Catfishing Scammer tells all

Catfishing is when someone creates a phony online account—and not necessarily to scam someone for financial gain. An article on vice.com tells all about a person who’s been catfishing for eight years.

9DShe started in middle school by creating “Joey” on MySpace. She then commented, as “Joey,” on her real MySpace page to make herself appear that some cool kid named Joey thought she was pretty.

She got older and didn’t have friends. Don’t blame her for this. Her mother was an addict and father behind bars. She wanted friends, but years of abuse impaired her ability to integrate with people—as herself.

So she created more fake accounts, to create the self she wanted to be. She snatched photos of a cool-looking girl on MySpace and created an account for “Amanda Williams.” The common name would make detection of catfishing impossible.

Because Amanda’s photo was stunning and her account presented with confidence, many people began adding her and sending flattering messages and friend requests.

Our girl here spent loads of free time on social media, constructing Amanda’s life. (Can you see how it’s believable that many adults do this with Facebook? There’s even a site where you can hire a Photoshop specialist to alter and beautify your headshot for only five bucks, and shop you onto a galloping horse or a sailing boat.)

One day our girl, posing as Amanda, messaged a classmate that Amanda liked her, figuring that this would get out and make the other kids think she was cool if Amanda liked her.

But she got busted because it was discovered that Amanda’s phone number was the same as hers.

Then she was hooked on catfishing, and this awful experience only taught her to be more cunning. So she created a new account—with the same photos used for Amanda Williams (not a bright idea), but she blocked her classmates.

After ninth grade, she was transferred to a vocational school due to bullying. All free time was spent on social media doing you-know-what.

More clever this time, she gradually added about 150 “filler friends” to make the account look legitimate, then began adding desired friends. She’d steal photos from Facebook and then block that person’s friends to avoid getting busted.

She then created subaccounts to add to the authenticity. This was done by taking Instagram videos and posting to Facebook. She used Photoshop to fake the “proof” signs.

The phony Amanda Williams account, studded with stolen photos, backstories and fake friends, made our unfortunate girl feel validated. But to her, the fake friends of Amanda Williams were real enough to “speak” to. Those made-up friends cared about her. They were more real to her than people in real life who didn’t care.

She even managed to lasso a cyber relationship through Amanda Williams, but her conscience won out and she fessed to the young man the truth. He vanished after that. But it haunts her because she wonders if she could have accomplished this without Amanda.

She admits to being addicted to catfishing for attention, which has prevented her from working on relationships with real people in person. She’s created more than 20 fake accounts thus far, excluding the subaccounts, which perhaps total 200. But she claims all of this has been therapeutic, though at the same time, heartbreaking.

Today she’s 21 and still friendless in real life. She’s never been employed. But she admits to how wasteful this addiction has been. She hardly leaves the house due to social anxiety; her reality is inside her computer.

She’s in therapy, though, and only one of the fake accounts is active. She can’t part with it. “My existence hinges on this fake account,” she says in the vice.com article. She raised Amanda as her child, giving her new hairstyles, even. Amanda grew up, but her creator is still crippled inside a cocoon.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

5 Auto Repair Scams

You take your car to the mechanic; it’s been making a funny grinding noise when you press on the gas pedal. The mechanic tells you what’s wrong and what needs to be fixed, then socks you with the estimate.

1SHow can you tell he’s not embellishing a lot of the “diagnosis”? You know nothing about cars. You have to take his word for it. What if the second opinion is also from a scammer and sounds a lot like the first opinion? You’re screwed.

An article at carbuying.jalopnik.com describes five auto repair scams.

Charging for repairs you don’t need.

  • The mechanic says he fixed the problem.
  • The problem still persists.
  • You take the car back and he “diagnoses” the “real” problem and fixes that.
  • The problem still exists.
  • The game repeats but finally the issue is corrected, but you get charged for the first two “repairs,” which never had to be made in the first place. The mechanic scammed you, and this is illegal.

Saying something is wrong when it’s not.

  • What an easy way for a mechanic to make money and get away with it, especially if the “something wrong” is a small repair. He can really clean up if he pulls this stunt on dozens of customers.
  • A version of this is to find something out of place or not working optimally and tell you it needs to be replaced—even though a repair will fix the problem.
  • This is illegal in many states.

Overcharging for parts or labor. 

  • It’s so easy for a mechanic to do this. How do you know that the four-hour job wasn’t really a two-hour job?
  • Do you know how much a shock absorber or new brakes should cost?
  • Though prices for the same product vary from one shop to the next, consider yourself scammed when the charge is way over the norm.
  • You also shouldn’t pay a mechanic for his inexperience. If he honestly took four hours to do a job that should have taken two hours, you should not be charged for the extra two hours.
  • Get a price and labor estimate before authorizing the work. AND GET IT IN WRITING.

Theft

  • Yes, mechanics have been known to steal valuables including performance features of the vehicle. Even taking a candy bar is illegal.
  • The shop may tell you to file an insurance claim. They’re scamming you because this isn’t how it should work. Since they had possession of your car, the onus is on them that something is missing.
  • Don’t leave valuables in your car.

Joyriding

  • In your car, that is.
  • After the work is completed, the mechanic takes your wheels for a spin.

Damaging your car by accident.

  • They owe you to fix the damage.

If you believe you were scammed, call your lawyer, not your insurance company.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Tell your Grams about these Scams

Do we really get wiser with old age, or just more vulnerable to all the scammers out there? Here are the top scams directed towards senior citizens.
9D
IRS
The phone rings; it’s from the IRS, claiming you owe money.

  • Caller ID says IRS (spoof technology).
  • Caller says if you don’t pay within 24 hours, you’re going to jail.
  • Caller wants your bank account information and routing number, or wants you to wire what you owe.
  • Or, caller says IRS owes you, but to get the refund, you must pay a processing fee within 24 hours.
  • The IRS never calls people for back taxes; it sends a certified letter.
  • Refunds are sent via snail mail without the IRS ever notifying you.

Reverse Mortgages

  • There’s no monthly payment, but whatever balance and interest has accumulated by the time the borrower sells, it must be paid back. If the borrower dies before this, family members must pay it.
  • Misleading ads make it seem this loan is affiliated with the government.
  • You CAN lose your home.
  • If you run out of equity before you sell or die, you’ll need to repay the loan. If you can’t, it’s foreclosure time.

Sob Story

  • The caller identifies self as a grandchild, great niece, etc.
  • Or, the caller says he’s your grandchild’s doctor, lawyer, etc.
  • The caller is in trouble and wants you to wire them money ASAP.
  • They may know details of the person they’re impersonating and you as well, because they’ve visited that person’s Facebook page—and yours.
  • If you ask if you can call back, the caller won’t accept this.
  • Asking additional questions about the “accident” or “burglary” won’t get you answers.

Obituaries and Funeral Homes

  • The caller says that the deceased owes a debt.
  • Or, the caller says he provides funeral services.
  • The victim is a spouse usually.
  • A funeral home that you’re already working with may also try to scam you by talking you into the most expensive casket, memorial plaques, etc.

Phony Pharma

  • Caller or e-mail sender claims to be from the government or authorized by such, to fill your drug prescription at a cheap price.
  • You must act now because the great deal is for a limited time.
  • If you DO receive something, it’s probably vitamins in a prescription bottle.
  • The crook may know details about you from reading your Facebook page.
  • A similar scam exists for Medicare.

Solutions

  • Use a mobile phone as much as possible; scammers usually call landline numbers.
  • Never answer the phone if the number is unfamiliar or says IRS.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Beware of these 10 Nasty Scams

Let’s look at the top 10 scams (random order).

9DCharity

  • A fraudster claims to represent a charitable organization.
  • Such scams can operate ring-style, such as one out in Colorado some years ago in which women wearing crisp white dresses that resembled the dresses nurses used to wear, and also wearing white caps (like a nurse), solicited motorists for money by walking around at stoplights holding out tin cans that had a label on them like “Help Fight Drugs.” Many people were fooled by the white outfits and labeled cans.
  • Check out the legitimacy of the organization at bbb.org or charitynavigator.org.

E-mail

  • You receive an e-mail that seems to be from a legitimate company, like your bank, the IRS, UPS, etc. In the message is a link that you click. You just downloaded a virus.
  • Never click links inside e-mails. Contact the company by phone.

Cell Phone

  • Your cell phone rings once. You don’t recognize the number. You call back. You then get charged about $20. Whatever happens after a connection is made, you’ll also be charged a high fee per minute.
  • Ignore one-ring calls. If it’s important they’ll call back.

Credit Card Fraud

  • Ever see a tiny charge on your credit card but have no idea what it was for? It’s probably by a crook.
  • Always report even the smallest charges if they’re unfamiliar.

Sob Story

  • You get an e-mail that seems to be from someone you know. They’re overseas, got mugged, sob sob…and need you to wire them money.
  • Don’t send them a penny; it’s a scam.

Sweepstakes and Lottery

  • “You’ve Won!” shouts your new e-mail. So you click the link in the e-mail to claim your prize—which is a nice fat virus that infects your computer.
  • Run like the wind if the message tells you that you need to pay a fee to claim your winnings.

Jury Duty

  • Your phone rings. You answer. The caller tells you that you’ll be subject to fines because you didn’t show up for jury duty. But relax, you can avoid the fines by providing personal information or paying a fee.
  • Courts have better things to do than to call people who missed jury duty (do you realize how many calls that would be?!).
  • Though failing to report for jury duty does have consequences, the action is never initiated via phone.

Computer Lockout

  • You turn on your computer and see a message stating the device is locked.
  • To unlock it, you’re told to provide sensitive information.
  • Contact your security software provider or a local geek.

WiFi Hacking

  • You connect to free WiFi thinking your secure. But waiting in the wings is a hacker to sniff out your data.
  • Always use a VPN such as Hotspot Shield to encrypt your data over free WiFi.

Home Improvement

  • Someone appears at your door wearing a workman’s outfit and offers to do a job for a dirt cheap fee. They want the money upfront and will return later to do the work, or some variant of this.
  • Stick with bonded, insured, reputable companies. Refer to Angie’s List or the BBB.

Health Care

  • Someone calls you offering to help you sign up for health care.
  • Hang up; it’s a crook because government officials don’t do this.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of Vacation Rental Scams this Summer

Talk about getting taken to the cleaners: Imagine you spot a great summer rental property advertised online. Looks wonderful. The deal sounds too good to be true, but the owner tells you (via e-mail or even phone) that the fee is correct. You apply for the rent and send in the required upfront payment.

9DThen you head down there for the first time to see an empty lot. It then dawns on you that the owner was really a crook who used some photo he found online and advertised it for rent. And if losing your money isn’t bad enough, the thief now has other private information on you like your Social Security number.

How can you protect yourself if the property is too far away to check out in person? Limit yourself to only local rental properties that you can actually physically check out first? Whether or not you can do that, here are safeguards:

  • Copy and paste the rental description into a search engine. If it shows up elsewhere consider it a scam. However…a smart crook will alter the wording so that this doesn’t happen!
  • Google the listed address and see if it matches up. Google any other information connected with the ad, such as the landlord’s name.
  • If you locate the property on another site that lists it for sale, the rental ad is a scam.
  • Request a copy of the owner’s driver’s license to verify property records at your county assessor’s office.
  • If you can’t physically visit the property, use an online map to get a full view, including aerial, to make sure it actually exists. But this doesn’t rule out scam. The property may exist alright, but the ad you’re interested in was not placed by the owner, who’s either not renting at all or might be selling the place.
  • Conduct all communication by phone.
  • Never wire transfer an upfront payment or pay via prepaid debit card—two red flags for a scam. Pay via credit card.

Honest landlords can be scammed, too. They should search the information of responders to their ads to see what comes up.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Top 12 Scams Happening NOW

Scamerama is here to stay! Scams are as old as time, and evolve as inventions and technology evolve. Top scams, according to a report on FraudAvengers.com, are as follows:9D

  1. Scammer “accidentally” overpays you for an item you sold online; you cash the crook’s phony check and wire back the difference. You’re out cold.
  2. You order something online and it’s not delivered or version arrives that’s nothing like in the advertisement.
  3. You prequalify for a credit line or loan that seems too good to be true. It requires upfront fees and sensitive information—and you end up never hearing from them again.
  4. You “win” a prize or gift card and, to receive it, must give out sensitive information and/or pay a fee. This scam occurs also via phone, and sometimes the scammer uses well-known brand names.
  5. Calls from people claiming to be IRS reps warning you that you owe money—or that you’re owed money—and that you must pay up immediately or go to jail, or pay a fee to get your refund.
  6. Crooks harp on the vulnerability of confused people seeking health care coverage every fall during open enrollments.
  7. You purchase the puppy in the online photo, pay fees for shots, crating, etc., and the puppy never arrives.
  8. “Human Resources” e-mails that make you think they’re from your employer; you provide critical information that allows the scammer to hijack your direct deposit setup.
  9. The fraudster’s “service” helps recover unclaimed property or funds, but there’s no recovery—even after you’ve paid a fee or given out sensitive information.
  10. An online job offer looks great: no experience required, start immediately, full-time—after you pay a training fee and/or give up your SSN online.
  11. A medical plan that seems too good to be true—because it’s not coverage; it’s just a discount plan.
  12. For a fee, the thief claims to be able to help you get out of debt or recover from recent identity theft or some kind of fraud, playing on your vulnerable state.

Seriously, none of these scams would happen to you if you just paid attention. Please, beware, be careful and be smart.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Trusting too much brings Trouble

There will always be the person who lives on the Equator to whom you can sell an electric heater. As they say, there is a sucker born every minute.

12DThis is why cyber criminals will always have a field day, like the crook who posed as a tax man who got an elderly couple to send $100,000 to an offshore bank account after he tricked them.

This was a fear-based scam. The other two categories are compassion and self-interest. And just because a person can’t be frightened doesn’t mean that their heart strings can’t be tugged by a charity scam.

Elderly people and those with low income are more likely to be tricked. Other people…well, you just have to wonder what’s between their ears.

For example, the popular Microsoft scam involves a person calling the victim to tell them that their computer has a virus. The caller is a crook who wants to convince the victim to allow him remote access to the computer. Don’t the victims ever wonder how the heck Microsoft would even know their computer had a virus? Red flag, anyone?

Some say ask the caller for their number so you can call back–they’ll probably hang up. Probably. The scammer may have a number in place just to cover this possibility. Really, just hang up. It’s a scam.

Some people will just keep giving money out, again and again, to the same scammer; it’s not always a flash-in-the-pan payout. What compels them to behave this way? Perhaps it’s to continually convince themselves that they’re not dumb enough to be scammed.

Another way cons trap people is by asking for small amounts of money first; this lowers the victim’s guard.

More Popular Scams

  • Charity. These can range from natural disaster relief to donations for made-up charities, or those with names very similar to well-known ones.
  • Rental. The crook sends the landlord an overpayment by check of the first month’s rent before living there, then tells the landlord to wire back the difference. The check bounces.
  • IRS: Always hang up on callers identifying themselves as tax people claiming you underpaid or are owed a refund, even if the caller ID says “IRS.”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How Hackers use LinkedIn to Scam

Hackers love LinkedIn because it links them in—straight through the portal of the targeted company. Geez, how much easier could this be, what with all the publically-exposed e-mail addresses of key players (and also worker bees) in big companies that someone wants to hack.

4DAn article on blog.sungardas.com was written by a white-hatter (his job is to try to hack his clients’ systems so that they know how to make them more impenetrable to the bad guys). The author says he’d make a beeline to LinkedIn if he became a black-hatter.

In addition to all of those revealed e-mail addresses, the hacker could also learn (without hacking, of course) what a business’s e-mail structure is. He can then compile a list of employees for his social engineering attacks. (Can you just see him watering at the mouth over this—like putting a sizzling steak in front of a dog.)

A phishing campaign could trick the targets into giving up crucial information—essentially handing the company key to the hacker. The crook, however, knows better than to pull this stunt on IT employees. But fertile territory includes employees in the marketing, accounting and customer service departments.

Maybe you’ve read that every professional these days absolutely should have a LinkedIn account. You can bet that every hacker agrees!

Companies need to come up with a way to prevent hackers from sneaking into their network via that bastion of essentiality known as LinkedIn.

The penetration-tester, in his article recommends that businesses do the following:

Social engineering training. Workers must be aggressively trained in how to sniff out a phishy-smelling e-mail. No corners should be cut with this training program, which should include ongoing staged attacks.

A statement clarifying communication about security information. To help prevent employees from giving out sensitive information to the wrong people, the company must figure out how communication will be conducted, then get it down on paper. For example, “E-mails from our company will never ask you to reveal your username and password.”

Definitive reporting process for suspicious activity. Employees need to have, on paper again, specific instructions in how to report suspicious activity, such as a questionable e-mail. These instructions should be simple and to the point.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Beware every time the Phone rings

Don’t assume you’ll never be targeted by phone scammers just because you don’t have a cell phone; they continue to feast on landline users, especially those over 50.

9D“This is the IRS…”

  • Drill this into your head: The IRS never calls to collect back taxes. NEVER.
  • A common ploy is to threaten that the listener will go to prison if they don’t pay up immediately.
  • If you really do owe taxes, the IRS will contact you alright—but via snail mail, not a phone call, text or e-mail.
  • Scam calls may also sound professional with no threats, and may be a pre-recorded woman’s voice.
  • Scammers can make the caller ID show “IRS.”

Charities and Fundraisers

  • A call comes from the fraudster, claiming he represents a charity and wants your donation. The con artist may even say he’s with the local police department.
  • Want to help mankind? Hang up on the caller and give to a reputable foundation or give out homemade sack lunches to the homeless.
  • Go online and search the organization in question to verify they’re legit.
  • If the call has an automated message, hang up immediately.
  • A legitimate organization will not request your Social Security number or personal financial information.

“You’ve won a prize!”

  • No, you haven’t. These are scams; hang up.

Tech support never calls you…

  • You must call them first. So if you get a call from “tech support” asking for personal information, it’s a scam. Geek squads don’t just up and call people.
  • A call about installing an update is a scam.
  • Scammers can make the caller ID show “Microsoft.”

“Hi Grandma, it’s your favorite grandson!”

  • If relatives call asking for money, hang up and call them to verify that said caller is really your relative.

Avoiding Scam Calls

  • Must you answer the phone every time it rings? It’s perfectly legal to ignore a ringing phone.
  • If your phone has caller block, input numbers from suspected scammers. Next time they call, there’ll be barely one ring, then the caller will be blocked.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

What is Spam?

Everyone’s heard of spam as it pertains to emails. Spam isn’t necessarily a malicious message designed to trick you into revealing your credit card number or PayPal login information.

emailBut spam is an unsolicited message, sometimes referred to as junk mail. Spam can be very annoying and relentless in nature, often attempting to convince you to buy something. Sometimes these messages are untruthful, such as those advertising human growth hormone pills (when they actually contain nothing of the sort). Spam also includes phishing which are messages designed to trick you into giving up personal information. Other messages can be legitimate advertisements—nevertheless, you did NOT ask for these solicitations.

Spam arrives in the form of emails, instant messages, and text messages—and it can also affect smartphones.

Spammers buy lists from brokers that continuously harvest email addresses from the web. They also run dictionary attacks, throwing billions of combinations of words and numbers at an email database to find valid address combinations.

Though some emails are obvious spam, such as ones with particular keywords like Viagra, sex lifeprescription drug discounts and fast weight loss, other spammy messages are not so obvious; they may appear legitimate or show a sender address of a family member, friend or business associate.

For instance, the sender may appear to be from your bank), with a subject line warning you to urgently update your account information. Similarly, the subject line may not be threatening, such as one referencing “your recent order from Amazon” or “your shipment from DHL,” yet it is not legitimate.

Spammers have found that if enough of these go out all at once, they’ll reach a statistically significant percentage of recipients who will have placed an order from Amazons within the previous 48 hours, or are expecting a delivery from DHL any day.

Here are some tips on how you can fight spam:

  • Be careful with your email address. Don’t supply your email address to sites you’re not sure about, and never post it in a public place.
  • Verify. If you’re not sure if an email is valid, even though it appears to be from your bank, medical carrier, employer, etc., don’t respond to the email. Contact the company or business by phone to verify the email’s validity.
  • Think before you click. Don’t click blindly. Never click on links in unsolicited emails. If you think the email is real, check the link URL to make sure you are being directed to a legitimate site.
  • Open with care. Think twice open attachments that you’re not expecting or from someone who normally wouldn’t send you an attachment.
  • Be cautious. Don’t be fooled by sensational subject lines. Another type of fraud is a subject line claiming you won a prize or are owed money.
  • Ignore it. If the email shows up in your spam or junk folder, chances are it’s spam, so LEAVE IT ALONE!

It’s simple: Never reply to spam.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.