Fake Funeral & E-mail Scams: Recognize & Avoid

/in /by

How does a funeral scam work in the first place? This is something that I, as a security analyst, teach to the consumer public. First of all, the fake funeral scam starts off with an e-mail. The fraudulent e-mails come disguised as a notification for a funeral.

9DThe Better Business Bureau describes how the funeral scam works:

The subject line of an e-mail will say “funeral notification.” The message can be from anywhere, though it’s made to look like it’s from a Texas funeral home. You’re invited to a “celebration of our friends’ life service.” It’s a real-looking e-mail. It even uses the funeral home’s actual logo.

Of course, typical of scam e-mails, you’re urged to click a link inside the message, to view “more detailed information” about the ceremony. But clicking on the link will take you to a foreign domain, where malware awaits  –  to be downloaded to your computer. The crooks will then have access to your personal data.

How to Avoid the Funeral and Other E-mail Scams

  • Just because a real-existing business’s logo is in an e-mail message, doesn’t mean that the message is authentic and not fraudulent. A scammer can even make the sender’s address appear authentic.
  • Before clicking on a link inside a message (and you shouldn’t, anyways), hover over the link to see what the source is.
  • But why hover when you’re smart enough NEVER to click on a link inside an e-mail message in the first place?
  • A message from a company that has poor spelling and grammar is highly suspicious.
  • Messages calling for immediate action are usually scams.
  • Don’t click pop-ups that seem to originate from your computer, even if they warn your computer has been infected.

You now know how to stay ahead of crooks trying to rip you off with the funeral scam e-mail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware of the One Ring Scam

/in /by

“The Ring” means more than just a dead girl crawling out of a well; it can also mean the one ring that you get on your cell phone that’s designed to get you to call back to find out who the caller was—only you’ll end up getting a charge on your next bill instead.

9DThe official name of this scam is the “one ring,” and here is how it works:

Your cell phone rings once. You may not get to the device in time to answer, and you don’t recognize the number and are curious, so you call back. You’re then connected to some chat line or international adult entertainment service.

If you answer the device while it’s still in ring mode, the “caller” will hang up, but you can still get charged simply for answering, even if you don’t call back. ($19.95 fee for an international call, and/or a $9 per minute charge).

The scam works via a computer that randomly sends out thousands of calls to cell phone numbers. And your number may be that lucky number. The Better Business Bureau warns that if your mobile rings once, don’t call back.

Apparently, this scam, committed by crooks called crammers, originates from the Caribbean Islands. If you think you’ve been crammed, contact the BBB as well as your mobile carrier. Review your bill closely for any unauthorized charges.

What if you want to answer your phone the moment it rings? If you see the following area codes from the incoming call, do not answer (remember, simply answering the call can net you a charge): Jamaica (876), Dominican Republic (809), British Virgin Islands (284), Antigua (268) and Grenada (473).

There have been thousands of reviewed complaints about this crime, according to the Federal Trade Commission and the Federal Communications Commission. And the crime of cramming is expected to get bigger.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Tax Season Scams Bite Businesses

/in /by

There are numerous tax related scams out there. And as a business or even a consumer, forewarned is forearmed.

9DTax relief. Predators scan through tax lien notices to see who’s in deep with the IRS, then offer them tax relief services which are fraudulent. You pay them, and voila, your money not only is gone, but so is the “service.” You’re now further sunk in debt.

  • A fee, usually high, is required in advance.
  • These scams may be advertised on TV and radio.
  • They may also come as an unsolicited snail letter or e-mail, saying that you qualify for some governmental plan.
  • The company offering the solution may suddenly disappear.
  • If some kind of tax payment plan seems too good to be true, assume that it is.

IRS giving away money. When pigs fly. But really, this scam makes its rounds: flyers and ads claiming free money from Uncle Sam, suggesting you can file a return with minimal or no documentation. These postings often appear in churches. People see them and innocently spread the word.

Abuse of 501(c)(3). Numerous types of nonprofit organizations are exempt from certain kinds of federal income taxes. Some organizations will create schemes to become exempt, including ploys that fraudulently shield income from taxation.

Corporate ownership disguise. A third party is fraudulently used to request EIDs (employer identification numbers). The third parties then form corporations that muddle the business’s true ownership standing.

Trust misuse. Transferring assets into trusts may have some legitimacy, but shady promoters have also encouraged people to do this in an improper way. These transactions don’t live up to their promise of reducing taxable income or maximizing deductions for giving gifts or for personal expenses.

Inflated income & expenses. Though some businesses deflate income to lower what they owe, others will inflate it to optimize refundable credits. They may also claim expenses they never paid.

Hiding income offshore. Some people and businesses, to avoid paying taxes, hide income in offshore accounts. They use credit or debit cards, or wire transfers to gain access to their funds. Other people will use employee-leasing schemes, employ foreign trusts, or use insurance plans or private annuities to get access.

Fake forms. Someone files a false information return, like the Form 1099 Original Issue Discount, to validate a fake refund claim on a corresponding return. Some have made false claims for refunds based on the sham theory that the IRS has secret accounts for U.S. citizens and that one can gain access to these accounts with the 1099 OID form.

Ridiculous attempts at write-offs. Businesses claiming crazy, frivolous claims to avoid paying owed taxes like that business trip to Mardi Gras. The IRS will recognize many frivolous tax arguments and will toss them out of court.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video. Disclosures

12 Ways to avoid Locksmith scams

/in /by

Don’t wait until you’re locked out at night in the cold to contact a locksmith. Know ahead of time who you’d call, should you ever have a need for this kind of service. And keep that number in your phone, wallet, purse and car.

  1. 1SFirst find their address on their ad or website. Try to find on Google and other directory listings customer reviews.
  2. Don’t wait till you need them before calling them; call them simply to learn a few things:
    1) Where are their technicians based? 2) Are they licensed? 3) What is the registered name of the business? If at this point you don’t get good vibes from them, end the transaction. Otherwise, then ask about their preliminary cost estimate. An unbelievably low quote (like $20) probably means a scam or hidden costs.
  3. If they answer your phone call with a generic name such as “locksmith services,” be suspicious. If they can’t give a specific business name, move on.
  4. When it’s time to hire a locksmith, inform the dispatcher you need to see the technician’s certification and ID, and that you would like a written estimate prior to the service.
  5. Before having them come out, make sure you get information about any extra charges such as for mileage, service call minimums or emergency hours.
  6. Check the locksmith’s vehicle; it should be marked, and get the license number.
  7. Ask to see his locksmith license. The following states require locksmiths to be licensed: Alabama, California, Illinois, Louisiana, New Jersey, North Carolina, Oklahoma, Tennessee, Texas.
  8. If the locksmith insists on cash, this may mean a scam.
  9. If the technician won’t give a written estimate before starting the job, end the transaction.
  10. If the onsite estimate doesn’t match the phone estimate, do not permit the job to be performed.
  11. If he says, “The lock needs to be drilled out,” ask why, because a professional locksmith should have the skills and tools to unlock just about any door.
  12. Don’t pay until you’re satisfied with the job.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

7 Shopping Scams Online during the Holidays

/in , /by

Santa Claus is coming to town—and so are online thieves. How might they nab you, and what can you do to prevent it?

2C1. Stick with familiar retailers. Unbelievably low prices are a red flag, since competitors are always checking each other’s prices.

2. Customer reviews aren’t necessarily the gospel. An unscrupulous seller may hire people to write favorable reviews. Though one clue is that the same reviewer has reviewed tons of products, other reviews are crafted more cleverly. Identical reviews on different sites are suspicious.

3. Phishing, anyone? The crook sends you the bait: an e-mail that looks like it’s from a reputable company, with a malicious link to a site that looks like the company’s, requesting you turn over your username, password or credit card number. Do this and the thieves will spend your money.

4. Carefully review credit card statements. Even if you never online shop, your purchases are processed online, where fraud can take place, resulting in unauthorized charges. Also, crooked employees can use your credit card number for purchases.

5. Sell with caution. You receive a check for that item you put on eBay, but the buyer “overpaid” and asks you to send the difference back via Western Union WU -1.44% or Moneygram. You do this—before you learn that their check is fake.

6. Meeting Craigslist sellers and buyers. Meet only in safe, public places. Inform the seller you’ll first meet without any cash, just to inspect the sale item. If you want to buy it, get your money from an ATM.

7. Don’t purchase stolen products. Request proof of ownership. Or, request the serial number and see if your state keeps a database of stolen items.

Retailers are also doing a lot behind the scenes to  protect consumers, by layering fraud protection tools including address verification services, two-factor authentication, device reputation technology and behavioral analysis. As devices (such as computers and mobile devices) with fraudulent histories connect to the retailer’s website, the business is alerted in real time.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Catphishing is a loveless Nightmare

/in /by

What is catphishing? This recently coined term refers to false online identities created by Internet scammers to deceive people into a long-term romantic or emotional relationship.

8DHow can you tell you’re being catphished?

  • Out of the blue, some really attractive person begins communicating with you online.
  • This individual finds excuses not to use their phone or Skype.
  • When push comes to shove on your end, this person will finally agree to visit you, but then some excuse will surface, preventing the visit.
  • You’ll find it impossible to get a legit physical address.
  • Phone calls will have dead silence in the background since they’re made with a lot of caution.

Catphishers use photos that really aren’t of them: sites showing off the most commonly used photos.

Catphishing isn’t always a romance-based scam. Someone may create a fake identity to catch a sex offender or set a trap for an unfaithful partner. These may seem like benign motivations, but a false identity can be created also to give the catphisher 15 minutes of cyberspace fame—at the expense of luring a public figure into the web of deceit.

Snagging Catphishers

This can be accomplished if more sites simply incorporated iovation’s device reputation checks for suspicious computer history and investigated for characteristics consistent with fraudulent use. With this they’d be able to deny catphishing criminals, often before the first time they try to sign up.

iovation has many more categories specific to dating, including bullying, account takeovers, underage members, and so on. What’s unique to their globally shared system is that their clients can choose what to take action on or not.

For example, a dating site may choose to be indifferent to cheating in online gaming sites, but set up rules to trigger multiple account creations looking for profile misrepresentation.  Dating sites can specify which type of behavior to protect their users from.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

McAfee 12 Scams Season of Sharing Sweepstakes: Win a Dell Ultrabook!

/in /by

It’s that time of year again. Yes, I know it seems like we just got past the spooks from Halloween, but the holidays are just around the corner. While we are busy buying gifts and making travel arrangements, cybercriminals are making their lists, and checking them twice, as they prepare to unleash a host of scams designed to take advantage of the seasonal surge in online shopping and sharing. Since it only takes one scam to spoil your holiday season, it’s a good idea to get familiar with our list of the 12 Scams of the Holidays, and learn how to avoid them.

To help you stay protected as you search high and low both on and offline for the perfect presents for your loved ones, McAfee has released its annual 12 Scams of Holidays list full of digital dangers to be on alert for as you surf the web for holiday deals and steals and how to be safe in the coming months and beyond.

And to make sure that we all have a safe and merry holiday, McAfee is hosting the Season of Sharing Sweepstakes*. By sharing the #12scams content with your friends and family, you’ll not only be helping others to stay safe online this holiday season, but you’ll also earn a chance to win a Dell XPS 12 Convertible Ultrabook or Dell Venue 8 Pro Tablet along with McAfee LiveSafe™ to make sure all your devices are protected! And while you’re at it, check out the deals on the Dell tablets as well!

12 Scams of holiday Here’s how you can help spread the joy so we can all avoid the 12 scams of the holidays.

HOW TO ENTER

  • Go to 12scams.com
  • Sign into the page using your Facebook or Twitter account
  • Share the #12scams content to earn entries into the sweepstakes drawing
  • Sit tight for winners to be announced on December 17.

WHAT YOU COULD WIN

  • Grand Prize: 1 winner will receive a Dell XPS 12 Convertible Ultrabook™ and a 1-year subscription to McAfee LiveSafe
  • 1st Place: 1 winner will receive a Dell Venue 8 Pro Tablet and a 1-year subscription to McAfee LiveSafe
  • 2nd Places: Ten (10) winners will receive a 1-year subscription to McAfee LiveSafe

Have fun and stay safe this holiday!

*Sweepstakes open to US residents only. NO PURCHASE NECESSARY. Sweepstakes is from November 18 – December 13, 2013. See www.12scams.com for full terms and conditions.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Scrooge’s 12 Scams of the Holidays

/in /by

They’re baaaack! Actually, they never left—Scrooge’s little trolls work hard all year, scheming and scamming to steal holiday presents—or at least valuable information—from good girls and boys. From the North Pole to the South Pole, they target every one of us through phishing, SMiShing (text phishing), shipping and gift card scams. If you aren’t paying attention, they will hack your devices, spy on your surfing and empty your bank account.

12-scamsThe holidays are supposed to be a fun-filled time for celebrating with family and friends, so make sure you keep the cheer in your holiday and learn about the “12 Scams of the Holidays,” the dozen most dangerous online scams to watch out for this holiday season, revealed today by McAfee.

To make sure your holidays are not stolen by the Grinch, here are some tips on how to protect yourself against scams during the holidays, and year-round:

  • Educate yourself—Keep up-to-date on the latest scams and tricks cybercriminals use, so you can learn to recognize scams and avoid potential attacks.
  • Use strong passwords— Make sure your passwords are at least eight characters long and contain a variety of upper and lower case letters, numbers and symbols.
  • Be careful when clicking—Don’t click on links in messages from people you don’t know, and use a URL expander to know what site you are going to before clicking on a shortened URL.
  • Stay suspicious—Like mom said, be wary of any offer that sounds too good to be true.
  • Practice safe surfing—When searching for holiday gifts, use a safe search plug-in such as McAfee® SiteAdvisor®.
  • Practice safe shopping—Make sure you stick to reputable e-commerce sites that have been verified as safe by a trusted third-party, like the McAfee SECURE™ mark. Also look for “https” at the beginning of a site’s URL, which indicates that the site is using encryption to protect your information.
  • Use comprehensive computer security—Make sure you have comprehensive security protection for all your devices, including your mobile phone and tablet, that also protects your data and identity protection, like McAfee LiveSafe™ service.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

North carolinians scammed for millions dating online

/in /by

Linda was ripped off for $8,000 all because she believed Greg was whom he said he was. Linda, from North Carolina, was nabbed by an online crook who promised her love.

This year, 17 (possibly more) such victims have reported a dating scam that has cost them a combined $700,000, says the North Carolina Attorney General’s office. The typical victim is a woman in her early 60s. One victim sent her online Casanova nearly $1.3 million.

1F

How can people be so gullible?

Desperate for love, victims believe anything their love object tells them. Greg convinced Linda he was an Army lieutenant. After several weeks of texting, he told her he needed medical help for a gunshot injury. She sent him money. Greg asked for more money and Linda sent more. Eventually, Greg obtained her bank account information.

She continued sending him money for this and that, including a plane ticket home where he’d meet her for the first time. Of course, he never came “home.” And Linda is wiped out financially.

Lonely, older women are not the only victims.

Even lawyers, doctors and CEOs are getting scammed, sending out large amounts of money to these fake love interests.

Most of the scam artists come from Nigeria, says the state Attorney General’s office, and it’s a numbers game for them. Run enough numbers and eventually they’ll hit the bull’s eye. They steal photos of good-looking people off the Web to represent the fictitious love interest. The photo of “Greg” has even made a few other rounds.

Often, when the victim figures out what’s really going on, they are contacted by a private investigator or detective offering to find the scammer—for a fee—you guessed it; this, too, is part of the scam.

Solution

#1. Never under any circumstances send money to someone you meet online

#2. The moment they ask for money, it’s a scam

#3. Never share usernames, passwords or account information

#4. If you know someone who could fall for this, get involved now

Many dating sites have some security measures in place behind-the-scenes, to help educate and protect their members. Look on their site and often times you will find help videos of how to avoid being scammed and how to report suspicious behavior so that the dating site can take action. 

The more sophisticated sites also offer a defense-in-depth approach to keeping their site and members safe, by layering authentication, trust, and fraud detection tools to help with the early detection of bad actors.

Device reputation is one technology used by many dating sites that allows them to share fraud and abuse reports across businesses and geographies. Dating sites access Portland-based iovation Inc.’s device reputation service, ReputationManager 360, so that they can stop scammers before they get in the front door. iovation’s fraud prevention service contains over 7.6 million reports of dating scams, solicitations, phishing, account takeover attempts, identity theft, spam and other forms abuse. The service has stopped over 22 million online fraudulent or abusive attempts within online communities alone.

Stopping scams and abusive behavior upfront greatly helps online dating sites not only protect their brand reputation, but most importantly protect their active members.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Top 5 Scams to Watch Out For

/0 Comments/in , , , /by

#1 Nigerian Scams: According to a Dutch study, victims of advanced-fee scams, which are also known as 419 scams or Nigerian scams, lost more than $9 billion in 2009, almost 50% more than the previous year. (This PDF contains the statistics from the study.)

While these types of scams are generally understood to be Nigerian in nature and origin, and are in fact named after the 419 Nigerian code that made them illegal, advanced-fee scams were launched from 69 other countries in 2009. Scammers are broadening their targets to include emerging Internet markets, rather than simply targeting English-speaking nations.

#2 Romance Scams: If you ever hear talk like this, run far and fast: “In me sweetheart you are going to find the most passionate, loving and romantic man you have ever met. There are very few promises in life but this is one of them! ROMANCE is the key to my happiness and to my heart and soul!”

#3 Classified Ad Scams: This story caught my eye: “An online scam targeting pet-lovers is circulating the web, and it could cost you more than a new pet. An ad posted to a local online classified website by a man who claimed he was living in Florida. The seller said he had recently moved to Miami, and couldn’t keep his dog due to his new living conditions. He was willing to give the Labrador Retriever puppy named Dely away for the cost of shipping, which was $220.“

#4 Phishing: Phishing continues to become more sophisticated, more effective, and more prevalent. In one example, criminal hackers waited until Pennsylvania school administrators were on vacation, then used simple money transfers to liquidate over $440,000 between December 29 and January 2, 2010.

#5 Spear Phishing: Spear phishing occurs when the scammers concentrate on a localized target, usually an individual with control over a company’s checkbook. This insidious type of phishing occurs when a recipient clicks a link, either in the body of an email or on the spoofed website linked in the email, and a download begins. That download is almost always a virus with a remote control component, which gives the phisher full access to the user’s data, including user names and passwords, credit card and bank account details, and Social Security numbers.

Never, ever click on links in the body of an email. There is always a workaround.

Like mom said, if it sounds too good to be true, it probably is. And even if you will never fall for these scams, someone in your life might be a tad more naïve. So educate them.

McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information, as well as access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit http://www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss job scams on Fox News.(Disclosures)