New report and latest Hurricane Ike scams highlight ID theft threats
It's no surprise that identity theft is the number one fear of most Americans. As this week's roundup of the scam headlines shows, ID thieves are everywhere and they don't care about their targets -- even when these victims are already down on their luck.
We also bring you news of a new version of a scam known as "clickjacking", which all web browsers are vulnerable to, plus a "clever" scam for getting someone else to pay for cell phone credits.
And then there's the real dirty distraction trick which robbed a customer of $10,000 -- while he was in the bank!
1. Most Americans fear ID theft, online tracking
The news: A survey by the magazine Consumer Reports shows the scale of anxiety about Internet crime, with 82 percent of Americans understandably expressing fear their identity will be stolen, and 72 percent worrying about their online activities being tracked.
More than two thirds of Americans say they've provided information about themselves to access a website, with the vast majority adding they were uncomfortable about Internet firms using their email content or browsing history to send them ads that meet their interests.
A massive 93 percent of us believe these companies should always ask permission before using personal information.
"The vast majority of consumers want more control over their personal information online and want the ability to stop Internet companies from tracking and profiling them," says Joel Kelsey, policy analyst with CR publisher Consumers Union.
The solution: Read more about identity theft and how you can protect yourself here.
2. More Hurricane Ike scams -- bogus job offers
The scam: Staying with ID theft, after last week's update confirming our earlier story about scammers cashing in on Hurricane Ike scams, two men are accused of trying to steal personal details from victims by pretending to offer them jobs at shelters in Harris County, TX.
They allegedly pose as recruiters for a well-known local energy company, asking victims to fill out application forms and provide voided checks containing bank account details, supposedly to enable direct deposit of their pay.
The solution: In this case, shelter officials called the energy company and confirmed they were not recruiting. Even if it had been legit, it's best not to provide bank account details to a new employer till you actually start work,
3. Food stamps bid to steal IDs
The scam: In another storm-related scam, crooks approach residents of Stark County, OH, claiming to be county job and family service workers.
They offer food stamps to replace food spoiled through storm power cuts. They ask victims to complete an assistance form, detailing their birth date and social security number. It's a blatant bid to steal their identities.
The solution: As we've noted before, there's no limit to how low scammers will stoop, often targeting victims when they're already struggling to cope with misfortune.
If you need state aid, contact the authorities yourself -- don't give money or personal details to door-steppers.
4. Action soon on new button click scare
The scam: It's called "clickjacking" and it happens when hackers hijack a button on a legitimate web page. When you click on the button, instead of it performing the function you expect, it's used to download spyware or viruses, or to take you to a bogus page to try to steal your personal details.
Experts say all the common PC browsers, including Internet Explorer and Firefox, are vulnerable to the attack and they're so concerned that details of how it actually works are being held back. The browser companies have no fix lined up yet.
The solution: Clickjacking is a scary threat because there's not a lot PC users can do about it, though there's no evidence that hackers are using it widely yet. Some experts say an add-on currently only available for Firefox will do the trick for now, though it can limit the browser's usability. We haven't evaluated this add-on, so we can't yet provide an opinion on it. Right now, we suggest you recognize this is a threat, consider the add-on, and be careful, especially if anything seems weird.
More details on clickjacking will be released at a conference later this month.
5. Sneaky caller nabs cell phone credits
The scam: A new subscriber to the Spanish and Latin American cell phone operator Movistar takes a call apparently from the company offering $50 credit for buying $30 worth of advance payment cards.
The crook tells him he must activate the cards by calling him with the card numbers. Of course, when he does that, after buying genuine cards from Movistar, the scammer just keys the numbers into his own phone and gets 30 bucks worth of free calls.
The solution: It's not known how the scammer discovered the name and number of the new subscriber or whether it was just a lucky shot. But the scam underlines the importance of being skeptical about incoming special offer phone calls.
The victim should have checked out the offer on the Movistar website before buying. He'd have discovered it didn't exist.
6. "State government" checks are shopper and lottery scams
The scam: In the latest version of the well-known secret shopper and lottery scams, residents of Baltimore, MD, receive checks that look like they're from the state government.
As usual, the accompanying letter says the recipient has been selected for a secret shopper program or has won money on the lottery. They're asked to cash the checks and wire some money back to the operators.
The solution: Believe it or not, there are still be people out there who are not wise to this trick -- otherwise the scammers would not be using it -- and the official-looking nature of the check adds to the credibility.
The bottom line is that genuine secret shopping organizations and lotteries simply don't operate this way. They never ask for refunds and you should never send them.
7. Lucky break exposes sculptor fraud
The scam: Hijacking a well-known British sculptor's website, a fraudster uses the victim's work to dupe collectors.
The scammer simply duplicates the site of the sculptor, Eve Shepherd, and uses a different name -- Frank Williams -- and contact details to offer pieces for up to $25,000.
The crime comes to light when "Frank Williams" tells a Hawaii woman on a dating site that he's a sculptor. She checks out his site and recognizes the pieces as being by Shepherd. A lucky break -- what are the chances of that?
The solution: When you're buying expensive stuff online, don't part with money without independently checking the credentials of the vendors.
This guy had no track record as a sculptor or dealer. He's also being sought by the FBI for his dating antics, where he passed himself off as a millionaire, using a photo from a male model agency site!
8. Dirty trick relieves man of $10,000
The scam: A man walks into a Singapore bank to deposit $10,000. A woman next to him in line tells him he stinks. Sure enough, when he looks down, his pants are covered in a smelly substance.
The woman hands him a tissue so he can wipe off the offending stuff. When he's done, he discovers his cash is missing from his bag.
The solution: This is daring variation of a distraction scam where someone robs you while your attention is diverted. When you're carrying anything valuable, be on your guard for these tactics and, if the distraction does seem important, distance yourself from anyone else before checking it out.
Most of this week's scams are variations of frauds that have been around for a while, which proves they still work and underlines the need to stay alert. As for clickjacking, recognize the threat exists and be vigilant. Stay tuned -- we'll keep you informed.