Report names Top 5 scams, more phishing and malware tricks detailed
Americans could be paying $30 billion a year to scammers, if recent crime reports from Britain are anything to go by.
There's a big item in our review of this week's scam stories that also points a finger at the most likely tricks people fall for.
Plus there are a whole rash of blatant phishing and virus infection attempts among this week's scam news headlines. Some of them are convincing; others are simply outrageous.
And for a cheek-of-the-week scam, read about the mom who pretended she was her daughter so she could go back to school.
1. Woman with 30,000 scam letters among UK's $6 billion victims
First, the bad news: A new report from the UK's Office of Fair Trading says Brits are paying out more than $6 billion a year to scammers. It also warns that financial pressures resulting from the economic downturn make victims more likely to fall for "easy-money" cons.
The report lists the five most common scams as: bogus sweepstakes, prize-draws, clairvoyants, foreign lotteries and miracle health cures. Some victims apparently spend thousands, replying regularly to scam letters and not learning their lessons.
In one case, a woman clearing the house of a recently-deceased elderly relative finds 30,000 scam letters neatly stored in bags.
The solution: Scambusters readers should already be wise to these tricks but you can play your part in helping beat the scammers by warning others.
We haven't seen any good statistics, but if people in Britain and the US fall for scams at the same rate, since the US has five times the population of the UK, then American victims could be paying out around $30 billion a year to the crooks. Yikes.
Check out the Scambusters list of the Top 10 scams for 2007 and 2008 here.
2. Bogus headlines nuke London -- and Obama!
The scam: Continuing the trend of using sensational and untrue news headlines as bait to lure people into clicking malware links, two new emails circulating this week claim a nuclear explosion in London and the existence of a tasteless movie featuring Barack Obama.
Untrue and malicious they may be, but that doesn't stop hundreds of people clicking on links for the supposed stories. This downloads a zip file that pretends to contain photos from both reports but actually installs spyware on users' PCs.
The solution: Some news services do send out email alerts, but only if you subscribe to them -- that's the first checkpoint -- but they don't send out zipped files of photos.
Even if it looks like a genuine news source, don't click the attachment. Check out the story online. Pick up some tips for using email safely here.
3. Phony Equifax message phishes for passwords
The scam: A phishing scam that first showed up last year, purporting to be from consumer credit organization Equifax, is doing the rounds again, landing in the inbox of one of our Scambusters team.
The messages, headed "Equifax: fraud verification process", "Equifax: security maintenance," or "Equifax Alert: Unauthorized Login Attempts", ask users of the firm's ePORT service to complete an online customer form by clicking a link in the email.
The message looks very convincing and so does the case for completing the form. It takes victims to what seems to be an Equifax password sign-on page but is, in reality, a bogus site hosted on a server somewhere in Israel.
The solution: This scam was well done and underlines the case for never accepting any email on face value and, as with the story above, checking it out at the genuine website, rather than clicking on a link.
More about phishing tricks here.
4. BitTorrent users fooled by piracy warning
The scam: If you're a user of BitTorrent file-sharing software, lookout for an email that drops into your inbox, seeming to come from anti-piracy company MediaDefender.
It warns the victim that his/her download behavior has been logged and that they've broken the law. For more details -- you guessed it -- the victim is asked to view the log, which is attached.
Clicking this installs the "Mytob" worm -- a Trojan that allows outsiders to gain access to the victim's computer.
The solution: In the old days, most BitTorrent users were probably savvy enough not to fall for this, but with millions of people now using the software to download and exchange files, thousands have apparent fallen for this.
MediaDefender doesn't operate this way or send out user logs as attachments. To repeat: Simply don't click on any attachment unless you know for sure who it came from and that it is benign.
We covered some other issues surrounding file sharing in this article on fake antivirus software.
5. Call-back con targets oil state
The scam: If you're wealthy -- or if you just seem to be -- you're a mouthwatering target for scammers. Which is why cell phone users in oil-rich Bahrain are the latest victims of phony call-back messages
The messages, apparently originating in Africa, tell the victims they've missed an important call that they must now return. But doing so links them with rogue phone companies who charge the users huge premiums.
"Because of the oil, they think people are rich and will call back," says a spokesman for Zain, the Bahrain phone company.
The solution: Don't return calls from people you don't know to numbers you don't recognize. Most international dialing codes for Africa begin with a "2". Most of the calls seem to come from Nigeria or Ghana, whose codes are 234 and 233 respectively.
Find out more about call-back tricks here.
6. Magazine solicitors score double hit
The scam: Police in Purdue, Indiana, report numerous victims of a con trick that might strike a double blow at its victims. Claiming to be juniors at the city's universities, the scammers invite other students to take out magazine subscriptions at $50 a time.
In some cases, victims are accompanied to an ATM so the subscription cash can be withdrawn and police fear the crooks may pick up details that will allow later access to the students' bank accounts.
The solution: Fake magazine subscriptions are a commonly used scam weapon but the ATM part adds a twist to the trick. Don't allow yourself to be persuaded on impulse to take out a subscription. Ask for details and check them out yourself first.
When you can, use ATMs inside banks and stores. They're less likely to have been tampered with. And always make sure no one's close enough to be able to see you key in your PIN.
You'll find more useful information of phony magazine subscriptions here.
7. Mom used daughter's ID for school team
The scam: It's our cheek-of-the-week. In Ashwaubenon, Wisconsin, a 33-year-old mother allegedly steals her own daughter's identity and enrolls as a 15-year-old pupil at the local high school.
The reason? Not just to graduate, as we might charitably be tempted to think, but to join the school's cheerleading team! She was rumbled when her check to join the team bounced.
The solution: Actually, this is sad, isn't it? The school was fooled and is now checking its security procedures. Maybe a lesson for enrolling staff in an age-assessment class might help . . .
As the "mom" story above shows, sometimes money isn't the main reason for a con, but the rest of this week's stories provide plenty of confirmation of the alarming scale and cost of scams in Britain - and what that may mean in the US. More reason than ever never to let your guard down.