Posts

Tell your Grams about these Scams

/in /by

Do we really get wiser with old age, or just more vulnerable to all the scammers out there? Here are the top scams directed towards senior citizens.
9D
IRS
The phone rings; it’s from the IRS, claiming you owe money.

  • Caller ID says IRS (spoof technology).
  • Caller says if you don’t pay within 24 hours, you’re going to jail.
  • Caller wants your bank account information and routing number, or wants you to wire what you owe.
  • Or, caller says IRS owes you, but to get the refund, you must pay a processing fee within 24 hours.
  • The IRS never calls people for back taxes; it sends a certified letter.
  • Refunds are sent via snail mail without the IRS ever notifying you.

Reverse Mortgages

  • There’s no monthly payment, but whatever balance and interest has accumulated by the time the borrower sells, it must be paid back. If the borrower dies before this, family members must pay it.
  • Misleading ads make it seem this loan is affiliated with the government.
  • You CAN lose your home.
  • If you run out of equity before you sell or die, you’ll need to repay the loan. If you can’t, it’s foreclosure time.

Sob Story

  • The caller identifies self as a grandchild, great niece, etc.
  • Or, the caller says he’s your grandchild’s doctor, lawyer, etc.
  • The caller is in trouble and wants you to wire them money ASAP.
  • They may know details of the person they’re impersonating and you as well, because they’ve visited that person’s Facebook page—and yours.
  • If you ask if you can call back, the caller won’t accept this.
  • Asking additional questions about the “accident” or “burglary” won’t get you answers.

Obituaries and Funeral Homes

  • The caller says that the deceased owes a debt.
  • Or, the caller says he provides funeral services.
  • The victim is a spouse usually.
  • A funeral home that you’re already working with may also try to scam you by talking you into the most expensive casket, memorial plaques, etc.

Phony Pharma

  • Caller or e-mail sender claims to be from the government or authorized by such, to fill your drug prescription at a cheap price.
  • You must act now because the great deal is for a limited time.
  • If you DO receive something, it’s probably vitamins in a prescription bottle.
  • The crook may know details about you from reading your Facebook page.
  • A similar scam exists for Medicare.

Solutions

  • Use a mobile phone as much as possible; scammers usually call landline numbers.
  • Never answer the phone if the number is unfamiliar or says IRS.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Very effective Social Engineering Scams

/in /by

It’s amazing how ingenious cybercriminals are, but the victims also need to take some responsibility for falling for these ruses, especially when the victim is a business that has failed to train its employees in cybersecurity measures.

10DRansomware

The stuff of science fiction is here: Who would have ever thought there’d ever be a such thing as criminals remotely stealing someone’s personal information (word processing files, any kind of image, etc.), scrambling it up via encryption, then demanding ransom in exchange for the remote “key” to “unlock” the encryption?

Payment is remotely by Bitcoin which can’t be traced. The payment is usually at least $500 and escalates the longer the victim waits.

The virus that poisons a computer to steal someone’s files is called ransomware, a type of malicious software (in this case, “Cryptolocker” and “CryptoDefense”). But how does this virus get into your computer in the first place?

It’s called social engineering: tricking users into allowing their computer to be infected, or duping them into revealing personal information.

Often, a phishing e-mail is used: It has an attention-getting subject line that entices the user to open it. The message contains a link. They click the link, and a virus is downloaded. Or, the link takes them to a site which then downloads the virus.

These e-mails, sometimes designed to look like they’re from the company the user works for, often go to workplace computers where employees get tricked. These kinds of attacks are lucrative to their instigators.

Funeral Fraud

If you wanted to notify a relative or friend that a mutually dear person has left this earth…would you send an e-mail or phone that person? Seems to me that heavy news like this would warrant a phone call and voice interaction.

So if you ever receive an e-mail from a funeral home indicating that a dear one to you has passed, and to click a link to the funeral home to learn details about the burial ceremony…consider this a scam.

Because if you click the funeral site link, you’ll either get redirected to the crook’s server because he’s already created an infected funeral looking site ahead of time. This is where a virus will be downloaded to your computer.

Vishing Credit Card Scam

You get a phone call. An automated voice identifies itself as your credit card company (they’ll say “credit card company” rather than the specific name). It then says something like, “We are investigating what appears to be a fraudulent charge on your card.”

They’ll ask if you made a particular purchase lately, then to hit 1 for yes and 2 for no. If you hit no, you’re told to enter your credit card number, three-digit security code and expiration date. You just fed a thief all he (or she) needs in order to go on an online or on-phone spending spree.

Ever order something via phone and all you had to give up was the credit card number, expiration date and security code? This trick is also aimed at employees. The calls come from an automated machine that generates thousands of these calls.

Healthcare Record Scam

You receive an e-mail that appears to be from your employer or healthcare provider that you get through work. This may come to you on your home computer or the one you use at work. The e-mail is an announcement of some enticing change in your healthcare plan.

The message may reference something personal about you such as marital status, income or number of dependents. When enough of these e-mails are pumped out with automated software, the personal situation of many recipients will square off with those identified in the e-mail, such as income and number of children. The user is then lured into clicking a link in the e-mail, and once that click is made…malware is released.

Facebook Company Group Scam

Scammers will scan Facebook and LinkedIn seeking out employees of a particular company and create a group. This groups purpose is for information gathering so scammers can penetrate a company’s facility or website. Once all the groups member join, the scammers will pose various innocuous questions and start palatable discussions that make everyone feel comfortable.

Over time scammers will direct these discussions to leak bits of data that allow criminals to enter a facility under a stolen identity or to contact specific employees who have advanced access to computer systems in an attempt to get usernames and passwords.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Fake Funeral & E-mail Scams: Recognize & Avoid

/in /by

How does a funeral scam work in the first place? This is something that I, as a security analyst, teach to the consumer public. First of all, the fake funeral scam starts off with an e-mail. The fraudulent e-mails come disguised as a notification for a funeral.

9DThe Better Business Bureau describes how the funeral scam works:

The subject line of an e-mail will say “funeral notification.” The message can be from anywhere, though it’s made to look like it’s from a Texas funeral home. You’re invited to a “celebration of our friends’ life service.” It’s a real-looking e-mail. It even uses the funeral home’s actual logo.

Of course, typical of scam e-mails, you’re urged to click a link inside the message, to view “more detailed information” about the ceremony. But clicking on the link will take you to a foreign domain, where malware awaits  –  to be downloaded to your computer. The crooks will then have access to your personal data.

How to Avoid the Funeral and Other E-mail Scams

  • Just because a real-existing business’s logo is in an e-mail message, doesn’t mean that the message is authentic and not fraudulent. A scammer can even make the sender’s address appear authentic.
  • Before clicking on a link inside a message (and you shouldn’t, anyways), hover over the link to see what the source is.
  • But why hover when you’re smart enough NEVER to click on a link inside an e-mail message in the first place?
  • A message from a company that has poor spelling and grammar is highly suspicious.
  • Messages calling for immediate action are usually scams.
  • Don’t click pop-ups that seem to originate from your computer, even if they warn your computer has been infected.

You now know how to stay ahead of crooks trying to rip you off with the funeral scam e-mail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.