This isn’t even all of them. Is it just my inbox, or have you noticed this as well?

It can be somewhat dry reading (fancy title page notwithstanding), but it includes some interesting data. The number of complaints received by the IC3 topped 300,000 for the third year running, a 3.4% increase over 2010 (but still down from the peak in 2009).

Work-at-home scams continue to be one of the top fraud types reported, though FBI impersonation scams brought in large numbers as well. I have some questions about this statistic, though: is the ratio of FBI impersonation fraud to other types reported to the IC3 genuinely reflective of their overall ratio “in the wild” (that is, including examples not reported), or is the incidence of this particular type of fraud being reported much higher than for other types because, if you get an FBI impersonation fraud email and you know it’s a scam, if you run a Google search on the scam, it’s going to direct you to the IC3 or FBI websites, where you’re asked to report it to the IC3?

I may be splitting statistical hairs here, but I’ve got an email address that gets just about every spam, scam and 419 email in the world (lucky me, eh?), and I’ve only seen one or two actual FBI impersonation messages over the past few years. Work-at-home schemes, on the other hand, simply run riot in my spam folder.

In any case, it’s a good overview of what schemes are currently most active, and at a mere 26 pages, it’s nowhere near as dull as most government documents.

However, according to some sources, it’s possible for thieves to use electronic devices to steal the information on these chips without your consent, by simply passing close enough to your wallet to be within range. On one hand, retailers who sell aluminum wallets would have you believe that the only way to protect yourself is to purchase their wares. But they sort of have a vested interest in making you believe that, right?

On the other hand, an actual occurrence of thieves using this method to access credit or debit cards has never been reported. On the other other hand (we’re up to three hands, if you’re keeping track), if someone’s information was stolen through a handheld RFID reader, they wouldn’t really have a way to pinpoint it as the way their information was compromised. After all, tons of fraud and identity theft victims simply have no idea how the crime occurred.

Here’s something that might make you feel safer, though: one piece of information RFID chips don’t transmit is the verification code (the three digits on the back of the card). Without this, the rest of the information transmitted would be of very little use to a thief. Some businesses may allow a transaction without this information, but most do not. Also, newer RFID chips aren’t readable except from very close up, and many are encrypted as well.

But here’s a fairly foolproof way to be safe: carry more than one RFID chip-enabled card. Together they create a jumble of information that is utterly worthless to thieves. Alternatively, you could just carry no cards at all, but let’s face it: these days, that may not be the most convenient option.

Or I suppose you could buy one of those aluminum wallets. Some of them at least look sort of cool. If you’re on a budget, you could just wrap all your cards in aluminum foil, but you might get people asking you where your tinfoil hat is.

From: Harry Lucas (Advocate) [mailto:harry-lucas@lawyer.com]
Sent: Saturday, April 28, 2012 4:22 PM
To: undisclosed recipients:
Subject: BEQUEST NOTICE
Attach: bequest.pdf

Attention! BEQUEST NOTICE, open attachment for details.

I’m going to venture an informed guess here and say that, should you receive a message like this one, whatever else you do, you really, really should not open that attachment. Whatever is in it, you don’t want it.

Now there’s a text message version of the scam that directs victims to a website that asks for personal information.

At this point, I think we can call out a general identity theft and scam prevention tip, one you can keep in the back of your mind for all time:

You’re probably never going to get a free $1,000 Walmart gift card, ever.

Read that, then read it again. Remember it for the rest of your life. It doesn’t matter which communication channel the alleged offer shows up through, it’s a scam.

Facebook or Twitter? Scam.

Email? Scam.

Text message? Same deal.

Phone call? You guessed it.

Pony Express? Scam, but you’d have to admire their dedication, if nothing else.

I suppose there might be a scenario in which you could win a gift card, such as a raffle at your church or other reputable organization. But you have to actively enter to be eligible for those. People don’t just contact you out of the blue to give away massive gift cards. It would be nice if they did, but wishing something is true does nothing to alter the cold, hard facts.

This actually makes it easier for you to avoid them, however. Instead of learning the minutiae of every new con job that comes down the pike, you can apply a few basic principles to steer clear.

One of those principles is similar to “Who Initiated Contact,” which I wrote about several months ago. This time the question is, “Did you take action that would lead to this transaction?” Here are a few examples.

Lottery Scams

Lottery scams always seem to come up, but people still fall for them, so a little refresher never hurts.

With a normal, legitimate lottery, you begin the transaction by purchasing a lottery ticket. You then wait for the numbers to be called. If you win one of the big prizes, you take action again by contacting the lottery office, presenting the ticket, filling out paperwork. If you don’t take this action, they might know when and where a winning ticket was sold, but they won’t contact you.

Lottery scams don’t start with action on your part. Out of nowhere, someone emails you and informs you of a lottery you’ve won. It’s the exact opposite of how a genuine lottery works. The rest of the scam runs in similar bizarro-fashion, with the victim sending money, but if you stop to think, “Did I take action that would logically lead to this?” first, you won’t even bother to get that far.

Employment Scams

Employment scams come in all shapes and sizes, and their objectives range from taking your money outright to leaving you as the only traceable, domestic link in a money laundering scheme.

However, most of the time, when you find a new job it’s because you took some action first. You filled out an application, sent a resume, networked with people in the industry. You probably didn’t just wait for a job to fall on your head.

Employment scams often don’t wait for you to take action. You’ll get an email that claims you’ll make hundreds of dollars per day. You’ll be “hired” without an interview or application. Pay is often wildly out of proportion for the work you’ll supposedly be performing ($10 to stuff an envelope, for example), which is another way to apply the question of whether you took action; would any employer in their right mind pay you over a hundred dollars for less than an hour’s worth of mindless work?

There is a caveat here, though: not all employment scams can be weeded out this way. If you’re actively looking for a job and posting resumes on job websites, you’re taking action that could lead to employment opportunities (post a resume on Monster.com and see how many work-at-home “payment processor” jobs (i.e. money laundering) you’ll be offered via email, sometimes within an hour). To further complicate matters, fraudulent companies often post fake listings on job sites, so you might be tricked into sending your resume to them first. Always research any company before you apply, but also remember that high-paying job offers don’t just fall out of the sky.

Mortgage Settlement Scams

A scam recently surfaced in Virginia that targets homeowners who are underwater or in foreclosure. It starts with a phone call that tells victims they are owed money from a federal mortgage settlement and ends with the victims revealing bank account numbers in hopes of receiving a check, only to be remotely cleaned out by crooks.

The scam is based somewhat on fact—there was a settlement with mortgage lenders meant to make good on bad foreclosure practices—but those eligible still have to take action first. Applications and other paperwork have to be filed, and the homeowners have to be the ones who start the process.

Asking “Did I take action that would lead to this?” isn’t the only method to spot a scam, and as noted above, it’s not always the best test, but it’s a good weapon to keep in your arsenal for the next time a possible scam shows up on your radar.

The new site features a channel for consumers to report scams they’ve encountered, a “Scam Aggregator” with links to articles around the web, and email alerts.

I encourage you to poke around the site and sign up for the alerts. It’s still new, so it will be interesting to see what scams they uncover.

A telephone scam that attempts to steal credit card information from hotel guests has resurfaced in Alaska. The potential victim will receive a call on the phone in their hotel room. The caller claims to be an employee of the hotel, and tells the victim there was a problem processing their credit card, then attempts to get the victim to reveal credit card information over the phone.

If you receive such a call, hang up and contact the hotel desk directly and ask about the call. In almost every case, the front desk will tell you they didn’t place the call.

Of course, given my sense of humor, I would have gone the absurdist route. My hoaxes would have promised a virus that “MAKES A FIST ON YR SCREEN N PUNCHES YR FACE FOR REAL!!!” or something.

Of course, I might have been dismayed if people had actually believed it.

Alas, I never went that route (plus, I’m sure there’s some way you can get in legal trouble for that kind of monkey business, so there’s that, too). However, I still get a kick out of some of these. Here’s one that’s resurfaced:

Subject: URGENT!!! VIRUS WARNING:

URGENT!!
 
PLEASE CIRCULATE THIS NOTICE TO YOUR FRIENDS, FAMILY, CONTACTS!
 
In the coming days, you should be aware…..Do not open any message with an attachment called: Invitation FACEBOOK, regardless of who sent it. It is a virus that opens an OlympIc torch that burns the whole hard disc C of your computer.
 
This virus will be received from someone you had in your address book. That’s why you should send this message to all your contacts. It is better to receive this email 25 times than to receive the virus and open it.
 
If you receive an email called: Invitation FACEBOOK, though sent by a friend, do not open it and delete it immediately. It is the worst virus announced by CNN. A new virus has been discovered recently that has been classified by Microsoft as the most destructive virus ever.
It is a Trojan Horse that asks you to install an adobe flash plug-in. Once you install it, it’s all over.. And there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information of their function is saved.
 
SNOPES SAYS THIS IS TRUE………… http://www.snopes.com/computer/virus/youtube.asp

Actually, Snopes says this is a hoax. The link in the message is for a completely different threat.

Whoever wrote this does not have the faintest idea of how computers function. How exactly does it “burn” your “whole hard disc C”? Do they mean that literally, as in, there will be smoke and stuff?

For that matter, since when is Microsoft in the business of classifying computer viruses as the “most destructive virus ever”? Would Microsoft use language that inaccurate (“most _____ ever”)?

The real lesson here is this: if you get an email about a virus and uses any variation of “THIS IS NOT A HOAX!” (including references to Snopes), there is about a 99% chance that it is totally a hoax and that you should click “delete” instead of “forward.”

In any case, always check it out first, before you panic or forward the message.

From: Fraud Monitoring
Subject: CRITICAL: There may be a change to your Experian credit-score

ALERT: There may have been a change to one of your 3 credit-scores!

Your Experian, Equifax & TransUnion Scores are your Ticket to a New car, Credit-cards, a Mortgage & more!

Poor 301-600
Good 600-700
Excellent 700-849

View Your Up-to-the-minute Credit-Scores Now, It’s On Us! Click here.

[note: there were about twenty blank lines here]

To no longer receive notifications and updates about this offer, please use this safe unsub link.

[note: the following was in tiny white text, which made it invisible until you highlighted it]

Zuzim in which he would hardly with great deep sleep to Simeon and found there. And planted a mixed multitude of the man, and he can bear. Behold, to us, and I will send thee will harden the Egyptians in the daughters of Zibeon and kissed him, and thou art gone out to see the Red Sea; there is better that shall be buried him the children, or bad. And Jehovah went down, and thy hand of the people go, that my venison, and tarried there was dead, and go in the seven ears, withered, thin, well favored. Haste ye, and the men into the goats: and bring it was returned in them, and begat Lamech. And the land of Rebekah said unto the king of the righteous with the nakedness of the sheep, and begat a dream, and, behold, his sons, Shem, and ye to Paddan-aram. And Noah were both the sword. And when he made me in the thing was grain which he believed in blessing I pray you, and our God, the third stories shalt keep it; and will not who knew not regard not so to my signs in our land was good. And chose him for an officer of the children of the children of the generations ye shall eat every tree or not. And it unto him, Abraham. And he had, in at the water in the sons of the first-born. And he said, Behold now, Jehovah came in the same is the windows of thee. And God called Esau her son, while he did eat their generations. And he begat Enoch was wroth with us: and the land ye shall his bosom, behold, his beasts, and Shaul the money, they have sent them up on me unto Jehovah said, Now therefore he-asses, and the land of Salem brought them against the Hivite, the greatness of white with the same is Edom. And he had done this place. And Joseph said when we found: know him. And she said, Unto their daughters with him that his army, and two years, and wise know how thy rod, wherewith thou hast led the damsel. And when I buried Sarah shall say unto me; and he said, Surely thou standest is about three baskets of his cattle that which thou hast showed him to the kids of Egypt, the garden in the prison; and Kedar, the water which Lot journeyed to me, and he put upon him. And the Hebrews’ children. And he lifted up early in the earth, and said unto thee into the men of Israel his brother’s name of Israel to slay thy father, and I give ear to pass, when they bosom; and he gathered together within his daughter ye done in the eyes and went in, and wise men have accepted thee and daughters: and Magog, and Joseph spake all their names: chief Zepho, and cause frogs be stronger of Egypt were ceased, he put it shall be buried couched as though it came unto him, into my lord. And he dwelt then ye shall be thy servant of Israel said, Let there all the lord knoweth that he fell there, and filled the earth: and the birds multiply thy she-goats have said, What is it came to sojourn in Paddan-aram, and was all his people, that no uncircumcised person shall be the years of Canaan, the lodging-place, that is in the thigh of land of a husbandman, and come seven hundred sixty and the ground after these are the bracelets for out of Egypt. Then Joseph understood them;

[note: the following was fully visible text]

All of a sudden, I was hearing stories about how difficult I was to work with, ridiculous rumors about drugs and what a diva I was. I never had to go to rehab or a program.

[note: it concluded with this footer image]

I thought it might be useful to point out a few things about this message.

First, you should never, ever respond to an email like this in any way, shape or form. I’m not sure what it leads to—it could be a site that attempts to steal personal information, a rogue online pharmacy or some combination of the two. Even clicking the “safe unsub link” could lead to problems.

Second, the “from” information, the link to (allegedly) view your credit score and the “unsub” link all use the exact same host: doragreyliteracyfoundation.com.

I did a “whois” on this URL and found that it was registered on December 23, 2011, using a registrar called eNom, Inc. Four things about this fun fact:

1. The website was registered eleven days before the message was sent, yet they somehow already had my email address.
2. The Dora Grey Literacy Foundation, as far as I can tell from a web search, does not exist.
3. They registered the domain name for only one year, which isn’t necessarily a sign of fraud, but know this: registering a domain name for only one year is a pattern with fraudulent websites.
4. As of October 2010, eNom, Inc. was the registrar for around 40% of rogue online pharmacy sites, according to a source cited at Krebsonsecurity.com.

Third, that huge block of (religious, in this case) word salad would have no reason to exist in a legitimate email message.

Fourth, neither would that business about being a “diva” after the word salad. I looked it up; it’s a quote from Irene Cara. Yeah, the person who sang “Fame” and played Coco Hernandez.

Finally, regarding that footer image, there is neither a Dora Grey Literacy Foundation nor a Facio & Associates at that address. “PMB” indicates the address is a commercial mail drop business, which is a mainstay of con artists.

Amazing what you can learn with a little research, isn’t it?