Protecting Yourself from Gift Card Scams

It doesn’t matter what the occasion is, gift cards are a popular gift. However, if you are giving them, or getting them, you could be part of a scam. There are more gift card scams out there than you might think, and it includes both digital and physical cards.

gift cardIt doesn’t matter where you get the card, here are two ways that scammers use them to make money:

The “Assistant Gift Card Scam”

Small businesses are often the target of the assistant gift card scam. We see this a lot in the financial services industry, or really any other industry where you have a service professional who has assistant that manages administrative tasks.

The scam works like this: the scammer scopes out the service professionals website, he might make a phone call or send an email seeking out a secretary or assistant, and then reaches out to that assistant usually via email or even text, spoofing the communication medium and posing as the service professional.

In that communication, the criminal posing as the service professional requests the administrator go out and buy five gift cards for clients and to send pictures of the gift cards with the activation codes on the back scratched off.

Once the criminal receives the photos with the codes, he immediately cashes them in.

The best way to prevent this, is always by getting on the telephone and calling your boss to make sure that the request for gift cards is a legitimate one.

Using a Gift Card to Transform it to Cash

If you get a $200 gift card to a store, and then it’s stolen, it’s like you have lost money. It’s essentially the same as if someone stole $200 from your pocket. You might be wondering how a scammer can turn a gift card into cash. Here’s how it works:

  • The thief takes a gift card out of your gym locker.
  • Instead of using it it at the store, he puts an ad online offering it at a $50 discount saying he’s in a rough spot and needs cash.
  • Someone takes him up on the offer and sends him $150 via Venmo.
  • The thief then goes and uses the gift card at the store. He takes the item he bought and sells it on eBay….and never ships the card to the person who bought it.
  • So now, he has the $150 plus the cash he got from selling the item he bought.

Infiltrating Gift Card Accounts Online

Another way that a thief can scam people by using gift cards is by taking advantage of software. They use a botnet which is also a robot network of computers design to hack, to gain access to an online gift card account. Here’s how it works:

  • You log into your gift card account.
  • The botnet also tries to log into your account. They randomly keep trying until they guess the password/code.
  • Though it’s not guaranteed, the botnet could guess the password/code for your gift card, and if it does, you can say goodbye to the balance.

Protecting Yourself from Gift Card Scams

  • Don’t believe everything you read online. If a deal is too good to be true, it probably is.
  • Anytime a service professional requests a straighter buy a bunch of gift cards, get on the phone and talk to that person directly to confirm the legitimacy of the request.
  • Buy a gift card straight from the source, not from a random Facebook ad.
  • Don’t buy any gift cards at a high traffic location as it’s easy for scammers to hide their scam.
  • Change the security code of the card if you can.
  • If you have access to an online account, change your password and username.
  • As soon as you suspect something fraudulent is going on, report it.
  • Spend the money on the card as quickly as possible.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Be Aware of These IRS Stimulus Check Scam Tactics

The IRS has taken the step of urging taxpayers to be aware of emails and calls that can lead to people giving up their personal info to cybercriminals.

The IRS has been telling taxpayers to take more care than before during this time. They has also reminded people that the IRS does not call taxpayers to collect or verify financial information in order to get a faster refund. The IRS also will never email nor text you asking for any information.

Cyberthieves have been taking advantage of people in times of trouble, and now that we are literally in the middle of a global pandemic, these scams are definitely on the rise.

Don’t Fall for It!

The IRS has seen many more phishing scams than ever before. It is easier for scammers to get money than you might think. All they have to do is give the IRS fake bank information. In most cases these days, the IRS will direct deposit payments right into the bank accounts of taxpayers. If you have never provided this, you can go online and do it…but so can scammers. If the IRS doesn’t get this information, it begins mailing checks, and of course, these can be intercepted by a scammer.

It is also important that you realize that people who have retired and don’t have to file a tax return simply get a check. They don’t have to do anything, and this makes retirees common targets for cybercriminals. The bad guys often reach out to older people by phone, mail, or email and ask for information such as their bank account number or Social Security number in order to verify their check. But remember…the IRS will never contact taxpayers via phone.

Additional Information

There are a number of signs that something could be a scam, and the IRS wants to remind people of this. Here are some of those signs:

  • In the case of the stimulus checks, the official name is the “Economic Impact Payment.” If you see other terms, like “Stimulus Check” or “Stimulus Payment,” it is probably a fake.
  • If you are asked to sign over a check to someone, it is definitely a scam.
  • If you are asked to verify your financial or personal information via text, mail, phone, or social media, it is a scam.
  • If the check you receive doesn’t look right, it is a scam.
  • If someone contacts you and says you can get your check faster if you give them more information, it is a scam.

How to Report an IRS Scam

If you think you are a victim of this type of scam, you should report it. If you get a fishy email, you should forward it to phishing@irs.gov. Experts also recommend that you don’t engage with cybercriminals on the internet or the phone. You can read more about this on the IRS website.

If you have questions about how the IRS is dealing with the coronavirus pandemic, you can look at the agencies Coronavirus Tax Relief page on the internet.

Finally, consider identity theft protection services. While none of these services will prevent tax related identity theft, there are expert restoration agents on the ready to work with potential victims of this type of crime.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Gift Card Scams: What You Need to Know

You might not realize it, but hackers are making a ton of money thanks to phishing attacks, and now they have started to focus on gift cards. Scarlet Widow, which is a notorious scam group out of Nigeria, has really been boosting its efforts to romance scam people and using gift cards. The group is typically focused on people in the US and UK, and is also well known for tax scams, and rental scams.

Gift Card ScamsAre you a person who is at risk of being scammed by a group like Scarlet Widow? The group generally focuses on large or medium sized businesses including non-profits, such as the Boy Scouts of America, the United Way, and the YMCA. The scammers work by sending staff members emails, and though most people notice immediately that these emails are actually scams, it only takes one email to put a company at risk.

Common Targets

From around November of 2017 to today, Scarlet Widow has been targeting thousands of people and non-profits. It is also targeting the tax and education industries. Remember, the group only wins if they get access to email addresses from these organization, and they might put malware into the systems or use phishing links. Honestly, it doesn’t matter what method the hackers use, once they are in, the scam begins.

What is the Scam? 

So, what is the scam? Scarlet Widow tends to use traditional scams, but these days, the group has started using gift card scams. When we look at data from late 2018, we see that more than 25% of people who were scammed during that year said that they were victims of gift card scams.

The thing is, scammers really love this type of scam because they have fast access to cash, they can do it all anonymously, and once the scam is done, it is very hard to fix. Basically, all the scammer has to do is sweet talk their way into having someone buy a gift car, taking a photo of it, and they now have the money that was on it.

Typically, Scarlet Widow asked for iTunes or Google Play cards, but they have also been known to ask for gift cards from place like Walgreens, Target, or CVS. You might think it’s a bit strange that these people could actually con others to pay for services like cell phone service with a Visa gift card but remember…these are experts at manipulating people.

They often come up with a story about a sense of urgency, like this amazing deal will expire in three hours, and people actually fall for it. One example of this is an administrator from a financial advisory company I’ve worked with actually sent a scammer $1500 in iTunes gift cards. Why did she do it? She was duped into thinking the email was coming from the head of the finance department in the company she worked for.

One way to get a hold on this is to set up some type of security awareness training, but I even know someone in the industry who fell for it. It was an assistant of a security awareness trainer. She got an email that she believed was from her boss. It asked for five $500 Apple gift cards, which were going to be sent to their top five clients. So, the assistant went to Walgreens, bought five cards, and then, just as the email said, she scratched them to reveal the codes, took photos, and sent them back to her boss.  Except, it wasn’t her boss…it was a scammer who was now $2500 richer.

There are some limits to what scammers can do with gift cards, but they will do anything they can to get more money coming into their pockets. So, if you ever get a request for a gift card, be smart and use a ton of caution.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

10 Ways to Keep Yourself Safe from Shopping Scams During the Holidays

The winter holidays are a time for friends, family, and fun…and also fraud. Here are 10 ways that you can protect yourself from shopping scams this holiday season:

Gift Card Scams

Don’t ever give anyone your credit card information to claim a gift card that you hear about via email.

Shop Smart

Online shopping? Don’t do it while connected to a public Wi-Fi connection. These are not secure, and anyone can get access to your bank account, credit card, or log in information. Instead, use a VPN or your home network.

Be Careful with Coupons

Coupons can be great deals, but if they look too good to be true, you should assume that it is

Protect Your Passwords

Make sure you change passwords regularly for all sensitive accounts. Also, make sure that you don’t repeat passwords from account to account. When you create your passwords, you should randomly make them a mixture of both upper- and lower-case letters along with symbols and numbers. Make it at least 12 characters. You can use a password manager to help you remember it.

Set Up Two Step Verification

Consider setting up two step verification. Once you log into an account, you will receive a numerical code via text, which serves as a second verification for your account. This stops people from logging into an account unless they have both your log in information and your phone.

Think Before Clicking

Don’t click on links that come into your email, even if you think it’s from someone or a company you know. Big companies like Walmart, Kohl’s, Macy’s, etc, usually do not send links like this in email, so if you see one, ignore it. Scammers create these links in the hope that you will click it. If you do click one, it may download a virus to your computer or take you to a fake site, where you might be tricked into entering your credit card information.

Keep Your Bank and Credit Card Secure

Look into the type of security measures that your bank uses, and then use them. You also might consider setting up push notifications or push alerts through your credit card company so you get an email or text message with every charge.

Employment Scams

You are likely to see ads during this time a year that advertises for jobs that pay way more than they should. $50 an hour for filling out surveys? Skip it.

Review Your Financial Health

Each month take some time to review all of your financial accounts to see if there is any activity that seems suspicious. Even a small charge can be very suspicious. Often, a scammer will make a small transaction to test things out.

HTTP vs. HTTPS

When you see an “S” at the end of the HTTP portion of the URL, it means that the site is secure. Only do shopping on sites with that “S.” Finally, make sure you update your browser before you shop.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Beware of these Pandemic Phishing Scams

These days, even though we are all, for the most part, stuck at home, trying to be safe from COVID-19, that doesn’t mean that we are safe from cybercrime. Cybercriminals continue to target victims, even in this environment, and many of these scams are related to COVID-19. This is pretty common when something like a crisis comes down, so you have to remain vigilant as you go through your daily life. Here are some of the things you should be looking for and being aware of:

phishing scamRelief Fund Scams

As we look towards our government officials for help, they have been sending out money to people who have lost their jobs or become impacted financially by the COVID-19 crisis. Criminals have started to create phishing scams that look identical to the correspondence that might come from the government. They do this to trick people into revealing their personal information. Currently, if you are in the UK, Australia, or the US, you are probably being targeted.

Infection Maps that are Malicious

Cybercriminals are also taking advantage of the public’s interest in COVID-19 infection maps. Organizations like Johns Hopkins are creating these maps, but cybercriminals are following close behind and releasing their own. All they have to do is set up their own websites, and then stick malware in them. They can do this for little to no money, and then they can make a huge profit thanks to ID theft and other dastardly deeds.

Impersonating Official Health Organizations

You also need to keep an eye out for cybercriminals who are impersonating official health organizations, including WHO – the World Health Organization, or the CDC – Centers for Disease Control. They are doing this by designing a number of different phishing scams. These started all the way back in February, and they are continuing to be sent. The criminals are setting up a sense of urgency, so that people are more apt to give up their information.

Scams with COVID-19 Testing Kits

There is also a lot of interest in COVID-19 testing kits, and as you might imagine…the bad guys are targeting these people, too. Not only are these scams spreading via email, according to the FCC, Federal Communications Commission, but also with robocalls, text smishing, and more. The FCC has even announced that it has found a big range of robocall scams that are associated with coronavirus, including things like debt consolidation, work at home opportunities, and even student loan repayment plans. There are also specific scams that are targeting small businesses.

Medical Supply Scams

Finally, we have medical supply scams. These are similar to the testing kit scams but the cybercriminals are using these medical supplies, like masks and gloves, as a lure to get people to give them money. There are more and more of these websites popping up with huge discounts on medical supplies. Many of these sites are offering limited-time sales and want Bitcoin for payment, which is a big sign that you could be getting scammed.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Beware of IRS Stimulus Check Scams

The IRS has been urging taxpayers to be aware of calls and emails that might lead victims to give up their personal information to cyberthieves.

IRS Commissioner, Chuck Rettig, has been urging people to take more care during this time. He reminds taxpayers that the IRS won’t ever call to verify or collect financial information in order for you to get your refund faster. The IRS will also never email taxpayers asking for this information. Fraudulent text messages are also on the rise.

Cybercriminals have always taken advantage of times of trouble, and now that we are in the throes of coronavirus, they are continuing this. While people are waiting to get their stimulus payments and tax refunds, it is extremely important to remain vigilant.

Don’t Fall for These Scams

The IRS has definitely seen many more phishing schemes. In most cases, the IRS deposits these payments directly into the bank accounts of the taxpayer. Those who have previously filed, but have not provided direct deposit information, must provide this on the IRS.gov website. If they don’t do that, the IRS will mail a paper check to the taxpayer.

It is also important to mention that the IRS has reminded those who have retired and don’t have to file a tax return that they don’t have to do anything in order to receive their stimulus check. Cybercriminals tend to focus on seniors, and they may try to reach out by mail, phone, or email and ask for information such as Social Security numbers, bank account numbers or other identifying info. The IRS will not contact these people, so don’t give any info if you are in this group.

Other Information from the IRS

The IRS is also reminding taxpayers that there are signs that something is a scam. Here are some of them:

  • The official term of the payment is “economic impact payment.” If you see terms like “Stimulus Payment” or “Stimulus Check, it’s probably a scam.
  • It is a scam if someone asks you to sign over your check to them.
  • It’s a scam if they ask you to verify your personal or financial information via phone, text, social media, mail, or email.
  • If they suggest that you can get your money faster by supplying information, it is a scam.
  • If you get a check in the mail that seems a bit off, and then you are asked to verify information online, it is a scam.

Reporting These Scams

If you believe that you might be a target or victim of a scam like this, you should do your best to report it. If you get an email, for instance, you should forward it to phishing@irs.gov.

It is also recommended that you do not engage with potential scammers on the phone or internet. There are guidelines on how to deal with this on the IRS.gov website.

Official information about the IRS and how it is dealing with the COVID-19 pandemic is also available online at the Coronavirus Tax Relief page online.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

Two Common Government Employee Impersonation Scams: What to Watch For

One of the biggest threats that taxpayers are facing these days is an aggressive scam where criminals call victims and pretend to be IRS agents. The goal? To steal money.

All year but especially during tax filing season, the IRS will see a big surge in the number of scam calls, which tell victims that they will be arrested, deported, or have their driver’s license revoked if they don’t pay a fake tax bill.

How the Scams Work

These scammers make calls to people and claim to be from the IRS. They inform the victim that they have an unpaid tax bill, that must be paid immediately, either through a prepaid debit card or wire transfer. To make this sound even more legitimate, the scammers might also send a phishing email or make robo-calls to the victims.

To get the victims to pay, and to pay quickly, they make threats, as mentioned above. On top of this, they also can alter the number they are calling from through caller ID spoofing services to make it look like the IRS is actually calling. The scammers also will use badge number and IRS titles to make themselves sound more official.

The IRS is onto these scams, of course, and it has released information to remind taxpayers to be aware of them. For instance, a report from the Treasury Inspector General for Tax Administration, TIGTA, states that there are more than 12,000 people who have paid more than $63 million due to these phone scams over the past few years.

Recognizing an IRS Scam

There are certain things that the IRS will never do, so if you see any of these things, or you are asked to them, you can be sure that it’s a scam.

The IRS will NEVER:

  • Threaten to bring in local police for not paying your tax bill
  • Ask you to pay via a gift card or wire transfer
  • Demand that taxes are paid without question or the opportunity to appeal
  • Ask for debit or credit card numbers over the phone
  • Call about an unexpected refund
  • Call to collect money without first sending a tax bill

If you get a call from the “IRS” asking for any of this, hang up.

There are Social Security Administration Scams Out There, Too

The IRS is not the only government agency plagued by scams. People are also getting scammed by people claiming to be from the Social Security Administration, or SSA. The goal here is to try to get your Social Security number.

Basically, someone will call you and claim to be from the SSA in an attempt to collect your personal information, including your Social Security number. If you get a call like this, you should definitely not engage with the caller, nor should you give them any money or personal information.

One of the ways that scammers are so good at getting this information is that they try to trick their victims by saying their Social Security number has been suspended due to suspicious activity, or that it has been connected to a crime. They will ask the victim to confirm their SSN in order to reactivate it.

Sometimes, they might even go further with this and tell the victim that their bank account is about to be seized, but they can keep the money safe…by putting it on a gift card, and then sending the code to the scammer.

You might wonder why people fall for this, but it really is easy for these scammers to change their phone number to show the same number as the SSA on caller ID. But this is a fake number…it’s not really the Social Security Administration.

There is also the fact that the scammers will say that someone has used your personal Social Security number to apply for a credit card, and because of this, you could lose your Social Security benefits. They also might say that your bank account is close to being seized, and you must withdraw your money or wire it to a “safe account,” which is, of course, the account of the scammer.

Here’s some of the details about these scams that you need to know:

  • Your Social Security number won’t be suspended. You never have to verify your number to the SSA, either and the agency can’t just seize your bank account.
  • The SSA will never call you about taking your benefits or tell you that you must wire money to them. If you are asked for money from the SSA, it is a scam.
  • The SSA’s number is 1-800-772-1213, but scammers are using this to appear on caller ID. So, it looks legitimate. So, if you get a call from this number, hang up and call it back. This way, you can be sure you are talking about the SSA and get the information you need…or find out that someone was trying to scam you.

Do not give your Social Security number to anyone over the phone or via email…also, don’t give your credit card number or bank account number to anyone over the phone or via email.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Florida City Pays Hackers $600,000 after Scam

Riviera Beach, a city in Florida, has agreed to pay a $600,000 ransom to hackers who attacked its network.

This week, the City Council voted to pay the demands after coming up with no other option to meet the demands of the hackers. It seems that the hackers got access to the system when a staff member clicked on a link in an email, which uploaded malware to the network. The malware disabled the city’s email system, direct deposit payroll system and 911 dispatch system.

According to Rose Anne Brown, the city’s spokesperson, they had been working with independent security consultants who recommended that they pay the ransom. The payment is being covered by the city’s insurance. Brown said that they are relying on the advice of the consultants, even though the stance of the FBI is to not pay off the hackers.

There are many businesses and government agencies that have been hit in the US and across the world in recent years. The city of Baltimore, for instance, was asked to pay $76,000 in ransom just last month, but that city refused to pay. Atlanta and Newark were also hit with demands.

Just last year, the US government accused a programmer from North Korea of creating and attacking banks, governments, hospitals, and factories with a malware attack known as “WannaCry.” This malware affected entities in over 150 countries and the loses totaled more than $81 million.

The FBI hasn’t commented on the attack in Riviera Beach, but it did say that almost 1,500 ransomware attacks were reported in 2018, and the victims paid about $3.6 million to the hackers.

Hackers often target areas of computer systems that are vulnerable, and any organization should consistently check its systems for flaws. Additionally, it’s important to train staff about how hackers lure victims by using emails. You must teach them, for instance, not to click on any email links or open emails that look suspicious. It is also imperative that the system and its data, and even individual computers, are backed up regularly.

Most of these attacks come from foreign entities, which make them difficult to track and prosecute. Many victims just end up paying the hacker because the data is precious to them. They also might work with some type of negotiator to bring the ransom down. In almost all cases, the attackers will do what they say and allow the victims to access their data, but not all of them do. So, realize that if you are going to pay that you still might not get access to the data. Ransomware simply should not happen to your network. If all your hardware and software is up to date and you have all the necessary components and software that your specific network requires based on its size and the data you house then your defenses become a tougher target. Additionally, proper security awareness training will prevent the criminals from bypassing all those security controls and keep your network secure as it needs to be.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Anyone Can Scam You, Even Your Folks

You might feel pretty safe with your parents, but more and more stories are coming out about scammer parents—especially when it comes to getting into college.

By now, we have all heard of the famous faces who have gotten caught up in the college admission scandal, but they are not the only ones. Other families are also involved in the scandal, including a wealthy Chinese family who paid $6.5 million in 2017 to get their daughter admitted to Stanford. They did not pay the school, of course, but they did pay college consultant Rick Singer, who is at the center of the college admission scandal.

The Los Angeles Times broke this story, and it is unknown, at this time, if the family knew that they were doing something wrong. Neither the family nor the student, who all live in Beijing, have been charged with any crimes. Stanford has released a statement to say that it has not received any money from the student’s family (or from Singer), and it was not even aware of any of this until the Times’s story was published.

Other families associated with the college admission scandal are starting to get their days in court, including Bruce and Davina Isackson, who pleaded guilty in a Boston federal court for their involvement in the scam. They were the first to plead guilty and also the first who have said that they will fully cooperate with the investigators and testify against the other parents who are accused in the scandal.

The Isacksons are accused of paying $600,000 to ensure that their daughters were admitted into the University of California, Los Angeles and the University of Southern California. The money was paid to admit both of the girls to the schools as fake athletic recruits, and it was used to pay Singer to rig the entrance exam score for one of them.

The couple did release a statement through their attorney. They expressed their regrets for their actions and stated, “Our duty as parents was to set a good example for our children, and instead we have harmed and embarrassed them by our misguided decisions.”

There are many parents involved in this scam, including 12 parents who have already agreed to plead guilty. This includes actress Felicity Huffman.

Other parents are fighting the charges, and they could be in for a rough road; the parents and coaches who are helping the investigators are full of information, and it could harm any efforts of those whom have pleaded not-guilty.

Since the scandal has hit, even former coaches are stepping up, including those at USC and the University of Texas at Austin. This also indicates that there could be more indictments coming soon.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of Conference Invitation Scams

Conference invitation scams are those that involve a scammer sending invitations out to events with the intention of scamming the invitees. These might be real events or fake events, and the scammers target people including business professionals, lecturers, CEOs, researchers, philanthropists, and more. The goal here is to steal the identities of these people, and eventually get money by taking advantage of their victims.

Spotting a Scam

There are usually some pretty clear signs that you could be dealing with a scam involving a conference invitation. Here are some things to look for:

  • The invitation has typos or bad grammar
  • The invitation seems very random or out of no where
  • The conference name sounds like a conference you might be family with, such as Tech Crunch, but it’s spelled differently, like TekCrunch
  • The invitation asks that you pay a premium price to attend, which includes accommodation and transportation
  • Payment options don’t include credit cards
  • The invitation is overly flattering
  • There is a sense of urgency pushing you to send personal information
  • The greeting on the invitation is questionable, i.e. “Salutations.”
  • The invitation asks for sensitive information in return for “covering” your conference cost, accommodations, and transportation.
  • The conference is held in a different country, i.e. Asia or the Middle East
  • The landing page doesn’t have a physical address or landline number
  • The invitation sounds too good to be true

How Do These Scams Work?

In general, the scammer begins the scam by sending an email to a target victim and invited them to attend or speak at a conference. The scammer usually uses the victim’s social media pages to get information about them, which helps them to create a more personalized email.

The victim is told to register for the conference, which involves giving personal information. Additionally, they could be asked to pay a fee to attend, which could be over $1,000, depending on how long the conference is said to last. Usually, this is where the sense of urgency comes into play, as the scammer will say the conference is filling up or they need to know if they can count on the victim to speak. If not, of course, they must find another speaker, so the victim must confirm as soon as possible.

If the targeted victim complies with this and sends their information, the scammer may have enough information to steal the victim’s identity. Additionally, the scammer can use the name of the victim to promote the conference, especially if it is someone well-known in the industry.

If the victim goes through with all of this, they will quickly find out that they have been scammed. A scammer might also try scamming people who are actually going to a legitimate conference. They claim that they are part of the organization running the conference, and they need information and to collect fees. Of course, since the victim already signed up for the conference, it is easy to believe this scam without giving it a second thought.

Protecting Yourself from Invitation Scams

Here are some tips and tricks that you can use to protect yourself from these types of scams:

  • If you get an email similar to ones described here, don’t respond.
  • You should investigate any invitation that you are not sure of.
  • Do not agree to send money, and only pay with a credit card.
  • Don’t agree to give any personal information; a conference organizer doesn’t need to know your Social Security Number
  • Research the event and try to match up the information that you were given in the invitation email.
  • Copy and paste some of the email into Google to see if others have reported that this is a scam.

What to Do if You are a Victim If you have become a victim of a conference invitation scam, there are steps you should take immediately. First, get in touch with your financial institutions, like banks and credit card companies, and make them aware of this. Next, you should contact the location police and authorities in the area where the conference is allegedly supposed to be held. You should also get in touch with the Better Business Bureau about the company, and you can report the scam online via the BBB’s Scam Tracker or the Federal Trade Commission’s Online Complaint Assistant.  Finally, you can also report the scam to the FBI through its Internet Crime Complaint Center.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.