Posts

Youra Sheethed: My Dalliance Scambaiting a Nigerian Con

I put an ad on Craigslist to sell a refrigerator that I no longer need. Within a few minutes I’m happy to report Micheal responded to buy it!

SCAMMER:Hi am Micheal I like to ask if this item is till available for sale and what the present condition it.

ME:Still for sale, someone is interested tho, its like new, 5 months. 

SCAMMER:Thanks for the  information Joshua I am interested in buying and closing this deal before anybody else  the easiest mode of payment  for me is by sending you a cashier check directly from my bank account  to you overnight via USPS , Kindly send me your full name and address to send the check out if you are interested . I also promise to handle the shipping myself once you have the cash at hand 

ME: Awesome! Thank you Michael! Please send the check to:

Youra Sheethed

15 Deerfield St #15145

Boston MA 02215

Sincerely with love respect hugs and kisses

Youra Sheethed 🙂

SCAMMER:The check will be mailed ASAP,please note that the amount on the check will be shipping and handling charges inclusive so you will have more than $640on   the check from which you will deduct $640for  the payment , will counting on you make the rest available to my shipper because I have other things he will be picking up for Me , I will notify you once the check is sent.kindly confirm the name.YouraSheethed

ME: Yup, that is correct.  Youra Sheethed.  It has been a pleasure to do business with such a professional person as yourself.

Few days later…….

SCAMMER:The Usps man just confirmed to me the check has delivered now and The amount i wrote is $2340,As our agreement that i have promised that iwont cause you any financial problem regarding the shipment, The extra fee payment on the check is to cover the shippers fee pick up for your item and they have other items they are picking up for me , So that can cover all fee..

SCAMMER: Have you received/deposited the check already??

Hey, it’s me Robert, so the SCAMMER didn’t get an immediate reply from me because I was on an airplane. In the course of an hour, probably in a panic, Scammer then sent another 8 messages and called another 12 times every, 2 minutes.

ME when I got off the plane: You seem to have ants in your pants.  You should have that checked.  They can bite you know.  Especially the red ones.  One time that happened to me. I was VERY ITCHY.  Are you itchy?

SCAMMER: Excuse me ?

ME: Ants in your pants.  You called and texted like 20 times.  Maybe it’s me but that tells me you have ants in your pants.

SCAMMER:The USPS confirmed to me check already delivered,so I wanted to be sure you’re in procession of it..i apologize for the inconvenience and would like to proceed

ME: I deposited it.  It’s a lot of money!!!!! Thank you for the big tip.  Youra said she will use the extra money for her hemorrhoid surgery.  She’s very itchy.

Hey, it’s me Robert, so the SCAMMER didn’t respond to this message at all, I think maybe he caught on??!! So I messaged him 2 days later….

ME: When are the movers coming?

SCAMMER: I HAVE YOUR COMPLETE NAME AND ADDRESS,I WILL BE TAKING A SERIOUS LEGAL ACTION AGAINST YOU…. you will be hearing from my lawyer soon!

ME: Why? I thought we were friends? I like you.  We have lots in common. We both are itchy!

SCAMMER:Oloriburuku!

Hey, it’s me Robert, so I didn’t know what Oloriburiku was, so I googled it. And the Urban Dictionary provided this definition: “Oloriburiku; Direct translation to bastard head meaning someone stupid or crazy with mad thoughts don’t use it around Nigerian parent unless u want to die”

Apparently I’m not selling a refrigerator to Micheal. But at least I have a nice big fat check!

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video

Beware of these 4Scams

IRS

  • The e-mail (or phone call) says you owe money; if you don’t pay it immediately, you’ll be put in jail or fined.The scammer may know the last four digits of the victim’s Social Security number.
  • Caller ID will be spoofed to look like the call is from the IRS.9D
  • The e-mail will include an IRS logo and other nuances to make it look official.
  • The scammer may also have an accomplice call the victim pretending to be a police officer.
  • The victim is scared into sending the “owed” money—which goes to the thief. Or, the thief gets the victim to reveal credit card information.
  • Another version is that the IRS owes the victim. The victim is tricked into revealing bank account information to receive the refund.
  • Know that the IRS will never contact you via e-mail or phone; will never threaten jail time, a fine or other threats like a driver’s license revocation.
  • If you owe, the IRS will send you snail mail, certified.
  • The IRS will never threaten to have you arrested.
  • If the subject line of an e-mail appears to be from the IRS, delete it.
  • If a phone call appears to be from the IRS, hang up.

Bereavement

  • Scammers scan obituaries for prey.
  • They then contact someone related to the deceased and claim something against the estate or that they’ll reveal a family secret scandal unless they’re paid.
  • If one of these scams comes your way, request written documentation of the claim.
  • Tell the sender you’ll send this documentation to the executor.
  • If you’re blackmailed, contact a lawyer.
  • Never arrange to meet the sender.

Computer Hijack

  • This may come as a phone call: A person claiming to be a Microsoft rep informs you that your computer has been hacked and he’ll fix it—or you’ll lose everything.
  • He wants to convince you to let him have remote control or “sharing” of your computer…and from there he’ll try to get your credit card number…

Investment Scam

  • Someone halfway around the world has chosen YOU to handle a large amount of money, and you’ll be paid richly for this.
  • The sender often has a foreign sounding name, but even common names are used.
  • Often, there’s some smaltzy message in the e-mail subject line like “God bless you” or “Need your help.”
  • Delete e-mails with any subject lines relating to investments, inheritances, mentions of money, princes, barristers or other nonsense.
  • If you feel compelled to open one, don’t be surprised if there are typos or that it’s poorly written. Do NOT click any links!

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Bitdefender’s BOX: All-in-one Cybersecurity from one App

Gee, if your home is connected to lots of different devices, doesn’t it make sense that your cybersecurity integrates all your connected devices? Meet the Bitdefender BOX, a network bulletproofing hardware cybersecurity tool for the home that embraces smart home protection focusing on the Internet of Things with remote device management offering next generation privacy protection.

boxBOX description:

  • One complete security solution for connected homes
  • Sets up to a router
  • Is controlled by the user’s mobile device and hence, can be controlled anywhere
  • Everything is protected: not just your computer, but all of your connected devices, like your baby monitor, TV, thermostat, garage door opener and house alarm system. You name it; it’s protected from hackers.
  • BOX works with an annual subscription much like most cyber security “security as a service” technologies.

Features:

  • Easy Setup. Just plug and play.
  • Advanced Threat Protection. In and outside your home network. You’re safe on the go as well!
  • Management and Control. All available in one app, at your fingertips, anywhere you are.

So, protection from hackers means that you can have peace of mind knowing that BOX is warding off attempts at ID theft, fraudulent activities, cyber snooping and other threats.

All you need to do is connect BOX to your router via one of its ethernet ports. Then get the BOX application going. Its user friendly and you just follow its easy instruction: all of a few minutes’ worth. BOX then goes to work to intercept cyber threats at the network level. And all from just one app.

So yes, you need a smartphone (Android or iOS) to take advantage of BOX. If you’ve been on the fence about getting a mobile device, move out of your cave, junk your Pinto, cut your mullet, and get the BOX.

Think of how great it would be to be alerted of network events through this does-it-all application that you can control no matter where you’re located. This means you can control all of your connected devices.

One of BOX’s features is the Private Line. This protects your Internet browsing experience, including making you anonymous. Other features:

  • Protection against hacking attempts including lures to malicious sites.
  • Protection against viruses, malware including downloads, phishing, etc.
  • Protection against anyone wanting to pry open your files and see what’s in them or steal them.
  • Protection occurs even when you’re using public Wi-Fi, such as at a hotel, airport or coffee house!

Who needs BOX?

Everyone who has connected devices at home and uses the Internet. This is like asking, who needs a lock on their home’s door? Anyone who lives in a home.

Think about a home and home security as an example. If you’re going to have a lock, it should be a good lock, right? But the lock is only effective if you actually lock it. You also need to lock up your windows and consider a home security system. These are all “layers of protection. Well, the BOX is multiple layers of protection for protecting your online experience as well as computer files.

BOX is designed for non-techy users, so if you’re one of those people who is “not good with computers,” you’ll still find BOX’s setup and navigation quite friendly. It also helps set up password-protected Wi-Fi network does for you and you can even let guests use a secured Wi-Fi network. This post is brought to you by Bitdefender BOX.

Beware of these 10 Job Hunting Scams

Just because a job recruiter says he’s from (fill in blank—any huge corporation) doesn’t mean the job can’t be a scam. Anyone could say they’re from Microsoft or Google. Impersonating a representative from a big-name company is one way to fool gullible job seekers.

9DAnother way is to advertise the scam jobs on radio because the scammer knows that listeners will think, “It has to be legit if it’s on the radio.” Scammers will post their job ads anywhere.

An article on consumer.ftc.gov lists the following signs of a fraudulent job advertisement:

  • There are plenty of totally legitimate jobs that involve money out of your pocket. And in some cases, this may be described as an application fee, reference check fee, background check, cost of training materials or anything else. Only pay when the site itself has been vetted by you and everyone else. Do your research!
  • The ad talks of “previously undisclosed” federal government positions. The scammer is banking that you have no idea that usajobs.gov lists all federal job openings to the public.
  • They want your bank account or credit card information. Be very aware.

Similarly, scammers may prey on people seeking a job placement service. The consumer.ftc.gov names the following red flags:

  1. Fictitious jobs are promoted.
  2. Payment is made but no job materializes—and the service suddenly falls off the radar.
  3. If the ad mentions a company, contact that company to verify they’re contracted with the job placement service before you make your next move.
  4. Never make major decisions without first getting everything in writing: cost, what it gets you, etc.
  5. Ask them what happens if they can’t place you in a compatible position. Then listen good. If the response doesn’t make sense or is vague, move on. If they assure you you’ll get a refund within a certain period of time, make sure this is in writing.
  6. But if you decide to go with them, read your contract word for word. If they show impatience with this, it’s a red flag.
  7. Beware of ads that sound like job openings, but actually are just worded to sound that way. These semi-scammers want you to pay them to give you information you can easily find online. A classic example is an ad for writing jobs. It’s worded to sound like the ad placer can connect you with clients—whom they are working for—who need a writer. Instead you’ll be paying for a list of freelance markets, such as some boating magazine seeking submissions—when you specialize in a completely unrelated niche.
  8. Make sure you know precisely what you’re getting into. Are you seeking help with job placement or looking for someone to construct your resume?
  9. See what the BBB says about the company and what a Google search pulls up.
  10. Just because you have to pay doesn’t mean it’s a scam. However…ask yourself why you need to pay someone thousands of dollars to find you a job, what with all the online (and legitimate) job postings and the ability to blast out hundreds of e-mail queries in just a few days with your resume attached?

By keeping your scam radar on high during a job search, job seekers can prevent their personal information and financial data pout of the hands of criminals.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Beware of Vacation Rental Scams this Summer

Talk about getting taken to the cleaners: Imagine you spot a great summer rental property advertised online. Looks wonderful. The deal sounds too good to be true, but the owner tells you (via e-mail or even phone) that the fee is correct. You apply for the rent and send in the required upfront payment.

9DThen you head down there for the first time to see an empty lot. It then dawns on you that the owner was really a crook who used some photo he found online and advertised it for rent. And if losing your money isn’t bad enough, the thief now has other private information on you like your Social Security number.

How can you protect yourself if the property is too far away to check out in person? Limit yourself to only local rental properties that you can actually physically check out first? Whether or not you can do that, here are safeguards:

  • Copy and paste the rental description into a search engine. If it shows up elsewhere consider it a scam. However…a smart crook will alter the wording so that this doesn’t happen!
  • Google the listed address and see if it matches up. Google any other information connected with the ad, such as the landlord’s name.
  • If you locate the property on another site that lists it for sale, the rental ad is a scam.
  • Request a copy of the owner’s driver’s license to verify property records at your county assessor’s office.
  • If you can’t physically visit the property, use an online map to get a full view, including aerial, to make sure it actually exists. But this doesn’t rule out scam. The property may exist alright, but the ad you’re interested in was not placed by the owner, who’s either not renting at all or might be selling the place.
  • Conduct all communication by phone.
  • Never wire transfer an upfront payment or pay via prepaid debit card—two red flags for a scam. Pay via credit card.

Honest landlords can be scammed, too. They should search the information of responders to their ads to see what comes up.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

Trusting too much brings Trouble

There will always be the person who lives on the Equator to whom you can sell an electric heater. As they say, there is a sucker born every minute.

12DThis is why cyber criminals will always have a field day, like the crook who posed as a tax man who got an elderly couple to send $100,000 to an offshore bank account after he tricked them.

This was a fear-based scam. The other two categories are compassion and self-interest. And just because a person can’t be frightened doesn’t mean that their heart strings can’t be tugged by a charity scam.

Elderly people and those with low income are more likely to be tricked. Other people…well, you just have to wonder what’s between their ears.

For example, the popular Microsoft scam involves a person calling the victim to tell them that their computer has a virus. The caller is a crook who wants to convince the victim to allow him remote access to the computer. Don’t the victims ever wonder how the heck Microsoft would even know their computer had a virus? Red flag, anyone?

Some say ask the caller for their number so you can call back–they’ll probably hang up. Probably. The scammer may have a number in place just to cover this possibility. Really, just hang up. It’s a scam.

Some people will just keep giving money out, again and again, to the same scammer; it’s not always a flash-in-the-pan payout. What compels them to behave this way? Perhaps it’s to continually convince themselves that they’re not dumb enough to be scammed.

Another way cons trap people is by asking for small amounts of money first; this lowers the victim’s guard.

More Popular Scams

  • Charity. These can range from natural disaster relief to donations for made-up charities, or those with names very similar to well-known ones.
  • Rental. The crook sends the landlord an overpayment by check of the first month’s rent before living there, then tells the landlord to wire back the difference. The check bounces.
  • IRS: Always hang up on callers identifying themselves as tax people claiming you underpaid or are owed a refund, even if the caller ID says “IRS.”

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Beware of the Lottery Scam

“You have won!” Yippeeee! NOT! Let’s see if you’re in that percentage of the population who will fall for this lottery scam. The alert can be an e-mail, snail mail or phone call, claiming you won a bundle of money. But keep this alert a secret due to some “mix-up in names” and you must contact a “claims agent.” You then must pay “processing charges” or “transfer fees.” You then wait. And wait. And wait.

9DThere’s one born every minute. Many scammers use the names of valid lottery organizations, but this doesn’t mean the legit entities are involved.

The latest con is to tell someone they won a Powerball jackpot while planning on stealing their identity. This happened to Jim Shella, a newsman from Indianapolis. From a random number he received several texts mentioning his name and saying he won.

Deputy Attorney General Terry Tolliver knew this was a scam. A text requested Shella’s Facebook screen name for confirmation. The requests for personal information, in these scams, will escalate. Shella texted back asking for identification. The answer: “This is Agent Paul, the delivery consultant for Powerball.” When Shella said he had no winning ticket, Agent Paul said that none were necessary to collect the $26,500.

Shella said he was a reporter and asked Agent Paul if he wanted to be in a story. Agent Paul asked if Shella wanted his winnings. Tolliver warns that these scammers will attempt to suck enough information out of you to steal your identity. Though Shella was playing head games with the crook, it’s best to delete the first text message you get like this and never respond.

How to recognize a lottery scam

  • You can’t win without a ticket. Period. So if someone claims you won, and you didn’t buy a ticket, it’s a scam.
  • You must pay a fee. Legitimate operations subtract fees and taxes from the winnings rather than demand you pay an amount in order to collect the prize.
  • Scams almost always originate from free e-mail accounts like Yahoo, Hotmail and Gmail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Beware of Flight MH17 Facebook Scams

How low can scammers go? The latest is phony Facebook profiles that use identities of deceased victims of Malaysia Airlines Flight MH17—claiming their credit cards were stolen from the crash debris.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813“Death hunters,” says Ukrainian MP Anton Gerashchenko on his Facebook page, are collecting jewels, cash and credit cards off of the victims. His post urges victims’ relatives to “freeze their credit cards, so that they won’t lose their assets to terrorists!”

The Dutch Banking Association assured next-of-kin that they’d be compensated for the fallout of credit card theft.

Journalist Phil Williams was at the crash site and pointed out that it was obvious that wallets and handbags had been stolen. Just about all the handbags had been opened, he reports. Looting is apparent, he says.

Mark Rutte, the Dutch Prime Minister, used the term “utterly disgusting” to describe how the rebels had treated the corpses.

But beyond the site is even more alarming activity: fake Facebook accounts. At least five phony FB accounts have been set up in the names of deceased Australians—including three kids. Facebook has since shut down the pages.

The pages provided a link to a video claiming to reveal footage of the airliner’s crash. However, users instead were directed to a website full of pop-up ads for fishy-looking services. The lure to this site was a malicious link tagline: “Video Camera Caught the moment plane MH17 Crashed over Ukraine. Watch here the video of Crash.”

You can imagine how many people—not necessarily next-of-kin, took the bait and made the click. Though these particular fraudulent pages were closed down, this doesn’t mean more won’t appear.

Is this common after a disaster?

It seems to be more common, as criminals are capitalizing on current events to perpetrate scams generally within a 24-48 hour period.

Tips for spotting these scams for consumers in general:

Thinking before you click, doing research and not being so impulsive will keep consumers from being baited by scammy links, titles and stories.

Tips for family members of the deceased:

They should cancel credit cards, create fraud alerts through their country’s credit bureaus, and once death certificates are obtained they need to submit them to the credit bureaus. Otherwise set up Google alerts with the decedents’’ names to monitor any chatter on social sites that may turn up their likeness in a stolen social media identity theft case.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Scrooge’s 12 Scams of the Holidays

They’re baaaack! Actually, they never left—Scrooge’s little trolls work hard all year, scheming and scamming to steal holiday presents—or at least valuable information—from good girls and boys. From the North Pole to the South Pole, they target every one of us through phishing, SMiShing (text phishing), shipping and gift card scams. If you aren’t paying attention, they will hack your devices, spy on your surfing and empty your bank account.

12-scamsThe holidays are supposed to be a fun-filled time for celebrating with family and friends, so make sure you keep the cheer in your holiday and learn about the “12 Scams of the Holidays,” the dozen most dangerous online scams to watch out for this holiday season, revealed today by McAfee.

To make sure your holidays are not stolen by the Grinch, here are some tips on how to protect yourself against scams during the holidays, and year-round:

  • Educate yourself—Keep up-to-date on the latest scams and tricks cybercriminals use, so you can learn to recognize scams and avoid potential attacks.
  • Use strong passwords— Make sure your passwords are at least eight characters long and contain a variety of upper and lower case letters, numbers and symbols.
  • Be careful when clicking—Don’t click on links in messages from people you don’t know, and use a URL expander to know what site you are going to before clicking on a shortened URL.
  • Stay suspicious—Like mom said, be wary of any offer that sounds too good to be true.
  • Practice safe surfing—When searching for holiday gifts, use a safe search plug-in such as McAfee® SiteAdvisor®.
  • Practice safe shopping—Make sure you stick to reputable e-commerce sites that have been verified as safe by a trusted third-party, like the McAfee SECURE™ mark. Also look for “https” at the beginning of a site’s URL, which indicates that the site is using encryption to protect your information.
  • Use comprehensive computer security—Make sure you have comprehensive security protection for all your devices, including your mobile phone and tablet, that also protects your data and identity protection, like McAfee LiveSafe™ service.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

Yes, There are “Mother’s Day” Scams

With Mother’s Day just around the corner, cybercriminals are working up ways to take advantage of this time when you’re online looking to buy flowers, candies, perfumes, jewelry or whatever gifts for mom might be hot this year. Phishersfollow a similar editorial calendar as newspaper and magazine editors, coordinating their attacks around holidays and the change in seasons. They also capitalize on significant events and natural disasters.

They are trying to get you to click links that will either infect your PC with malware, or visit a website that offers you too good to be true deals on gifts for mom. If you download malware from a bad link, everything you type into your computer could be recorded by the cybercriminal, you could be unknowingly sending them your personal information, or the malware could render your machine useless. Entering your personal and credit card information on a fake site could results in charges on your card, never receiving the item you “purchased, “ and even the possibility of new cards opened in your name.

To help make this Mother’s Day enjoyable for you and your mom, make sure to follow these steps when shopping online:

Be wary of offers that are too good to be true—the usually are.

Always be suspicious when you receive an email or text message from a company asking for personal information—legitimate companies do not ask for personal information in emails or texts

Don’t click on a link in emails, texts, or chats from someone you don’t know

To ensure you’re visiting the correct site, type the store site URL into your browser’s  address bar or use a safe search plug-in, like McAfee® SiteAdvisor® , that comes with McAfee® All Access, and shows you in your browser search results if a site is safe or not.

Use comprehensive security software on all your devices that includes anti-spam and malware protection.

Make sure you protect yourself so you don’t get your credit card maxed out and then go crying to your mom on Mother’s Day.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)