Saturday, June 30, 2012

Internet Scam: You've Won a Prize

In this scam, the email claims there was some kind of random drawing on your email address and that you've won a prize - even though you never entered one. That is the tip-off. There are no prizes for random drawings you've not entered. There is just a scammer waiting to take your money (usually to pay "taxes" on the non-existent prize) and/or your personal financial information (usually by saying they need to validate your identity before sending the prize).

Notice how the below scammer, who sent this email today, falsified the headers and not understanding email headers, under 'Reply-To', put a phrase instead of a fake email address. The 'From' and the 'Received: from"' addresses do not match (which means they hijacked someone's server to send it out). And while it may look more official that you have to log into their "phishing" (pronounced "fishing") fake website, I would guess any login will work so they can get your information - SO DON'T TRY AND GO TO THE WEBSITE stated in the below scam email.
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 209.65.160.78) header.from=sales@public.ls.xz.cn; dkim=none header.d=public.ls.xz.cn; x-hmca=none
Received: from USDAL17.assaabloyhospitality.com ([10.243.2.17]) by usdal11.assaabloyhospitality.com with Microsoft SMTPSVC(6.0.3790.3959);
     Sat, 30 Jun 2012 05:28:02 -0500
Reply-To: [reply via website]
From: "Tina Dijkstra" [sales@public.ls.xz.cn]
Subject: reply via website 
Return-Path: [sales@public.ls.xz.cn]
Message-ID: <USDAL17PgrKGOFCnFEX000068a1@USDAL17.assaabloyhospitality.com>

Dear Email User,
This is to immediately inform you that your email address with Micros ID (Y2K-TB62-LTEC-YF82-9G) has won you $490,000 and a brand new ranger rover sports.Use the details below to login and immediately begin your claims.

WEBSITE     : www.ruidunelectrical.com
USERNAME  : rud23
PASSWORD : pkn4

Regards,
Mrs Tina Dijkstra
 Annoucer©.

Friday, June 29, 2012

Internet Scam: Banking Phishing Emails

Here is a great example of a banking "phishing" (pronounced "fishing") email. Even if you don't have an account with this company, you tend to want to click on the link to make sure some unknown debit is not going to be credited to your bank account. Tricky. I put in the email where the links really get redirected to. Always helpful to pass your mouse over a link and NOT click on it, just to see if the link displayed matches the link it actually gets redirected to.

Return-path: [ADPClientServices@adp.com]
Received: from [139.5.58.137] (account ADP_FSA_Services@ADP.com HELO 
From: "ADP_FSA_Services@ADP.com" [ADPClientServices@adp.com]
Subject: ADP Funding Notification - Debit Draft


Your Transaction Report(s) have been uploaded to the web site:
https://www.flexdirect.adp.com/client/login.aspx [Links to http://gizeminxsaat.com.tr/42enqxV20/index.html]
Please note that your bank account will be debited within one banking
business day for the amount(s) shown on the report(s).
Please do not respond or reply to this automated e-mail. If you have any
questions or comments, please Contact [Links to http://gizeminxsaat.com.tr/42enqxV20/index.html] your ADP Benefits Specialist.
Thank You,
ADP Benefit Services

Internet Scam: Fake Craigslist Sellers

Craigslist is crawling with scammers because so many people use Craigslist so it is a ready-made pool of potential victims for scammers. They have to work a little harder than just sending out millions of blind emails and then working with just those gullible victims who reply to them.  On Craigslist, they actually have to manually reply to ads pretending to be a buyer. Or, like below, they post free ads for something for sale (which doesn't actually exist as an item for sale) and then move those people who reply to the ad on to the next step of the scam.

Notice how the below scammer tried to use "phishing" by creating a fake invoice that looked like Amazon, hoping his victims would think - well, Amazon is safe. But it wasn't Amazon.

This is a great example of how scammers operate on Craigslist, when they themselves are posting ads for non-existent items.
This week I saw an ad on Craigslist for a tractor and the price was great. I sent a message and got a response from the seller. He wanted to handle the transaction through Amazon so that I could be ensured of getting what he said and that he would get his money; Amazon would act as the money-middleman. Since he was listed locally I said I would pick up the stuff and pay cash. He came back and said he "had just moved to Montana and had the stuff with him". Started being suspicious. I gave him my name, address, and phone number so he could set up the sale with Amazon. I got an email on Sunday from "invoice@amazons-support.com", another red flag. I went to Amazon's website to see how they handled this type of transaction, I couldn't find anything. So I found a link to ask questions on Amazon.com, one of the topics was fraud. I sent them a copy of the email on Sunday and got a response that they do not do transactions like this and they do not sell vehicles, which a tractor qualifies as being. I sent the guy an email that said, "Either someone is taking you for a ride, or you are trying to take me for a ride, but I will not deal with amazons-support.com since Amazon.com says it is a fraudulent site."  I never heard back from the guy.  Bottom line is, "If it seems too good to be true on the internet, most likely it is a scam."
Of course, the scammer doesn't care that this guy figured out his scam. He will quickly move on to the next potential victim. It's a numbers game to them. They will keep working the scam and really spend their time only on those people who are likely to fall all the way through the scam.






Thursday, June 28, 2012

Internet Scam: 419 Nigerian Scam

Could this story from this scammer be any longer? Geez, they want to KILL their victim with details. Notice all the references to things that would seem to verify the "story". Notice how the 'FROM' email address is different then the 'REPLY-TO' address.

This is a variation of the 419 Nigerian scam. In the typical scam, there is some inheritance from some wealthy person and the victim is walked through all these hoops to extract money out of them - typically explained as "fees" or "bribes" to release the inheritance. This scammer is skipping the Nigerian part and skipping the story where the money has to be released and pretending like she's already sent it somewhere - hoping that will trick someone into acting faster (but he/she did slip in some non-existent attorney has to go to DHL to get the money released, so the story is not that different after all).

This scam is always pretty easy to spot because the amount of the money is ridiculously high. But the scammer isn't seeking to spend their time on someone who can figure that out - they are seeking the most gullible of the gullible because they have a lot of steps to walk a victim through to extract the most money and they want to be sure to spend their time and energy on someone who will fall all the way through the scam.

Okay, I best post this before my comments get longer than the scammer's massive essay below.
Reply-To: [mariascoular@yahoo.com.ph]
From: "Mrs. Maria Scoular Norman"[wernermig@saol.com]
Subject: Contact DHL Express for Delivery of your Cheque

Dear,

Good day to you and your family today.

I am sure this mail would be coming to you as a surprise since we have never met before and you would also be asking why I have decided to chose you amongst the numerous internet users in the world, precisely I cannot say why I have chosen you but do not be worried for I come in peace and something very positive is about to happen to your life right now and to the lives of others through you if only you can carefully read and digest the message below. The internet has made the world global villages where you can reach anybody you have not met before.

Before I move further, permi t me to give you a little of my biography, I am Mother Mrs. Maria Scoular Norman, 87 Years old woman and the wife of Late Sir Milne Robert who died in a Plane crash on Monday the 7th of September 1998 GMT 14:22 UK while they were flying from New York to Geneva. Please see site below for more information. http://www.cnn.com/WORLD/91609/swissair.victims.list/index.html

After the death of my husband I became the Head of his investment and now that I am old and weak I have decided to spend the rest of my life with my family and loved ones whom I never had time for during the course of my business life, but before the death of my husband we had a plan to use the last days of our lives to donate half of what we have worked for to the less privilege and charity homes and the other half for ourselves, family members and close friends, and it is so unfortunate that my husband is not alive today to do this with me and I am very weak and old now, hence I have decided to do this philanthropic work on behalf of my late husband and I.

Presently, I have willed out almost half of our assets to several charity homes and to some of the less privilege in different countries. Despite the agreement between my late husband and I to give aid to the deprived, we also agreed to render support to an individual we have not meet before in life due to the fact when we were still young in life we receive an anonymous help from an individual we did not know and which we have not being able to know till date, the impact we got from such gesture made us to do same.

I am sorry to inform you that you will never have the chance to know me because I have just concluded the assignment which my husband and I have agreed upon before his sudden death and you happened to be the beneficiary of our last WILL, irrespective of your previous fina ncial status, hence I need you to do me a favor by accepting our offer that will cost you nothing.

I have presently deposited a Cheque in the sum of 5,1600,000.00 British Pound with DHL Express to deliver to you, what you have to do now is to contact the My Attorney as soon as possible so that he can go the delivery company to know when they will deliver your package to you because of the expiring date.

For your information, I have paid for the delivering Charge, Insurance Premium and Clearance Certificate Fee of the Cheque showing that it is not a Drug Money or meant to sponsor Terrorist attack in your Country.

You have to contact the DHL COURIER SERVICE now for the delivery of your cheque
with this information bellow;

Contact Person: Mr. Ronald Gates
Email: dhl_express@blumail.org
Tel: +44 703 197 9272

Again, you are not to pay for the delivering Charge, the Insurance premium and the Clearance Certificate Fee of the Cheque because I have already paid for them, the only money you are expected to pay is One Hundred and Sixty Great British Pounds (160GBP)for the security keeping of the cheque so far.

I would have paid the fee but the company insisted that I should not because they don't know when you will be contacting them and to avoid demurrage or further cost.

You are to reconfirm the below information to them to avoid any mistake on the Delivery.

Postal address;
Full Names:
Direct telephone number;

Below is the security keeping code: (FED/0433/SKC) of you draft, you are to also
present it to them for verification before delivery.

Let me repeat again, try to contact them as soon as you receive this mail to avoid any further delay and remember to ask them to provide you with the method they wish to use in receiving their security keeping fee of (160GBP) One Hundred and Sixty Great British Pounds for their immediate action.

Note: Please I do not want you to thank me or my husband all I need you to do is to invest wisely with it and do the same good to someone’s life someday as this is the only way this world would be a better community if we render selfless services to one another.

Be also notified that I will no longer be reading my emails or surfing the internet as I have retired completely from the outside world to my ranch, at this moment I have nothing to do with cars, emails and other luxuries, all further correspondence should be forwarded to the courier company for the delivery of your cheque to you.

Yours Faithfully,
Mrs. Maria Scoular Norman

Smartphone Scams

With everyone carrying around a smartphone these days, it will be no surprise that scammers have been targeting this lucrative segment of their potential victim audience.

The typical scenario is where scammers are creating apps for popular things people would download (like a photo editor or a video player), and embedding code inside the app that takes over control of the phone's texting and - much like it's email counterpart, begins sending out scam text messages to everyone in your address book. And because it is coming from your phone, the person receiving your text is likely to believe it is for real and go to the link provided in the text and thus continue to spread of the scam.

Often the result of acting on the scam text will lead to high cellphone bills at the end of the month or being signed up for regular monthly charges that can be hard to remove.

So be careful to only download apps you are familiar with, from a familiar source and one that has been well "vetted". Ignore text messages from your friends that look "hacked" (saying you've won a gift card or telling you to go download this app at a link you don't recognize). Call them on the phone and verify they in fact sent the message before acting upon it.

And there are a growing number of security apps you can download that scan for viruses and the such on your smartphone. See if one of these are appropriate to keep your smartphone safe from scammers.

Internet Scam: Re-Shipping

Here is how this one works (it has several victims tied into it): a person applies for a job online, with some innocuous title, like shipping assistant or even administrative assistant. It is always with someone from outside the country and what they want to do is ship goods to you and send you labels, etc so you can ship them elsewhere. They'll have some half-plausible story as to why they need to do this.

But what you are really doing is receiving stolen goods that they have purchased with stolen credit cards and re-shipping those stolen goods elsewhere for them. Instead of a job, you are now partaking in a criminal activity.

And for the final slap in the face, the scammer will promise to pay you monthly but when the first paycheck date arrives, they will either dump you a day or two before or they will pay you with a fraudulent money order check and then disappear and seek their next "assistant". The authorities rarely find the scammer but do find the person or people doing the re-shipping. The other victim in this scam is of course the owner of the stolen credit card number as the scammer racks up purchases until that number is closed down and then they move on to the next stolen credit card number they have.

Today in the news, in Michigan, two couples in one town now face fraud charges for receiving stolen goods and shipping them elsewhere. The police thought the cases must be connected but it turns out they were not connected at all. Both couples had applied for online jobs and didn't realize what they were doing was a criminal activity. Their scammer said he was from India, but who knows where he really was from. The couples said they made about $200-$300 a month but "the man told police they had been reshipping packages for about a month and had not yet been paid." Classic. The police found out because the owners of the credit cards had reported the fraudulent purchases on their cards. At their home, the police opened packages that arrived from Hong Kong and in both cases of the couples, the purchases were iPads and computers. The other couple had packages waiting to be re-shipped to Russia.

Then it appears the one woman must have understood what was happening because her "employer" sent her a credit card in her name and she purchased a computer, 2 iPads, and paid some personal bills before "destroying the card". Huh. She must have known what she was doing was illegal. The other couple seem more clueless. The police charged the one couple who seem to know what they were doing with fraud and receiving/concealing stolen property and the investigation into the other couple is continuing.

So. There is no such thing as a legitimate online job where you are being asked to receive and then re-ship goods, or receive and re-mail money orders elsewhere, especially out of the country.

Wednesday, June 27, 2012

Anti-Scam Samurai is a Lot of Pressure

Sometimes it feels like me against the enormous invisible endless sea of Internet scammers. I know this is not true, and that I am not alone. But sometimes it feels that way.

Internet scammers came into my life really at the very beginning of the Internet. I was on the band wagon from the very first day. In fact, I was the first woman SYSOP in California on a system that pre-dated the Internet, called rBBSnet. It was kind of a store-and-forward system for email. We thought it was lightning fast at the time. I laugh about it now. Good times. But not so fast times, by any means.

As someone who has had a technical life since 1983, it was natural that people would turn to me when the Internet days took off like so much fireworks, to figure out if the emails they were getting were for "real". It took a while for the scammers to really get with the idea that the Internet was going to be their new frontier, but once they did, it was like cockroaches entering a whole new dreamy yummy environment - and to one degree or another, they were never going to leave ever again. They are adaptable buggers.

I've been happy to help people figure out scam emails - in "guestbooks" in the early days, on AOL chat rooms (oh, how I date myself!), in forum message boards. Then one day not that long ago, I got 5 emails in one day from fellow artists who had all lost between $1000-$5000 each to scammers, writing to me too late, and it hit me all at one time - how many emails had I received over the years? 5,000? 10,000? more?

I realized it was time to do something on a larger scale.

The authorities weren't going to do anything. Scammers love to stay under the radar and in countries where it is hard to prosecute them. I knew that scammers were using the Internet to pretty much get a huge number of victims for literally no cost (quite an improvement over the old days of actually having to send some kind of mailer through the postal system or make an actual phone call). So I decided I would use the Internet as they do, by bringing their emails, their activities, and the nature of their scams out into the light - post them publicly, get others to post what they receive, have it all show up in search results. Then we just have to educate people to search online BEFORE sending any money to anyone, or giving up personal financial information or passwords. That's the plan. The Samurai Plan.

And so my life as an Anti-Scam Samurai began. I lead my little army and we post everything we can. I started by helping friends, clients, and artists - they are my "people", but a scam is a scam is a scam and scammers don't really care who they target, so my efforts have expanded beyond helping artists.

At first, I began a list of scammer names and emails addresses on my art website. Scammers fake all their names and use disposable email addresses but I still wanted to make this list so it would show up in search results if someone was searching on it, and confirm for that user that it was indeed a scam. I wanted more interactivity, so I started a blog, called Stop Art Scams. I post scams that people send me and everyone jumps in on the comments and shares their experience related to that scam. It all shows up in search results. It really has helped a lot of people not become scam victims. I felt good about that but not so great about continuing to receive emails from people who had actually lost money to scammers. So next I opened a page, also called Stop Art Scams, on Facebook. Even more scam information shows up in search results. Yea! Even though it says Stop Art Scams, we really do welcome all Internet scam posts to share.

And now I realized I really *do* need to expand beyond helping artists and reach even more people. I want to make the life of an Internet scammer as difficult as possible. So now I've written a series of books that will be sold on Amazon and at KTMObooks.com. (yea, I could give them away, but I don't want to be living in a van down by the river, if you know what I mean...)

The first book to be published, Volume 1, is called Top 10 Email Scams. It describes each scam, how they work, how to recognize them, and how to avoid them. It also provides information on what to do if you do become a victim, and how to deal with (and avoid) identity theft. There are more than 10 email scams to cover, so I created a second volume of more email scams important to understand and avoid. Volume 2 is called More Email Scams. The third volume covers the scams that are prevalent on the social media platforms, such as Craigslist, eBay, Facebook, Twitter, etc. Volume 3 is called Social Media Scams. and I'm currently working on Volume 4, while I work to release Volumes 1-3. The whole series is called Internet Scams Revealed. My goal is to educate, educate, educate, and see if all of these efforts will continue to have some impact on reducing the success rate of Internet scammers.

And that, my friends, brings me to this blog. A blog started in order to support the books and further provide another place where people can post their scam experiences (not just art related). I'm sure I'll write about other topics down the road, and this blog will be for all of my writings, but I am the Anti-Scam Samurai so this will always be a safe place for people to come share their scam experiences. You can post anonymously if you want (however all comments are moderated and not all may get through).

I have also launched another Facebook page, KTMObooks on Facebook. It will be for all of my writings, even if I write about other topics down the road, but will also always be a safe place for people to come and share their Internet scam experiences and emails. The point is to spread the word far and wide so when someone has that gut feeling that something is not right with a person they are dealing with online, they can search and hopefully something somewhere will come up and validate their concerns and help them to identify it as a scam before they lose anything, including their dignity.

Take out your swords. Let's continue to make Internet scammers scramble and work harder at their crimes. Let's shine a light on them. Welcome to the battle.

- Kathleen