Tagged: identity theft Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 9:00 am on November 29, 2023 Permalink | Reply
    Tags: identity theft, , ,   

    Anyone can fall prey to the SIM-swapping scam 

    Anyone can fall prey to the SIM-swapping scam

    By Greg Collier

    You may have head of the term SIM-swapping before. You may even know SIM-swapping is part of a larger identity theft scheme. What you may not know is that the term SIM-swapping is a type of misnomer. SIM-swapping makes it sound like someone needs physical access to your phone so they can steal your SIM card. A more appropriate term would be SIM-hijacking, since the scam itself is committed remotely.

    A SIM-swapping attack is a type of cyberattack where a malicious actor fraudulently convinces a mobile carrier to transfer a victim’s phone number to a SIM card under the attacker’s control. This is typically done by impersonating the victim or exploiting vulnerabilities in the carrier’s verification processes.

    The attacker contacts the victim’s mobile carrier, posing as the legitimate account holder. They may use gathered information to convince the carrier’s customer support representatives that they are the actual owner of the phone number.

    Once the attacker successfully convinces the carrier to transfer the phone number to a new SIM card, the victim’s phone loses network connectivity. The victim may not be aware of this until they try to make a call or use data services.

    With control of the victim’s phone number, the attacker can receive the victim’s text messages and phone calls, which may be used to bypass two-factor authentication (2FA) on various accounts linked to the phone number. This can lead to unauthorized access to email, social media, financial, or other online accounts.

    In the past, when we’ve discussed SIM-swapping attacks, we’ve heard from readers who said their phones are immune from these attacks since their phone doesn’t have a SIM card. Unless you’re still carrying a flip phone you bought from Sprint in the mid-2000s, chances are your mobile phone has a SIM card in it. You may not have placed the card in the phone yourself, but without a SIM card, your phone wouldn’t be able to communicate with your phone carrier and provide you service. There’s also what’s known as an eSIM. This is a SIM card that can be embedded in your phone, meaning it can’t be removed. In essence, if you have a reasonably modern mobile phone, it has a SIM card. And if it has a SIM card, it’s vulnerable to these attacks.

    A woman from California, recently fell victim to one of these attacks. After scammers successfully had her phone company transfer her service to the scammers’ SIM card, they were able to get access to at least one of her bank accounts. They drained her account of $49,000 before it was all said and done. The victim tried to work with both her bank and phone provider, but they denied any of her requests. As with many bank-related scams, it wasn’t until the victim contacted her local news station before she received a refund from her bank.

    There are several effective strategies to safeguard yourself from SIM-swapping. One approach is to opt for an authenticator app instead of relying on text messages for two-factor authentication. Authenticator apps are tied to a specific device rather than a phone number, enhancing their security. Additionally, it’s crucial to refrain from using easily discoverable information, such as high school mascots or pet names, for security questions on online accounts, as such details are often accessible on social media. Finally, you can enhance security by reaching out to your carrier and requesting the restriction of any device switches on your account. It’s important to note that to lift this restriction, you might need to visit a carrier store and provide identification.

     
  • Geebo 9:00 am on November 28, 2023 Permalink | Reply
    Tags: , , identity theft, , ,   

    AI finds its way into Medicare scams 

    AI finds its way into Medicare scams

    By Greg Collier

    We are currently nearing the end of Medicare’s Open Enrollment period. This is the time of year when Medicare recipients can change their plan from the traditional Medicare coverage to a Medicare Advantage plan, or change back if they so desire. This is also the time of year when scammers specifically target Medicare eligible seniors with their scams.

    When it comes to scams, identity theft poses a significant risk to seniors, especially during Open Enrollment. Scammers often employ tactics such as impersonating government officials, adopting titles like ‘health care benefits advocate,’ to deceive victims. These fraudsters make enticing promises, assuring the victim of enrollment in equivalent or superior coverage at a reduced cost. To accomplish their scheme, the fraudulent agent requests the victim’s personal information, including their Medicare number.

    The stolen Medicare number becomes a tool for these scammers to commit Medicare fraud, involving unauthorized charges for procedures or items. This fraudulent activity has the potential to impact the victim’s benefits in the future. Additionally, scammers resort to high-pressure tactics, such as claiming that the victim’s benefits may expire if immediate information is not provided. In some cases, these deceptive calls may even display Medicare’s official phone number, adding an extra layer of trickery. It is crucial for seniors to be vigilant and cautious to protect themselves from falling victim to such identity theft scams during the Open Enrollment period.

    Though not strictly a scam, certain unscrupulous insurance brokers may exert undue pressure on seniors to switch to their company’s Medicare Advantage plan. While Medicare Advantage plans can offer advantages for some individuals, they may also have limitations that may not suit everyone’s needs. The decision to switch should be based on the individual’s personal healthcare requirements, yet some insurance agents may prioritize making a sale over the well-being of the patient.

    If contemplating a transition from Medicare to a Medicare Advantage Plan, it is essential to conduct thorough research on the potential benefits and drawbacks. Avoid succumbing to the tactics of salespersons, who may push for a decision that could lead to regret in the following year. Taking the time to make an informed decision ensures that the chosen healthcare plan aligns with individual needs and preferences.

    There is also another potential threat with this year’s Open Enrollment, and not surprisingly, it’s related to AI. Experts are warning that scammers could be using AI-generated voice programs to make scam phone calls sound more authentic. These calls could even be used to try to record a victim’s voice, which could then be used in other voice spoofing scams.

    It’s important to be cautious when receiving calls related to your Medicare plan. Legitimate Medicare plans typically contact their members if necessary, but if you ever feel uneasy during such calls, consider calling your insurance company’s official customer service number to verify the legitimacy of the communication.

    As a general rule, exercise caution about sharing your Medicare or Social Security number over the phone. Medicare and your insurance company already have your information on file and typically don’t need you to provide it again during unsolicited calls. This precaution helps protect you from potential scams or identity theft. Always prioritize your security and verify the authenticity of any calls before sharing sensitive information.

     
  • Geebo 8:00 am on September 21, 2023 Permalink | Reply
    Tags: identity theft, mystery box, , , ,   

    A TEMU scam that’s not TEMU’s fault 

    A TEMU scam that's not TEMU's fault

    By Greg Collier

    Last week, we gave our opinion on the online shopping platform TEMU. We advised our readers that TEMU is full of third-party vendors who are getting a reputation for selling knockoffs if an item is delivered at all. TEMU itself has been accused of stockpiling customers’ personal information for less than legitimate purposes. This is all made even more suspicious since TEMU is based in China, where laws concerning personal information are looser than those in the US. However, there’s a scam now going around using TEMU’s name where TEMU isn’t responsible.

    Across social media, ads are being placed where a $1 ‘mystery box’ appears to be offered by TEMU. The ad shows boxes full of high-end items like phones, laptops, and other pricey computer equipment. While TEMU does offer mystery boxes for sale, they’re not being sold for $1, and it’s almost a guarantee an iPhone won’t be included.

    If someone clicks on the ad, they’re taken to a third-party website that has no connection to TEMU. Once at the site, users are asked to enter personal and financial information to receive their supposed mystery box. This is an obvious ploy to use the name of the latest shopping sensation in order to steal someone’s identity and money.

    If you see ads like this that sound too good to be true on social media, they probably are. If you do click on an ad that appears to come from a well-known service, make sure the URL of the website is the correct one. If the URL doesn’t reflect the service you were looking to use, close out of that site immediately, even if it looks identical to the real thing. To best protect yourself when shopping online, use a credit card whenever possible, since credit cards offer more protection when it comes to fraudulent products.

     
  • Geebo 8:00 am on September 15, 2023 Permalink | Reply
    Tags: , identity theft, , ,   

    Is it safe to shop on TEMU? 

    Is it safe to shop on TEMU?

    By Greg Collier

    In case you haven’t heard, TEMU is the latest online shopping sensation. Thanks to their glitzy advertising campaigns, TEMU has taken off in popularity. Social media is flush with posts of people posting their hauls from TEMU. So, is TEMU any good and is it reliable? If we were pushed to give a yes or no answer, we would side with no.

    TEMU is the latest in a string of direct retailers based in China. You may have heard of some of their competitors, such as AliExpress or Wish. Rather than selling items themselves, TEMU allows companies and distributors to sell Chinese-made goods through their portal to customers in the West.

    TEMU’s predecessors, the aforementioned AliExpress and Wish, have garnered a reputation of selling shoddily made or counterfeit goods, along with long shipping times if the item is shipped at all. TEMU seems to be following in their footsteps, but those aren’t the only drawbacks to using TEMU.

    According to the Better Business Bureau (BBB), TEMU is harvesting customer data like there’s no tomorrow. The BBB says that TEMU is collecting such information as the customer’s name, phone number, address, birthdate, social media photos, and even social security numbers. So how is that different from the major U.S. retailers?

    The BBB is concerned that since TEMU is based in China, scammers, identity thieves, and other bad actors may have easier access to that data. While data leaks do happen in the U.S., there are laws to try to protect those affected by the leaks and admonish the leakers. Many other countries do not have such laws, especially when the victims of such leaks are from another country from the other side of the world.

    In a world where personal information is more valuable than ever, it’s essential to tread carefully when navigating the digital marketplace. While TEMU offers enticing deals and a wide range of products, it’s crucial to remember that convenience shouldn’t come at the cost of your personal data security.

     
  • Geebo 8:00 am on July 28, 2023 Permalink | Reply
    Tags: , , , identity theft, , , , , ,   

    Scam Round Up: Weird AI scam and more 

    Scam Round Up: Weird AI scam and more

    By Greg Collier

    Our first scam comes to us from Athens, Texas, where residents have been experiencing a twist in the arrest warrant scam, also known as a police impersonation scam. Typically, when scammers pose as police, they’ll call their intended victims and tell them they have a warrant out for their arrest, The scammers usually claim this for missed jury duty, but they can also claim a number of other infractions.

    For example, residents of Athens have complained the scammers are accusing their victims of using their phone to transmit a photo that traumatized a child. Essentially, the scammers accused their victims of sending explicit material to a child. The victim is then asked to pay several hundred dollars over the phone to resolve the complaint.

    That’s not how arrest warrants work. If there is a warrant for your arrest, especially one that’s supposedly this serious, the police are not going to call you over the phone. Also, no law enforcement agency will ask for money over the phone, and then ask for it in unusual ways, like gift cards or cryptocurrency, just to name a few.

    If you receive a call like this, hang up and call your local police at their emergency number. Not only can you verify there is no warrant for your arrest, you can let the police know scammers are working in your area.

    ***

    Police in Connecticut are warning residents there has been an uptick in check washing. Check washing typically involves stealing checks that are in outgoing mail. Thieves often steal the mail from residential mailboxes, along with the outdoor drop-off boxes used by the US Postal Service. They then dip the written checks in a chemical solution that removes the ink from the check, so the thieves can write the checks to themselves.

    The police in Connecticut are also warning residents the thieves can steal checks out of your trash. If you use your bank’s mobile app to deposit checks, and then throw the checks out, make sure they’re properly shredded before throwing them out, as check washing can still be performed on voided checks.

    If you have to write a check, which is going in the mail, use a gel-based ink pen. The ink in gel pens is said to be more resistant to check washing. Also, don’t put the envelope that holds the check in your mailbox and the put the mailbox flag up. This is a signal to thieves there may be a check in there.

    ***

    Lastly, we’ve read about another AI voice-spoofing scam. There has been a rash of these scams nationwide over the past year or so. In this scam, the victim gets a phone call where the voice sounds like exactly like one of the victim’s loved ones. The scammers manipulate the loved one’s voice in such a way where it sounds like the actual loved one is in some kind of trouble and needs money to resolve the issue. Typically, the scammers ask for bail money, or in some cases a ransom. However, the loved one is usually unaware their voice is being used in a scam.

    However, the recent news article we read out of Alabama, suggests scammers are using the voice-spoofing technique in identity theft. An Alabama woman received a call she thought was from her brother, but was actually from scammers. Instead of asking for money, they asked the woman for personal information. They then used this information to hijack her Facebook account and use that for additional scams. Police there have said the scammers used the videos the brother posted on social media to mimic his voice with AI.

    We can’t say for sure, but this sounds like the scammers may have been asking for the woman’s security questions in case she lost her Facebook password. Considering the answers to these questions are something like “What was your first pet’s name?” or “What city were you born?” these may seem like innocuous questions coming from a close family member.

    In cases like this, it’s best to ask the family member calling a question only they would know to verify their identity.

     
  • Geebo 8:00 am on July 17, 2023 Permalink | Reply
    Tags: , , , , identity theft, ,   

    Job scam uses victims to rob banks 

    Job scam uses victims to rob banks

    By Greg Collier

    Recently, the city of Omaha, Nebraska, experienced a bank robbery and an attempted bank robbery with similar M.O.s. In both instances, a woman handed a phone to the bank teller. The person on the phone threatened the bank tellers into giving money to the person who handed them the phone. Except, the people standing at the teller’s counter had no idea they were being used in a bank robbery. So, how did this happen? We could just say ‘Craigslist’ and leave it at that, but we’ll give our readers a more in-depth explanation.

    According to a local news report, the women who entered the banks had replied to a Craigslist ad looking for someone to help with a sick and elderly relative. Once the women responded to the ad, they were told they would be helping with, “light housework, grocery store runs, and helping with finances.” Don’t you think classifying ‘helping with finances’ as bank robbery is a bit much? Anyway, the women were told they needed to go to the bank to withdraw money for the relative’s medical bills. The women handed the phones to the tellers, thinking their employer was discussing a withdrawal.

    Only one of the women was ‘successful’ and thought nothing of it when the teller handed her the money. That woman was instructed to deposit the money at a Bitcoin ATM.

    To make matters worse, the supposed employer obtained the women’s bank information, promising he would pay them through direct deposit. The scammer did try to steal from one of the victim’s accounts, but was unsuccessful.

    At the time of this writing, no arrest has been made.

    While a scam like this is unlikely to happen to the average jobseeker, it does highlight a couple of red flags when looking for a job online. If your employer only communicates through text messages, instant messaging, or phone call, and won’t meet you personally, there’s an excellent chance they’re a scammer. Also, if the position requires you to make any kind of payment involving cryptocurrency like Bitcoin, there’s an even grater chance the job is a scam.

     
  • Geebo 8:00 am on June 16, 2023 Permalink | Reply
    Tags: credit check, identity theft, , ,   

    New type of rental scam changes the game 

    By Greg Collier

    We’re pretty sure when Craigslist first started allowing real estate listings, the rental scam was born. For any new readers, the rental scam is when a scammer will list a property online for rent which they don’t actually own. Scammers will copy a legitimate listing from a realtor of a property which is for sale, then post it for rent on unregulated marketplaces like Craigslist. The listing will have a below-market rent in order to lure in victims. Typically, these scammers will ask for either a security deposit or first month’d rent before disappearing with the victim’s money. These scams have cost victims thousands of dollars and have left many of them homeless.

    However, there is a new rental scam that’s occurring across the country, according to the Better Business Bureau. The BBB says these new scammers aren’t after renters’ money, but their personal information instead.

    The scammers are still using the same tricks to find a potential victim, but instead of trying to take their money, the scammers are having victims fill out phony credit checks. Victims are being led to a website that appears to be professional and legitimate, but once renters give their personal information, the scammers disappear with the victim’s identity.

    Now, it’s not unusual for landlords to perform credit checks before renting to a new tenant. However, there are ways to protect yourself from this scam, and many of them are the same ways to protect yourself from the typical rental scam.

    The first thing you should do is Google the address of the rental property. If there are duplicate listings and the landlord details don’t match, there’s a good chance you’ve discovered a scam listing. If the listing from a realtor’s website says the home is for sale, or the rent is more expensive, then the other listing is the phony one. And as always, you can always check with the county’s tax office or website to find out who the true landlord is.

     
  • Geebo 8:00 am on May 2, 2023 Permalink | Reply
    Tags: , identity theft, , ,   

    Craigslist rental scam leads to identity theft 

    By Greg Collier

    When we discuss rental scams, we mostly discuss how victims lose money. However, there is another pitfall to the rental scam, and that’s having your identity stolen. That could end up costing a rental scam victim even more money and headaches after they lose money to the scammer.

    Typically, rental scams involve individuals who pretend to be landlords or property managers in order to deceive potential renters into paying upfront for a rental property that they have no right to rent out or don’t even own. The scam begins with an advertisement for a rental property that appears to be priced well below the market rate, which attracts the attention of potential renters. The scammer then persuades the victim to pay a security deposit or the first month’s rent before they have had the chance to view the property. Once the payment is made, the scammer may become unreachable or vanish altogether, leaving the victim without a rental property and without any recourse to recover their money.

    But what these stories sometimes fail to mention is the phony application process scammers make victims go through. To make the scam seem more legitimate, rental scammers will have their victims fill out rental applications that ask for the victim’s personal and financial information. Once the scammers have that information, they can obviously use it for more profitable crimes.

    For example, a woman in Connecticut found a rental home on Craigslist that was well within her budget. The rental scammer had her fill out an application that asked for all pertinent information they would need for identity theft. This included the victim’s Social Security number, driver’s license number, and tax history. Just a few days later, the scammer tried to open a credit card account in the victim’s name. The victim had to freeze her credit for a year, which comes with its own set of issues.

    When filling out a rental application, avoid giving out information that is not publicly available, such as your Social Security number, driver’s license number, and banking information.

    However, before you even get to that step, you should research the property first. The listing in the story was copied from a Zillow listing where the home was for sale., Information like this can be discerned just by doing a Google search for the property’s address. And you can always check the property records with the county.

     
  • Geebo 8:00 am on April 10, 2023 Permalink | Reply
    Tags: , identity theft, , ,   

    Secret Service warns about real estate scam 

    By Greg Collier

    Another scam that we’ve seen reported more in the news lately is the vacant lot scam. This scam typically involves scammers who try to sell a vacant lot that they do not actually own or have the right to sell.

    The process of the vacant lot scam involves scammers locating an unoccupied property without any construction and determining the owner, which can be accomplished through publicly accessible information. To appear as the genuine owner of the property, scammers will impersonate the owner and create fake identification documents. Using this guise, the scammers will enlist the help of a real estate agent to sell the property. In many cases, the scammers will not be physically present in the area where the property is located, and they may communicate solely through electronic means such as emails and text messages.

    The scam has become so prevalent, even the Secret Service is warning realtors nationwide to watch out for this scam.

    One realtor from Montana encountered this scam in a most unique way. The realtor also happens to own a vacant lot. Scammers called her office one day looking to sell a lot at a discounted price for a quick sale. When the realtor asked for the caller’s name, the scammer replied with the name of the realtor. That’s one way to tell you’re talking to a scammer.

    If someone was looking to buy a lot, they might consider investing in title insurance, which could protect them from losing money in a phony sale. Buyers should also make sure they’re dealing with the actual owner of the property. See if you can get the records of the property from the county tax office and make sure that the signatures match.

    If someone owns a vacant lot, whether they’re looking to sell or not, can take some precautions to protect their property. Make sure to regularly monitor your property and keep records of any changes or updates to it. This can help you quickly identify if someone is trying to sell or rent your property without your permission. Ensure that your property is properly secured. This can include installing fences, locks, or security cameras to deter trespassers.

     
  • Geebo 9:01 am on March 10, 2023 Permalink | Reply
    Tags: , identity theft, payday loans,   

    Payday loan scams target the already vulnerable 

    By Greg Collier

    Payday loan companies are already a shady type of business. They target low-income neighborhoods and hope to keep their customers on a never-ending cycle of dependence through their predatory practices. The high-interest rates and fees make it difficult for borrowers to repay the loan and can result in a cycle of debt. Several states have banned the practice of payday loans, but some lenders have gotten around these bans by opening storefronts on Native-American reservations. However, payday lenders are not the scammers we’re talking about today. We’re talking about scammers who take advantage of the borrowers, even after they’ve paid the loans back.

    According to lifestyle blog Lifehacker, there are many scams that try to take advantage of borrowers. Most of these scams start when the payday lenders have a security breach. We can’t imagine such upstanding businesses having the best security practices when it comes to their customers. In one scam, the scammers will pose as the lending company and try to get the personal and financial information from the borrower under the promise of depositing the loan into the borrower’s bank accounts.

    Another scam is where the scammers pose as debt collectors, hoping the borrower has maybe lost track of some debts owed to a payday lender. Since they typically have the borrower’s personal information, they can make the scam seem more legitimate. Considering how much information payday lenders collect from their customers, this can be an extensive amount of the borrower’s personal history.

    There are also scams where the scammers will pose as payday lenders online and over the phone who either just want the victim’s information, or will ask for money upfront in exchange for a loan that never comes through.

    The best way to avoid these scams is to avoid payday lenders altogether. However, we also understand that not everyone has that luxury. If you’re contacted by someone claiming to collect a debt on behalf of a payday lender, ask them for a written explanation of the debt. Debt collectors are required by law to provide that to debtors.

    Also, if a lender asks for a fee in advance, they are a scammer. This is one of the variations of the advance fee scam is illegal for lenders to do.

    Lastly, even payday lenders will not reach out to prospective customers by phone, email, or text. If someone is offering you a loan through this method, the odds are almost certain they’re a scammer.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel