In order to protect yourself from the bad guys, know what to watch out for.
The (fake) tax man: Identity thieves targeted consumers with bogus emails, claiming a W-2 form was not submitted and provided a link to a site for you to input your information. Problem was, the link directed taxpayers to a malicious site that could gathered important information, such as Social Security numbers and addresses, which could later be useful in hacking into bank accounts. When online, if you are directed to another website, MAKE SURE it is a secure one.
Hackers tweak an older thievery technique: A phishing attack with a twist made the rounds, targeting users of eBay’s (EBAY), PayPal, Bank of America (BAC), Lloyds, and TSB customers. The U.S. Computer Emergency Readiness Team (US-Cert) sounded the alarm that the malicious Web page is stored on a user’s computer, rather than directing them to a Web page loaded with the malicious software.
False Advertising: The FBI announced in November the arrest of six Estonian nationals, who were charged with running a major Internet fraud ring that infected millions of computers worldwide with a virus. That virus provided the window that the alleged thieves needed to commandeer consumers’ computers and direct them to Web pages where advertisements were posted. Unbeknownst to the advertisers, they were paying the alleged thieves for website traffic that did not come willingly to the sites. The FBI claimed the Estonian nationals manipulated the multibillion-dollar Internet advertising industry to earn at least $14 million in illicit fees.
Getting past the gatekeeper: Email marketer Epsilon, which hosts databases of seven of the top 10 companies in the Fortune 500 and hundreds of others, suffered an attack by hackers in late March. The attack left customers of such major brands like Citigroup (C), Disney (DIS), and Marriott (MAR) vulnerable to potential phishing scams, which attempt to steal valuable personal information such as bank account or social security numbers.
Being used to unknowingly aid in medical fraud: More than 80 medical-equipment companies received a less-than-merry notice right before the holidays when Allstate Insurance Company filed a $6.3 million lawsuit to recover money it paid out for durable medical equipment, supplies, and orthotic devices. According to the complaint, retailers (and their owners, in conspiracy with wholesalers) submitted misleading and fraudulent bills using customers’ personal-injury-protection benefits.
In February 2011, 20 individuals–including three doctors–were charged for allegedly bilking the government out of $200 million in Medicare costs for mental-health services. The elaborate scheme involved officials at community health centers paying kickbacks for patient referrals and billing Medicare for care that was not necessary, and in many instances, never provided. And Medicare wasn’t the only victim. The patients who unknowingly were used to bilk the government were from halfway houses and assisted-living facilities.
In the Phishing Scam, citizens are contacted by email stating their Credit Union, Bank or Credit Card accounts have been compromised, or that the security of the agency has been compromised, and their accounts have been suspended. Normally the account holder is asked to click a link which then redirects them to a new web page where they are asked to enter their account or other personal information to reactivate or verify their account. This information is not being routed to the account holders financial institution, but rather to a criminal network that either sales your information, or uses it directly to steal from your account.
This type of Phishing Scam has now added a new twist. Instead of being asked to enter your personal information online, account holders are asked to call a phone number and are then prompted by an automated answering service to enter their information. This “automated service” is actually a computer program which then reads and records the information as it is entered in via your telephone keypad. The information is collected differently then the web page process but the results are the same, you have just become a victim. Below you will find a example of what a potential Phishing Email may look like when sent to your computer.
Dear Credit Union Customer,
We regret to inform you that we have received numerous fraudulent emails which ask for personal account information. The emails contained links to fraudulent pages that looked legit. Please remember that we will never ask for personal account information via email or web pages.
Because of this we are launching a new security system to make Credit Union accounts more secure and safe. To take advantage of our new costumer Identity Theft Program we had to deactivate access to your card account.
To activate it please call us immediately at (425) 998-1153
Activation is free of charge and will take place as soon as you finish the activation process.
In order to avoid becoming a victim of the Phishing Scam, citizens should use the following guidelines:
1. Never respond directly to a email sent to you by any financial institution that ask you to enter personal or account information. If you are unsure if the email is legitimate, go directly to the financial institutions website or contact them by phone.
2. Never call any phone numbers sent to you via emails and enter in personal or account information.
3. Use common sense and trust your instincts. If you are concerned that you are being contacted by someone pretending to be your financial institution, you are probably right. Just call and ask you financial institution, they are always happy to help.
If you think you have already become a victim of this or any other scam, follow these guidelines to minimize the damaged and prevent from becoming a further victim:
1. Call your financial institution immediately and place a hold on your account.
2. Ask your financial institution to close those accounts you suspect may have been compromised and re-issue you a new account.
3. Contact the three credit bureaus (Experian 888-397-3742, Equifax 800-525-6285 and Trans Union 800-680-7289) and request a fraud alert by placed on your accounts.
In addition to investigating crimes, the Detective Bureau has the ability to recognize the current schemes and scams that are being perpetrated against honest citizens. One the most current and popular scams being used is an Over Pay Scam. This type of scam is being committed against citizens who are in the process of selling legitimate items, either online, in the newspaper, or by other selling publications.
In the Over Pay Scam, citizens are contacted by phone, email, or standard mail, and are offered a higher price for a item they have listed for sale. For Example, the perpetrator in this case will offer to pay $1200.00 for a computer laptop that the victim is only advertising for an asking price of $1000.00. This is in an attempt to entice the seller to comply will the perpetrators payment terms, which is the source of their scam.
The perpetrator will them inform the seller that they will send them a check, travelers check, or money order for a larger amount, to assist with additional cost, such as shipping and handling. In this example, the perpetrator will send two money orders, each in the amount of $1000.00 and request that the seller just return the overpayment when they ship the item. The perpetrator will request this be done in the form of a money order. The perpetrator will then provide the seller with a legitimate address that will generally belong to a postal box or vacant residence, which is linked to another unsuspecting party.
Once the seller receives the money order or check, they immediately deposit it into their account and ship their item out, along with the money order for the amount over paid by the perpetrator. In two to three weeks, the money order or check will come back as being counterfeit and the bank will hold the seller accountable for the money.
In this example, the perpetrator has made off not only with the sellers item, but also with an additional $1000.00 (minus the shipping cost) of the sellers hard-earned money. Once the crime is reported to the Police and investigated, there is generally no evidence that will lead to the real perpetrator, and they are off to find their next victim.
In order to avoid becoming a victim of the Over Pay Scam, citizens should us the following guidelines:
- When selling an item online, always go through the selling site and avoid potential buyers who offer to purchase the item directly through you and insist on bypassing the selling agency.
- Insist that payment be made by a secure method such as wire transfer, Western Union or a online payment company. If you are willing to take a check or money order, make sure either you or your bank call and confirm the legitimacy of the check or money order, and wait until the funds clear the bank.
- Be cautious of people who offer you a higher amount for the item you are selling than what you are asking.
- Finally, just use common sense. If it’s too good to be true, it probably is.