
September 27th, 2013
Allison here. Most of us are aware of what phishing scams are, what they look like, and what to do if we receive a phishing email (if not, visit the above link for great info). However, scammers have put a new twist on phishing, using text messages that appear to be bank alerts. The alerts ask consumers confirm their banking information. Dubbed “smishing”, banks large and small have been targeted by the scam.
About the Smishing Scam
The scam works by sending a text message that says you need to confirm your account information, whether or not you have an account with that bank. You might have to follow a link or call a number to provide your information. If you follow the link, your smartphone will become infected with malware that gives the scammers access to everything on your phone. Additionally, you might be asked to provide your debit card number and PIN to reactivate your card. But the goal is the same: to collect personal information and to commit id theft.
If You Do Receive a Phishing Text
If you do receive one of these alerts, DO NOT text back or reply in any way. The alert may say that you can text, “No” or “Stop” to prevent future alerts, but this is really just a ploy for the scammers to know that they have a legitimate number. Instead, follow these three steps:
- Forward the texts to 7726 (SPAM on most keypads). This will alert your cellular phone carrier to block future texts from the number.
- Call the bank to notify them of the text. If your bank has been targeted by a scam, they will likely have further information about it.
- Delete the text. Take a screenshot before you do if you want to save it as evidence, but do not reply.
September 26th, 2013
The Diversity Visa Lottery, also known as the Green Card Lottery, is a program administered by the Department of State on an annual basis. The program is designed to issue 55,000 permanent resident visas annually to natives of countries who have low rates of immigration to the United States. The results of this year’s lottery were made available on 5/21/2013, and can be found at http://www.dvlottery.state.gov/. This is actually the only place to find the official results, so be wary of scammers saying otherwise.
About the Scam
According to the Federal Trade Commission, scammers have been sending out fake emails telling people they have won the Green Card Lottery, and asking them to send money in order to secure a spot. Beware of these emails. The U.S. Government does not notify winners by email and will never ask you to send money either through an online payment or via wire transfer. The only way to check the status of your application is to visit http://www.dvlottery.state.gov/. If you are a winner you will be required to pay an application fee, but the payment will be made to the US Embassy or Consulate Cashier at your scheduled appointment. You will never have to pay in advance. Other scammers may try and tell you that they can increase your odds of winning, but this also a scam. If you believe that you’ve already been a victim of this scam, you shoud report it to the Federal Trade Commission.
For more information about the scam, visit this article from OnGuardOnline.gov
September 17th, 2013
Jackie here. It used to be that computer scams and viruses were only a worry for PC users, but lately Mac viruses have been making appearances as well. This “FBI Ransomware” scam is nothing new, but this time it targets both PC and Mac users. If you have a computer, watch out for this scam; we don’t want you to become a victim.
This scam is a common one, popping up from time to time. Here’s how it works: you visit a website and suddenly a window appearing to be from the FBI pops up. The URL is usually some variation of FBI.gov. The message informs you that you have violated the law and that your computer has been frozen. The message instructs victims to pay a fine using a prepaid card to unlock their computer.
This scam might seem scary, but it isn’t actually from the FBI and you don’t need to pay a fine. Paying money via prepaid card will get you nothing, and will set you back financially. The FBI doesn’t freeze computers or solicit fines using this method.
What this scam will get you is a virus, probably some sort of malware. Malware is installed on your computer when you visit certain sites or click on certain links. Paying a fine won’t fix the problem; instead you need to handle this just like you would any virus. Make sure your anti-virus software is up to date and run a scan on your computer. Then head the Better Business Bureau website for step by step instructions to unlock your computer.
Mac or PC, this ransomware scam is no joke. If you come across it, don’t pay the fine and immediately report it.
September 16th, 2013
Jackie here. The end of summer means the start of the fall concert season which is a great opportunity to see your favorite bands, musical artists and plays in person, but be careful. Scam tickets are out there and will surely ruin any night at the show.
Plan Ahead and Buy Ahead
I often don’t hear about a favorite artist coming to town until a couple of nights before the show, but planning in advance will help you to avoid ticket scams. When you buy early, you can purchase directly from the artist or venue, which will help save you money and ensure that your ticket is legitimate. Following your favorite groups on Facebook or watching their websites for tour schedules is a great way to stay aware of what’s going on so you can buy early. If you do buy from a reseller, choose a legitimate one, even if the tickets are more expensive.
Pay with a Credit Card
Credit cards can be your secret weapon in fighting losses related to scams. You see, credit cards have built-in fraud protections that limit your liability in the event of a scam. Using your credit card to pay for tickets gives you options to try to recoup your losses should your tickets be phony. Never wire money to pay for tickets; once you wire money it’s gone forever.
Research the Seller and the Tickets
Before purchasing tickets from a ticket reseller take some time to do your research. First, research the seller online. Entering their name along with terms like reviews, complaints, or scam can help alert you to any scams that associated with the particular reseller. Read through many of the results and keep your eyes open for red flags. You can also check the tickets you’re being offered against a seating chart of the venue. Do the seats they are selling actually exist?
Don’t ruin a great night out by accidentally purchasing scam tickets. These tips will help keep you safe. Learn more here.
September 13th, 2013
Allison here. The national healthcare reform law, better known as the Affordable Care Act or Obamacare, takes full effect in January 2014. However, the Federal Trade Commission and other entities are ramping up for increased fraud and identity theft as the program rolls out and scammers take advantage of the lack of knowledge about the new programs. Below are a few of the new scams you need to watch out for, as well as a warning of how the Affordable Care Act impacts the overall perception of identity theft and the enormity of the problem.
Now, there’s no such thing as an official Obamacare Card However, FreedomWorks is burning ‘mock ObamaCare cards’ as part of a campaign against the health reform law. This has opened up an opportunity for scammers, who say they will give you a national Obamacare card if you provide them with personal and financial information.
Fake Enrollment Websites
Part of the Affordable Care Act is the federal insurance exchange, which 26 states will use to provide health insurance to the uninsured. This upcoming exchange, which begins Oct. 1, has already led to fake enrollment websites and federal insurance exchange websites. These fake sites tend to sell fake insurance plans while collecting personal information to commit fraud or ID theft. Additionally, scammers are also trying to sell fake plans over the phone. These are fraudulent, as no one from the exchange will do this over the phone, and the program doesn’t start until October. Plans can also be cross-referenced with what’s listed online on legitimate websites.
As is the case with many new government programs, the full implementation of the Affordable Care Act will likely bring scams along with it. Make sure you stay up to date on the latest scams to protect your identity, and ensure you are getting legitimate healthcare coverage.
September 12th, 2013
Jackie here. We recently discussed using gift cards and prepaid cards as anonymous form of payment, making this scam alert from the IC3 especially relevant. If you use gift cards, be sure to keep your eyes open so you don’t become a victim.
Gift cards are a popular source of fraud, probably due to their anonymous nature. Thieves can make purchases and access funds, all without ever having to reveal their identity. They utilize many different methods to execute this fraud. Let’s take a look at a couple:
Tactic #1- Steal and Return
Gift cards have no value until activated, so they aren’t usually under lock and key at the store. This makes them very easy to steal. Thieves steal the worthless gift cards, record card numbers and PINs, and then return the cards to the shelves at the store. These cards then wait for an unsuspecting buyer to purchase them and activate the funds. As soon as the card is activated, the thief uses the balance to make their own purchases online.
Tactic #2- Duplicate UPCs
In this gift card tampering method a thief will create multiple identical UPC barcodes for a gift card. These UPCs will be applied to cards at the store over the card’s existing code. When someone purchases a card, the UPC sticker is scanned and the balance added is put directly onto the card with the matching UPC, which is owned by the fraudster. They keep track of the balance, and as soon as it increases they spend it, often before the fraud is noticed by the consumer.
Tactic #3- Stolen Merchandise for Cards
Thieves don’t just tamper with gift cards on display; they also use them as part of other fraudulent schemes. For example, a fraudster might steal merchandise from a store and return it in exchange for store credit. They then use these gift cards as a trade to purchase drugs, other gift cards, or sell them for cash.
Tactic #4- Buying a Card for Sale
People that don’t want a gift card they’ve received often attempt to sell it. This gift card scam preys upon those with gift cards for sale. The thief will contact the seller and act interested in the card. They will request that a three way call be made to the retailer to ‘verify’ the balance amount. The seller calls the merchant with the fraudster on the line and enters in gift card information. The fraudster will then use special software to obtain the card number and PIN, which they then sell online.
Be careful with your gift cards so you don’t fall victim to one of these scams. Check out the full fraud alert from the IC3 here (second alert on the page).
September 10th, 2013
Jackie here. Social Security fraud is a big money maker for scammers, costing taxpayers millions of dollars each year. A few years ago, thieves would steal checks from mailboxes, but now that the Social Security payments are made electronically, they simply reroute the money and deposit it in their own accounts (or onto prepaid debit cards) instead of the victim’s. According to an article on USA Today, there have already been more than 40,000 reports of this type of scam and more are expected as Social Security transitions to an all-electronic system.
What to Watch for
If you get benefits from Social Security, be on the lookout for any suspicious mail from them. Many of the victims highlighted in the USA Today story discovered the fraud when they received a letter confirming their new online accounts. If you receive suspicious mail about an account you didn’t open, contact Social Security and ask about it, but make sure you call a known number for them found on their website, not one that is listed on the suspicious letter.
Another thing to watch for is missing benefits. If you don’t receive an expected payment, don’t just assume it’s late; contact Social Security and find out what is going on with the expected payment. Verify which account it was deposited into and if the account is different than yours, you may have a problem.
How to Protect Yourself
As with most things, prevention is easier than fixing the problem once it occurs. If you don’t have an online “My Social Security” account, set one up now. It is easier for fraudsters to create a fraudulent first time account than to gain access to one that is already established. You can also contact Social Security to block online changes to your account, making it necessary to visit the office in person if you want changes to be made. Fraudsters typically look for the easiest target for ID theft, so taking these steps can provide big protections for your Social Security benefits.
If you get Social Security, or if you know someone who does, make sure that you’re aware of the potential fraud risks and how to protect your benefits from them.
August 19th, 2013
Jenna here. Our favorite articles for the week are here! We have information about a new scam targeting small business owners, as well as an interesting look at whether or not your smartphone pictures can reveal more information than you might think.
Scam Offers Entrepreneurs Help on Documents, USA Today
Rumor: Smartphone Pictures Pose Privacy Risk, MSN News
August 15th, 2013
Aaron here, AllClear ID Investigator. After major disasters, it is very common for scammers to act as charitable organizations, hoping to gain money or personal information from unsuspecting donors or victims to commit id theft. Scammers running fake charities will use the email or telephone to get in touch with people to ask for money. These criminals will even go so far as to contact disaster victims and say they are affiliated with the Internal Revenue Service and will aid the victims to file fatality loss claims and get a refund on their taxes.
In addition, some scammers set up fake websites or disaster funds. This took place a short time ago during the Hurricane Sandy disaster. As a result, Attorney General Buddy Caldwell urgedLouisiana residents to prepare for the 2013 hurricane season (which began June 1), and to watch out for related scams. Caldwell stated, “As hurricane season quickly approaches, I encourage all Louisiana citizens to prepare now for the possibility of a storm…unfortunately, hurricane season is also a time in which unscrupulous con-artists try to capitalize on your misfortune.”
The Internal Revenue Service warns that this type of scam could be very common in 2013. Anyone who has been a victim of a natural disaster or wants to donate to charity to watch for scammers by following these tips:
- If you would like to donate to disaster victims, only donate to well known charities.
- Be cautious of charities that appear similar to well-known charities-scammers often impersonate well-known organizations. You can find reputable organizations by visiting IRS.gov and using the search feature, Exempt Organizations Select Check, this tool allows individuals to find recognized charities to which donations can be tax-deductable.
- Never provide personal information, such as your banking passwords, credit card info, or Social Security number over email. Reputable charities will have a secure system that you can use to donate.
- Never give or send cash. Always use either a check or a credit card
Call the IRS toll-free disaster assistance telephone number (1-866-562-5227) if you are a disaster victim with specific questions about tax relief or disaster related tax issues.
August 13th, 2013
Jenna here. Here are our favorite articles for the week! We have information on two of the latest scams—fake emails from the FBI, and malicious healthcare exchange websites, as well as a story about how hackers are trying to out-smart safeguards against malicious ads.
Spam E-mails Continue to Utilize FBI Officials’ Names, Titles, In Online Fraud Shemes, iC3
Health Insurance Exchange Scam Alert: Beware of Fake Websites, Identity Theft Resource Center
Phone Hackers Build Networks to Deliver Legitimate Ads and Malicious Codes, Bloomberg