Three Tips for Spotting Fake Reviews

If you shop online, you’re probably familiar with the “User Review.” These generally take the form of a star-based rating system (1 to 5) and a text portion where users describe what they liked or disliked about the product. User reviews on a site like Amazon are an integral part of their entire business model, as products can live or die on these reviews.

You’ve probably also encountered some fake reviews, whether you knew it or not. Usually, these are submitted by people who are paid by a company to artificially drive up a product’s average rating. Sometimes they are paid by a rival company to artificially depress a competitor’s score. Other untrustworthy reviews aren’t so much “fake” as they are “low quality.” This would include people poorly reviewing a book they’ve never read because the author has a political or religious viewpoint they don’t like, or people who submit reviews of something other than the item, such as “It was broken in shipping” (okay, fine, but Amazon has a process for that…instead of writing that in anger four seconds after you got the broken one, why not wait until you get a replacement and review that?). The one- or two-word reviews you see (“great!” “love it!” “terrible!”) are always low-quality, and may also be fake.

There are far more than three tips for spotting fake or low-quality online reviews; all you need to do is run a search on “how to spot fake reviews” and you’ll get hundreds of articles, but some of the tips are kind of involved, such as checking how many reviews each reviewer has submitted within a certain amount of time—dozens of reviews of random objects in a short span is a red flag—but who has time to do that? I’m more interested in techniques that don’t take up a lot of your time. Here are three semi-quick things you can do.

Check out the one- and five-star reviews first

If a significant number of the highest or lowest reviews are just one or two words long, or if there’s a lot of very poor spelling and grammar, it may be a sign that the seller has paid a lot of people to submit fake reviews for the sole purpose of affecting a product’s average rating. Off-brand electronics have a notoriously high number of glowing reviews that are completely worthless. However, this doesn’t mean all the extreme reviews are bad—if you find some that are well-written and thoughtful, those are worth considering.

Read some two-through-four-star reviews

For the most part, companies don’t pay people for two- or four-star reviews. They want extreme ratings that will have the greatest effect on the average. The reviews that live in the middle—between “didn’t like it much” and “mostly liked it” are generally going to give some reasons for their opinion. Are there almost only five-star reviews out of hundreds or even thousands? Not a great sign.

Ignore the super-emotional reviews

There’s no real reason for anyone to be that angry (or joyful) over a three-pack of furnace filters. If you’re looking at an album by a music group, a review of the bass player’s response to being asked for an autograph in an airport in 1998 is beyond worthless, as are book reviews that say, “I would never read this trash. One star.” I know, we’re all people, and true objectivity is impossible, but give more weight to reviewers who at least try to stick to the benefits and disadvantages of the item you’re looking at.

Netflix Payment Phishing Scams

Video streaming giant Netflix currently has something like 150 million subscribers worldwide and 60 million in the U.S.

That tells me two things: there are a lot of people interested in gritty dramas, true crime stories, and those documentaries that kind of end up being more about the person making the documentary than the actual subject of the documentary, and what a prime target for a phishing scam.

And sure enough, there is one.

In this case, the phony email message alerts the recipient that there was a problem with their monthly payment. “Please update your payment details,” it begins. There is a link that takes the victim to a website that will either infect the victim’s computer with malware, steal personal and financial information, or both.

There are always clues you can look for when you get this sort of email, such as the message using a generic greeting instead of your name, link text that says one thing while the link actually points to a completely different site, grammar and spelling errors, or even more subtle hints (the screenshot I saw of this phishing email mentioned a “Help Centre,” which is a British English spelling unlikely to be used by an American company contacting an American customer). But you don’t really need to get that in-depth. If you get something like this, go directly to and log in to your account (don’t use any links or phone numbers from the message itself). If there really is a problem, they’ll tell you. After all, Netflix is a business. They’re going to make it as easy as possible to correct anything that comes between them and your subscription money.

Tips for Avoiding Apartment Rental Scams

If you’re looking for an apartment to rent, be forewarned that there are scammers out there waiting to take your money and leave you with no place to stay. Here are three tips to remember.

No sight-unseen rentals

If the landlord won’t let you visit the apartment before you agree to rent it and hand over money, walk away. Zero exceptions for any excuse they give, including overseas travel or missionary work. Scammers will pull photos of legitimate rental properties from the internet and post them as their own, then try to convince people to send them money to rent a property that is not theirs. At the very least, you need to make sure the landlord has access to the apartment (and make sure it’s not a dump).

First the contract, then the payment

As soon as a landlord wants you to make an upfront payment, before you’ve checked out the property in person and signed a lease agreement, something is not right. That’s your cue to walk away and report the listing as fraudulent.

There are a couple ways to pay, and several ways not to

A legitimate landlord is going to accept payment by check. There are some who might be set up to accept payment by credit card or electronic checks. The key with these forms of payment is that they are traceable. If a landlord wants you to wire money, pay in cash, or load up gift cards, once again something not-completely-legit is happening.

You (Still) Didn’t Win the British Telecoms Lottery

Any time an old Fraud Prevention Unit article sees a spike in traffic, that means an old scam, usually of the emailed variety and often of the lottery scam variety, has resurfaced. Due to a recent jump in traffic, it seems the old British Telecoms Lottery scam is out there making the rounds again.

I first wrote about this scam in early 2011. I’m not sure if the new version is the same or slightly altered, but here is the text of the one I got back then:

From: [redacted]
Sent: Monday, February 07, 2011 4:42 AM
Subject: Confirmed Today And Must Be Claimed Immediately


The sum of $1 Million USD has been awarded to you by the BRITISH TELECOMS LOTTERY, Fill the form below for more details and E-MAIL: TO ([redacted],


Yours Faithfully,

There are so many things that don’t make sense here. If you had really won such a major award, why would you need to tell them your name? Why would a British company hand out such large amounts of money to random people who aren’t even British? Wouldn’t the prize be in GPB, not USD? Why would the message have been sent from a .de (Germany) domain? Why would the contact person be using a Gmail account rather than an official British Telecoms email address?

Regardless of the details, or whether the recent examples use this old text verbatim or if alterations have been made, the result would be the same: someone would ask you to wire a large amount of cash out of the country to cover “taxes” or “fees,” and then disappear. There really isn’t much that’s new when it comes to lottery scams.

Avoiding Mortgage Loan Modification Scams

There are a lot of people having trouble keeping up with their mortgage payments, and there are also a lot of people and companies offering fraudulent “help” that only makes things worse.

If you are at risk of foreclosure, there are legitimate ways to get help. You can contact your lender directly, call the Consumer Financial Protection Bureau at 855-411-2372, who will connect you with a HUD-approved counselor, or find out if your financial institution works with a credit counseling agency (REGIONAL members can contact Greenpath Financial Wellness at 800-550-1961).

Here are a few things to NEVER do:

Never pay an upfront fee to any company offering mortgage modification help. They will either take your money (and make your financial situation worse) and do absolutely nothing, or take your money and do something you could have done on your own for free (such as calling your mortgage lender and asking for a loan modification).

Never sign over the deed to your home to anyone.

Never believe promises of “guaranteed” modifications, or any offers to remove negative information from your credit report.

Never believe anyone claiming that your mortgage (or any other loans) are actually not legally binding because of some obscure piece of legislation they claim to have discovered, and that all you have to do is stop making payments, then tell your creditors that you don’t agree that your debt was a binding agreement under this or that section of federal law. No such clause exists, your debt agreements ARE binding, and you can end up being accused of fraud for pulling this stunt.

Never buy into promises of shortcuts. They’re not real.

Never do business with anyone selling mortgage help as a “forensic auditor.” Never make payments to anyone other than your lender, unless you’re using an accredited, reputable debt management program (such as offered by the aforementioned Greenpath) that you have thoroughly researched. The National Foundation for Credit Counseling ( is a nonprofit organization founded in 1951 that certifies credit counselors. Make sure the company you’re working with is certified by the NFCC, and look into their other certifications, but remember that anyone can save logos from the internet and put them on their own website. Don’t assume that an NFCC logo on a website means anything until you verify it yourself.

Funeral Notification Email Phishing Scams

There seem to be endless variations on phishing scams, but the goal is always the same: to convince victims to click on a link that takes them to a different website than they were expecting. Sometimes that website is designed to harvest personal financial information, sometimes it is set up to infect victim computers with malicious software, and sometimes it does both.

One variation is the fake funeral notification. A message with the subject line “Funeral notification” will appear to come from a funeral home, informing the recipient of the death of a friend and instructing him or her to click a link for visitation times or other information. If the link is clicked, the victim is directed to a website that attempts to install malware.

If you get such an email out of the blue, do not click any links. If you think it might be real, do a web search for the contact information of the funeral home the email appears to come from, and call them to find out if they sent the notification. Don’t call any phone numbers from the email itself.

There are other ways to spot this scam up front, though. If it does not contain the name of the deceased, and instead only refers to “your friend,” that’s a sign that it’s a generic email being sent to lots of people. Also, how would a funeral home have a list of a deceased person’s email contacts in the first place? They might publish a notification on their website, or publish viewing times in the local newspaper, but for the most part it’s up to the family and/or friends of the departed to contact individual people.

Here’s What a Debt Collection Scam Call Sounds Like

I was able to get my hands on the audio from an actual debt collection scam robocall recently, and it’s kind of interesting to listen to and pick apart.

Here is the audio, left on a friend’s mobile phone:

And here is a transcript of that voicemail:

[sharp inhalation] Yes! This is Jessica Thompson. I’m calling in reference to your federal student loan. Um, I need to discuss your repayment options with some new changes that have taken effect recently, so… [sharp inhalation] If you could please [unintelligible] just give me a call back, my number is 866-371-3232…um, I’m gonna go [ahead] and give you a reference number, if you would have this number handy when you call back, it just makes things a lot easier. Your reference number is 909902. Thank you.

A few points about this robocall:

  1. The caller never states the name of the organization calling. Is it a lender? A collection agency? The federal government? Is Jessica Thompson an independent student loan wrangler?
  2. If you search online for the phone number (in quotation marks) along with the reference number (also in quotes), you’ll find a lot of people who have received this exact same message with the exact same reference number. You’d think the reference number would be unique to each individual.
  3. It ends with a little bit of “electronic noise” (including a small beep) that wouldn’t usually occur with a live caller, which is a sign of a prerecorded robocall.
  4. Most telling of all: the person who received this has had their student loans, federal or otherwise, paid off for around 13 years now.

In any case, if you get a call like this, it’s safe to hang up or delete the voicemail. It’s nothing but a phony debt collector.

How to Identify a Debt Collection Scam

Debt can be unpleasant even if you’re making your payments in a timely manner without much trouble. It can become especially unpleasant if something interrupts your capacity to repay, because it doesn’t take long for the calls from debt collectors to start. Even if they’re courteous and helpful, being reminded that you owe money is seldom fun.

However, debt collectors are a reality, and they serve an important purpose. They are also required to play by certain rules, on both the federal and state level. Most states require a license. And there are a LOT of fraudulent debt collectors, who either use personal information gleaned from data breaches and other sources, or who simply make cold calls to random people, in hopes of frightening someone into sending a payment or two.

How can you tell the difference?

First, know what you owe. Go to three times per year and download your credit report from one of the three major bureaus (Experian, Equifax, Transunion)—they should all have the same information, so it doesn’t matter which one you choose when. Use these to check for errors, but also use them to keep abreast of your actual debts. That way, if someone calls with a claim that you owe an unpaid amount, you will know whether or not they’re telling the truth.

Fraudulent debt collectors almost always use fear to motivate victims into paying up. One way is by threatening the victim with arrest, sometimes by claiming to represent some arm of the criminal justice system. Remember that local, county or state police officers do not make phone calls on behalf of lenders seeking to recoup an unpaid loss. Nor do FBI, CIA, ATF, DEA or Homeland Security agents, or judges at any level of government. As soon as the caller claims to be one of these, or tells you that the cops are on their way to your house, hang up and move on with your life—it was a scam.

Some of those rules I mentioned earlier have to do with how a debt collector is allowed to address you over the phone. A legitimate debt collector is not allowed to threaten or harass you in any way, and they nor to use abusive or profane language. They’re not allowed to call before 8 in the morning or after 9 in the evening, and if you ask them not to call again, they’re required to stop. (That doesn’t mean the debt is gone, though…you’re basically saying, “I know I owe this amount, but you calling every day isn’t causing money to magically appear.”)

Any violation of these is a sign that something isn’t quite right, and of course if you know you don’t have any outstanding debts, or are aware of exactly how much you owe and to whom, it’s easy to spot the deception when someone calls out of the blue.

Choosing Answers to Online Security Questions

When you set up online access to a financial institution or credit card company, many of these providers include a step in which you pick from a list of two or three “security questions” and then type in your own answers.

It’s an extra authentication step, so that if you log in later from a different computer or location, the system can show you one or two questions as a safeguard to make sure you’re the person who is supposed to be logging in, and not someone trying to gain unauthorized access.

However, there are a few important points to be made about the way you answer these questions. First, they’re usually case-sensitive. If you type in “Sycamore Street” and then try “sycamore street” later when the question pops up, it’s going to reject your login. You have to remember exactly how you typed it the first time.

More importantly, however, is the fact that a lot of the answers to these questions may not be all that obscure due to the widespread use of social networks like Facebook. How many people have posted photos of their first car online? That’s one of the more common security questions. There are even images that look like fun, nostalgic discussion prompts, but might actually be social engineering campaigns designed to get large numbers of people to publicly reveal security question answers. Some of these ask about first cars, streets grown up on, or schools (revealing mascots, school colors, etc.).

The first thing is to avoid commenting on such items when they make the rounds on Facebook. Make sure your profile is set to that only friends can view your posts, in case you want to put up any old photos.

But also remember this: nobody says you have to answer security questions honestly.

As long as you can remember your answers, there is nothing stopping you from typing “Batmobile” for your first car, or “Electric Avenue” for the street you grew up on. You can even answer the questions as a favorite fictional character, but it might be a good idea not to pick too popular of one…if you’re a known Harry Potter fanatic, “Privet Drive” isn’t going to be very obscure if you’re answering as the title character.

Of course, you also have to remember which fictional character you’ve answered as for each website. The real point is, anything you can do to make your security question answers harder for someone else to guess (but still easy to remember yourself) can help prevent unauthorized access.

Why You Can’t Keep Funds from a Bad Check

We sometimes get questions from members who deposited a check that turned out to be fraudulent (such as a counterfeit check used in some form of overpayment scheme), or was returned for non-criminal reasons (nonsufficient funds being the most common scenario). The question is: “Why don’t I get to keep the funds?”

The short answer is: because there were no funds to begin with.

The longer answer has to do with what a check is, and what happens when one is written and deposited.

A check is essentially a symbol of money. It is not money itself—even in the old days when a cashier’s check was assumed to be “as good as cash,” a check was still a symbol.

(If you really want to get into it, money is also a symbol, of stored labor or stored value, but that’s outside the scope of today’s article.)

I’m going to oversimplify and leave out the details like electronic transfers and intermediaries, but the story is pretty much as follows. We’ll start with the standard-issue case with no problems: Person A writes a check to Person B.

At the start, Person A has money in an account at Bank A. He writes a check to Person B, who takes it to his Credit Union B.

At Credit Union B, the check is taken in, and a deposit is made to Person B’s account. However, Credit Union B does not make all of those funds immediately available from that check, because it needs to make sure the check is good first. A “hold” is placed on some or all of the funds, depending on if the check is local, non-local, the type of check, etc.

Credit Union B presents the check to Bank A, who looks at Person A’s account and says, “Yes, these funds are available.” Bank A gives the money to Credit Union B, who then makes the funds available to Person B. The money has now successfully moved from Person A to Person B.

Now let’s see what happens if a check is fraudulent.

Person A writes a check to Person B. The check appears to come from an account at Bank A, but in fact Person A has simply created a fake check on a computer. He has no account at Bank A whatsoever.

Person B presents this check at Credit Union B. The check is deposited, and the standard hold is placed on the funds. Credit Union B presents the check to Bank A, who responds, “No, this account does not exist, and we have no customer with that name.” The funds are NOT transferred from Bank A to Credit Union B, and the hold is NOT lifted from Person B’s account. The deposit is reversed. When Person B calls to ask why it’s taking so long for the check to clear, he will find out that the check he deposited turned out to be counterfeit.

And here’s the real kicker: if Person B took out funds equal to the amount of the check, either because he already had enough money at Credit Union B to cover the amount, or because he bullied a teller into lifting that hold prematurely (it used to happen quite often!), that cash is now lost. If he simply held onto it, no harm done: he can re-deposit the money. If he wired it back to Person A, or spent it himself, it’s gone. If his account has been drawn negative, he now owes money to Credit Union B, because he essentially withdrew funds that did not exist. He doesn’t get to keep it because it was never his to begin with—money cannot be created out of nothing.

From Credit Union B’s perspective, Person B came in with a check that turned out to be fraudulent. Bank A will never cover that check, because all Bank A did was exist for Person A to create a fake check for. Credit Union will not cover it, because from their perspective, here is what it saw: Person B presented a check that turned out to be fake.

Credit Union B did not see Person A make that fake check, or give it to Person B. Person B might have made that fake check himself, or even fabricated Person A from whole cloth. If Credit Union B gave Person B money for a fake check and then said “oh, just keep it,” nothing would stop Person B or anyone else from simply making fake checks, cashing them, then claiming to be a fraud victim and keeping the money.

Check holds absolutely exist to protect the financial institution that places them, sure. But they also absolutely exist to protect consumers from taking out nonexistent money, and ending up on the hook for thousands of dollars.