Tag Archives: Scams

Avoiding Charity Scams

I sometimes repeat myself, and occasionally I’ll say something I’ve said before, too. But even if you’ve read or heard about charity scams before, it never hurts to have a quick reminder. It’s already November, and charitable giving comes up a lot this time of year.

I’ll keep it short: decide in advance which charitable organizations you wish to support instead of waiting for others to approach you. If you’re looking for a new cause, research before you donate.

When you already know whom you’re giving to, it makes it much easier to turn down those who call or email out of the blue because you won’t feel pressured. You can explain to callers that you’ve already done your giving for the year (and you can just ignore emails—I would hesitate to trust an out-of-the-blue request via email).

If you’re checking out a new charity, the go-to resource is CharityNavigator.org. This website tells you how much a charity spends on marketing and how much money makes it into their programs, gives executive salaries and other financial information, as well as an overall rating of the organization. No mainstream charity manages to have 0% operating expenses, but if you see one that devotes 99.5% of its revenue to salaries and marketing, with only 0.5% going toward programs, you know it’s one to avoid.

Pension Advance Schemes

If you receive monthly payments from a pension, settlement, lottery winnings, or other similar source, it’s a good idea to be aware of schemes that offer a lump sum cash payment in return for some or all of your income.

There can be good reasons for considering it. Living on a fixed income, such as Social Security plus a modest pension can make an unexpected expense (medical event, major house repair, etc.) difficult to pay for. By exchanging some of your pension payments over a certain amount of time for cash, you can cover those expenses without completely upending your life. It’s rarely an ideal situation, but it can work out.

(It can work out. It doesn’t always work out. It often doesn’t work out.)

It is extremely important to know exactly what you’re agreeing to before signing anything. No matter what language it’s dressed up in, these plans are loans. They are giving you a certain amount of money, and you’re paying back a larger sum over time.

There are a lot of companies offering this type of product, and I’m sure some of them aren’t actively trying to inflict harm. But there are tons of unscrupulous lenders offering pension advances that thrive by ripping people off.

Before jumping into a pension advance, I first would recommend looking for literally any other option. Got a credit union nearby? Start there. Ask about a personal loan.

If you really still want a pension advance, go in with the understanding that you are getting a loan, and proceed with extreme caution. What is the effective interest rate you’ll be paying? Some pension advance schemes are effectively charging a nearly 100% annual interest rate. If they deny that it’s a loan or won’t tell you a rate, walk away. Exactly how much will they take each month, and for exactly how long will you be paying them back? Get everything in writing, and the second something seems fishy, bail out and do not proceed any further.

What is Affinity Fraud?

At the beginning of Side 3 of Grand Funk Railroad’s 1970 Live Album, Mark Farner shirtlessly tells the audience this (edited for clarity):

Brothers and sisters, there people out there that look just like you, or maybe your brother…but they’re not. And when they hand you something, don’t take it. Don’t take it, okay?

Now, Mark was referring to the kind of party supplies that might circulate at a rock concert in 1970, but he also could have been talking about affinity fraud almost fifty years later.

Affinity fraud targets people who are members of a group, and uses that group identity to lure victims into the scam. Some of the most common targets are religious groups or church members, people with a shared ethnicity, or those who have served in the military. The con artist will be a member of the targeted group, or will claim to be, and attempt to recruit others to help bring in more victims.

Generally, these scams take the form of phony investments or Ponzi schemes.

There are a variety of ways to identify affinity fraud. Here are a few things to look for:

Is the person offering the investment using membership in your group as his “in?”

A shared identity can be a great way to build community, but remember that the human tendency to trust those we see as similar to ourselves can be used against us. Just because someone claims to be a member of your group doesn’t mean they are. There is no physical barrier to lying; “I’m the same as you” can be uttered by anyone, whether it’s true or not.

Are the investment materials (brochures, flyers, etc.) filled with symbols or phrases familiar to your group?

A con artist targeting members of a church might festoon his written information with symbols or scripture (some even go so far as to imply that the “opportunity” has been sent from above). On the other hand, a scammer going after veterans might use flags, ribbons or eagles. Humans are emotional, and we respond strongly to symbols, but be cautious around any kind of investment offer that seems to be hitting those symbols a little too hard.

 Are the promised returns extremely high, or is the investment presented as guaranteed or having little-to-no risk?

Real investments carry risk. There is always a non-zero chance you will lose some or all of your initial investment. An investment presented as “risk-free” or “guaranteed” is always going to turn out to be a scam, because that’s not how investing works. Any investment promising double-digit returns is to be taken with a grain of salt.

Do the returns hinge on you recruiting others into the fold?

That’s a Ponzi scheme. You will lose all of your money.

Is the broker licensed to sell investments?

Never invest through an unlicensed broker. Whatever your (or your group’s) opinion of regulations, licensing requirements, or government in general, anyone selling investments without a license to do so is breaking the law. What other laws is this person willing to break? What about the ones that make stealing illegal? And don’t fall for excuses like, “I’m not licensed because the government doesn’t want your group to have access to this amazing opportunity,” either. That’s just someone stoking your emotions to goad you into action.

The U.S. Securities and Exchange Commission has a nice PDF available for download that goes into more detail about affinity fraud and how to report it to the SEC.

(However, it doesn’t contain a single reference to Grand Funk Railroad. You gotta read my articles for those.)

Greed and Fraud

A few weeks ago, I posted an article about the relationship between fear and fraud. Basically, if someone is trying to make you afraid, then asking for money or personal information, it is very likely that they are trying to steal from you.

There is another emotion that scammers will often prey upon: greed. That all-too-human desire to get something for nothing, and to be the one with the most.

The most obvious example I can think of is the old Lottery Scam. By stoking greed with the promise of vast, out-of-nowhere riches, the perpetrators of this scam hope you won’t notice how suspicious the hoops they’re asking you to jump through are. The promise of millions of dollars is misdirection; while you’ve got your eyes on the prize, you might not remember how unwise it is to wire a few thousand dollars to a stranger, or that “cash this check and wire the money back to me” is a weird request to begin with.

Other examples include the Car Wrap Advertising scam, the Pigeon Drop scheme (“I found money, let’s share it!”), and of course the old Nigerian 419 scam (“I’m an exiled prince; help me retrieve my fortune and I’ll share it with you,” which at this point isn’t even a “classic” scam; it’s positively an antique).

It’s the same tip as with fear: if someone is trying to spark greed, then asking for money and/or personal information, they are trying to scam you.

Fear and Fraud

Humans are an emotional animal. No matter how advanced our technologies or societies become, no matter how objective or logical we believe we are, primal emotions can still affect our behavior, and when someone manipulates those feelings into a heightened state, we find ourselves at risk of making mistakes.

Many types of fraud work by stoking one of our most basic emotions: fear. The assumption goes: if you can make someone afraid, they’ll believe anything you say, even if it makes no logical sense.

Here is a list of several common scams and how they use fear to trick victims into handing over money or personal information:

  • Phishing: uses the fear of losing access to money (“your debit card has been deactivated”) to trick victims into visiting a website that harvests personal information
  • Medicare scam: uses fear of losing access to health care to convince victims to reveal personal information
  • Tech Support scam: uses fear of malicious software to trick victims into handing over control of their computer
  • IRS scam: uses fear of imprisonment to get victims to load prepaid gift cards, then pass along the card information to the scammer
  • Missed Jury Duty scam: uses feat of imprisonment to obtain credit or debit card information
  • Grandparent scam: uses fear of loved ones’ safety to lure victims into wiring money or loading prepaid cards with cash
  • Lottery scam: mostly appeals to greed (another primal emotion), but also stokes fear of missing out on a once-in-a-lifetime opportunity to trick victims into falling for a counterfeit check scheme
  • Ransomware: uses fear of losing access to important files to extort payments from victims

In other words, a lot of scams operate by inciting fear.

The key is to understand that the use of fear is an extremely common (if not the most common) tactic, and to be able to recognize when someone is trying to make you afraid. This requires a certain amount of self-awareness, and I’m not really sure how one goes about developing that, other than to just slow down and take a moment whenever a stranger is presenting you with alarming information, instead of reacting immediately.

Unless they’re shouting “duck!”

$500/week to wrap your car in ads? Better think again.

I still haven’t encountered anything that contradicts this fraud prevention axiom:

“Cash this check then wire the money back to me” is a sure sign of a scam.

It’s a fairly easy pattern to spot when it comes to things like lottery scams, because the scammers almost literally use that exact wording. But there are other times where the “wire the money back to me” stage is a little more obscure.

One such case is the Car Wrap Advertising Scam. Below is a scan of an actual letter used to initiate this scheme after the would-be victim responded to a random email or text message offer. This letter came with a cashier’s check for $2,390.00 (click to enlarge):

In this case, they’re not directly saying “wire the money back to me,” but they are telling you to give it to someone else, in the form of setting up a payment to a “Decal Specialist.”

What happens when you contact this person? You’re instructed to wire the money from the check, which will eventually be returned as fraudulent, putting you on the hook for the cash you gave away. It’s the same pattern as a lottery scam, only with an additional step in between.

One reason this scam continues to work is that there are actual wrapped cars out there. We’ve all seen them. However, even in cases where these aren’t company-owned vehicles, legitimate car wrap advertisers share certain features:

  • They don’t randomly contact you out of the blue via text message or email
  • They don’t take everyone who applies; they’ll want to know how far you drive each day, where you drive, what kind of car you have, and your driving record
  • They’re not going to pay you $500 per week. About $1,000 per month seems to be the ceiling, and that’s for absolute ideal (for the advertiser) circumstances (i.e. you drive hundreds of miles per day in an area extremely densely-populated with people within the ad’s target demographic; I’m guessing your car has to meet certain visibility criteria as well, because I’ve mostly seen these ad wraps on lifted, customized 4×4 pickups)
  • You don’t pay them at any point, and you’re not responsible for passing along money to whomever applies the decals (“Hey stranger we’ve never met in person, here’s a few thousand dollars to give to someone else for us. We’ll just trust you to not keep it.”)

If you’re truly interested in turning your vehicle into a billboard, there are a few links to apparently legitimate agencies in this Penny Hoarder article. But before you act on anything online, be sure to do a lot of research first, and always get in writing what you are agreeing to do and how you will be compensated. If it’s too easy to get the gig, it’s probably a fraudulent offer.

Spear phishing

The standard-issue phishing attack relies on sheer numbers as the key to its success; by sending tens of millions of emails, the chances of hooking a few thousand victims is pretty good, regardless of how sophisticated the message itself is.

But there is another type of phishing attack, known as spear phishing, which exchanges quantity for quality, by using insider information to target businesses. Spear phishing attacks are smaller in scale but arguably more effective than their poorly-spelled, randomly-selected cousins.

In a spear phishing attack, you might get a message at your job that appears to come from someone you work with, often a member of management or from another department. This message may request information about financial accounts, login and password information, ask you to open a file or link, or ask that you authorize a wire transfer from your employer’s account. If you comply with these directions, you will make your company vulnerable to financial or data loss.

Most established businesses have a website that reveals the names of management, the board of directors, and people from various departments, which gives would-be cybercriminals the information they need to impersonate an insider.

Communication is the key to preventing spear phishing attacks. Think about any request received via email – is this how the head of the IT department or the CEO really talks? Why are they sending you a file out of the blue? Is it your job to initiate wire transfers? The best defense is to simply confirm with the apparent sender if the message is legitimate or not. Spear phishing attacks use some of the same techniques as regular phishing emails, such as disguised links or infected file attachments. It pays to double-check before you take any action.

Mystery Shopper Scams still exist

There are a few things you can always depend on. Light travels at 299,792,458 meters per second in a vacuum. Objects at rest will remain at rest unless acted upon by an outside force. “Cash this check and wire the money back to me” always equals “scam.”

I haven’t written about it in a while, but the old Mystery Shopper Scam and its variations are still out there. It’s time for a review.

The “classic” version of this scam starts with a job offer emailed out of the blue. If you respond to this message, you’ll be immediately “hired” as a Mystery (or Secret) Shopper. A cashier’s check for a fairly large amount of money (the old ones always seemed to be around $2,900, but there is a lot of variation) will arrive a short time later, with these instructions:

  1. Cash this check at your bank, keeping $100 or $150 for yourself
  2. Take the rest of the cash to the nearest Western Union location
  3. Wire it back to me
  4. Report on the customer service at Western Union

If you follow those instructions, a few days later you will be informed that the check you deposited was counterfeit and that you are now on the hook for the money you received in exchange. Unfortunately, you already wired that money to a stranger and can’t get it back.

Now, things are getting a little more difficult for the scammers. Financial institutions are placing more holds on cashier’s checks and are asking more questions to protect their customers, and after being slapped with a $586 million settlement for essentially letting these scams proliferate for so many years, Western Union is finally doing more to prevent this type of fraud.

But that only means this scam has evolved to work around these problems. Instead of Western Union, some versions involve prepaid gift cards (“cash the check, then buy iTunes gift cards and relay the numbers and PIN to me”), overpaying for purchases from online classifieds (“just wire the extra back to me”) or targeting businesses instead of individuals.

Still, the basic mechanism remains: if someone gives you a check and requests that you convert it to cash (i.e. placing the liability for that check’s authenticity on you, then transfer the money back to them electronically, they’re attempting to steal from you. Regardless of the initial pitch, the pattern holds true. Don’t fall for it.

Defeat phishing attacks with bookmarks

Email phishing attacks are improving.

I mean the attackers are improving. They’re wising up to the fact that actual financial institutions and social networks send emails that are (at least mostly) intelligible, and adjusting their approach accordingly.

You still see plenty of phishing emails with atrocious spelling and weird grammar bordering on word salad, but there is a growing trend toward messages that could be mistaken for legitimate communications, even by someone who is well-informed. As potential victims become more sophisticated, so do the criminals.

One way to defeat phishing attacks is to set yourself up to never use links at all. For every single site you log into – financial institutions, credit cards, social networks, online shopping – create a bookmark in your web browser, and get in the habit of always using that link to log into the website.

That way, if you get an email that looks like it might be real, instead of clicking on a link (or even spending time wondering if you should or not), simply open your web browser and use your already-created bookmark to log into the website of whomever the email purported to come from. If there’s a real message or problem, you’ll find out about it there.

Avoiding Fraudulent Debt Collectors

Debt collection generally works like this: a creditor who can’t devote the necessary time and resources needed to recover funds from old delinquent loans sells those debts to a collection agency, often for pennies on the dollar, to cut their losses a little. That agency, which now owns the debt, contacts consumers and tries to negotiate at least partial repayment.

Naturally, there are also con artists posing as debt collectors, attempting to obtain money, personal information, or both from victims. There are also collection agencies who stray from established, legal methods in order to collect legitimate debts. Here are six warning signs to watch for.

They’re trying to collect on a debt you don’t owe

Unscrupulous collectors will sometimes contact people with the same name as the actual debtor, or even settle for someone with a similar name. An outright scam artist might simply invent a debt out of thin air, or threaten random people in hopes that someone will pay out of sheer terror. In any case, never agree to pay a debt you don’t owe. Ask for a written validation notice. If they refuse, that’s a sign of trouble. Get as much information as you can about the agency, and report them to the FTC.

Important Note: collection calls for debts you didn’t incur can also be a signal that you have been a victim of identity theft. If you’ve received such a call, it may be time to check your credit report if you have not done so recently, to look for anything that shouldn’t be there.

They’re threatening you with arrest, lawsuits, or violence

For the most part, debt collectors are allowed to inform you that you owe a debt, provide proof that you owe it, state to whom the debt is owed, and present options for payment. They are not allowed to threaten you with arrest or legal action, and they’re especially not allowed to threaten physical harm to you or those around you.

They’re demanding personal information

Even if you actually owe money, there is no reason for them to ask for personal identifying information or account numbers over the phone. It’s one of the core rules of fraud and identity theft prevention: never reveal personal information to a stranger who contacted you out of the blue.

They won’t give you any information

If the caller won’t tell you the name of the agency, to whom the debt is owed, or anything else about whom he or she represents, be very suspicious. A legitimate collector will be transparent about these things, presumably because they want to actually collect on delinquent debts and stay in business, instead of being shut down by the FTC.

They’re calling in the middle of the night

This applies to a lot of other types of calls, but if they’re calling you before 8:00 a.m. or after 9:00 p.m., you have every reason to suspect either a scam or a rogue debt collector. There are rules about when they can contact you by phone. It’s kind of like putting yourself on the Do Not Call registry; if they’re already violating one rule, what else are they up to?

They keep calling after you’ve told them not to

Even if you’ve got a legitimate debt, you can still tell a collector to stop contacting you about it. Usually you will have to provide this request in writing, but once you do, they’re supposed to knock it off. Of course, if they won’t even provide an address to send said request to in the first place, you already know something is fishy.

Resources

Learn more about debt collection scams:

Report a debt collector to the FTC:

File a complaint with the Indiana Attorney General’s Office: