Tagged: phishing Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on April 22, 2021 Permalink | Reply
    Tags: , phishing, ,   

    The delivery text message scam returns 

    The delivery text message scam returns

    By Greg Collier

    Last year, we discussed the delivery text messaging scam both pre- and post-pandemic. How the scam worked in the past was you’d receive a text message informing you that something you ordered online couldn’t be delivered, and you need to update your preferred delivery method. A link would be provided for you to confirm your delivery.

    If you clicked the link, you’d have been taken to a phony Amazon page where you’d be asked for your login information. The fake Amazon page will then ask you to fill out a customer service survey in order to claim a prize. After you win the prize, you’ll be asked to pay for shipping by providing your financial information. In essence, scammers just stole your Amazon login along with your credit or debit card info. Put those two things together and victims of the scam could be looking at some expensive purchases on their Amazon account with their own payment information with the actual items being sent to some scammer. In other cases, victims were signed up for a subscription service that charged their card $100 every month.

    Now, the scam seems to have returned with a twist. Previously, the texts would appear like they’re coming from UPS, FedEx, DHL, and Amazon. More recently, the text messages appear like they’re coming from the United States Postal Service. This new version of the scam has been popping up all over the country as we have seen reports from New York, Texas, and South Dakota just to name a few.

    Please keep in mind that no delivery service nor the USPS will ever text you out of the blue. These companies cannot text you unless you sign up for their text service first. Plus if these services did text you, the texts would not include a scammy looking link.

    If you receive a text that looks like the image above or something similar, just delete it. The best way to handle scammers is to not engage with them whatsoever.

  • Geebo 8:47 am on April 13, 2021 Permalink | Reply
    Tags: , Google Photos, , phishing,   

    Google Photos scam wants your password 

    Google Photos scam wants your password

    By Greg Collier

    It’s difficult to live an online life without using some of Google’s services. For example, if you’re using an Android phone, you’re already entrenched in the Google ecosystem. Because of that, you’re probably using Google services that you might not be aware that you’re using. Google Photos is one of those services. If you use an Android phone you’re probably using Google Photos without even knowing it. In most Android phones, Google Photos will back up the pictures you take with your phone to the cloud. Due to the sheer number of people who use Google Photos, it has become an avenue for identity thieves.

    According to reports, scammers are sending out phony emails that say someone has shared their Google Photos Album with you. These are phishing emails that are said to look authentic. If you click on the link to the supposed photo album you’re asked to enter your Google username and password. Except the website where you just entered your Google information isn’t a Google website. Instead, it’s a website set up by scammers to steal your Google login information.

    Please take a moment to think how much your online life is contained in your Google account. In just your Gmail alone there is probably enough information to steal your identity easily. Between banking information and social media accounts, someone with access to your Google account could essentially take over your identity and ruin it for years to come.

    As is the norm with most phishing emails, you should never click on the link any of these emails contain. On your computer, hover your cursor over the link to see where the link actually directs you. Check for misspellings of actual web addresses used by real companies. Also, don’t click on any links that have been shortened by a link shortening service as they can disguise the links true destination.

  • Geebo 8:00 am on March 31, 2021 Permalink | Reply
    Tags: , , , phishing,   

    College students targeted in tax scam 

    College students targeted in tax scam

    By Greg Collier

    With it being tax season, tax scams are on the rise. We’re not talking about the kind of tax scam where federal agents show up at your door because you claimed the squirrels in your yard as dependents. We’re talking about the kind where is either trying to separate you from your refund, or using the promise of a refund to steal your information. The latest targets in this kind of tax scam are college students.

    The IRS is warning people that anyone with an email address ending in .edu is vulnerable to this scam. The scam is essentially a phishing attack. The student receives an email that appears to be from the IRS asking the recipient to click on a link that’s labeled either “Tax Refund Payment” or “Recalculation of your tax refund payment.” If the victim clicks on the link they’re taken to a website that asks for personal information like name, date of birth and Social Security number.

    Theoretically, college students are a prime target for identity thieves. At that age they may have established any serious credit yet which is the holy grail for identity thieves. Identity thieves could use a young victim’s credit for years before the victim ever realizes it.

    There’s been this stereotype that’s been going around forever that young people are better with technology than their parents. While that may be true, they may also be unsure of how filing their income taxes and receiving a refund works. So, they might think that this phishing email is a legitimate way of claiming their income tax refund. We realize that our readers tend to be from a different demographic than college students, but we also realize that you may have a college student in your family. If you do, you may want to warn them about this potential scam.

  • Geebo 8:00 am on March 29, 2021 Permalink | Reply
    Tags: , , phishing, , survey scam   

    Vaccine survey could be a scam! 

    Vaccine survey could be a scam!

    By Greg Collier

    People all over the country have been reporting that they’ve been receiving emails and text messages asking them to fill out a survey about the COVID-19 vaccine. The messages even appear to look like they’ve been sent by one of the major manufacturers of the vaccine. So far, close to 50 million people in America have been fully vaccinated. This gives scammers a pretty large target. The messages are almost certainly sent out at random, but the odds are pretty good they’ll reach someone who has been vaccinated.

    The majority of these survey scams promise the recipient a free gift if they fill out the survey. Of course, the free gift comes with a catch. While the gift may be free, the survey takers are asked for their credit or debit card information to pay for shipping. The gift doesn’t actually exist, and the scammers are just out to get as many card number as they can. Officials have also warned people to not click on any links contained in the messages as they could potentially lead to your device being infected with malware.

    The surveys themselves are even said to be asking for sensitive information that could be used for identity theft. It seems like the survey scammers don’t want to leave any digital stone unturned when it comes to gathering as much data about you as possible. If you receive one of these messages, it’s recommended that you delete it immediately and not click on any of the links they contain. If you’ve already lost money to this scam, you’re asked to report it to the FTC.

  • Geebo 8:00 am on March 18, 2021 Permalink | Reply
    Tags: , , phishing, ,   

    New phishing scam sells your identity on the dark web 

    New phishing scam sells your identity on the dark web

    By Greg Collier

    An insidious phishing scam has turned up in the nation’s largest metropolitan area.

    For those who may not be familiar with what phishing is, it’s when you get sent a phony email or text that has you click on a link. These links either take you to a phony website where identity thieves will try to steal your personal information or the links will inject malware into your device. If malware were to get into your device, it could transmit your data to scammers and identity thieves and scammers, or it could lock your device in a ransomware attack. However, this new phishing attack has victims voluntarily giving up their information in a more comprehensive way than before.

    Reports out of New York are saying that victims of the attack are receiving authentic looking emails and text messages that appear to be from the State Government. The messages largely target those who are currently unemployed in the Empire State. Once the victim clicks the link in the message, they’re taking to a website that is a mirror image of the official New York unemployment website.

    After the victims use their login information on the phony website they’re then asked to take high-quality pictures of their driver’s license and other sensitive documents. Once the identity thieves have your information, they turn around and sell your identity on the dark web. According to security experts, Social Security cards are going for around $1.50 while driver’s licenses are going for around $100. Just imagine, a $1.50 transaction on the dark web that happens instantly can have expensive repercussions on your life for years to come.

    Always be suspicious of any text message, email, or social media message that wants you to click on any kind of link, especially if it’s for such a crucial matter like your unemployment benefits. Most government agencies like unemployment offices will not email or text you but instead will almost always contact you through the postal mail. And keep in mind that all official government websites end in .gov.

  • Geebo 9:00 am on February 25, 2021 Permalink | Reply
    Tags: , , , phishing,   

    Scam tries to extort medical professionals 

    Scam tries to extort medical professionals

    By Greg Collier

    Scammers still haven’t gotten tired of COVID-19 related scams yet. However, instead of targeting the general public, some scammers have decided to go after medical professionals in the scammer’s quest for ill-gotten gain.

    This scam is similar to the Social Security scam where the scammers claim that your Social Security number has been suspended due to some fictitious crime that your number was supposedly attached to.

    In this scam, scammers are contacting nurses, physicians and pharmacists posing as the state of New York to tell the victims that their licenses have been suspended. However, a substantial payment just happens to be able to revers the suspension and can avoid the licensee any future fines.

    It’s not lost on us that these scammers are going after frontline workers in a state that has one of the highest concentration of COVID-19 patients. This is an example of a couple of scammer tactics. One is to try to pressure and already overworked system and the other is to take advantage of any crisis no matter how horrible.

    In this instance, the scammers are flooding their victims with mounds of official-looking paperwork that appear to be from such agencies as the state, the U.S. Department of Justice, the FBI, Trans Union and the New York state Office of Professions. The problem with this paperwork is that it can look legitimate since they contain information like the professional’s National Provider Identifier.

    In the long run, scammers may not be after money but instead after the personal information of medical professionals as most of the forms ask for Social Security numbers and the like.

    It is recommended that anyone receiving one of these calls or messages to ignore it and report it to the FBI if you’ve lost money, or the FTC and local police if you haven’t.

  • Geebo 9:00 am on January 21, 2021 Permalink | Reply
    Tags: , , phishing, ,   

    New email scam tries to get your stimulus money 

    New email scam tries to get your stimulus money

    With the second round of economic impacts in the process of being paid and a third round possibly on the horizon, you might think that taxpayers should now be pretty immune to stimulus scams. However, that hasn’t stopped scammers from trying to get their hands on yours. It also appears that the scams are becoming even more elaborate to try to steal from you.

    The Federal Trade Commission is warning taxpayers about emails that claim to be from their agency discussing the stimulus payments. The emails even claim to be sent directly from the outgoing chairman of the FTC. According to reports, the email demands that you pay money to receive your stimulus payment. It even includes an official looking ‘certificate of approval’.

    If you make any motions towards actually making a payment to the scammers, you’ll be told that the payment is for a State Department certificate that proves the funds are not related to any terrorist activity. That may sound made up, but the FTC is assuring us it isn’t.

    If you receive one of these emails it is recommended that you just delete it or mark it as spam.

    The indicators that this email is a scam are numerous. The first is that the FTC has nothing to do with economic impact payments. That is all handled by the IRS, and they’re not emailing anyone asking for money either. One of the other indicators is that you don’t have to pay for your stimulus payment. The majority of taxpayers just have to keep an eye on their bank account if they have direct deposit, or their mailbox if they don’t. Even if you’re a non-filer and received the initial stimulus payment, you should receive this one the same way.

    If you have any further questions about how the economic impact payments are being made, we recommend going to the IRS’s Get My Payment website.

  • Geebo 9:00 am on January 5, 2021 Permalink | Reply
    Tags: , , , phishing, ,   

    Two PayPal scams you should be aware of 

    Two PayPal scams you should be aware of

    PayPal is probably one of the most trusted online payment systems today. There aren’t many online retailers that don’t accept PayPal as a payment option. PayPal also allows those who are underrepresented by banks to not only shop online but to also have a debit card that the consumer can use like any bank debit card. However, this post isn’t meant to be free publicity for PayPal. While PayPal does offer many protections to their users, it can still be used in various scams as we’re about to take a look at now.

    Security experts are warning about a new series of text messages going around that are designed to steal your PayPal login information. The text messages claim that there has been fraudulent activity on your PayPal account and that your account is now limited. That would mean that you would be restricted in the use of your own PayPal account. The text then directs you to click on a link to verify your account. If you click on the link, you’ll be taken to a phony PayPal page that resembles the genuine article. If you enter your login information on this phony page, your information has just been stolen. Since many PayPal accounts are linked to bank accounts, your bank account could be in jeopardy as well. If you feel like you’ve clicked on one of these links and given them your information you should immediately change your PayPal password.

    The other scam is more hands on so to speak. A woman in Georgia was selling a cell phone on Facebook Marketplace. She met a buyer at a local restaurant. The man agreed to buy the phone using PayPal. The buyer showed the woman a fake email that looked like he had just paid her through PayPal. However, the woman wasn’t seeing the payment in her account. The man then made it appear as if he was calling PayPal himself and told the woman that the payment would be in her account in a couple of hours. As you can expect, the payment never showed up. PayPal doesn’t work like this as payments are almost instantaneous. Once you make or receive a payment you should be notified by PayPal right away. If you’re not notified you shouldn’t take a stranger’s word for it that you’ve been paid.

  • Geebo 11:00 am on December 24, 2020 Permalink | Reply
    Tags: , phishing, , typosquatting   

    How a typo could cost you money 

    How a typo could cost you money

    Right now, it’s probably too late to get a Christmas present to someone on time if you’re shopping online. However, there is an online shopping scam that takes place all year long that you should be aware of.

    Have you ever mistyped the address of your favorite website only to end up on some sketchy site full of ads and malware? Now what if you mistyped the address of your favorite shopping site but the site looked exactly the same? That’s what some scammers are hoping happens if you misspell the name of a popular retailer.

    Some scammers have registered slightly misspelled web addresses, known as URLs, to try to trick you into giving them money. For example, scammers will register a URL that puts in a zero when the actual address had an ‘O’ in it. Or they’ll add an extra letter that most people won’t notice. This is known as ‘typosquatting’

    These typosquatters won’t just sit around waiting for someone to make a typing error. They’ll also send out phishing emails that look like they’re from the legitimate retailer but use their phony URL for any links in the email. As always, you should never click on email links from people you don’t know personally.

    If you go to the duplicate site, not only could scammers get your login information for the legitimate site, they could also get your financial information.

    The best way to protect yourself from typosquatting outside of double-checking your spelling is to use a credit card when shopping online. Credit cards come with more consumer protections than that of a debit card, gift card, or online payment service. Some credit cards even provide a free service that generates a temporary credit card number that you could use for a one time purchase. This will prevent your credit card from being used for additional fraudulent charges.

  • Geebo 9:00 am on November 24, 2020 Permalink | Reply
    Tags: , , pandemic unemployment assistance, phishing, PUA, , ,   

    New unemployment scam promises $7600 

    New unemployment scam promises $7600

    If it seems like we’re hitting you over the head with unemployment scams, we’re sorry. We try to keep the content as diverse as possible but it seems that new unemployment scams have been popping up all over the country lately. This time, the scam is coming out of Ohio.

    The Ohio Department of Job and Family Services is warning residents of an email phishing scam. The scam is said to be targeting anyone in the state that has received pandemic unemployment assistance. This is an assistance program Ohio uses to help those not normally eligible for unemployment such as the self-employed and gig workers.

    The email, which can be viewed here, states that applicants can receive an additional ‘7,600 USD’ if they click on the link that says ‘Accept My Claims’. If you were to click on the link it would no doubt take you to an official-looking but phony web page where you’ll be asked to input your personal information. If you’re on a laptop or desktop computer you can hover your cursor over any link to see where it’s really going to take you.

    There are a couple of red flags with this scam if you know what to look for. The first is that the email said payment would be 7,600 USD. USD is normally only used outside of the country to indicate how much something may be if you’re purchasing it from overseas. There are also some grammatical errors in the email that you may overlook if you’re not too careful.

    The whole situation in Ohio leaves a question that we think needs to be asked. How were the scammers able to obtain the email addresses of people who are and were on the pandemic unemployment assistance?

    We’d also like to remind you that just because it’s happening in Ohio doesn’t mean a similar scam couldn’t come to your state. If you receive an email like this, do not click on any of the links contained in it. Instead, if you think there’s an issue with your unemployment go directly to your state’s unemployment website.

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc