Tag Archives: Fraud

Walmart Gift Card Scam: This one is for real.

Last week, I wrote about false reports of the Walmart Cash Back Scam, and how these hysterical emails are nothing to worry about.

A lot of people have been getting these messages, apparently—that article has brought in a lot of traffic to this site. I hope that means people are relaxing a little, rather than being nasty to Walmart cashiers because they let an email hoax frighten them.

However, I just heard about a new one that involves Walmart and is real—thieves are calling victims with news that they’ve won a $200 gift card from Walmart if they only pay $1 for shipping. The victim reveals their credit card information, and you know what happens next.

(In case you don’t: the card never arrives because it’s a scam. The crooks weren’t from Walmart at all. They just take the victim’s credit card information and use it to make purchases or get cash advances).

If somebody tells you you’ve won something, never pay in advance. Walmart doesn’t just give gift cards away, anyway.

The full story is over at The Money Coach’s Blog. It goes into a little more detail.

Mystery Shopper Scam: Kiboshed!

Last Friday afternoon, one of our Member Service Representatives here at REGIONAL helped a member avoid becoming a victim of a mystery shopper scam.

The member let us keep the check, and I spent quite a while examining it.

It was a very good counterfeit. The kind of thing that might slip right by if you weren’t paying attention (or even if you were). In this case, the member’s story tipped her off—he was going to wire almost the entire amount after he cashed it.

For one thing, the check was on genuine cashier’s check stock. It had all the security features, including watermarks and “fingerprint security” (where you hold your thumb over a symbol and it reacts to your body heat and disappears). So the presence of security features doesn’t prove anything anymore.

The check was from a company called Malteurop (more on that later), with an address in Milwaukee, WI. It was drawn on US Bank in Havre, MT. The routing number was a valid US Bank number, but for Minneapolis, MN. It just didn’t add up. To tell you the truth, I don’t know if those different cities are a reliable sign of fraud or not, but it did seem a little suspicious. A Milwaukee firm using a Montana bank with a Minnesota routing number?

Furthermore, Malteurop is a real company—one that supplies malt to beer companies all over the world. It would make no sense for this company to be checking out the customer service at Western Union.

At any rate, examining the check was interesting, but as I said before, the teller knew it was counterfeit just by talking to the member. I suppose that’s good advice for all financial institutions: have your frontline staff engage your members or customers in conversation. The information you gain could help save someone from fraud or identity theft.

I haven’t acquired the ability to read the fractional routing numbers on checks, to see if they agree with the routing number at the bottom, but I’ll be working on that skill soon.

I’d like to be like Frank Abagnale (remember Catch Me If You Can?), where you can hand me a stack of drafts and I can flip through them one time and say, “This one’s fake!” Only I’d like to get there without, you know, having committed check fraud or done time in prison for it.

Takeaways:

  1. Security features and a valid routing number on a check don’t mean a thing
  2. I can’t help but feel proud when one of our tellers makes a catch like this. Nice!

Fraud/Malware Alert: Intelligence Bulletin No. 267

Here is some text from a fraudulent email that’s been popping up lately:

INTELLIGENCE BULLETIN No. 267
Title: New Patterns in Al-Qaeda Financing
Date: August 15, 2009
THREAT LEVEL: YELLOW (ELEVATED)

THE INTELLIGENCE BULLETIN PROVIDES LAW ENFORCEMENT AND OTHER PUBLIC SAFETOFFICIALS WITH SITUATIONAL AWARENESS CONCERNING INTERNATIONAL AND DOMESIC TERRORIST GROUPS AND TACTICS.

HANDLING NOTICE: Recipients are reminded that FBI Intelligence Bulletins =ontain sensitive terrorism and counterterrorism information meant for us= primarily within the law enforcement community. Such bulletins are not =o be released either in written or oral form to the media, the general p=blic, or other personnel who do not have a valid ?eed-to-know?with=ut prior approval from an authorized FBI official, as such release could jeopardize national security

All the spelling errors and odd characters are exactly as they appear in the message.

Do I even need to tell you this one is fraudulent?

If so, it is.

Furthermore, the message often contains a file named “bulletin.exe.” If you open this file, it will install malicious software on your computer, which can lead to serious problems (like fraud and identity theft).

The FBI does not email official reports, nor does it send unsolicited email messages. If a document is confidential, they’re going to keep it that way.

Whenever you get an email message you weren’t expecting, from someone you don’t know, use extreme caution when dealing with it. My advice is to not even open unsolicited messages, and delete them right away. However, at the very least, never click on links or open attachments in emails unless you already know what the file (or link) is, why it’s being sent to you, and who sent it.

Scam Alert: Microsoft Awards 2009

Here’s one that seems to mostly circulate around Europe, but I’m sure some folks here stateside have ended up with this message in their inbox, too:

Microsoft Lottery Promotion
Unit 7, Metro Trading Centre,
Second Way, Wembley, Middlesex,
HA9 0YU – United Kingdom

DATE: 14th of March 2009

Microsoft Lottery! E-mail is pleased to announce you as one of the 10
lucky winners in the ongoing Microsoft E-mail Promotions.

Microsoft Lottery! is a free service that does not require you to register
or be a Microsoft registered user before winning.

This award program is conducted anually to promote the use of the
Internet.You have been awarded ONE MILLION GREAT BRITAIN POUNDS.

To file for your claim, do contact our accredited corresponding claims
agent as below for category “A” winners immediately with your Name and
Phone Number for the speedy release of your fund;

AGENT: Gabriel Phillip
EMAIL: g.phil.@live.com
Tel: +44 703 5963368

Warning!!! Winners that do not respond to this notice within seven days of
receiving this E-mail will authomatically be disqalified.

FOR VERIFICATION, PLEASE REPLY TO THIS MESSAGE WITHOUT MODIFYING THE SUBJECT.

There is no need to include any additional information in your reply.

Regards

Notification Department
Microsoft On-line Email Draws

Let me make this perfectly clear: This is a scam. Éste es fraude. C’est une escroquerie. Dieses ist ein Betrug. Ciò è un raggiro. This is a scam, innit, guv’ner?

(By the way, I used Babelfish for those translations. English is the only language I speak reliably well. If I’ve said something bizarre in your native tongue, please correct me.)

More specifically, this just is a variation on the old advance fee fraud. If you respond, you’ll be instructed to wire money or send a cashier’s check to someone. Then you’ll never hear from them again. Just like with a lottery scam.

As it turns out, Microsoft does give away awards every year. However, they give them to people like Peer Bork from the European Molecular Biology Laboratory, not randomly to people like you and me (to be somewhat blunt about it). Unless you happen to be a research scientist of some renown, in which case you might be in the running for 2010.

But even then, they’re not going to notify you by email and say “Winners that do not respond to this notice within seven days of receiving this E-mail will authomatically be disqalified.” For one thing, Microsoft knows how to spell “automatically” and “disqualified.”

For another, they give their awards to people who are doing notable work and advancing knowledge. It’s not a random giveaway.

Telephone scam targets grandparents

There’s another antique scam currently experiencing a renaissance: the telephone “Grandparent Scam.”

This one is really simple: thieves will call elderly people, posing as a grandchild and asking for money because of a car accident, arrest or other emergency. Alternately, they may claim to be a police officer or lawyer and tell the victim their grandchild has been hurt, arrested or in need of legal counsel. In either case, the victim is instructed to wire money to the thieves.

It’s a simple scam because it’s so easy to find out the names and ages of family members online. In fact, a single obituary might provide everything a crook needs to victimize family members of the deceased. However, an experienced “social engineer” might be able to pull it off cold, with very little information to start with.

Thieves using this technique are working under a set of assumptions:

  1. Grandparents will be less judgmental if a young person is in trouble with the law, which is why the “grandchild” is calling them instead of a parent
  2. Grandparents will be quick to panic if they think a grandchild is injured
  3. Elderly people can’t hear well, which means the thief doesn’t have to work very hard to disguise his or her voice
  4. Older people are less informed and less tech-savvy
  5. Elderly people may be ill or on medication, which can affect their judgment

Of course, in any individual case, none of these might be true, some of these might be true, or all of these might be true. Crooks use stereotypes as a way to select potential victims, knowing that one group (grandparents) will have a statistically higher rate of return than another (parents or siblings).

If you are a grandparent, be extremely wary of anyone calling who claims to be a grandchild in trouble. Ask questions that only the real grandchild would know. Hang up the phone and call him or her directly, or the parents. If the caller claims to have been arrested in Tijuana, but his parents say he’s in the living room in Des Moines, you’ve pretty much got your answer right there.

Don’t wire money to someone who calls just because they asked you to. Don’t panic. Take a breath or two, and figure out how you can verify beyond reasonable doubt who that caller is. Ask questions (the crook will likely hang up immediately). Call the parents. Call the grandchild. Do whatever it takes to verify the identity of the caller.

In all honesty, if someone is calling and asking you to wire money, I’d put 90% odds on it being a scam right away.

Child Identity Theft: Why you need to check your child’s credit report today

Children are an attractive target for identity theft. Why?

Several reasons:

  1. Clean credit history
  2. Clean criminal history
  3. Clean employment history
  4. It may be many years before the theft is discovered

That last one can be especially damaging. If a child’s identity is stolen at age 10, it may be another eight years or more before he applies for a credit card, tries to open a checking account or attempts to obtain an auto loan. By then, his credit (or criminal/medical/employment) history can be incredibly difficult to repair, since the crime took place so long ago.

That’s why you’re going to check your kids’ credit reports today, isn’t it? Go to AnnualCreditReport.com like you would to get your own credit reports.

Basically, you’re making sure your child doesn’t have a credit report. If he or she does, you need to take a closer look.

There’s an article from the MSN Money site called “Stolen innocence: Child identity theft” that’s worth reading, despite its Lifetime movie-esque title. I’m not sure when the article was originally written (it refers to Hillary Clinton as “Former New York Sen[ator],” so I’m guess it’s not super-recent), but it’s mostly good information.

However, the article features a section in which some people are debating whether child identity theft is actually a significant problem, which strikes me as a little strange (especially considering the sources in question). Growing problem or not, isn’t it worth your while to at least check?

I mean, I don’t advocate living in fear on any level. But since you’re checking your own credit reports anyway (you are, aren’t you?), you might as well make sure your kids’ reports are clean while you’re at it.

Watch Out For Census Scams

What do economic stimulus packages, Cash For Clunkers, tax refunds, and the U.S. Census all have in common?

Besides the obvious fact that they’re all related to da gubbermint, they’re also things that people have turned (or could turn) into scams.

The 2010 Census is already in its early stages, and workers are already going door-to-door to verify addresses. However, you know as well as I do that there are also going to be some con artists out there, trying to get personal information for fraudulent use.

Ask any Census worker to show you his or her identification and badge before you answer questions. They will not ask for your Social Security number, credit card or bank account information, or donations. Anyone attempting to get this information from you is attempting to commit fraud. Politely refuse to answer their questions, close and lock your door, then contact police immediately. A Census worker will also never ask to enter your home.

Also, Census workers will only contact you by telephone, in person or by U.S. Mail (meaning envelopes-with-paper-in-them). They will not use email in any circumstance. Immediately delete any emails that claim to be from the U.S. Census.

Why don’t they use email, and why will they never do so?

Well, it’s because of people like me. I have six email addresses that I can think of offhand. There are probably another five or six that I don’t even remember. One of them is just so I can use Google Reader, and another is a leftover from an old blog, but my work email and two out of my three home emails are pretty active. Within a single household, there might be twenty email addresses, including young children. Can you imagine the mess that would ensue if they tried to use email to conduct a Census? There would be panic on a heretofore unseen level when the results came out that the population had rocketed up to 2 billion people over the last ten years.

The core information in this post was taken from “Be cautious about giving info to census workers.

Worst. Scam. Attempt. Ever.

Here’s an attempt at an email scam that nobody should ever fall for. Seriously, it’s like they weren’t even trying:

From: “Mr. R. Jan” <[removed]@gmail.com>
Sent 9/6/2009 3:21:48 PM
To: [removed]
Subject: ATTENTION NEEDED

My name is Mr. Jan and I am contacting you from Liberia for
a mutual business relationship and investment.
I have some funds realized through contract brokerage and I
need your cooperation to invest the funds.
The first stage requires transferring the funds to your
account for subsequent investment.
I therefore want you to work with me as a partner.  On
receipt of your response, I will send you full details of
the transaction and more information about myself.  I
am waiting for your prompt response.
Jan

I’m not even going to bother picking this thing apart. Yes, it’s a total scam. Yes, you should just delete it. No, it’s not a real investment opportunity.

Online Scams Vol. 3: Work at home scams are everywhere

Crooks these days. They’re nothing if not adaptable.

Have you seen the number of work-at-home “jobs” being offered on the Internet these days? They know what’s up. A lot of people are losing their jobs and are looking for something new. And it’s a great American tradition—recession (or depression) takes your job, start your own business!

However, the fact is that most people don’t have the right kind of entrepreneurial “spark” needed to start a successful business venture. It takes a certain kind of grit, a deep belief in yourself and your “product,” the ability to hold your head high when faced with failure (and to learn from that failure and move on, instead of taking it personally and wallowing in it), and the kind of positive attitude that, frankly, tends to get obliterated when you’re worrying about how you’re going to pay the mortgage next week.

Let’s face it: starting your own business is way, way tougher than working for someone else. How many times have you seen someone start their own little store because they were “tired of working 40 hours a week,” and you check out their new digs and they’ve got no clear vision for their business, they’re trying to be everything to everyone, and they’re only open five or six hours per day because they’re trying to make owning a business easier than working for someone else? How long did they last?

And I think most of us, deep down, know that. “I’d love to work for myself, but yeesh! 18 hour days, seven days a week?” It’s okay to admit that you’re not a natural born entrepreneur (can you become one? Of course. You can become anything you intend). But most of us know—it is a path of great resistance.

Send in the Work-at-Home-Scam Clowns.

They sound great, don’t they? Stay at home, do some menial task that takes ten minutes, and let “the power of the Internet” (or something) do the rest. You’ll have so many Porsches by this time next year, you won’t know what to do with them all!

Of course I’m going to tell you they’re all completely full of baloney. Nobody is going to pay you hundreds of thousands of dollars per year for nothing.

“Oh, but they’re not paying you,” you’ll say. “You’re starting your own business!”

Well, at best you’re going to pay them a large amount of money for a “startup kit,” fees, or other such bull. You’re not going to assemble kits at home, you’re not going to enter any data, and you’re not going to get paid to stuff envelopes. You’re going to get ripped off.

Fraud.org (run by the National Consumers League) has a great article called “Tips for Avoiding Work-at-Home Scams.” I would recommend you take a few minutes to read the entire article, but the following is a summary of their tips:

  • Know who you’re dealing with
  • Don’t believe that you can make big profits easily
  • Be cautious about emails offering work-at-home opportunities (real companies do not recruit in this way. Ever)
  • Get all the details before you pay
  • Find out if there is really a market for your work
  • Get references for other people who are doing the work
  • Be aware of legal requirements (medical billing requires a license, for example)
  • Know the refund policy
  • Be wary of offers to send you an “advance” on your “pay”
  • Do your own research about work-at-home opportunities

I would amend that fourth tip slightly: just don’t ever pay someone else to work for them.

About.com also has a nice article on this topic: “Work at Home Scams.” I’d suggest you read this as well.

Finally, never, ever trust the phrase, “Other work at home sites are scams, but I found one that isn’t!” There are tons of fake blogs out there. I even found one by searching for “work at home scams.” It had a whole article, possibly culled from a trusted news source, about avoiding these traps. It claimed to be an article from a newspaper in Cleveland. As you read, you suddenly find you’ve been eased into a sales pitch about how “this one isn’t a scam!”

Do they need to make it any more obvious?

Hit these links

Let’s take a break from the Identity Theft Myths series today, and instead look at some other topics from other places on the web.

“Is Facebook becoming Phishingbook?” explores a social media scam that seems to be growing lately. Summary: if you’re Facebook friend tells you they’ve been mugged in London and need you to wire money, don’t.

Excellent advice from Craigslist. There is a lot of fraud happening through this popular site. Summary: only buy/sell locally, and never wire money. Ever.

“10 Ways to Avoid Sneaky Work-at-home Scams” is exactly what it sounds like. Summary: the economy is weak and these scams are only going to become more common.

“Beware of Cash For Clunkers Scams.” I’ve covered this here before, but the Eastern Michigan BBB has some more information on the topic. Summary: CARS works by taking your heap, junker or jalopy (or “hoopty,” in the parlance of our times) to a dealer and trading it. There is no pre-registration or anything.

We’ll return to the Identity Theft Myths next Monday. Until then, have fun.