Be on your guard for coronavirus scammers, skimmers & phishers!


coronavirus scam alert

There’s never been a crisis that cyber criminals won’t try to exploit — rest assured, they are out in full force during the coronavirus crisis. Their goal is to capitalize on your fears and anxieties to steal your money and your credentials. They hope that you will be distracted and that your guard may be lowered. We offer a roundup of just a few of the scams that we’ve been hearing about, along with resources that offer security and protection tips.

Phone scams
The Federal Communications Commission alerts us that phone and text message scammers are out in full force to take advantage of the coronavirus crisis to prey on consumers and they discuss common ploys and talk about how to protect yourself in COVID-19 Consumer Warnings and Safety Tips.

Common scams include offering free home testing kits, promoting bogus cures, selling health insurance, and preying on virus-related fears. They also prey on financial fears offering bogus debt consolidation services and work from home schemes. They tout fake charities. Scammers often impersonate government agencies.

One particular issue to be aware of:

Many consumers will receive checks as part of the federal government response to the coronavirus. No one will call or text you to verify your personal information or bank account details in order to “release” the funds. The Treasury Department expects most people to receive their payments via direct-deposit information that the department has on file from prior tax filings.

The FCC offers the following tips to help you protect yourself from scams, including coronavirus scams:

  • Do not respond to calls or texts from unknown numbers, or any others that appear suspicious.
  • Never share your personal or financial information via email, text messages, or over the phone.
  • Be cautious if you’re being pressured to share any information or make a payment immediately.
  • Scammers often spoof phone numbers to trick you into answering or responding. Remember that government agencies will never call you to ask for personal information or money.
  • Do not click any links in a text message. If a friend sends you a text with a suspicious link that seems out of character, call them to make sure they weren’t hacked.
  • Always check on a charity (for example, by calling or looking at its actual website) before donating.

Coronavirus Phishing Scams
Consumer Reports  talks about phishing scams that pitch COVID-19 health information and fake cures. They say that:

Many of the emails, which often appear to be sent by WHO or the Centers for Disease Control and Prevention, pretend to offer new information about the virus.

Some hint at the availability of a vaccine, and others claim to be from charitable organizations looking to raise money for victims.

Although the ploys are “depressingly familiar” to those well-versed in phishing emails, they come at a time when people worldwide are particularly vulnerable, says Eric Howes, principal lab researcher for KnowBe4, a cybersecurity company focused on phishing prevention.

“When people are distracted, concerned, and extremely motivated to get information,” he says, “you can’t count on them to notice things they might have in calmer times.”

Their post shows how the phishing scams work and offers a list of tips from digital security experts on how to avoid getting scammed.

Consumer Reports also offers other coronavirus-related alerts:

Online shopping safety: protect against skimmers
Malwarebytes offers tips for safe online shopping post COVID-19. They talk about various problems online shoppers should be on alert for, from raised prices and price gouging to counterfeit goods. They remind shoppers to use only trusted sites and to visit those sites directly rather than through links found in emails or on web pages, which could be phishing attempts. They offer this pro tip: Bookmark favorite URLs to save on manually typing. By saving the URL rather than searching for a shop name, you are less likely to be fooled by impersonators.

They call out one threat many shoppers may be unaware of and most people wouldn’t spot – online shopping cart skimmers:

Ever since shelter-in-place orders have sent millions of shoppers online, the Malwarebytes threat intelligence team has noticed an uptick in the amount of digital credit card skimmers, also known as web skimmers. Web skimmers are placed on shopping cart pages and collect the payment data that customers enter when they purchase an item online.

Cybercriminals can hack the websites of legitimate brands to insert web skimmers, so avoiding resellers or little-known boutiques won’t protect shoppers from web skimmers. Instead, consider using an antivirus with web protection or browser extensions that block malicious content.

To help prevent such exploits, make sure you have good antivirus and anti-malware protection and keep it up to date.

Working from Home
The Better Business Bureau says that as more people work from homes, IT and security companies are noting an increase in hacking/phishing attempts. They offer 10 Tips to Stay Cyber Secure When Working Remotely. We also found this great advice. concrete advice from insurer HSB to be very helpful: Seven Ways in Seven Days to Boost Cybersecurity While Working Remotely. They talk about each step in more detail, but here’s a summary of steps they suggest/

Day 1: Unsubscribe to unsolicited email
Day 2: Get on the “Do Not Call” List
Day 3: Block unwanted callers
Day 4: Try a password manager
Day 5: Employ multi-factor authentication
Day 6: Confirm that operating systems have the latest update installed
Day 7: Confirm and update subscription(s) to anti-virus and anti-malware software

Crooks, cons & criminals: the 2019 Insurance Fraud Hall of Shame


Insurance Fraud Hall of Shame banner

Insurance fraud is one of America’s largest crimes — at least $80 billion is stolen each year. Why should you care? This is a crime that you pay for in the form of higher insurance rates, for one thing. And often, the fraud includes theft, scams, staged accidents, and even violence. According to the Insurance Information Institute (III), this is who commits insurance fraud:

  • organized criminals who steal large sums through fraudulent business activities,
  • professionals and technicians who inflate service costs or charge for services not rendered
  • ordinary people who want to cover their deductible or view filing a claim as an opportunity to make a little money.

Insurance fraud is a crime and police and insurance investigators fight back. It’s punishable by fines, jail and permanent criminal records. Unfortunately, sometimes the general public thinks of it as a petty or victimless crime. III says:

“Public attitudes have sometimes hampered insurers in their fight against fraud. Studies suggest that some portion of insurance fraud committed by consumers is driven by revenge or retaliation for a personal service exchange which they think is unfair. People may retaliate in order to “get a return” or “get their money’s worth.”

Understanding the scope of the crime and the ways that it affects all of the honest folks who pay for this crime can educate and help to change attitudes.

The Coalition Against Insurance Fraud works hard to educate the public about how insurance fraud is not a minor or a victimless crime.  Every year, they profile some of the worst crooks, cons and criminals from the prior year in the Insurance Fraud Hall of Shame. Here are some of the worst fraudsters in 2019:

  • A Tallahassee man pushed his friend out of a fishing boat and told authorities alligators must have gotten him. In reality, he had shot his friend in the face as he tried to climb back in the boat and then buried his body. It turned out he was in cahoots with the deceased man’s wife to collect $1.75 million in life insurance.
  • A NY chiropractor was at the heart of a “slip and fall” shakedown ring that bilked businesses and their insurers out of $32 million for bogus injuries.
  • A wealthy Miami executive ran dozens of corrupt skilled-nursing and assisted-living facilities that raided taxpayer-funded Medicare and Medicaid to the tune of $1.3 billion.
  • An heiress, socialite and political fundraiser made $20 million of false damage claims after fire in her family’s 5,600-foot mansion in the Philadelphia suburbs. To add insult to injury, she falsely blamed volunteer fire fighters who fought the fire of stealing $10 million in jewelry.
  • A Boston-area trolley driver was badly beaten up by a masked criminal on Halloween and collected workers compensation and long-term insurance to cover his injuries. Investigators later tracked down the mugger who turned out to be friend of the driver who had helped stage the “crime.”
  • There are more: A Pennsylvania man who died of burns when his home arson scam went wrong. A corrupt rehab network that forced desperate addicts to relapse in a $100-million plot to milk insurers in Pennsylvania. A staged workplace slip and fall that was caught on camera and then went viral. A $2.1-billion transnational crime ring that targeted seniors.Read more about detail about the stories of the 2019 inductees in the Insurance Fraud Hall of Shame.

 

Posted in Fraud

Tax scam season: Be on high alert for these fraud schemes


worried man taking a tax scam phone call

From now through April 15, it’s the top tax scam season. Not that tax scams only happen in the first few months of the year, they can occur year-round. But criminals know that taxes are on your mind and they will try to take advantage of that.

Be alert for tax-related identity theft
With the frequency of large-scale data breaches, there’s a better than average chance that your personal information has been breached. Your data may even be in the hands of criminals, making you susceptible to identity theft. You may not be aware of this at all until you get a notice from the IRS about a tax filing that you never made. When you look into it, your realize that it is not just a mistake – you are the victim of a crime.

The IRS says that it’s not uncommon for identity theft victims to be unaware that they are compromised until they run into some type of tax problem or tax alert.

Here are warning signs that that the IRS says may indicate that you are a victim of tax-related identity theft:

  • You get a letter from the IRS inquiring about a suspicious tax return that you did not file.
  • You can’t e-file your tax return because of a duplicate Social Security number.
  • You get a tax transcript in the mail that you did not request.
  • You get an IRS notice that an online account has been created in your name.
  • You get an IRS notice that your existing online account has been accessed or disabled when you took no action.
  • You get an IRS notice that you owe additional tax or refund offset, or that you have had collection actions taken against you for a year you did not file a tax return.
  • IRS records indicate you received wages or other income from an employer you didn’t work for.

The IRS offers steps to take if you are a victim of tax-related identity theft, a data breach or employment related identity theft in their Taxpayer Guide to Identity Theft.

Phone impersonation and other common tax scams

Tax-related identity theft is only one type of season tax crime – be alert for these “usual suspects” that the IRS has identified as some of the most common scams:

Impersonation Telephone Scams – The IRS won’t call you to demand immediate payment via a debit card or gift card. They won’t send the police to your house to collect a debt or arrest you. See: How to know it’s really the IRS calling or knocking on your door

Impersonation email scams – the IRS does not send unsolicited emails.

Fake calls from Taxpayer Advocate Service numbers – spoofed calls from criminals  posing as IRS assistance services trying to extract personal information.

‘Ghost’ tax return preparer “Tax Transcript” email scam –  Don’t get caught by a phony tax prep scammer or promises to get your you refunds sooner.

A new version of a Social Security scam – A criminal poses as the IRS and threatens to cancel your SS number.

Check out our other fraud posts for more alerts on scams and tips to stay safe.. And here are more tax season tips from prior years:

Quick best practice tip for your 2020 financial and legal documents


young woman signing a financial document with two other people watching

It’s a new year – time to get in the habit of changing the year that you use when you write a quick check or date documents. But there’s another habit you should alter this year, according to police and other crime experts: write out the full year of 2020 in your handwritten dated documents, not just the abbreviated ’20. Failing to write the full year of 2020 might open you to costly fraud.

While it’s common to date documents in this format – 1/7/20 – the unique nature of this year’s date makes it too easy for a fraudster to change the year by simply adding more digits on the end. So your check or contract dated 1/7/20 could easily be altered to backdate it to 1/7/2019 or date it into the future as 1/7/2021.

Elizabeth Whitman of Whitman Legal Solutions talks about this in her article Will Abbreviating 2020 on Legal Documents Make You Vulnerable to Fraud?

She talks about why someone might do this, using an example of vintage violins with label changes that made the instruments older and consequently more valuable than they were. While labeling fraud on vintage musical instruments may not be something you have to worry about, she offers examples of why it might be worth your attention:

“Those who warn against abbreviating 2020 theorize that a scammer could backdate a document, such as a promissory note, to 2019. After that, the scammer could try to collect an extra year’s interest on the loan.

Commentators express similar concerns about postdating–that someone could change the date to try to cash a stale check. Or, they could try to force performance of an expired contract by make it appear that the contract was signed later than it was.”

Some say this fear might be overblown, that in prior years scammers might have altered dates on any two-digit year — but that just reinforces the importance of using a 4-digit year on written legal and financial documents – why take the risk? Whitman notes that while a consumer may be able to ultimately prove the fraud, that might entail an expenditure of time and money. Whitman says that although the risk of using an abbreviated date might be minimal, “it also doesn’t hurt to use the full year in a document signed in 2020–or in any other year.”

Her article also offers an handy list of document signature best practices, such as using a digital signature when possible, signing in blue ink, maintaining time-stamped paper copies and using dated cover letters – read more about these suggestions in her post.

Forged, altered or fake paperwork is a real thing – see our prior post on title washing scams that occur in used car purchases – a crime that costs $30 billion a year! Thieves and scammers are very creative in separating you from your money – a small step like using a 4-digit year in financial and legal documents that would make their job harder seems worth it.

Holiday fraud: How to avoid seasonal scammers


polic lineup with santa, Rudolph the Reindeer and a pretty elf

If it’s December, it’s prime holiday fraud season!

Because it’s the busiest season of the year, scammers work double time to try to maximize their take. And as many times as we’ve issued warnings, thieves are very creative about thinking up sneaky new ways to separate you from your money. The Better Business Bureau is on the case. Here are some of the top scams they see around the holidays.

Delivery scams and package thefts this holiday season – While just plain old theft of shipped packages from your doorstep or workplace is common, there are a few other things to watch out for. BBB says that phishing emails pose as official notices from delivery companies. These either contain a “tracking link” or a message that the shipper is having difficulty delivering a package to you with a number to call. Or they affix fake “missed delivery” tags on your door, asking you to call a phone number to reschedule your delivery – all are just ruses to get your personal information.

Social media ad scams – Last year, the BBB found that online purchase scams were the most common cons reported to Scam Tracker and the category with the most victims, many involving Facebook and Instagram ads. Watch out for products claiming to support charity, free trial offers, counterfeit merchandise and apps of unknown origin. Social media is also a hub for illegal gift exchange pyramid schemes. BBB says these pop up every year with new twists. When an offer seems too good to be true, it almost always is.

Is that Santa App safe? Better check it twice. BBB says that the Apple and Google app stores list tons of holiday-themed apps: children can video chat live with Santa himself, light the menorah, watch Santa feed live reindeer, track his sleigh on Christmas Eve, relay electronic Christmas wish-lists, or play Hanukkah games like dreidel. But many of these are invasive and may violate children’s privacy laws in the information they collect. For more, see our post on protecting your kids from ID theft.

Don’t get scammed out of a gift card this season – the BBB says “Before grabbing a gift card for a favorite store or restaurant, know that thieves are just as eager to use these gift cards before they’re presented to the intended recipient. Also, some retailers have terms and conditions as to how the gift card can be redeemed.” See our post about new consumer protections for prepaid debit cards.

Tips for avoiding job scams this holiday season – Many of us are looking for extra money over the holidays and a part-time seasonal job is a common way to earn that cash. But it’s also a time when scammers exploit that desire. BBB reminds you that legit employers will never ask for payment upfront for a job. They say to be wary of big money for small jobs and job offers that don’t require an interview.

8 Tips for dealing with holiday pop-up shops – BBB receives hundreds of complaints a year about temporary retail locations, reporting everything from poor quality merchandise to difficulty obtaining refunds after temporary stores have closed their doors. Pop-up shops can be fun but follow BBB’s tips in mind if you choose to buy from one of them.

See more holiday safety tips from the BBB and use their Scam Tracker to identify common scams near you.

Here are prior posts about more common holiday fraud schemes: