Category Archives: Uncategorized

Beware sneaky web addresses

I came across something interesting not too long ago. I can’t remember if it was part of a junk email message or a spam comment on this site. It really doesn’t matter either way.

There was a pitch for some sketchy health/beauty/investment/dating product or service and a shortened URL. I already knew it was a scam or a rip-off, but I was curious to see where that shortened URL led. I copy-and-pasted it at LongURL, which is still a fine tool for checking out a link before you click.

I forget the specific contents of the website. Again, that part doesn’t matter so much for my purposes today. What does matter is the address the shortened URL pointed to: www.cnbc.com-feb-finance.net/[removed]. (By the way: there’s no link to the actual site for a reason).

Look at that address closely; it looks like it points to www.cnbc.com, the mainstream stock market and business news site, but it doesn’t.

The actual domain is “com-feb-finance.net” — you’ve got to look closely to see that what comes after the “com” is not a slash, but a dash.

Most web browsers make detecting this trick relatively easy, since they highlight every website’s domain in some way (with a background color, bold text, etc.). But if you’re using an old web browser like Internet Explorer 6, you may glance at the URL, see “www.cnbc.com” and assume the site is reputable.

So be cautious when visiting a new website. If someone is attempting to deceive you with the URL, you can rest assured their motives are sinister.

Shady Online Advertisements

If it wasn’t part of my job, I’d completely ignore online banner advertisements like these, but here we are…

Example #1:

advert01-weather

This one showed up on Weather.com today (without the arrows and giant NO, obviously; those are my additions).

Now, that’s a pretty reputable website. I mean, generally you look at your city’s weather page and it says SNOW, and you look out the window and hey presto, it’s actually snowing. But the site is just littered with ads like this. You’re not getting a gigantic TV for 60 bucks, and you’re not getting car insurance for $9, unless they mean per day. Don’t click.

Example #2:

advert02-cnnThis one came from CNN.com, another reputable website. Nobody is selling an iPad for $14. Nobody. Apple doesn’t discount. Know why? They don’t have to. They could come out with a $7,500 Macbook tomorrow, in this economy, and it would be a hit with their core users.

Once again, just ignore these ads. Do what I would do if I wasn’t paying attention to this junk for the purpose of writing about it. (I’d also ignore that noise about “penny stock rockets” and “Royal Caribbean whatever”, too.)

The “Never Do This” Files: wiring money to strangers

Flag of the United Kingdom, Union Flag.
Image via Wikipedia

I’ve talked about lottery scams, secret shopper scams, overpayment scams and advance fee fraud on this site until I’m literally blue in the face.

Yeah, literally!

There isn’t much more to be said about those topics at the moment, so what about some other variations?

Here’s one from our friends in the U.K.: a scam that involves getting people to wire good-faith money in advance of making a used car purchase.

How it works: a used car is advertised by a con artist, and an interested buyer contacts him. The “seller” agrees to make a long-distance trip to sell the car, but only if the buyer wires some money first to show serious interest. After all, he doesn’t want to make the trip only to find out the buyer is going to back out, right?

So, the buyer complies. He wires the money and forwards the receipt to the crook, who is then able to take the cash.

That’s all there is to it. Of course there never was a car.

It’s actually an even simpler scam than the old fraudulent check schemes, because it only requires a telephone and the ability to place a classified ad. No complex setups or realistic-sounding fake company names, no long, convoluted emails about Microsoft Lotteries or the need to come up with a counterfeit cashier’s check. Just a listing for a car that doesn’t exist.

So put this in the “Never Do This” file: don’t wire money to strangers.

Ever.

Continental Broadcasting Network: um, who’s Kristi?

I haven’t posted any goofy spam word-for-word in a while, so when I got this, I thought it would be a good one to share:

From: admin@biographicalezecutive.com
To: Kristi Lee <my email address>
Subject: Kristi biographical confirmation

CONTINENTAL BROADCASTING NETWORK INC.
If you do not wish to be notified Unsubscribe me from this list

Kristi,

It is my honor to notify you of your candidacy as decided upon by the CWW Editorial Division on January 21st 2011. The Editorial Division eagerly awaits your biographical finalization and submission.

Through our CWW forum, outstanding professionals and executives are showcased for their many talents, accomplishments, and knowledge.

On behalf of our staff we wish you much continued success.

http://www.Kristi.Lee.biographicalezecutive.com

Samuel Whitfield
Member Services Director

Twenty Three Briaroot Drive Smithtown, New York 11787
This is an advertisement

I have so many things to say about this. So many questions.

For example, from the custom URL what is an “ezecutive?” Is it some new kind of executive that has attained such a level of awesomeness that they spell it with a Z? Or is it a way to slip past spam filters that might flag any URL with “executive” in it?

Why does Christopher Malone own “about 120 other domains” (according to the whois information for this site)? Why are there eight other domain names pointing to this site’s IP address?

Is that his real name?

Why do people report their spyware filters going ape when they try to visit one of these sites?

Does this guy really live at 23 Briaroot Ct. in Smithtown, New York? Why doesn’t his information show up on a Whitepages search?

Why didn’t my version of this email contain the hilarious misspelling “worldclass” like other people who have received it?

What’s the real racket, here? Is it just another “Who’s Who” style directory rip-off, or is it a malware-laced phishing website with far more sinister purposes?

I have so many things I’d like to know, but I’ll gladly forget about those if someone can tell me just one thing:

Who the heck is Kristi?

Overpayment Scams

Burn this into your memory:

“Cash this check, then wire money back to me” always equals scam.

I’ve said it a million times before when discussing secret shopper and lottery scams, but the actual context just does not matter. Anyone who gives you a check to cash so you can wire cash back to them is a con artist.

 It’s pretty easy to remember that when you’re looking at a letter from a Nigerian Prince, or an email that says you won the “Microsoft Lottery” or something, but there are versions of the overpayment scam that target businesses, too.

Let’s say you’ve got a property for rent. You get a call from someone who seems really interested in the space. They agree to send you a deposit to hold the property for them. You tell them it’s $800 (I’ve never been in this business, so I don’t know if that’s a realistic number or not).

A couple days later you get a cashier’s check for $3,000. You call the renter about the overpayment, who tells you to just wire the difference back to him. The check will turn out to be counterfeit.

And there it is; you are about to fall for the same old scam, just in a new context.

The same thing happens on Craigslist and online classified sites. You’re selling an item. Somebody contacts you with the intent to buy, so you agree on a price of $500. You get a check for $3,000, with instructions to wire the excess back. Exact same story.

Think about this: would you send a extra couple thousand dollars to an online seller, and trust this stranger to give you back your change? Online classifieds are risky enough without handing over four times the cost of the item you’re hoping to receive. My online classified rule is: whether buying or selling, if you can’t meet in person, you’re not interested. The short version (and homage to the Surf Punks) is: Locals Only!

There are versions of this scam that target business owners, too. The details just do not matter—those checks are always going to turn out to be counterfeit, and you’re always going to end up losing money.

Adobe Reader phishing emails: this is not how Adobe sends updates

According to a recent alert, phishing emails regarding updates to the Adobe Reader have been making the rounds.

This is where knowing a little something about software can help you avoid a scam, because Adobe doesn’t send out update information via email. In fact, I can’t think of a software company that does. This is one of those cases where people who might otherwise never click a link in an unexpected email might let their guard down. Don’t do it. There’s a reason I always say “never”.

When a new security patch for the Reader, or a whole new version becomes available, the program itself will detect it automatically. Or, if you want to download it manually, you can visit http://get.adobe.com/reader/. I would uncheck that “Free McAfee Security Scan Plus” box on the right, though. I’m not a fan of “bonus” software like toolbars and other junk when you download things, so that’s sort of a matter of principle. Plus, if you’ve got a different brand of security software installed, the McAfee download might fight with it. Virus scanners always seem to detect each other as viruses.

There is a possible security issue with the Adobe Reader that you should know about. For some reason, they decided to add JavaScript functionality to the Reader. This was later shown to be an easy avenue for hackers to access your computer. I’m pretty sure the latest versions have fixed this issue, but I still turn it off just in case.

All you have to do is click “Edit” at the top of the screen, then select “Preferences…” Find “JavaScript” in the menu on your left. Click that, and there will be a box that says “Enable Acrobat JavaScript.” UNcheck it, click “OK”, and you’re done.

Another alternative is to just use a different software altogether, which is what I do. I like the Foxit Reader, but I disable JavaScript there as well.

Don’t get me wrong—I love most of Adobe’s other products (Illustrator and Photoshop in particular). I just don’t quite grok why they put this functionality into the Reader.

How to Avoid Lottery Scams

Below is the text of my column for The Chronicle that appeared in the August 25, 2010 edition.

Q: I got a letter that said I won the lottery in the United Kingdom. It included a cashier’s check to cover taxes and fees. Is this for real?

A: Not even a little bit. Sorry.

What you have is a Lottery Scam letter. These have been circulating for years, and thousands of people have lost incredible amounts of money.

It usually works like this: you receive a letter than informs you that you have won a foreign lottery in which “no tickets were sold.” The lottery is most often based in the United Kingdom, but South Africa, Australia and other countries have been used as well.

The letter further states that, to claim your prize money, you have to pay some sort of taxes or fees up front. The cashier’s check included is supposed to cover this amount. You are instructed to cash the check at your bank or credit union, then take the cash to Western Union and wire it back to the sender.

A few days later, your financial institution informs you that the check was counterfeit, and that you’re now on the hook for the amount you cashed it for – usually in the $3,000-$4,000 range. The problem is that you have already wired this money out of the country. Once you make a wire transfer, you cannot get that money back.

Some people are under the impression that the financial institution that appears on the check will cover the loss, but that is not how it works. They did not issue the check – they had nothing to do with it at all. If someone made fake checks with your name on it, would you feel responsible to cover them?

Others believe their own financial institution will cover the loss, but once again, that is just not the way it works. From their perspective, all that happened was that you came in, you presented a monetary instrument, you received cash in exchange for it, and that check turned out to be counterfeit. They have no way to verify where it came from – you could have printed it yourself. They handed the cash to you. You are the one who has to pay it back.

The above is sort of the “classic” version of a Lottery Scam. Like most fraudulent activity, this scam has been adapted to new technologies. While some people still receive Lottery Scam postal mail that includes a counterfeit check, e-mail has become the main channel for this crime.

It starts the same way – you get an email that informs you that you have won the lottery in a foreign country. Since they cannot send you a check through e-mail, crooks will attempt to convince you to call a “claims agent” for further instructions, or to e-mail personal details back to the sender.

Next, they either mail you a counterfeit check with the same instructions as before – cash it and wire it back – or they will simply attempt to get you to wire money directly to them, skipping the check altogether. This second scenario often turns out much worse; while the counterfeit check usually nets the crook around $3,000 one time from each victim, if they can string you along and get you to keep wiring more cash, they can bilk you out of much more. There are people who have lost tens of thousands of dollars to this scam – victims’ entire life savings wiped out before they realize they have been had.

Like so many forms of fraud, this scam can be avoided by just remembering a few simple facts. First, you have to play the lottery to win the lottery. They do not just draw random names or e-mail addresses out of a giant hat.

Second, any time someone sends you a check and tells you to cash it and wire the money back to them, you are looking at a scam. There is no scenario in which this is a legitimate request.

Finally, if a stranger is offering you large amounts of money for free, do not trust them. What seems like the answer to your prayers could turn out to be the start of a financial nightmare.

The Fraud Prevention Unit in print

It’s official: I’m making the leap from blogging to print media. The Chronicle, a weekly newspaper serving Portage, Valparaiso, Chesterton and Hobart, has picked me up for a monthly column on the topic of fraud prevention.

The column will run on the fourth Wednesday of each month, and will feature the same kinds of material I cover here, albeit in a more formal style (alas, the print medium comes with a word limit and established stylistic traditions…no room for the usual tangents and obscure references).

The first one goes out tomorrow (July 28, 2010). Be sure to check it out.

Fraud Prevention 2009: The Year in Review

The Fraud Prevention Unit is, for all intents and purposes, six months old, with 103 articles (including this one). I had wanted to write over 100, so I feel good about that result.

In that first six months, we’ve had over 7,500 views (nearly 5,000 of those in November and December alone). I’ve watched the trends in search terms that bring people here, and even been able to make some educated guesses as to the causes; for example, I’m fairly certain that BigSpot.com has recently launched a new volley of television advertising, since I’m suddenly getting a lot of traffic from searches like “is bigspot.com legitimate?” Back in November, the “Walmart Cash Back Scam” misinformation (sort-of-hoax?) was making its way around the series of tubes we call “the Internets,” which led to a big spike in traffic here.

Now, I’m not going to beg for comments and participation from readers per se, but I would like to see a few more people commenting on articles. Have you encountered a new scam, or a variation on an old one? Do you have more information on a topic? Let yourself be heard! Contact me directly via the “About” page if you don’t want to use the comment function.

In 2010, I’d also like to see more people coming to the site regularly as a source of fraud prevention information. We’re set up for RSS feeds around here—use ’em!

Of course, that doesn’t mean folks aren’t welcome to just wind up here because they were searching for something, but I’d encourage you to bookmark or subscribe to the site. At a little over 100 posts in six months, I think it’s safe to assume the site isn’t going to turn ghost town anytime soon. Subscribe! Bookmark! You’ll have a real good time, and if you’re not careful, you might learn somethin’, too!”

My 2010 wish list also includes “over 70,000 views by 12/31/2010,” but that’s more on my shoulders, as far as creating useful content, so don’t worry about that one.

Finally, remember that you can view Video Dispatches here or by directly visiting the YouTube Channel, and be sure to follow the Fraud Prevention Unit on Twitter.

Like the kids at school used to tell each other on the last day before Christmas Vacation, “See you next year.”