Category Archives: Uncategorized

Another good resource: Scam.com

If you’re looking for some information about specific businesses, offers, emails or other things, check out the forums over at Scam.com. You can search, ask questions or help other people with your own knowledge. You have to create a user ID to sign in, but it’s free.

Make sure you’re at the correct site…”scams.com” is one of those fake sites that will only lead you to malware and actual scams.

A caveat about Scam.com: since it’s an open forum, there are users with vested interests in defending certain companies. A discussion about Pre-Paid Legal Services, Inc., which on one hand is a BBB accredited business with an A+ rating, and on the other hand functions exactly like every other multi-level marketing business in the world, rapidly evolved into a three-year-plus pie fight (still active as of today), with people who work for PPL (understandably) defending the company against all charges, and people who felt they’d been wronged (understandably) claiming the company is the biggest sham since The Mystery of Al Capone’s Vault, for which I’ve never forgiven Geraldo Rivera, incidentally.

My point is that some Scam.com users are less than trustworthy. You’ll figure out who is who pretty quickly, though. I’m probably going to create a user ID soon. When I do, I’ll let you know who I am, in case I end up posting anything.

There is also a section for political discussion, which is probably an excellent way to make your blood pressure hit 250/180 in about ten seconds, since for every single political belief you hold, no matter how based in fact, somebody else will think it’s a lie and that you’re an idiot. I would avoid it, personally.

“Religious Scams” is another section that has nothing to do with fraud prevention and everything to do with loudmouths screaming at each other about evolution vs. creationism. Endlessly. Over the course of months and years. So avoid that mess, too. Unless you like to get all worked up. Hey, in that case, knock yourself out.

Ten reasons you should stay at home and shop online this Friday.

Well, the day after Thanksgiving is fast approaching, at least here in the states.

Now, I’ve managed to weasel my way out of shopping for anything on this day for the past several years, and this year will be no different. I’m a fan of a low-key sort of Christmas, where the main event is having everybody get together, rather than the emphasis on loot.

However, not everybody shares my flip attitude towards tradition, so I know a lot of you are planning to head out and join the fray. I’d like to encourage you to consider staying at home and shopping online this Friday, though, for the following ten reasons:

  1. Online retailers, especially the major companies, have unbelievable security these days. It is safer than ever to shop online. In fact, it’s probably safer than shopping in person.
  2. When shopping with your credit or debit card, you’re not liable for any fraudulent charges (unless your contract is set up really weird, which might occur but should be very rare).
  3. Shoulder surfers: It’s impossible for someone to sidle up and take a photo of your credit card if you’re not in the store to begin with.
  4. Skimming: you can’t be tricked into sliding your card through a skimming device if you’re not even in the vicinity of an ATM or other card-reading machine.
  5. Theft: it’s also exceedingly difficult for someone to steal (or “find”) your wallet if you’re at home.
  6. Scammers: I know you would never be tempted to buy a TV from some dude in a gas station parking lot at night, but you’ll never even see him if you shop online from established retailers (he might be lurking about on Craigslist, though, I guess).
  7. A lot of Black Friday sales are bait-and-switch schemes. Stores use the frantic nature of the day to unload items that are…almost what you were looking for, but not quite. Online, it’s easy to closely check an item (without some nutjob trying to tear it out of your hands).
  8. Also, a lot of stores will advertise an item at a wildly discounted price, with fine print that states they have a “minimum of four per store.” You realize that means there are only four per store, right? This generally doesn’t happen online.
  9. You’ll save money just by not driving your car around all day, forlornly circling parking lots in search of something, anything, that looks like a space your car might fit into.
  10. You’ll spend less money, because you won’t get caught up in the insane “get yours before somebody else gets it” mentality the stores depend on.

Holiday Fraud Prevention Tips: Well, I’m officially published now.

This is an article I wrote that appeared in the most recent issue of Panorama Magazine here in Northwest Indiana. It’s almost exactly like the Video Dispatch I did on the same topic a couple weeks ago. Actually, I think I made the video the same day I wrote the article. Yes, this means I’ll be referring to myself as a “published writer” now.

Here’s the text, for those of you who would rather read something than watch a video:

Holiday shopping season is fast approaching, and it’s about to get nuts out there. Here are a few tips to keep yourself and your money safe.

Use Your Elbows

Watch out for “shoulder surfers.” With camera phone technology, it’s easier than ever for someone to sidle up to a store counter and take a photo of your credit card. Make sure nobody is standing suspiciously close before you whip out the plastic.

Use Your Head

Never write your PIN on your ATM or debit card, and never carry your Social Security card around with you. Both are bad news if you lose your wallet. Additionally, never let anyone write your Social Security Number on a check. Most stores have wised up, but you might encounter some that haven’t.

I’m Not Saying You Can Only Shop at the Mall, But…

Where to buy plasma TVs and other electronics:

  1. From an electronics store
  2. From a department store
  3. Online

Where not to buy plasma TVs and other electronics:

  1. From some guy in a parking lot at night.

If you go this route, the best thing you can hope for is to end up with an empty, weighted box. At worst, you could get arrested for receiving stolen property. Jail tends to dampen one’s holiday cheer.

Shop Online. Seriously

It’s more secure than ever. In fact, it’s probably safer than shopping at the store. Plus, you won’t have to deal with a mall full of desperate maniacs.

United Way of Central Indiana sweepstakes scam.

File this one under, “Well, that was an odd choice.”

Apparently, people are receiving letters (which claim to be) from the United Way of Central Indiana that inform them they’ve won some sort of sweepstakes, but they have to pay taxes on the prize before they can claim it.

The letters include a check for $3,200, which recipients are (you will not be surprised by this) instructed to cash, then wire the funds to an account.

It’s the same old Lottery Scam, with a new twist: how stupid was it for these clowns to use the United Way?

Here’s the deal: The United Way is a non-profit charitable organization. As such, they are in the business of raising money to support local causes that vary by location, depending on the specific need. Also as such, they’re probably eternally strapped for cash. One of the things you’ll never hear a representative from a charity say is, “Oh, things are great! Money is just pouring in. In fact, we’ve really got too much of it right now!” Seriously—have you ever heard anyone say this?

Therefore, one of the things eternally cash-strapped charitable organizations don’t do is give away thousands of dollars to random people.

See, that’s the opposite of raising money. If they give ten thousand dollars to some random jerk, that’s just ten thousand dollars more they have to raise to replace it. Most likely one dollar at a time at fast food drive-through windows and supermarket check-out lanes.

The thing is, most people know that charities don’t operate in this way, so it’s sort of a weird choice for whoever is running this scam.

However, I also know there are some people who will get this check and wonder if it’s for real. I hope your search has led you here and I’ve helped you make an informed decision to not cash this check.

By the way, it appears that there are some people out there who have a problem with the United Way itself. Comments about how you personally don’t like the organization will be deleted with extreme prejudice. This is not the forum for it. I’m talking about a scam that uses the United Way of Central Indiana’s name and logo, not the politics or the structure of the real thing. Got me?

Walmart Gift Card Scam: This one is for real.

Last week, I wrote about false reports of the Walmart Cash Back Scam, and how these hysterical emails are nothing to worry about.

A lot of people have been getting these messages, apparently—that article has brought in a lot of traffic to this site. I hope that means people are relaxing a little, rather than being nasty to Walmart cashiers because they let an email hoax frighten them.

However, I just heard about a new one that involves Walmart and is real—thieves are calling victims with news that they’ve won a $200 gift card from Walmart if they only pay $1 for shipping. The victim reveals their credit card information, and you know what happens next.

(In case you don’t: the card never arrives because it’s a scam. The crooks weren’t from Walmart at all. They just take the victim’s credit card information and use it to make purchases or get cash advances).

If somebody tells you you’ve won something, never pay in advance. Walmart doesn’t just give gift cards away, anyway.

The full story is over at The Money Coach’s Blog. It goes into a little more detail.

Mystery Shopper Scam: Kiboshed!

Last Friday afternoon, one of our Member Service Representatives here at REGIONAL helped a member avoid becoming a victim of a mystery shopper scam.

The member let us keep the check, and I spent quite a while examining it.

It was a very good counterfeit. The kind of thing that might slip right by if you weren’t paying attention (or even if you were). In this case, the member’s story tipped her off—he was going to wire almost the entire amount after he cashed it.

For one thing, the check was on genuine cashier’s check stock. It had all the security features, including watermarks and “fingerprint security” (where you hold your thumb over a symbol and it reacts to your body heat and disappears). So the presence of security features doesn’t prove anything anymore.

The check was from a company called Malteurop (more on that later), with an address in Milwaukee, WI. It was drawn on US Bank in Havre, MT. The routing number was a valid US Bank number, but for Minneapolis, MN. It just didn’t add up. To tell you the truth, I don’t know if those different cities are a reliable sign of fraud or not, but it did seem a little suspicious. A Milwaukee firm using a Montana bank with a Minnesota routing number?

Furthermore, Malteurop is a real company—one that supplies malt to beer companies all over the world. It would make no sense for this company to be checking out the customer service at Western Union.

At any rate, examining the check was interesting, but as I said before, the teller knew it was counterfeit just by talking to the member. I suppose that’s good advice for all financial institutions: have your frontline staff engage your members or customers in conversation. The information you gain could help save someone from fraud or identity theft.

I haven’t acquired the ability to read the fractional routing numbers on checks, to see if they agree with the routing number at the bottom, but I’ll be working on that skill soon.

I’d like to be like Frank Abagnale (remember Catch Me If You Can?), where you can hand me a stack of drafts and I can flip through them one time and say, “This one’s fake!” Only I’d like to get there without, you know, having committed check fraud or done time in prison for it.

Takeaways:

  1. Security features and a valid routing number on a check don’t mean a thing
  2. I can’t help but feel proud when one of our tellers makes a catch like this. Nice!

Child Identity Theft: protect your children from yourself

Child identity theft is a very real problem. Children are attractive targets for this crime, since their credit, employment and criminal histories are clean.

There is definitely a threat from other people stealing your child’s identity; your new baby arrives and a few days later someone who claims to be from the hospital calls, asking for the child’s Social Security number because you forgot to give them this information in your excitement.

The problem, of course, is that the call wasn’t from the hospital; it was from somebody who saw the birth announcement in the newspaper and saw an opportunity.

However, the biggest risk to your child’s identity isn’t strangers. Most child identity theft is committed by parents and family members who have easy access to the child’s personal information.

Most of the time, these parents are facing unemployment, poverty and generally stacked odds. They figure they’ll just use the child’s information to qualify for an apartment or telephone service—just this one time—and they’ll make it all better by the time the kid grows up.

Of course, that’s not how it usually plays out. The parent gets an apartment or automobile they can’t actually afford and starts to fall behind. They apply for a few credit cards in the child’s name, just to make purchases for essentials until they get back on their feet, which never happens. By the time a few years have passed, the situation has snowballed and the child’s credit is ruined, along with any trust the child ever felt for his or her parent.

It’s a fact: on this day in 2009, a lot of people are struggling to make ends meet. In fact, no matter when you’re reading this, a lot of people are having a hard time getting by, and you might be one of them. It can be very tempting to use your child’s personal information in times like this.

However, please remember these points:

  1. Any use of your child’s information to obtain credit, services or employment for yourself is identity theft
  2. Stealing your child’s identity is a crime; plenty of parents have gone to jail for it
  3. Don’t think you’re going to “make it all better” before the child gets older—it never really works out that way (and it’s a crime, too, remember?)
  4. You do not own your children, they are not your property to do with as you please, and their future creditworthiness is theirs, not yours
  5. Don’t think your child won’t press charges when they find out about your crime. How do you think those parents in #2 above ended up in prison?
  6. Yes, they’re going to find out. They always find out.

I’m being pretty blunt here—I don’t even like to see greedy adults get swindled when they should know better; I really hate to see children being victimized by the people they should be able to trust above all others.

Your situation might be tough right now, but time is going to pass and life is going to move forward, and what is happening now will one day be what happened years ago. You will only make things worse by committing identity crime against your own child—financially, and by making sure your child never wants to see you again once he or she is grown.

I’m sure some would protest my harsh words here, “You’ve never been broke,” someone might say. “You don’t know what it’s like. You do what you have to do in order to survive.”

And they would be right. I’ve never been truly destitute before. I still don’t buy the excuse, though. There are ways to get by without stealing your own child’s identity. You’re being lazy and not thinking if that’s the only route you can fathom.

Scam Alert: Microsoft Awards 2009

Here’s one that seems to mostly circulate around Europe, but I’m sure some folks here stateside have ended up with this message in their inbox, too:

Microsoft Lottery Promotion
Unit 7, Metro Trading Centre,
Second Way, Wembley, Middlesex,
HA9 0YU – United Kingdom

DATE: 14th of March 2009

Microsoft Lottery! E-mail is pleased to announce you as one of the 10
lucky winners in the ongoing Microsoft E-mail Promotions.

Microsoft Lottery! is a free service that does not require you to register
or be a Microsoft registered user before winning.

This award program is conducted anually to promote the use of the
Internet.You have been awarded ONE MILLION GREAT BRITAIN POUNDS.

To file for your claim, do contact our accredited corresponding claims
agent as below for category “A” winners immediately with your Name and
Phone Number for the speedy release of your fund;

AGENT: Gabriel Phillip
EMAIL: g.phil.@live.com
Tel: +44 703 5963368

Warning!!! Winners that do not respond to this notice within seven days of
receiving this E-mail will authomatically be disqalified.

FOR VERIFICATION, PLEASE REPLY TO THIS MESSAGE WITHOUT MODIFYING THE SUBJECT.

There is no need to include any additional information in your reply.

Regards

Notification Department
Microsoft On-line Email Draws

Let me make this perfectly clear: This is a scam. Éste es fraude. C’est une escroquerie. Dieses ist ein Betrug. Ciò è un raggiro. This is a scam, innit, guv’ner?

(By the way, I used Babelfish for those translations. English is the only language I speak reliably well. If I’ve said something bizarre in your native tongue, please correct me.)

More specifically, this just is a variation on the old advance fee fraud. If you respond, you’ll be instructed to wire money or send a cashier’s check to someone. Then you’ll never hear from them again. Just like with a lottery scam.

As it turns out, Microsoft does give away awards every year. However, they give them to people like Peer Bork from the European Molecular Biology Laboratory, not randomly to people like you and me (to be somewhat blunt about it). Unless you happen to be a research scientist of some renown, in which case you might be in the running for 2010.

But even then, they’re not going to notify you by email and say “Winners that do not respond to this notice within seven days of receiving this E-mail will authomatically be disqalified.” For one thing, Microsoft knows how to spell “automatically” and “disqualified.”

For another, they give their awards to people who are doing notable work and advancing knowledge. It’s not a random giveaway.

How phishing and work-at-home schemes work together

I just read a really eye-opening report from the Internet Crime Complaint Center (IC3) about how phishing emails, fraudulent ACH transactions and work-at-home schemes can be connected.

It starts with a “spear-phishing” message. Spear-phishing is a targeting form of phishing, made to look like it comes from someone you know, possibly a friend or employer. This message, rather than the usual phishing angle (“click this link to verify your account information”) will either contain a malware-infected attachment, or will link to a website that infects the user’s computer with malware.

This malware includes a keylogger program, which sends a record of keystrokes back to whoever originated the scheme. Once the victim logs into one of their financial institution accounts, this information is relayed back to the crooks.

At this point, the crooks will use either wire or ACH transfers to remove money from the victim’s account. However, it doesn’t end here.

The next victims in the process are those who have fallen for some form of work-at-home scheme (usually “processing payments” or similar). The money stolen from the first victim is wired into an account held by the next victim, who then transfers it back to the criminals, thinking they are actually processing a “payment” from the original victim.

So, they’re not just logging keystrokes to steal money from one group, they’re using a second set of victims to launder the money for them.

It would be brilliant if it weren’t so slimy.

This got me thinking about US Surveys, Inc., whom I wrote about a couple months ago. In doing research on this obvious mystery shopper scam, I actually came across a few victims who, at least for their first “assignment,” had actually made around $100. “They wired $900 into my Citibank account, then had me wire $800 back to them.” It was only on their second “assignment,” when they were asked to wire their own money first, that they began to wise up.

I thought that was kind of weird at the time. Were they actually paying you the first time just to earn your trust? It seemed like an awfully big gamble, since people were realizing that it was a scam soon afterwards (not to mention the risk of someone just taking the $900 and running).

Now it makes sense. The initial $900 was probably money stolen from a spear-phishing victim. That $100 these people had made was their payoff for helping someone launder money. They weren’t being ripped off initially, but they were helping a criminal conceal the source of funds.

The second, “Now wire us your money first” assignment was probably just an attempt at an extra payoff on their way out the door; by that point, the original victim (whose money was being laundered in the first transaction) had most likely discovered the fraud and locked the account. Thieves have to move quickly from victim to victim these days.

What all this leads me to is the following:

  1. Keep your virus protection up-to-date
  2. Learn about different types of scams so you’ll know what to watch for
  3. Do not become involved in work-at-home schemes that involve “processing payments” or wire transfers; these are money laundering schemes; the only real ways to legitimately work at home are to start your own business, or to work for a company that allows telecommuting
  4. The multi-level integration of these different types of fraud is terribly sophisticated; this is organized crime
  5. Because of #4 above, your best bet is just to avoid, avoid, avoid. Lose any big ideas you might have about trying to “scam the scammers”
  6. If you are a victim of this type of crime, in addition to the standard credit locks and police reports, file a complaint with the IC3; your information could help federal law enforcement stop this type of crime in the future.

Fraud Alert: The Internet Crime Complaint Center (IC3) warns of new fraudulent email

United States Attorney General Eric Holder’s name is being used in a new fraudulent email currently making the rounds. Below is an excerpt from the IC3 Intelligence Note:

The current spam alleges that the Department of Homeland Security and the Federal Bureau of Investigation were informed the e-mail recipient is allegedly involved in money laundering and terrorist-related activities. To avoid legal prosecution, the recipient must obtain a certificate from the Economic Financial Crimes Commission (EFCC) Chairman at a cost of $370. The spam provides the name of the EFCC Chairman and an e-mail address from which the recipient can obtain the required certificate.

The full text of the Note further explains that the government does not use email to contact people in this way. I would also add that the FBI and the DHS are not going to let people suspected of terrorism or money laundering buy their way out of trouble for $370.