Thursday, June 20, 2013

Craigslist Apartment Scam

You must be careful when looking for apartments to rent on Craigslist. Craigslist is FLOODED with scammers. Some pretend to be buyers and try and trick people to wiring them money (they pretend to buy, then overpay, then say oops - send the extra back via wire transfer, when the original payment all along was counterfeit) or they pretend to be sellers and have NOTHING to sell, but just make up ads and steal photos from elsewhere on the internet or on Craigslist. In the apartment scam, they try to get upfront deposits for apartments that exist but they have no association with - and no ability to rent or not rent.

Here is a CLASSIC setup in Craigslist. The potential victim (who luckily did not become a victim) replied to an ad for an apartment for rent on Craigslist. Not only do they go for that upfront payment, they also try and collect a lot of identity information while they are at it.

How to avoid this? NEVER ever ever ever do wire transfers. That is how these scammers get money in these scams. Once they pick up that wire transfer (which they do VERY quickly), the money and the scammer are untraceable - and gone.
From: Lucas Wesley (wlucas89@yahoo.com)
Subject: Re: - $530 Room & Private Bath-Available (berkeley)

Thanks for your interest in my apartment. The apartment is available for long term & short term lease is also acceptable. The building is in a great location situated in the quiet and safe area and offers secure .

Its a spacious and lovely 2-bedroom fully furnished apartment with utilities included. The kitchen is well equipped.Utilities and Equipments: Kitchen well equipped(microwave oven, Dish washer, blender, Cocktail mixer, Sandwich maker, stove e.t.c), all utilities included such as Internet facilities,Parking space, e.t.c

I tried to look for an agent that I could give the document & the keys before I left but could not find any as a matter of urgency. And I don't want home misused in my absence that is why I took the keys and documents along with me. So I hope you will promise me to take very good care of the apartment always.

I have the keys and the apartment documents here with me and I will be shipping it to you through DHL courier service after processing your application form. Attached are the interior pictures and if you like it and willing to proceed with the rental. I will like you to fill the form below and email it back to me asap for processing.

RENTAL APPLICATION FORM

FIRST NAME:__________
MIDDLE NAME:__________
LAST NAME:__________
(CELL)PHONE__________
(HOME)PHONE__________
KIDS _____ (YES/NO), HOW MANY ________
PRESENT ADDRESS: _____________________
CITY: _______________
STATE:______________
ZIP CODE: ____________
WHEN DO YOU INTEND MOVING IN? ______________
HOW LONG DO YOU INTEND STAYING? ____________
HOW MANY MONTH RENT ARE YOU WILLING TO PAY UPFRONT_________
DO YOU HAVE PET _________
KIND OF PETS: _____________
HABITS
DO YOU SMOKE ______________
DO YOU DRINK ______________
DO YOU WORK LATE NIGHT _________
REFERENCE
NAME_____________
ADDRESS_____________

Payment will be through wire transfer (Western Union Money Transfer/ Money Gram) and the keys will be shipped to immediately payment as been confirmed.

Once i received the filled copy of the rental application form, I will make an arrangement on how to get the apartment keys and documents shipped to you through DHL courier service without any further delay.

I await your swift response.

Regards
Lucas

Sunday, June 16, 2013

Fake Email Quota Limit Scam

Here is a scam email I received this morning. Notice how the Reply-To goes to anti-spam.org. That not only makes the email seem more legitimate to the unsuspecting and non-technical person but all the people who will reply will muck up the bandwidth of the anti-spam.org server so the scammer is getting two birds with one stone.

The headers also revealed that they likely used a hijacked hotmail account to send out this spam. So they can not be tracked down.

Their real goal is to get readers to click on that link and then bad things will happen - some thing bad will download to your computer, or they will try and collect all your account info, so they can send out more scam emails through your hijacked email account. Or both. 

From: Webmail Technical Services. (info@usa.com)
Reply-To: (noreply@anti-spam.org)
Return-Path: info@usa.com
Subject: IMPORTANT INFORMATION IN YOUR WEB-MAIL USER‏

WEBMASTER EMAIL ACCOUNT UPGRADE

ATTENTION WEB-MAIL USER.

Your E-mail Box has reached its maximum limit of  500MB storage and your account will be deactivated if you do not upgrade it now. To upgrade your web-mail account, kindly click on the below link and follow the instructions to upgrade space for more storage.

CLICK HERE :  http://nlintu.com/spmsecurity-activate/

Your account shall remain active after you have successfully confirmed your account. Failure To Click This Link And Upgrade Your Quota May Result In Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.

Thank you for your cooperation.
Webmail Technical Services.

Saturday, June 8, 2013

Scam Email: Janet Roberts

Lately, I've been receiving a lot of emails from people selling Avon, Herbalife, Mary Kay, Amway, Melaleuca, Tupperware or Arbonne - the scammers seem to be targeting this demographic lately, hoping these independent sellers will fall for their fake buyer scam.

In the Fake Buyer Scam, the scammer will pretend to buy items and then send a counterfeit check. They will *always* overpay for the order, asking that the extra be sent to a shipper or some other third party. And there will be some weird reason why it is necessary to send that extra via wire transfer. Sometimes they just say they sent too much by mistake and please send the extra back via wire transfer. Whatever the reason the critical factors of this scam are overpayment and wire transfer. It is just the scammer at the other end of that wire transfer and once they pick up the money, they - and the money, are untraceable and gone. They hope to get their victims to wire that money before they figure out the original check is fake and the bank will withdraw the entire amount from your account.

Variations of the counterfeit check are: stolen credit card numbers not yet reported as such so there is a delay before you receive the chargeback, and even some will pretend to pay by paypal and send you a fake copycat email of a paypal payment confirmation email (and you'll be surprised at how many people believe that fake email and go ahead and wire the money, never manually checking their paypal account to see no money has, in fact, been paid).

Often these scammers have poor sentence structure and misspellings but another clue is they seem to ignore your questions and just reply with their "template" of what the next step in the scam is. it is too much effort to actually pretend to be a real buyer at this point - people are either going to fall for the scam or not. And sadly, enough people ARE falling for the scam, that they don't yet need to try any harder than they do now. It is sad.

But really, it is easy to avoid falling for this scam. DO NOT accept any overpayments. These are not tiny overpayments - they are significant. And NEVER EVER EVER wire money in behalf or back to any customer. EVER. Simple. Avoid these two things and you will not fall for this scam.

Here is an example of an exchange with a scammer recently sent to me that highlights how these emails typically go. It ends because Becky then got suspicious and googled Jane Roberts and found all the other people who have received scams from "Jane Roberts" (name has been faked, it is very likely to be some dude in Nigeria or some other foreign country).
From: Becky
To: janetrobert101@yahoo.com
Sent: Thursday, June 6, 2013 12:15 AM
Subject: Arbonne

Hi Janet,
I received an email from Arbonne about you being interested in Arbonne products.  What is the best way to reach you?
thanks,
Becky
Next Email:
On Jun 6, 2013, at 2:22 AM, janet robert [janetrobert101@yahoo.com] wrote:

Below is the lists of my inquiry.

2 of collagen support #817
1 of Makeup primer #7825
5 womans balance #1995

Kindly advise back as soon as possible with the quotes excluding the shipping costs from it. We will be responsible for the pick up of the order at your location once the payment is confirmed. My shipper will be making the pick up arrangement once i get the receipt of the payment from you .

Hope to read from you soon.

Best Regards
janet robert
Next Email:
On Jun 7, 2013, at 4:22 AM, janet robert [janetrobert101@yahoo.com] wrote:

Greetings to you and thanks for your response. I will like you to kindly get back to me with the information below for the payment of the Arbonne to be mailed out Am so sorry,i don't have a credit card nor debit card. I can only make payment with a Cashier-Check drawn and cashable at any bank. If accepted, kindly advise back with information such as :-

Physical Name :-
Address :-
City :-
State :-
Zipcode :-
cell Number :-

I will be waiting to read from you soon for the payment of the order to be mailed out. Kindly get back to me . Hope to work with you on future orders.

Regards
janet robert
Next Email:
From: Becky
To: janet robert [janetrobert101@yahoo.com]
Sent: Friday, June 7, 2013 5:10 AM
Subject: Re: Arbonne the check

Good morning.  I need to get your information to complete the order- name, address, and email address.    Thanks

Becky
Next Email:
From: janet robert [janetrobert101@yahoo.com]
Date: June 8, 2013, 4:26:01 AM EDT
To: Becky
Subject: Re: Arbonne
Reply-To: janet robert [janetrobert101@yahoo.com]

send me your info so that i can get the check sent right away...........

Thursday, May 2, 2013

Fake Work at Home Job Scam

Here is an excellent example of a scammer job ad. It's actually well written - looks like a real job ad. Okay, the fake last name isn't how that would be particularly spelled, but the sentence structure - while not great, isn't a total mess like most scammer emails. It will fool some people. Notice the misspelling of the domain name (it's missing an 'o'). I looked it up and it was created March 22, 2013, just in time to send out his scam email to hundreds of thousands of people. And of course, the WHOIS is protected. Mustn't find out who the scammer really is. Type in the web address and it delivers a 403 forbidden which means the scammer hasn't quite worked out how to make their fake website work properly yet.

It is a job scam.

How does this scam work?

Well, it would appear the job "opportunity" is a variation of a mystery shopper. It doesn't say this but my guess is eventually they will ask the victim to "test" the client's payment system by ordering something and writing up a review of the order process. Sometimes, the greedy scammers, will ask this payment be wired (and then that money is really going directly to the scammer) and sometimes they will have the victim receive money and send it elsewhere via wire transfer. At this point, the victim is money laundering. The scammer will tell the victim they will be reimbursed when they get paid - it will be their pay plus any money they spent testing the clients.

But a day or two before the pay check is supposed to be sent, the scammer disappears and moves on to hire another victim.

I am not looking for a job but lots of people are - so the odds of them sending this to someone who would love to make $35k working from home and is desperate or just not knowledgeable about these scams... they are going to end up victims.

PLEASE don't be one.

From: Tim Sheilds (info@emplymentopps.com)
Reply To: timsheilds@acerqc.com
Return Path: (b1@emplymentopps.com)
Subject: Need a Job Still?

Hi This is Tim Sheilds from Acerqc.com

I`m wondering if you are still looking for work as we have a opening , the position is working in our quality control division of our call center.

Basically you will be doing what I like to call reverse telemarketing where basically your going to be calling telemarketing companies up and seeing how they handle your call, You then write a report about if the person was knowledgeable about the product they were selling or how nice the person was on the phone or did they make you want to order the product etc etc.

The position pays 35k to start you can work at home and will be paid by direct deposit or check every week, check out our site you can see we are a good company to work with and if you feel you would like to apply for the position then reply back to me and I`ll get you started.

Hope to hear from ya soon

Tim Sheilds
Hiring Manager
Acerqc.com

Your email client cannot read this email.
To view it online, please go here:
http://emplymentopps.com/inter/display.php?M=1506600&C=27aab55a3449f61184b77098fd620c19&S=9&L=8&N=3

To stop receiving these
emails:http://emplymentopps.com/inter/unsubscribe.php?M=1506600&C=27aab55a3449f61184b77098fd620c19&L=8&N=9

Powered by Interspire

Tuesday, April 30, 2013

"Did you log into Facebook from somewhere new?" Facebook Email

Many of my friends are receiving this email. Is it a phishing scam email or not?

From: Facebook <notification+i-m5m7hi@facebookmail.com>
To: Elaine
Sent: Tuesday, April 30, 2013 1:25 AM
Subject: Did you log into Facebook from somewhere new?

Dear Elaine,

Your Facebook account was recently logged into from a computer, mobile device or other location you've never used before. For your protection, we've temporarily locked your account until you can review this activity and make sure no one is using your account without your permission.

Did you log into Facebook from a new device or an unusual location?

- If this was not you, please log into Facebook from your computer and follow the instructions provided to help you control your account information.

- If this was you, there's no need to worry. Simply log into Facebook again to get back into your account.

For more information, visit our Help Center here:
http://www.facebook.com/help/account_recovery

Thanks,
Facebook Security Team

One way to know it is not a phishing email is to open a new browser window, log in to your facebook account (not from any links in the email!) and the alert should pop up again. Whether the alert pops up again or not, it would be my recommendation to go in there and change your password. And don't pick something stupid simple like "password123" or english words easy for a software to guess by running through combinations.

Wednesday, April 24, 2013

Scam Email: Eric Anderson

Hi Kathleen,

I'm a small publisher in Sydney, Australia. I also got one from Eric Anderson, same format as all the others. My gut told me to do a search and I came across this site. Armed with this information, I wrote the following to "Eric Anderson":

- - -

Hi Eric,

Cost of Order = $1260
Cost of shipping = $420
Total cost = $1680

I spoke to my bank today and they said they cannot accept a credit card order from the Philippines without a scan of your passport (lots of scams from your country, I'm afraid). So if you can send that through as a jpg, I'll be grateful. Alternatively, you can send the money via Western Union (I use this method all the time for orders from Russia).

Please let me know how you'd like to proceed.

- - -

Saturday, April 13, 2013

Scam Fake Email from U.S. Treasury

It's tax time. The number of fake scam emails I'm getting that pretend to be coming from the IRS or the U.S. Treasury is astounding. They are ALL fake. These government departments do NOT initiate contact via email! Ever!

The approach the scammer uses below is an effective one - provide so little detail that the user is compelled to click on the attachment just to figure out what the email is about and if it is legitimate. And once they click, it is too late. DO NOT CLICK ON ANY ATTACHMENTS in emails that appear to be from the IRS or other government agencies.

I recommend looking at the "message source" and finding the REPLY-TO address and see what that says. What does it say in this case? boainfo@superposta.com. Not exactly the U.S. Treasury. I then usually look for another field, to see where the email may have been routed from. But in this case, that didn't help as the scammer was able to hijack using yahoo mail. Probably hacked into someone's account.

Okay, here is what it looks like. It's simple, but it does get people to click on the attachment and that is where the trouble begins for the user. So don't click on any links in these types of email.
Subject: YOUR COMPENSATION FUNDS TRANSFERRING TO YOUR REPRESENTATIVE (MRS. JOYCE SMITH), RECONFIRM TO PROCEED‏
From:    U.S Treasury Office (desk.ci@vf.vc)
Sent:    Sat 4/13/13 5:16 PM
To:    
   
Attachments:     1 attachment | Download all as zip (2.0 KB)
    The details.txt (2.0 KB)
   

Parts of this message have been blocked for your safety.

View the file for your message details.














Tuesday, April 2, 2013

Scam Email: Facebook Online International Lottery

Here is a scam email that oddly uses the address of the fake FBI scam (as their email address), the use of Facebook (as the brand name to create legitimacy), tries to time it as an Easter email (but then sends it 2 days after Easter) but then launches into the story of a fake lottery scam. This scammer really ought to decide which scam he is running!

Lots of people still fall for the fake lottery scam. You can NOT win a lottery you did not enter! And the winning amount in these fake scam emails is always more than is reasonably true. That they try to overwhelm people with details doesn't mean it isn't ALL made up. Do not fall for this.


From:Facebook (info@fbi.gov)
Subject: Congratulations and Happy Easter Celebration‏
Reply-To: (facebookwinnersdepartment11@gmail.com)

Facebook Online International Lottery
From: The Desk Of the President.
International Promotions / Prize Award.
Category: 2nd
 
Greetings to you Dear lucky winner. We are pleased to inform you of the result of the just concluded annual final draws held on the 12th of March 2013 by Facebook group in cash promotion to encourage the usage of Facebook worldwide. Your name was among the 20 lucky winners who won $950.000.00USD (Nine hundred and Fifty Thousand United State Dollars) each on the Facebook group promotion award attached to Lucky Number (FB-225-7736), Ticket Number (FB-172-60), Batch Number (FB-0281/544) and Serial Number (99352748-2013).
 
The online draws was conducted by a random selection of emails you were picked by an advanced automated random computer search from the Facebook in other to claim your $950.000.00usd the lottery program which is a new innovation by Facebook, is aimed at saying a big thank you to all our users for making Facebook their number one means to connect, communicate, relate and hook up with their families and friends over the years.
 
This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants and scam artists all participants were selected through a computer ballot system drawn from over 20,000 companies and 30,000,000 individuals email addresses from all over the world. This promotional program takes place every three years. You may be rest assured that this is real and legal. There are some scam artists around but thanks to the FBI, 216 of them have been arrested.
 
You are required to contact the head of our disbursement department in the person of Mr. Lincoln Howard via this email address (facebookwinnersdepartment11@gmail.com) with information below for the complete processing of your Winning certificate and further information regarding the disbursement of your lottery winnings.
 
Full Name:
Contact Address:
Mobile Number:
Occupation:
Marital Status:
Sex:
Age:
Country of Residence:
Nationality:
Lucky Number:
Ticket Number:
Batch Number:
Serial Number:
Your Email Address:
 
Furthermore, if there is any change in email addresses please contact us on time. Do not reply to this email, Contact the disbursement department with the email provided above.
 
Note: if you are not interested please do not bother to reply.
 
Thanks and more Congratulations!
 
Regards,
Mr. Wright Jones
Announcer.

Tuesday, March 12, 2013

Free Kindle Books 03/12 & 03/13

I've been working for years to help people not fall victim to Internet scams. I equate scammers to cockroaches - you can never completely eradicate them but you can reduce their intrusion into your life online. I continue to use the Internet with blogs, Facebook pages, Twitter accounts and my book series so that there may be fewer online scam victims.

I have a free promo running on Amazon today, March 12th, and tomorrow, March 13th, for Volume 2 - "Social Media Scams". It is a guidebook to help protect you (or someone you love) from all the different variations of scams running on Facebook, Twitter, Craigslist, YouTube, eBay, and more. Provides a chapter on how all the social media platforms got started and lots of description and advice on scams for all the top social websites. Also includes advice about those pesky fake people on dating sites.

Download today! Or get your loved ones to download a copy...

Help spread the word about how to avoid social media scams.

http://www.amazon.com/Social-Media-Scams-Yourself-ebook/dp/B00B1DQOZK/

Kathleen

Monday, March 11, 2013

Common Tax Scams

It's tax season the U.S. That means scammers have a particular target this time of year, to see if they can trick more people into clicking on links, landing on fake pages, and forwarding money via wire transfer. The scammers will target low-income people and senior citizens, but really - they often just play a numbers game - sending out hundreds of thousands of emails and just working the percentage of people who reply to their first email. Or click on the links in their first email.

And right behind the scammers, out purely for your information or cash, are the slimy businesses out to make a buck by promising a better return (they will sometimes do this by filing deductions you are not actually qualified for). And the scammers pretending to be an IRS agent or a former IRS agent and charging money for special information they know (they typically are not associated with the IRS at all).

The IRS will NEVER contact taxpayers by email, text message or social media to request personal or financial information. They just don't do this. So don't believe anyone telling you otherwise. The IRS contact is done by postal mail.



The IRS also does not initiate phone calls to people. That will also be a scammer. Some of these calls will claim to have a refund ready for you and ask you to call them back. The goal will be to collect your bank account information. Their cover story will be so they can deposit the money there. But once they have your bank account info, they will go online and clean it out. They may ask for your credit card info for "security reasons" and then start making charges on it. Some will say there is a mistake on your return and they need to discuss it. Don't give them ANY information until you verify who they are through independent sources. Really, the IRS works by regular "snail mail". If someone calls you on the phone claiming to be from the IRS, ask them for your name and social security number. A scammer won't know this and that will end the conversation immediately.

And if you are not sure, never provide ANY information, ask for a number to call them back on (say you are busy or something), and then go look up the REAL IRS phone number (1-800-829-1040) and call and ask if that call could be legitimate. But really any time someone initiates the first call and says they are from the IRS.... is not from the IRS. That is easy to remember.

Sunday, March 10, 2013

Beware of Fake Facebook Emails

Lately, I've been receiving an inordinate amount of phishing emails that look like they are coming from Facebook. I have 'new Facebook messages', my Facebook account 'has been suspended', I have a message from the 'Facebook IT department', Facebook 'Support' is emailing me, and I have Facebook 'notifications' waiting to check. I've already written a blog post about fake Facebook emails back in January but I've noticed a spike in how many I've been receiving lately.

All I can think is something must be working about these emails for scammers and a zillion of 'em have rushed into use this version of the phishing scam. I am actually getting probably 10-15 of these specific ones a day now. Geez.

My advice is to check your privacy settings and what you have enabled to be notified on and be VERY careful before you click on ANY button or link in ANY email notification, make sure it is not a phishing email. Better advice is to just never click on the links and button in these emails, but open a new browser window and log into Facebook yourself and see what messages you have there.

I'll paste an example below but there may be different variations. Just be wary of ALL of your Facebook notification emails.

(oh, and the buttons and links in this fake email actually take you to http://58.120.227.149/~hafis/dissenting.html?fbuserid=katiemoe   so notice how they are actually tracking me and my relationship to my facebook account if I DO click on anything - I'm guessing they will trick people into providing their password by presenting a fake 'log in again' page. But I'm NOT going to click on it to even find out for you. And you shouldn't try it either - who knows what terrible things can download in the background unbeknownst to you while you are staring at their fake page)

From: Facebook IT Department [hedquist@abraminterstate.com]
Subject: You have a new direct message from Facebook IT Department


facebook
You have a new message from Facebook IT Department.

Your profile is not configured.
View Notifications
Go to Facebook
This message was sent to katiemoe@xxxxx.xxx. If you don't want to receive these emails from Facebook in the future, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303

Here's another one (the links and buttons this time go to:http://km.ur.ru/relics.html?fbuserid=katiemoe (do NOT click on this link!!!)

From: Facebook Technical Support [ablfm@stockpoint.com]
Subject: You have a new direct message from Facebook Technical Support

 facebook
You have a new message from Facebook Technical Support.

Your profile has been successfully updated.
View Notifications
Go to Facebook
This message was sent to katiemoe@xxxxx.xxx. If you don't want to receive these emails from Facebook in the future, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303

Wednesday, February 13, 2013

Top 10 Email Scams Selected Reviewer's Choice for February

A proud moment for me. I just received notification from the Midwest Book Review that my first book, Top 10 Email Scams, was February's number one Reviewer's Choice for their Small Press Bookwatch. Yea!

Now my book can be made available to libraries and other academic collections, which I think is a good additional place for my book to be.

Here is a link to the Midwest Book Review page: http://www.midwestbookreview.com/sbw/feb_13.htm

And here is the review in its entirety:


Reviewer's Choice

Top 10 Email Scams
Kathleen McMahon
KTMObooks
1450 Chestnut Street #102
San Francisco, CA 94123
9781938831003 $14.95 KTMObooks.com

Volume one of the "Internet Scams Reveals Series", Top 10 Email Scams: Detect & Protect Yourself from Online Scams is an absolute "must-read" for anyone and everyone who makes use the Internet, whether for professional commerce or simply emailing their friends. Chapters explain in plain terms some of the most common online con games. For example, in the "Fake Buyer" scam, the criminal pretends to buy goods and "overpay" with a certified check or credit card, and requests the seller to wire the difference (typically via Western Union or MoneyGram) to them or their "shipping company". By the time the seller's bank determines that the certified check is a fake, or that the credit card number was stolen, the seller is on the hook for the entire amount and the scammer has disappeared with all the wired money. "Do NOT do wire transfers. Period. No Western Union, no MoneyGram. Don't accept wire transfers as any part of a transaction (especially you forwarding extra money via wire transfer) and you'll avoid a lot of purchase-related and check-cashing email scams." Other scams covered include identity theft, "phishing" (tricking people into entering their passwords into fake websites, etc.), dating scams, lottery scams, and more. Plain terms and sample fraudulent emails help make Top 10 Email Scams crystal clear to readers of all backgrounds. A wealth of valuable tips and tricks for avoiding scams, a "don't panic" list of steps to take when one has been scammed, and glossary of common terms concerning Internet fraud round out this invaluable guide, worthy of the highest recommendation for modern library collections. In today's digital age, Volume 2: Social Media Scams and Volume 3: More Email Scams should also be required reading for the general public!

Friday, February 1, 2013

Facebook Scam: Notice of Settlement of Class Action

This scam has a few things going for it. One is the fake email address they are using: facebookmail.com. Close enough to trick people who are either not paying close attention or might convince themselves this sounds like an email address facebook would own, right? Wrong. Secondly, the email is long and VERY legal sounding and the scammer used a recent hot-button issue pissing off facebook users: sponsored stories. So to the uninitiated, it sounds plausible. And that is what the scammer is hoping for.

This scam has several goals but the main one is data collection. In order the "enter" this class action settlement, you are going to have to give up all kinds of information and a casual unsuspecting person might think that makes sense and that is where the scammer has the victim tricked. The info will not be going to facebook but all of it to the scammer - your login, your social security number, your address - everything they can get you to voluntarily give up.

Facebookmail.com is a scammer's email and there is no settlement of class action against sponsored stories. DON'T FALL FOR THIS ONE!

From: legalnotice (legalnotice@facebookmail.com)
Sent: Sat 2/02/13 12:27 AM
Reply-to: noreply [noreply@facebookmail.com]
Subject: Re: LEGAL NOTICE OF SETTLEMENT OF CLASS ACTION

NOTICE OF PENDING CLASS ACTION AND NOTICE OF PROPOSED SETTLEMENT
ANGEL FRALEY V. FACEBOOK, INC.
You are receiving this e-mail because you may have been featured in a "Sponsored Story" on Facebook prior to December 3, 2012.
A federal court authorized this Notice. This is not a solicitation from a lawyer.
Why did I get this notice? This Notice relates to a proposed settlement ("Settlement") of a class action lawsuit ("Action") filed against Facebook relating to a particular Facebook feature called "Sponsored Stories." According to available records, you may be a "Class Member."
What is the Action about? The Action claims that Facebook unlawfully used the names, profile pictures, photographs, likenesses, and identities of Facebook users in the United States to advertise or sell products and services through Sponsored Stories without obtaining those users' consent. Facebook denies any wrongdoing and any liability whatsoever. No court or other entity has made any judgment or other determination of any liability.
What is a Sponsored Story? Sponsored Stories are a form of advertising that typically contains posts which appeared on facebook.com about or from a Facebook user or entity that a business, organization, or individual has paid to promote so there is a better chance that the posts will be seen by the user or entity's chosen audience. Sponsored Stories may be displayed, for example, when a Facebook user interacts with the Facebook service (including sub-domains, international versions, widgets, plug-ins, platform applications or games, and mobile applications) in certain ways, such as by clicking on the Facebook "Like" button on a business's, organization's, or individual's Facebook page. Sponsored Stories typically include a display of a Facebook user's Facebook name (i.e., the name the user has associated with his or her Facebook account) and/or profile picture (if the user has uploaded one) with a statement describing the user's interaction with the Facebook service, such as "John Smith likes UNICEF," "John Smith played Farmville," or "John Smith shared a link."
What relief does the Settlement provide? Facebook will pay $20 million into a fund that can be used, in part, to pay claims of Class Members (including Minor Class Members) who appeared in a Sponsored Story. Each participating Class Member who submits a valid and timely claim form may be eligible to receive up to $10. The amount, if any, paid to each claimant depends upon the number of claims made and other factors detailed in the Settlement. No one knows in advance how much each claimant will receive, or whether any money will be paid directly to claimants. If the number of claims made renders it economically infeasible to pay money to persons who make a timely and valid claim, payment will be made to the not-for-profit organizations identified on the Settlement website at www.fraleyfacebooksettlement.com (if clicking on the link does not work, copy and paste the website address into a web browser). These organizations are involved in educational outreach that teaches adults and children how to use social media technologies safely, or are involved in research of social media, with a focus on critical thinking around advertising and commercialization, and particularly with protecting the interests of children.
In addition to monetary relief, Facebook will (a) revise its terms of service (known as the "Statement of Rights and Responsibilities" or "SRR") to more fully explain the instances in which users agree to the display of their names and profile pictures in connection with Sponsored Stories; (b) create an easily accessible mechanism that enables users to view, on a going-forward basis, the subset of their interactions and other content on Facebook that have been displayed in Sponsored Stories (if any); (c) develop settings that will allow users to prevent particular items or categories of content or information related to them from being displayed in future Sponsored Stories; (d) revise its SRR to confirm that minors represent that their parent or legal guardian consents to the use of the minor's name and profile picture in connection with commercial, sponsored, or related content; (e) provide parents and legal guardians with additional information about how advertising works on Facebook in its Family Safety Center and provide parents and legal guardians with additional tools to control whether their children's names and profile pictures are displayed in connection with Sponsored Stories; and (f) add a control in minor users' profiles that enables each minor user to indicate that his or her parents are not Facebook users and, where a minor user indicates that his or her parents are not on Facebook, Facebook will make the minor ineligible to appear in Sponsored Stories until he or she reaches the age of 18, until the minor changes his or her setting to indicate that his or her parents are on Facebook, or until a confirmed parental relationship with the minor user is established.
YOUR LEGAL RIGHTS AND OPTIONS IN THIS SETTLEMENT
SUBMIT A CLAIM FORMThis is the only way to be eligible to receive a payment, if the Court orders payment to Class Members.Deadline: May 2, 2013
EXCLUDE YOURSELFThis is the only option that allows you to retain the ability to file your own lawsuit about the legal claims in this case.Deadline: May 2, 2013
OBJECTWrite to the Court about why you object to (i.e., don't like) the Settlement and think it shouldn't be approved.Deadline: May 2, 2013
GO TO THE "FAIRNESS HEARING"
The Court will hold a "Fairness Hearing" to consider the Settlement, the request for attorneys' fees and expenses of the lawyers who brought the Action ("Class Counsel"), and the class representatives' request for service awards for bringing the Action.
 
You may, but are not required to, speak at the Fairness Hearing about any Objection you filed. If you intend to speak at the Fairness Hearing, you must follow the procedures stated on the Settlement website to notify the Court and parties of your intent when you serve your Objection.
Hearing Date: June 28, 2013 at 10:00 a.m.
DO NOTHINGYou will not receive a payment, even if the Court orders payment to Class Members. You will also be giving up your right to bring your own lawsuit related to the claims in the Action. You may be eligible to receive the non-monetary benefits of the Settlement, if the Settlement is finally approved.No deadline
Your Class Member Number: 707550672
To Parents and Guardians of Children on Facebook: The Settlement also involves the claims of minors featured in Sponsored Stories on Facebook. Please see the Settlement website for more information.
More information? For more information about the Settlement and how to take the actions described above, please visit www.fraleyfacebooksettlement.com (if clicking on the link does not work, copy and paste the website address into a web browser) or write to the Settlement Administrator at Fraley v. Facebook, Inc., Settlement, c/o GCG, P.O. Box 35009, Seattle, WA 98124-1009, or GCG@fraleyfacebooksettlement.com. You may also contact Class Counsel, Robert S. Arns of the Arns Law Firm, by calling 1-888-214-5125 or by emailing fb.settlement@arnslaw.com.   

Wednesday, January 30, 2013

Facebook Scam ALERT! Free Southwest Airline Tickets

There is a virus spreading like wildfire on Facebook tonight. The scam offers free southwest airline tickets BUT when you click, it spreads the virus to other people on your friends list, and the landing page is malicious, probably downloads spyware and definitely tries to put the victim through multiple questionnaires and surveys - collecting as much information as they can for identity theft and/or trying to ascertain passwords to banking accounts.

DO NOT CLICK ON IT when you see it on Facebook. DO NOT CLICK!

You can report it to Facebook as a spam or just ignore it. But do not click on it. It will only spread further.

Here is what one looks like on my wall:


You can learn more about protecting yourself from social media scams with this book, Social Media Scams, now available on Amazon.

Free Signed Book Giveaway Feb 4-7, 2013

Please feel free to enter my book giveaway contest on GoodReads.com

http://www.goodreads.com/giveaway/show/43422-social-media-scams-protect-yourself-on-facebook-twitter-ebay-more

I've been helping people for years avoid online scams and I wrote <i>Top 10 Email Scams</i> and <i>Social Media Scams</i> to help spread the word further on how to avoid Internet scams. I want to continue my crusade to reduce the number of victims from these criminals.

This giveaway focuses on my second book, in printed book format, in the series. In <i>Social Media Scams</i> you will learn to recognize and avoid all the top scams currently in use online - it covers scams on Facebook, Twitter, eBay, Craigslist, dating sites and more. It will be a signed copy. It is 220 pages.

The contest is from February 4 through February 7, 2013.

Stay safe out there!

Thursday, January 24, 2013

Email Scam: Fake Facebook Support Email

Here is an email I just got and it is pretending to be an official email from Facebook Support, which one might want to pay attention to. That is what the scammer is counting on. They are hoping that at least some percentage of the people receiving this email are not paying close attention and think it is really from Facebook Support when it is not.

All the links in the email look like they go to Facebook (or they are a linked button or linked word) but the actual destination of the link is: http://maxmax.webnow.biz/transferring.html?fb=katiemoe (DO NOT CLICK ON THIS LINK!!!!) but notice how they were able to insert a variable at the end of the string which identifies which Facebook account they are trying to attack. This is bad. If I click on this link, they will know who clicked on it, even if I don't provide them any further information. Worse than that, I may get some nasty spyware software downloaded to my computer. So, DO NOT CLICK ON ANY OF THESE LINKS!!!

From:    Facebook Support [surojitroy321@server55.neubox.net]
Sent:    Thu 1/24/13 6:27 PM
Subject: Facebook Support

facebook
Facebook Support sent you a notification.

Your account has been successfully updated.
Go To Facebook
See All Notifications
This message was sent to xxxx@xxxxx. If you don't want to receive these emails from Facebook in the future, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303

New Book: Social Media Scams

I'm delighted to announce my second book is now available for sale. "Social Media Scams" is a book to help educate and protect people from falling victim to scams on sites like Facebook, Twitter, Craigslist, eBay, as well as online dating sites. eBook or Paperback can be purchased from Amazon at http://amzn.to/RZSfZc

The first book in my scam series covers how to protect yourself from email scams. It is called "Top 10 Email Scams" and can be purchased on Amazon at http://amzn.to/QsAzhT
 
I also provide a variety of resources where users post their scam experiences and help alert each other:

KTMObooks: https://www.facebook.com/ktmobooks

Facebook Stop Art Scams: https://www.facebook.com/pages/Stop-Art-Scams/135887239769963


Stop Art Scams Blog: http://stopartscams.blogspot.com/

KTMObooks Blog: http://KTMObooks.com/blog/


KTMObooks Twitter: http://www.twitter.com/KTMObooks 

Sunday, January 20, 2013

Scam Email: Fake Craigslist Alert Email

This email is just like fake LinkedIn email alerts, or fake PayPal alert emails, or fake account alerts supposedly from your online banking. It is fake and the goal of the scammer is to get you to click on the link in the email, which looks like it goes to one place but actually goes to their own malicious web page. Sometimes on that fake web page, they collect information, including your passwords or they download spyware software on your computer and you won't even know it. That spyware software will monitor your keystrokes and seek out account passwords. Ultimate goal? To get at your bank account, either through paypal or through your online banking. Failing that, they'll use your account to send out more scam emails so they look like they come from you instead of them.

In the below email I just got, the words "simple click" are hotlinked and actually goes to http://craigslistuser.yolasite.com/ but DO NOT TRY OR CLICK ON THIS LINK!


From: winndowwmall@telenet.be
Subject: Craigslist Account Alert!‏‏
Date: Sun 1/20/13 9:40 PM
Return-Path: Return-Path: peterdegraef@telenet.be

Dear Craigslist User,

We require you to verify your Account with one, simple click ,to confirm the validity of your account.

Thanks again for choosing our Service

Sincerely,
Craigslist Team

Thursday, January 17, 2013

Catfishing Scam

I love that someone has dubbed a word for online dating scams. It helps it become more ingrained in the sub-conscious mind of more people. People like buzz words. People can remember them better.

Catfish. A little different than what you think this word would mean at first. But in the urban dictionary a "catfish" is someone who creates a full false identity online, typically in pursuit of deceptive online romances. The name came from a 2010 documentary movie made by Henry Joost and Ariel Schulman. In the movie, Ariel Schulman develops a relationship - falls in love, with a woman on Facebook and then goes to track her down in real life and finds her to be not at all what she represented herself to be, and married with children.

Now there are many more meanings for "catfishing" than just creating false identities for the purpose of deceptive online dating. People have created them to enact out whole "stories", about having cancer or some other crisis in their life. It is probably a convoluted way to feel the connection, sympathy and compassion of others. Sometimes, they want to "end" the story (it must become a burden after awhile keeping all the stories straight) but because others online think they are interacting with a real person, often the only way they can think to do this is to "kill" off their online identity. That is what happened in the case of Notre Dame linebacker Manti Te'o. He was, at first, torn to shreds in the media for making up a girlfriend (and still parts of the story do not make complete sense, like apparently his father referred to them being in Hawaii together), but Manti insists he was a victim of a "catfish" scam. That he thought someone was his girlfriend online and that she died of leukemia last year. Until some reporters looked into the story and realized there was no one by the name of his girlfriend. This particular story is still developing, but however it turns out, it is certainly a great example of the perils of online relationships. Most victims say it may seem crazy but that it happens in very small increments and does not seem so crazy at the time. Until you step back and look at the whole thing. But for me, how can these people think they are in a relationship and "in love" when they have never met the person face-to-face? It certainly targets people who may have idealized notions of love and relationships and those who may have more difficulty connecting face-to-face with people.

So what are the catfish scammers after? I think there are two main types. The ones after the deceptive sense of connection, sympathy, love, and compassion of another, and then those that are strictly in the game to eventually begin siphoning their victims dry of their money and savings. I mostly see the latter but I'm aware some create their false identities just to be able to "live" online as that character. It certainly blurs the lines of imagination, reality, identity exploration, and morality. The ones after the money are a little more clear cut. They are after the money. Very clear.

These type of scammers typically operate with more than one person, often in little cooperative "gangs", sharing the loot. And they go for big, big numbers. In fake buyer scams, they tend to target stealing about $1000-$3000 and stay under the radar of the authorities and just hope to get a lot of victims under the radar so it adds up. But in online dating scams, it may take longer to warm up their victim, but then they go for broke, often getting $200,000 or more out of the victims. I've seen cases commonly in the $800,000 range. You can see why scammers are attracted to this scam. Some victims, thinking they are helping someone they are in love with, will begin borrowing money once their own money is all gone, and in one case, the woman began writing checks from her employers checkbook and she was eventually arrested for embezzling. But she didn't keep a dime. It all went to her "fiancee", who she had never met face-to-face. So she was in jail with none of the money and the scammer got off scott-free, sitting in some foreign country with all the money. Amazing.

But I'm glad now there is a popularized term for this scam. Catfishing. It means more unsuspecting people will become educated and look out for the warning signs. Hopefully, it will begin to result in fewer victims. I review the warning signs for online dating in depth in my book "<a href="http://amzn.to/RZSfZc">Social Media Scams</a>". All efforts to bring this scam out of the dark corners of shame and embarrassment and bring more light to the subject is, well, a Good Thing. I think Manti Te'o is a reluctant educator on this subject, but still, that is a positive thing that will come out of his experience. And congrats to the "Catfish" documentary guys - you are doing great work to expose this scam.

Wednesday, January 9, 2013

Scam Email: Fake LinkedIn Private Message Emails

Okay, I'm getting slammed with these tonight so I wanted to post an alert. These look like they come from LinkedIn and someone has left you a private message, then providing you a link to click on in the email to see the private message. DON'T CLICK ON THAT LINK!

From:Glenda Clark [yianniskalaitzakis@s109.loopia.se]
Subject: Glenda sent you a 1 personal message‏

Linked In

Glenda Clark sent you a 1 personal message
Date: 1/10/2013

http://linkedin.com/do?viewProfile&message=89839692

This email was intended for katiemoe@hotmail.com. Learn why we included this.
© 2013, Linked In Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA


The actual destination of the links in this email goes to: http://123-beach-resort.com/caverns.html (don't click on this link either!!)

Here is another one I got tonight was well (and the actual destination of the links goes to http://cgssac.com/headland.html, so don't click on it!!!)

From:Andrea Cook [Cook1972@server41.campusspeicher.de]








 

Subject: Andrea Cook just sent you a private message.

LinkedIn

Andrea Cook has sent you a personal message.
Date: 1/10/2013
https://www.linkedin.com/trk?act=viewProfile&yt=message&poster=8897
Don't want to receive e-mail notifications? Adjust your message settings.
© 2013, LinkedIn Corporation



New European Cybercrime Centre

A shout out over the pond for the newly formed European Cybercrime Centre (EC3), opening January 11th, to fight online abuse, child pornography, identity theft and banking fraud on smartphones attacking European nations.

More resources on this worldwide problem is a great thing.

The centre already has a staff of 30 full-time employees. It will provide operational support to member states to combat intrusions, fraud and online child sexual abuse. The centre will also provide technical, analytical and forensic expertise in EU joint investigations. EC3 will focus on criminals with the aim of becoming a "focal point" of information exchange between national law enforcement agencies to identify threats more quickly.

This is a great addition to the U.S.'s effort with IC3 (ic3.gov).

Although scammers are like cockroaches and there is no hope of eradicating them completely,  more resources to make their life harder and to hold the line against the rising tide of gangs of scammers becoming more and more effective, this is an encouraging sign of hope. It's almost too easy now to become a scammer and steal money from unsuspecting victims. This will throw an additional wrench in their otherwise pretty cushy activities.

Congrats, EC3 - lots of good wishes on your cybercrime-fighting efforts. Go get 'em!

Tuesday, January 1, 2013

Scam: Independent Third Party Technical Support

I had a close friend get caught in this in the past week. It reminded me how vulnerable non-technical people are when something is not working right on their laptop, their printer, or something like their Hotmail email account.

It is so easy for the non-technical to get led down dangerous paths while they just look for the support they need to fix their problem.

One version of this scam is just a plain ole scam - the victim doesn't have any problem with their computer but they get a call or an email saying their computer DOES have a problem and they need to call such-and-such number to get technical support to fix it. Once they call the number, the "technician" (yeah, right...) downloads remote control software on the victim's system (now giving them access to EVERYTHING, including passwords, online banking... everything) and then charges them some fee for the service, which they'll charge via credit card or ask the money be wired with some lame story as to why they are making such a weird request. Other variations of this scam claim the victim's computer has been identified by the FBI as having illegal information on it... or porn and asking for a fee to have it removed and not prosecuted (the scammer is counting on real porn watchers being so embarrassed or intimated that they will pay and never let anyone know what has happened, ensuring the scammer gets off scot-free).

That's just a plain ole scam.

What my friend got caught in this past week was more of a deceptive unethical business practice scam than a regular ole gonna-steal-your-money scam (though the result is the same). These scams are distinct in that they actually pretend to provide a real service. And maybe they do, I'm not sure, but what I do know is how they get their customers is very slimy and what they do once they have a customer is also unethical and dangerous to the non-technical person seeking technical support.

These are independent, third party technical support companies, mostly operating out of India, who present themselves online is such a way as to confuse non-technical people. The victim thinks they are talking to Microsoft technical support, Hotmail technical support, Toshiba technical support, Canon technical support - whatever. The companies list themselves under as many brand names as they can online and present themselves as the support for those brands. I would say these sites include disclaimers saying they are not associated with the Brand in question, but non-technical people seem to miss these disclaimers. I still have to excavate why my friend thought she was calling Toshiba technical support and got this other company who did NOT identify themselves as not being the official Toshiba technical support so she proceeded.

And in proceeding, they downloaded remote control software on to her computer first thing and then charged her to cover one month of technical support. She figured her computer was not under warranty so neither of these things completely got her attention, though she admitted "something didn't seem right". They accessed her computer remotely and said they could not find the problem so of course there she was, having been charged, with remote control software on her computer and she STILL had the problem. It was only when she got an email confirmation of her payment that she realized she had been taken, for the receipt came from a company called iYogi.net (also using iyogi.com as well as well as other url names). It seems iyogi was a legitimate support provider at one time but now resorts to deceptive practices in order to acquire new customers. Here is a quote from the wikipedia page:

In March 2012, antivirus major Avast severed its ties with iYogi. Under the agreement that lasted a little more than two years iYogi had been providing online support to Avast users free of cost. Avast accused iYogi of forcefully selling its online support plans to Avast users which the Antivirus maker claimed to be unnecessary and expensive.

And here is the official statement from Avast, which reveals that iyogi was trying to increase revenue by claiming users had problems they didn't have: https://blog.avast.com/2012/03/15/iyogi-support-service-removed/

This user posted this comment online, not that long ago (just at the beginning of the month):

Tony
Dec 09, 2012  from Jefferson, Georgia
I called a phone # that was supposed to be for mcafee and wound up with Iyogi on the line they advertised three tears of total protection software for my computer,and help installing any new device's that I may purchase under same contract after having problems with thier tech support,and 24 to 30 hours on the phone with them,I still had some of the same problems they were supposed to have fixed .I called them back because after 30 hours on the phone with them in remote session I wanted to terminate thier services and dispute thier charges. the next morning my computer would not even boot up and I had to start in safe mode to a prior earlier known working date. then I found out they were disputing my complaint with discover and had maliciously taken over my e-mail address ,and since I havent sent any new e-mails I was unable too recover my hotmail account

There are a number of complaints with a similar theme posted at http://www.ripoffreport.com/Search/IYOGI.aspx

iyogi tends to post a lot of "shill" articles online so that users will likely get rerouted to them in searching for technical answers. And it's been tricky, because apparently this company HAS been a support partner for legitimate brand names but has been using these slimy tactics to get money out of users.

And apparently their remote control software is almost impossible to remove off your system. Certainly can't be removed in the normal ways.

Today, another company that looks like it has the very same approach as iyogi attempted to post a message in my blog with a link to one of their shill pages. iveera.com & iveera.net. Same crap. They are pretending to provide Hotmail support. They certainly want to show up in the google search results as providing hotmail support. It confuses people because Microsoft does not provide live support for Hotmail. And Microsoft has to keep saying these companies are NOT affiliated with them. And iveera is pretending to provide Norton Antivirus support, McAfee support, etc. They have posted "expert" articles so they show up in search results. Non-technical people don't realize all the time they are calling some third party support company in India, that they will be charged, and that they then run the risk of having remote control spyware downloaded on their computer.

This type of scam will be found under many different company names and I'm sure more new ones going forward. It's always a good step to google a company first and see what comes up. I googled "iyogi scam" and pretty much saw everything I needed to know.

Okay, so what is my advice to the non-technical?

1. If you are speaking to a technical support person, do NOT purchase any software from them in order to resolve a technical support problem.

2. Always ask at the beginning of a technical support call if there is a fee or subscription fee associated with the service. If there is, hang up.

3. Never EVER give up control of your computer using remote control software unless you are ABSOLUTELY confident (100%) that the person you are speaking to is an authorized representative of that brand name for which you are seeking support (i.e. Microsoft, Toshiba, etc.)

4. Never ever provide your credit card or any financial information to anyone claiming to be a technical support person. If you are being asked this, hang up.

5. Technical support people NEVER call customers proactively to tell them they have a problem that needs resolving. Only scammers do this. If you receive a call or email offering support you didn't ask for... it is a scam.