An uncommonly convoluted con

They say brevity is the soul of wit, but it’s apparently not the soul of spam. I received this in my inbox not too long ago:

From: IMF ADMIN <admin@imfpaymentcenter.com>
Subject: May Good Decision

INTERNATIONAL MONETARY FUND (IMF)
DEPT: WORLD DEBT RECONCILIATION AGENCIES.
ADVISE: YOUR OUTSTANDING PAYMENT NOTIFICATION

Attention Wing Chan

A power of attorney was forwarded to our office this morning by two gentle men, one of them is an American national and he is MR DAVID DEANE by name while the other person is MR… JACK MORGAN by name a CANADIAN national.

This gentlemen claimed to be your representative, and this power of attorney stated that you are dead, they brought an account to replace your information in other to claim your fund of $12.5 Million Usd which is now lying DORMANT and UNCLAIMED, below is the new account they have submitted:

BANK.-HSBC CANADA
Vancouver, CANADA
ACCOUNT NO. 2984-0008-66

Be further informed that this power of attorney also stated that you suffered and died of throat cancer. You are therefore given 24hrs to confirm the truth in this information, If you are still alive, You are to contact us back immediately, Because we work 24 hrs just to ensure that we monitor all the activities going on in regards to the transfer of beneficiaries inheritance and contract payment.

You are to call this office +44(0)7778022499 immediately for clarifications on this matter as we shall be available 24 hrs to speak with you and give you the necessary guidelines on how to ensure that your payment is wired to you immediately.

I have attached a copy of the last part payment of $500,000.00 which was paid into your provided account last week, please check is this is the same account submitted by this two men who claimed to be your representative. Reply this email to [redacted]

Kindly reply

Rev. David Churchman
International Monetary Funds Agents

I get what they’re trying to do here. The victim is supposed to think they got a message intended for someone else (“Wing Chan”) who has a whole lot of money tied up in some account, but they think Wing Chan is dead and would he please confirm that? I assume that the victim is supposed to decide to commit a little fraud himself and reply, “No, I’m Wing Chan and I’m totally alive so give me all that money now please,” followed by the usual, “But wait…you have to wire us a bunch of money first.”

But what a twisty, turny, tricksy route they take to get there. It’s a real adventure, what with the two “gentle men,” the throat cancer and the involvement of the International Monetary Fund.

Here’s the thing about the IMF: I’m fairly certain they don’t handle individual estate accounts for anyone living or dead or allegedly dead. They don’t mention it on their own website.  They deal with financial situations in and between nations. $12.5 million is a lot of money to most individual people. To the IMF, it’s like a nickel dropped down a storm drain. They’re not going to get involved.

So yes, this is an obvious example of spam. I wanted to show it to you, though, because it’s kind of weird. As always, “do this to claim your free money” is forever a scam and always has been.

Tell Your Parents: seniors lose $36 billion every year to financial fraud

image-criminal-fraud-01Jerry Seinfeld used to do a great bit about aging. The not-very-funny paraphrased version for our purposes today is that, when people get older, everything gets smaller—the meals, the houses, their bodies. Everything except the car, which just get bigger.

But there’s another thing that gets bigger as we get older, too: the target painted on our backs. The elderly lose an estimated $36.4 billion every year to fraud. That’s the size of entire sectors of the U.S. economy.

CNBC ran a story on the subject recently, and it’s worth a read. The important thing is to stay involved in your parents’ lives and talk to them about the realities of financial fraud and the fact that they will be seen as marks simply because of their age.

Greasy telemarketers, lottery scams, the old “grandchild in danger” telephone scam, get-rich-quick schemes (Iraqi dinar and Vietnamese dong currency peddlers, I’m looking at you), phony investments and affinity fraud (where the scammer uses affiliation with a church or other organization to appear trustworthy)—all of these target the elderly. It’s important to talk to your older family members and friends about the dangers, and take action where needed.

Additional resources are listed below:

If you’ve let your antivirus subscription lapse, renew it today

There are basically two options available for safe use of the Internet:

  1. Get antivirus software, keep it updated, and scan your computer regularly;
  2. Don’t go online, for any reason, ever, forever.

We are well past the old days where getting a computer virus was mostly just irritating. Malware is big business for organized crime, and your computer can be locked up forever unless you pay (ransomware) or infected with programs designed to steal banking credentials.

You can lose a lot of money, in other words.

There’s a new threat called GozNym. I’m still researching it so I can tell you more, but so far the details I’ve found are hazy. It’s referred to as “Trojan horse” malware in some of the articles I’ve read. That usually means the victim opens a file they think is something else and gets infected, but that’s about all I know at this point. I can tell you this: GozNym targets financial accounts. GozNym is bad. You don’t want it. [smash cut to Elaine Benes from Seinfeld shouting “I know I don’t want it! I don’t need you to tell me what I don’t want, you stupid hipster doofus!” at Kramer]

And I can also tell you this: if you get an email with a file attached, be extremely careful about opening or running that file. Is it from someone you know? Is it something you asked for? Are you being led to believe it’s from the FBI or a local police department, or is it a “shipping confirmation” from an online retailer? Slow down. Think before you click anything.

I can also tell you not to download anything just because a website is asking you to download it. And even if you did go searching for files or software to download, make sure you know what you’re getting before you download or run anything. And scan it for viruses before you run it.

But you also have to have some form of antivirus software on your computer. It won’t be perfect. It won’t protect you from 100% of malware 100% of the time. Sometimes a new threat can’t be detected yet, and careless behavior on your part can almost always defeat even the best antivirus programs. And they usually cost money.

But they’re vital. That yearly subscription cost isn’t just a racket. Sure, it hurts to shell out $30 or $50 or more, but some things hurt even worse, like losing five years of digital photos or having a business’s checking account cleaned out.

They’re not working on WRINKLES

Here’s a new one from the Dumb Spam Files (which could totally be a TV series if FX or A&E would return my calls):

2016-03-09-spam

Here’s a NON-secret for you: NASA isn’t researching wrinkles.

I don’t care how bad your wrinkles are. I don’t care if all that’s left of your face is one giant wrinkle. Never click on anything that even resembles this. Deal?

Prevent tax identity theft with an Identity Protection PIN

UPDATE 3/8/16: Or don’t get a PIN. According to KrebsOnSecurity.com, and as seen on the IRS site linked below, there have been some major security issues with the Identity Protection PIN system, and for now the service has been suspended. Once again, it took identity thieves around four seconds to figure out how to abuse a feature designed to protect your personal information and prevent tax return fraud.

I’ve written plenty of times about not opening emails that appear to come from the IRS (because of malware and/or phishing), but there is another type of crime that ramps up during tax season: tax identity theft.

Basically, it works like this: an identity thief already has your information, files a fake tax return in your name (from which a large refund will be due), then has the money directly deposited into an account controlled by the thief.

Most people’s first warning sign is when the IRS rejects their actual tax return because, according to their records, they already submitted one.

One step you can take to prevent this form of identity theft is to get an Identity Protection PIN from the IRS. You’ll have to use this PIN any time you file taxes (it’s not the same as your e-file signature PIN). The IRS will send you a new one every December or early January. Once you’re signed up, you’ll have to use a PIN every year to file your taxes, and you can’t opt out.

I can’t find any information about how long it actually takes to get your PIN from the IRS. If you’re ready to file your taxes now, or if April 15th is approaching (depending on when you read this), it might be better to wait until after you’ve filed this year’s return.

For more information, and to request a PIN, visit the official IRS page at https://www.irs.gov/Individuals/Get-An-Identity-Protection-PIN

An example of the exact type of email you should NOT open

Here’s a screenshot of something that appeared in my inbox recently:

2015-12-21-spam

I spend a lot of time trying to describe the kinds of emails you should avoid, but this one illustrates those concepts perfectly. Let’s look at a few warning signs:

  1. The message wasn’t expected (I’m not a USAA member, but even if I was, this isn’t a usual email)
  2. The subject line is intended to provoke a fear reaction
  3. The subject line is kind of weird, grammatically; are they saying that a “New Document” has been prevented? If “Due to Suspicious Sign-in” modifies the subject of the sentence, which in this case is “New Document,” then…okay, you get it;  it just reads weird.
  4. There is a file attached (the little paperclip icon)

What is supposed to happen with this kind of email is that the victim sees “Suspicious Sign-in” and immediately opens the message, which is most likely blank or contains instructions to open the attached file. Once the victim does that, some form of malicious software, anything from spyware to ransomware, will be installed on their computer.

What actually happens, when the recipient knows some of the warning signs, is that the message is immediately deleted and causes no harm.

Also note that this message slipped past some pretty burly anti-spam and anti-malware software. Those tools are important, but sometimes a dangerous email still makes it through. Stay vigilant!

Stop calling back every number in your “missed calls” list

Today, I received a phone call from a stranger who demanded to know who I was. No greeting, just “who’s this?”

I declined to answer (because we don’t give out ANY personal information to people who call us, right, class?), instead telling them that it seemed they had the wrong number. This person then insisted that I had called them, and they wanted to know why.

“I didn’t call you. I haven’t called anyone today,” I replied. (I wasn’t even stretching the truth for emphasis—other than a couple text messages and posting something about Beethoven’s birthday [Happy 245th, Viggy!] on a social media account, I had not used my phone for communication purposes all day. I still haven’t, actually.)

“It says you called me,” they said.

“Maybe there’s a mistake,” I offered. I have an incredibly easy-to-mis-dial mobile number, and I figured someone had called them from one of the several same-digits-in-same-order-but-different-quantity-of-each phone numbers that exist.

They just hung up, because of course they did. Hopefully this person had simply mis-dialed and realized their mistake.

But there is a more sinister possibility, here: scam callers almost always use fake caller ID. There is a possibility that my number was the one they happened to use for a round of scam calls; this caller did share both the area code and interchange with my number.

Now, if that was what happened in this case, the damage is limited. They called the spoofed phone number back, which happened to be mine. I explained that I didn’t make any calls, they got angry and hung up, I blocked their number (just in case, and also because I was a little annoyed as well).

But what if a scam call had been placed using a number that was attached to a phone number owned by the perpetrators? This person might have, in going through their list of missed calls, run straight into a trap designed to steal money, personal information, or both.

I wasn’t aware of this until recently, but it appears that a lot of people look at their “missed calls” list every day, and call back every single number. Because of the very real possibility of running headlong into fraud, I cannot recommend against this activity strongly enough.

If someone is truly calling for a legitimate, important reason, they will leave a message or call back later. There is no good reason to try to find out what’s on the other end of every single random phone number that attempts to reach you every day. A lot of those calls are going to be from people you do not want in your life.

(Some of the numbers you do recognize may be, too, but that’s outside the scope of this article…)

Security freeze information for Indiana residents

The Indiana Attorney General’s office has information about security freezes, which are free for residents of Indiana (and some other states—you’ll have to check your own state’s laws if you don’t live here).

You can download the information here, or visit the Indiana Consumer website. I’ll put a link on the Fraud Prevention Resources page as well.

A security freeze (or credit freeze) prevents new lines of credit from being opened in your name, even if an identity thief has your Social Security number and other information, by adding an extra step to the credit application process.

T’is the season

This time of year, a lot of people are thinking about ways to help those who are less fortunate.

Some like to volunteer directly, others donate goods, and many like to give money to charitable organizations.

If you fall into that last category, this is your annual reminder: always look into a charity before you give them money. There are people out there who take advantage of others’ goodwill, and sometimes they set up elaborate schemes to siphon funds meant for other purposes.

If you’re unfamiliar with an organization, one of the best places to start is Charity Navigator.  There you can find out how much of a charity’s income it actually spends on its programs, how much it spends on fundraising, and more. Quick tip: if it spends 3% on programs and over 85% on fundraising, pass on making a contribution. All charities have some operating expenses, but that’s just beyond the pale.

I’m leery of charities that make cold calls. I used to get one all the time from an alleged charity that had something to do with police officers. I forget which one, so I won’t try to guess, but I recall the people on the phone would routinely imply that they themselves were actual officers. They weren’t. I never donated a cent because the whole operation sounded shady to me. Later I found out their operating expenses, including fundraising, executive salaries and administrative costs, took up something like 98% of their income. The other 2% went to whatever the charity claimed to do (they were vague about this as well). Maybe there are good charities that make cold calls, but I’ve never been contacted by one, so make sure you check them out before you donate a dime.

I believe the best way to avoid charity scams is to decide in advance who is getting your donations each year, and contact the organization(s) yourself. Pick your favorites, find out how to get in touch, and give whatever you are able.

They’ll be thrilled to take that call. I guarantee it.

Nigerian 419 email scams live on

I saw this one just today. It’s a doozy:

From: The Desk Of Mr. James Dike
Reference: GTBank Plc.
Address: 402, Lagos-Abeokuta Expressway, Abule-Egba, Lagos State, Nigeria.

Attention: $10.5M ATM Fund Beneficiary,

I am Mr. James Dike, the new appointed ATM Head of Operation Department Guaranty Trust Bank Nigeria PLC, I resumed to this office on the 1st of this month and For your information i have been empowered and instructed by the new elected President Federal Republic of Nigeria Gen. Muhammadu Buhari to pay all outstanding debt payment to the rightful beneficiaries and summit my payment report to his office with immediate effect and any payment that is not paid before the end of this month will be cancelled and the fund will be returned to the Federal Reserve Oil Account.

So, during my official research last week I discovered an abandoned ATM Master card valued sum of $10.5Million with card number 5321452123409380 belonging to you as the rightfully intimate beneficiary. I tried to know why this card have not been released to you but I was told that the formal ATM head of operation who left this office two months ago withhold your card for his own personal use without knowing that I will not approve or support him to take your card.

Now that your ATM Master card is still available for you to pick it up here in our bank. I want to know how you wish to receive your ATM card along with your four digits pin code number. You can come down here in our bank to pick up your card direct from my office or alternatively it can be send to your address through any registered reliable courier service company that you will take care of the courier charge. I don’t know the cost of shipping the card to you but if you permit me I can make an inquiry from the courier shipment company to find out the cost, but in that case you will be required to forward to me your shipment address to enable me find out the shipment cost to your location.

Your direct telephone number and address will be needed and more details of your ATM Master card payment will be made known to you as soon as I receive your swift positive response, to enable you know the amount programmed for your ATM Master Card daily withdrawal.I will send your ATM master card information including your Card Pin Code as soon as you declare your choice of receiving your ATM card so as to enable you receive your card and start making use of it to withdraw at any ATM card machine all over the world as programmed.

Do not hesitate to call me on +234 802-850-0459 as soon as you read this mail.

Thanks for your co-operation.

Yours Faithfully,
Mr. James Dike
ATM Head of Operation Department
Guaranty Trust Bank Nigeria Plc.
Tel: +234 802-850-0459.

A lot of us have become jaded when it comes to the old Nigerian 419 scam. Even though this one takes a different angle and doesn’t mention an exiled prince, for many of us, it’s easy to see through. We probably wouldn’t even read it…”$10.5M” in the subject line would be enough to trigger our “delete” reflex.

But somebody still falls for it. If they didn’t, these emails wouldn’t happen anymore. So while you may have become almost flippant about the Nigerian 419 scam, remember that there are still people who haven’t heard about it yet. If someone you know starts talking about an impending payout from a mysterious source, or mentions their plans to wire money overseas, it might be time to educate him or her.

Stay vigilant.