Tag Archives: scam

Nothing New Under the Sun: The Walmart Cashback Hoax Lives

There are some hoaxes that just keep. Coming. BACK.

They’re like slasher-movie villains. “Oh, so you strapped him to a small nuclear warhead, which you then detonated inside a warehouse full of knives and lava? Well, here he is again…bigger and stronger than ever! Sequel number six, comin’ atcha!”

The “Bill Gates is giving money away to strangers” hoax recently went full Jason Voorhees, and according to my site traffic another slice of antique Internet alarmist lore has begun to resurface: the idea that Walmart cashiers all over the country are requesting $20 or $40 cash back on card transactions without telling the customer, and pocketing the money.

This so-called “scam warning” dates back to 2004, and made resurgences in 2009 and 2013. A quick online search shows that it’s making the rounds again in 2017. If you think of them as sequels, it makes this year’s version Walmart Cashback Scam Hoax IV: The Final Chapter, I guess.

(Only it’s never really the final chapter, is it? Watch for Walmart Cashback Scam Hoax V: A New Beginning in 2021 or so. By 2030 we’ll be on Bill Gates’ Free Money Vs. Walmart Cashback Hoax. And then a reboot after that…)

Here’s the whole problem with the warning: there is only one person who can request cash back during a transaction at Walmart, and it’s the customer, by pressing the correct button on the card swipe terminal. There is no secret “cash back” button on the register itself.

From Snopes.com:

We investigated a number of different WalMart stores in different areas…[i]n not one single case did we find a store with a checkout system that allowed cashiers to initiate cash back transactions on customers’ cards on their own, without any involvement, knowledge, or approval on the customer’s part. There was simply no way for a cashier working at any of these businesses to surreptitiously place a cash back charge on a customer’s card and furtively pocket the money, all without the customer’s requesting or knowing about it.

So why are so many people convinced they’ve been defrauded by greasy cashiers? Snopes again:

In every case of customers’ complaining about getting cash back from credit/debit card purchases without having requested it that we were able to track down, the cause turned out to be that those customers didn’t pay close enough attention to the prompts on the card processing keypads or simply pressed the wrong keys by mistake.

Nobody likes to admit they made a mistake, do they? “There’s no way I pressed a button I didn’t intend to. I’m perfect. It was that mean ol’ cashier.”

Also, the typical Walmart cashier has more cameras pointed at them than a blackjack table at a casino. It would be an impressive feat of close-up magic indeed to be able to pull off this alleged scheme, even by reaching over and pressing the buttons on the swipe terminal for the customer. And if a cashier was doing that over and over, you can bet somebody would notice.

Furthermore, it fails the most basic test of all: the cashiers actually handed the correct cash back amount to the customer. From Snopes (last one, I promise):

[I]n nearly every one of those cases it was verifiable that the complaining customers had in fact been handed the appropriate amount of cash back by their cashiers (even though they insisted they hadn’t requested it).

Now, I’ll admit I haven’t seen everything this world has to offer, but I have yet to come across a scam where the basic mechanic is, “I’m going to let you keep the money that’s already yours, and then I get nothing.” Most real scams have a profit motive.

Further furthermore, many of the stories claim the customer was using a credit card. They specifically mention it because the overage would “count as a cash advance.” The problem is, as far as I know, you can only request cash back with a debit card during a retail purchase. Whatever those self-proclaimed victims thought was happening, it wasn’t that. Which may explain why this thing has gone (and continues to go) so viral: people see the warning, then something unusual happens during a purchase (an item rang up incorrectly, the cashier didn’t know the PLU for parsnips offhand, their debit card gets denied for insufficient funds) and they try to retro-fit their experience onto the thing they read earlier. “Yeah, that happened to me, too!”

Here’s one more clue that you’re looking at a hoax: the warning is often accompanied by the same image of a receipt from 2013, but it always happened “recently” to “someone I know.” All the receipt proves is that someone selected $40 as their cash back amount when prompted by the card terminal one day four years ago. There is nothing about it that proves a crime was committed.

Here’s the original article, of which I have pasted whole chunks into this article: http://www.snopes.com/fraud/atm/cashback.asp

What If I Don’t Have Caller ID?

I’m guilty of assuming everyone has caller ID these days. While the feature may be baked right into mobile phones, caller ID service for landline phones is still a feature you usually have to pay extra for. And some people don’t want to.

So how should these holdouts handle telephone scams?

My advice is: get on the list and be quick on the draw. First, add your number to the National Do-Not-Call Registry. Once it takes effect, it will weed out all the legitimate, non-scam phone calls. Anyone who calls with an offer or sales pitch after that is obviously ignoring federal regulations and can be assumed to be attempting to commit fraud. If you’ve answered the phone, hang up as soon as you realize what’s happening.

Second, the vast majority of scammers use automated robocalls, where they ring multiple phones at once and then connect with whomever answers first. That setup takes a moment to function, and causes recognizable audio artifacts. If you’ve answered the phone and don’t get a response within a second or so, you can assume it is a robocall and hang up. If you answer and the first thing you hear is electronic noises (little clicks, bloops, beeps, etc.) or silence, it’s safe to assume you’re dealing with a robocall and hang up.

If you’ve hung up on a legitimate caller, they’ll call back.

Failing the quick-draw hang-up technique, if you find yourself talking to an unexpected caller, the old rules still apply: if they’re trying to make you afraid, it’s probably a scam; if the offer sounds too good to be true, it’s probably a scam; never wire money to a stranger; the IRS doesn’t call to demand payment over the phone; you didn’t win the lottery; your grandchild isn’t in jail or a hospital overseas; your computer doesn’t have a virus; never press “1” for any reason.

You’re under no obligation to be polite to someone who is trying to trick you out of your money over the phone. You’re allowed to just hang up without explanation.

Online Dating Scams Can Be So Much Worse Than You Thought (OR: Incredibly Bad Romance)

The classic Online Dating Scam involves a con artist meeting a victim online, pretending to initiate a long-distance relationship, and then asking the victim to wire money.

It’s a widespread form of fraud, and despite increased awareness, it continues to thrive because we’re all convinced it only happens to other people. We’re too smart, right?

Right. There’s a reason you never hear anybody say, “Yeah, you know, I’m just really naïve and easy to manipulate.” Here’s a little trade secret known to scammers around the world: literally everyone has some area in which he or she is vulnerable. There is no such thing as a 100% scam-proof human.

But there may be an even more compelling reason to avoid the romance scam: the possibility of criminal prosecution. In this case reported by BBC News, a woman was not only tricked into wiring her own money to her online “partner” over the course of several years, but also convinced to move money between different bank accounts on behalf of the con artist, making her an accessory to money laundering.

For which she was prosecuted and convicted.

Yeah, let that one sink in for a second. The irony is, she was probably helping him launder money he was getting from other romance scam victims.

Now, I’m no legal expert, and this case did occur in the U.K., not the U.S. I’m not sure how different the laws are here, but I’m betting that there is a point at which they also no longer care that you were a victim because it should have dawned on you that you were laundering money.

So if you’re out there on the internet looking for companionship, or if you know someone who is, be aware of the risks. When someone you’ve never met is asking you to send money, or to transfer funds between different financial institutions, do not do it. Under any circumstances, okay?

The IRS Is Using Private Debt Collectors Who Will Make Calls, but This Actually Changes Nothing

Sometimes fraud prevention can be boiled down to nice, simple rules that don’t leave much room for subtlety. Never wire money to a stranger. Just keeping that one rule in mind will keep you out of a lot of trouble, even if you forget the details of the scams that utilize the technique.

The IRS will never call you was another one of those hard rules, but as of 2017, it’s become a little more complicated. However, for the most part, nothing has really changed when it comes to fraud prevention.

Basically, the IRS will be contracting with four collection agencies, who will only be contacting certain taxpayers who have been delinquent for a significant period of time, whom the IRS has been unable to locate, and who meet certain other criteria. Furthermore, the collectors will not be demanding payments. Instead, they will be directing taxpayers toward electronic options for paying the IRS directly.

This means that some people will be getting calls from collection agencies on behalf of the IRS. The rest of the fraud prevention rules still apply: if they threaten you with incarceration or demand immediate payment, it’s a scam. If they’re talking about wiring money or loading up gift cards, it’s a scam.

Since con artists are nothing if not adaptable, I’ll add this point: if they do anything other than tell you about how you can pay the IRS directly on your own, it’s a scam. I’m sure someone is already gearing up to make calls claiming to be a collection agency, then telling victims they can pay over the phone with a credit card, with a wire transfer or with prepaid gift cards, or by visiting a fraudulent website. The collection agencies the IRS is using will not be asking for nor accepting payments from delinquent taxpayers. At all.

The actual website where you can pay your taxes, overdue or otherwise, is IRS.gov/Pay. And that’s pretty much the only thing the collection agencies contracted by the IRS are going to be allowed to tell you. Any mention of a different website to pay your taxes? Scam.

I recommend reading the full article below for more detailed information.

Counterfeit Check Scam Targets College Students (or: Stop Me If You Think You’ve Heard This One Before)

College students have been targeted by an employment scam that’s going to start sounding familiar as soon as I begin to describe it.

Ads are placed on job websites for administrative positions, or emails are sent directly to students “recruiting” them for the jobs. You know…college…recruiters…there companies who need your talents so badly, they’re hiring these people called recruiters to find you before you find them. That’s the dream, right?

Anyway, students who respond to the ads are sent a cashier’s check…can you guess what’s coming yet? The victim is instructed to cash the check, then wire the funds to someone, presumably to pay for equipment or software.

Now let’s see if you can guess what happens next:

  1. The student receives equipment and software and begins a rewarding career that pays well;
  2. The student gets struck by lightning three times in one week;
  3. The student finds out the check was counterfeit, and since he already wired the money to someone else, is now out several thousand dollars.

The answer is C, but B is actually more likely than A.

Scams usually involve tricking a victim into willingly handing something over, be it money or personal information. Scammers try to invoke emotional responses in order to make potential victims bypass their logic. This is why scammers try to create urgency or incite fear, prey on those who are desperate, or (in this case) prey on a group of people, college students, who know they’re in a competitive scene where the supply is greater than the demand.

Scams like this are easy to avoid, simply by applying a single principle: never cash a check and then wire the funds to someone else. It’s one of those rules that works in dozens of scenarios.

Source: https://www.ic3.gov/media/2017/170118.aspx

An uncommonly convoluted con

They say brevity is the soul of wit, but it’s apparently not the soul of spam. I received this in my inbox not too long ago:

From: IMF ADMIN <admin@imfpaymentcenter.com>
Subject: May Good Decision

INTERNATIONAL MONETARY FUND (IMF)
DEPT: WORLD DEBT RECONCILIATION AGENCIES.
ADVISE: YOUR OUTSTANDING PAYMENT NOTIFICATION

Attention Wing Chan

A power of attorney was forwarded to our office this morning by two gentle men, one of them is an American national and he is MR DAVID DEANE by name while the other person is MR… JACK MORGAN by name a CANADIAN national.

This gentlemen claimed to be your representative, and this power of attorney stated that you are dead, they brought an account to replace your information in other to claim your fund of $12.5 Million Usd which is now lying DORMANT and UNCLAIMED, below is the new account they have submitted:

BANK.-HSBC CANADA
Vancouver, CANADA
ACCOUNT NO. 2984-0008-66

Be further informed that this power of attorney also stated that you suffered and died of throat cancer. You are therefore given 24hrs to confirm the truth in this information, If you are still alive, You are to contact us back immediately, Because we work 24 hrs just to ensure that we monitor all the activities going on in regards to the transfer of beneficiaries inheritance and contract payment.

You are to call this office +44(0)7778022499 immediately for clarifications on this matter as we shall be available 24 hrs to speak with you and give you the necessary guidelines on how to ensure that your payment is wired to you immediately.

I have attached a copy of the last part payment of $500,000.00 which was paid into your provided account last week, please check is this is the same account submitted by this two men who claimed to be your representative. Reply this email to [redacted]

Kindly reply

Rev. David Churchman
International Monetary Funds Agents

I get what they’re trying to do here. The victim is supposed to think they got a message intended for someone else (“Wing Chan”) who has a whole lot of money tied up in some account, but they think Wing Chan is dead and would he please confirm that? I assume that the victim is supposed to decide to commit a little fraud himself and reply, “No, I’m Wing Chan and I’m totally alive so give me all that money now please,” followed by the usual, “But wait…you have to wire us a bunch of money first.”

But what a twisty, turny, tricksy route they take to get there. It’s a real adventure, what with the two “gentle men,” the throat cancer and the involvement of the International Monetary Fund.

Here’s the thing about the IMF: I’m fairly certain they don’t handle individual estate accounts for anyone living or dead or allegedly dead. They don’t mention it on their own website.  They deal with financial situations in and between nations. $12.5 million is a lot of money to most individual people. To the IMF, it’s like a nickel dropped down a storm drain. They’re not going to get involved.

So yes, this is an obvious example of spam. I wanted to show it to you, though, because it’s kind of weird. As always, “do this to claim your free money” is forever a scam and always has been.

Nigerian 419 email scams live on

I saw this one just today. It’s a doozy:

From: The Desk Of Mr. James Dike
Reference: GTBank Plc.
Address: 402, Lagos-Abeokuta Expressway, Abule-Egba, Lagos State, Nigeria.

Attention: $10.5M ATM Fund Beneficiary,

I am Mr. James Dike, the new appointed ATM Head of Operation Department Guaranty Trust Bank Nigeria PLC, I resumed to this office on the 1st of this month and For your information i have been empowered and instructed by the new elected President Federal Republic of Nigeria Gen. Muhammadu Buhari to pay all outstanding debt payment to the rightful beneficiaries and summit my payment report to his office with immediate effect and any payment that is not paid before the end of this month will be cancelled and the fund will be returned to the Federal Reserve Oil Account.

So, during my official research last week I discovered an abandoned ATM Master card valued sum of $10.5Million with card number 5321452123409380 belonging to you as the rightfully intimate beneficiary. I tried to know why this card have not been released to you but I was told that the formal ATM head of operation who left this office two months ago withhold your card for his own personal use without knowing that I will not approve or support him to take your card.

Now that your ATM Master card is still available for you to pick it up here in our bank. I want to know how you wish to receive your ATM card along with your four digits pin code number. You can come down here in our bank to pick up your card direct from my office or alternatively it can be send to your address through any registered reliable courier service company that you will take care of the courier charge. I don’t know the cost of shipping the card to you but if you permit me I can make an inquiry from the courier shipment company to find out the cost, but in that case you will be required to forward to me your shipment address to enable me find out the shipment cost to your location.

Your direct telephone number and address will be needed and more details of your ATM Master card payment will be made known to you as soon as I receive your swift positive response, to enable you know the amount programmed for your ATM Master Card daily withdrawal.I will send your ATM master card information including your Card Pin Code as soon as you declare your choice of receiving your ATM card so as to enable you receive your card and start making use of it to withdraw at any ATM card machine all over the world as programmed.

Do not hesitate to call me on +234 802-850-0459 as soon as you read this mail.

Thanks for your co-operation.

Yours Faithfully,
Mr. James Dike
ATM Head of Operation Department
Guaranty Trust Bank Nigeria Plc.
Tel: +234 802-850-0459.

A lot of us have become jaded when it comes to the old Nigerian 419 scam. Even though this one takes a different angle and doesn’t mention an exiled prince, for many of us, it’s easy to see through. We probably wouldn’t even read it…”$10.5M” in the subject line would be enough to trigger our “delete” reflex.

But somebody still falls for it. If they didn’t, these emails wouldn’t happen anymore. So while you may have become almost flippant about the Nigerian 419 scam, remember that there are still people who haven’t heard about it yet. If someone you know starts talking about an impending payout from a mysterious source, or mentions their plans to wire money overseas, it might be time to educate him or her.

Free Disney Vacation Scam Alert

If you haven’t already, at some point very soon you are going to see this image on Facebook:

2015-07-17-disney-scam

The hook is this: like the photo, share it, then visit a website to enter a contest for a free Disney World vacation.

Here’s the problem: the Facebook page this image resides on is NOT the official Disney World page. It is an impostor designed to trick users into liking the page. Once enough people have done so, the page content will be changed to push other scams into the news feeds of the people who liked the Disney page.

Now, why am I such a downer? Why am I trying so hard to make people sad? How do I know it’s a fake Disney page?

Well, look at this screenshot for a moment (click to see it full-size):

2015-07-17-disney-scam-02

Do you see what it says next to the profile picture? I’ll zoom in a little so you can read it better (click for full size):

2015-07-17-disney-scam-02a

It says “Walt Disney-World.”.

Notice the dash.

Notice the period.

Notice the category: “Transport/Freight.”

Notice the lack of the blue “Verified Page” checkmark next to the name.

Do you think for one moment that a company the size of Disney would have ITS OWN NAME written incorrectly on its own Facebook page? Look at any official Disney website or product. Do you see “Walt Disney-World.” anywhere?

Do you see Walt Disney World train cars and semi trailers all over America’s railroad tracks and roadways, delivering jars of pickle relish and car parts and textiles? No? That’s because Disney World is a theme park, not a transportation and freight business.

Do you believe Disney World’s official Facebook page would have 20,000 likes (as of today) and ONE lousy post? And no link to the official Disney World website?

These, and a dozen other points, are your free ticket to knowing that this Facebook page and offer are a scam.

Go look at Walt Disney World’s official Facebook page. Notice:

  • 14 million likes
  • The name is correctly punctuated (which is to say there is NO punctuation)
  • The category is listed as “Theme Park,” which is correct
  • The checkmark next to “Walt Disney World.” This means Facebook has verified that the page is official. You can hold your mouse over the checkmark and a little window will pop up that says “Verified Page”
  • Posts going back to 2009
  • Multiple posts, pretty much every day

I’m taking a pretty emphatic tone because I want people to stop falling for fake Facebook pages. I’m tired of seeing people I know get taken in by this stuff because it helps crooks spread spam and fraud to millions of people. If you see this photo and post in your Facebook newsfeed, please do the following:

  • DO NOT SHARE, LIKE OR COMMENT ON the page yourself
  • Tell whoever shared it or posted it that it is a scam and that they need to unlike the page right away; point them to the real Disney World page if they don’t believe you
  • Go to the fake page and Report it as fraudulent to Facebook
  • Share this article, or this one from the Consumerist if you can’t bring yourself to take my word for it

I don’t Facebook much anymore, but I’ve always lived by an “If it’s being shared a lot on Facebook, it’s probably not true” code. It’s a pretty accurate rule, and the stuff that IS true you’ll hear from credible sources eventually anyway.

 

 

Heartbleed is the name of a bug, not a virus

The Heartbleed Bug was a major story not that long ago. Lists of affected websites circulated with instructions to change your passwords if you had accounts at those websites.

In the whirlwind of online news articles, a lot of jargon got tossed around that the average computer user may not be familiar with, and any time there is a knowledge gap, scammers can and do take advantage of it. Spam emails began to circulate claiming to include a Heartbleed removal tool that was, naturally, a malicious program itself. The attachment, if opened, installed a keylogger on victims’ computers, which could transmit sensitive information to criminals. Symantec has a fine article about this particular attack.

Of course, if you’re an old hack hand at Computer Stuff like myself, you already knew that Heartbleed was a bug affecting servers, not a virus. But not everybody is familiar with all these terms, so I decided it would be useful to explain some of these concepts in layman’s terms.

DATA is digital information. If you’re looking at a website, your computer is taking data and presenting it in a readable, watchable, or listenable way. You’re looking at data, which happens to be mostly in text form, right now. When you have an account at Amazon or Facebook (for example), your username and password are part of your personal data, which is the stuff you don’t want being accessed by anyone but yourself. Websites keep this kind of data on servers that use various software to make it (hopefully) impossible to access by unauthorized people.

SERVER is a big computer where data is stored. When you watch a video on YouTube, the digital information that makes up that video is stored on an incredibly large computer, which transmits that data to your computer, which turns it into a video you can watch. Companies such as Facebook and Google have multiple servers that fill entire buildings. Your employer may have a smaller server that looks like a regular desktop computer, which hold all the business’s customer data, and only employees have access to it. Same concept, different scale.

OpenSSL is a particular type of server software that was affected by the Heartbleed bug. You know how your desktop computer runs Windows or MacOS, and your phone runs Android or iOS? OpenSSL is pretty much the same type of thing for servers. Your home computer uses Windows or MacOS to do home computer things, some (but not all) servers use OpenSSL to do server things, like store huge customer databases.

BUG is a flaw in a piece of software. You know how sometimes you download some goofy free app on your phone, and it works for a few seconds then crashes? That app has a bug that makes it function improperly. In the case of Heartbleed, the bug was a security flaw that potentially opened up account information (such as encrypted passwords) to hackers.

ENCRYPTED data has been scrambled in a way that unauthorized persons cannot access it. Servers don’t just store your username and password in text form because it would be too easy for someone to just steal the file and open it. They use complicated methods to make sure that, even if someone got the file, they wouldn’t be able to read it. (At least, this is how it would always work in a world without security bugs like Heartbleed; this is why you had to change your passwords at affected sites after the bug was fixed.)

HACKER: a person who breaks into computer networks. This in and of itself does not make them bad…many are actually hired to break in, in order to highlight security flaws so they can be fixed. Some use their skill for criminal purposes.

These are pretty simplistic explanations, but I think it’s important to at least have a concept of what these terms mean, so that when you read an article that says “security bug affecting servers running OpenSSL versions etc…” you can at least understand that they’re talking about software you’re NOT running on your home computer, and to ignore any emails offering a fix because Heartbleed wasn’t a virus in the first place.

But you’re not going to open attachments in any unsolicited emails, anyway, are you? If nothing else, remember this First Principle: “If you didn’t ask for it, don’t click on it.”

Credit Card Scam Alert: Ignore that offer from AmTrade International Bank

There is a new scam showing up in mailboxes.

It takes the form of an offer for a “secure” credit card, and it targets people with low credit scores or other financial issues.

A “secure” credit card is a credit card where the cardholder puts up some of their own money as collateral against the credit line. It allows lenders to extend credit to higher-risk consumers at a lower annual percentage rate, and can actually be a good tool for rebuilding credit (timely payment of debts makes up a large portion of your credit score). We actually offer a secured credit card here at REGIONAL. They’re a legitimate financial tool.

Except for when they’re used as the basis for a scam.

This one comes from AmTrade International Bank, with an implied connection to Credit One Bank, N.A. (there is none). Victims select a card with either a $1,500 or $3,600 credit limit, and then send in $500 or $900 (respectively) as “collateral” for the credit lines.

And the credit cards never arrive. At its core, this is the simplest form of scam: take money, disappear.

This exact same scam showed up earlier in the year, from Freedom 1st National Bank, which also implied a link to Credit One. In both cases, victims instantly found themselves robbed of either $500 or $900.

If you get offers for pre-approved credit cards in the mail, it is vital to verify all claims before making a purchase decision and sending personal information and money.

In fact, I’ll just put it out there now: don’t respond to unsolicited pre-approved offers for “secure” credit cards, at all.

Also, never just send money to an unknown entity, for any reason.

This scam is going to keep popping up, with different fake banks running it each time, and law enforcement is going be playing whack-a-mole for quite some time. In the meantime, it’s on each of us to look out for ourselves.

Read more: