Protect yourself from identity theft and other email scams
Although we had planned a different issue for this month, we decided it was more important to warn you about some despicable scams that trade on the upcoming war.
Plus, we'll tell you about a new email worm (with several known variants) that already exploits the war.
In addition, we've got "snippets" on fraudulent endorsements of shady investments, how searching for jobs online can lead to identity theft, yet another variation on the Nigerian fee scam (a new twist you really should know about), a counterfeit cashier's check scam, and more email identity scams, this time from scammers claiming to be from eBay or EarthLink.
Very important: Before we get going, please do not believe any claim that we recommend a particular investment or that we call and ask for your information.
At least one scamster is currently using the Internet ScamBusters site as a reference. This is a scam! We do not endorse any specific investments or investment companies.
We also never allow others to say on their Web sites or in their newsletters that any product, service or investment is endorsed by Internet ScamBusters. The only endorsements you'll see from us are for products we use and recommend -- and you'll only see those in our newsletter or on the Internet ScamBusters site.
If you were given our name as a reference, please report this to both the Internet Fraud Complaint Center, a partnership between the FBI and the National White Collar Crime Center, and the FTC.
==> http://www1.ifccfbi.gov/index.asp
==> https://rn.ftc.gov/dod/wsolcq$.startup?Z_ORG_CODE=PU01
Further, we never call or email individuals or businesses and ask for any information. (Tip: Never give personal information to anyone based on an unsolicited call or email.)
OK. Let's get started...
Internet ScamBusters "Snippets"
Scammers Profit From the War on Terrorism
Just hours after the 9/11 attacks on American soil, good-hearted people around the world were lining up to donate blood, money, and anything else that would help America in its time of crisis.
Unfortunately, just as charity-minded folks flock to the chance to help their fellow men and women, scammers also come out of the woodwork to take advantage of disasters.
Within one hour after the 9/11 attacks, Internet users started to be bombarded with spams claiming to be from fictitious organizations. To help out, all you had to do was click a link and donate money... money that ended up in the scammers' pockets.
Now that a war with Iraq is imminent, we're sad to say we're sure scammers are again going to take advantage of generous souls who truly want to help.
Here's how to make sure your donations go to heroes, not zeroes:
1. There were two primary types of 9/11 scams: Requests for aid for rescue workers, and requests for aid for civilians.
Change "rescue workers" to "American soldiers," and "civilians" to "refugees," and you have a pretty good idea of what the upcoming scams will look like. Plus, you can expect more variations to crop up.
2. If you want to donate to a bona fide organization, go directly to their home page to donate. Links in scam charity emails ensure that you are paying the scammers, not the charities.
3. The common denominator is that these are *unsolicited emails*. Never donate based on an unsolicited email. Always give to a trusted charity.
More information about war/terrorism-related scams:
Email Groups Warn of Terrorism-Related Scams Online:
==> http://www.cauce.org/pressreleases/20010912.shtml
How to find trusted charities. Here is a list of Web sites that can help:
==> http://www.charitablegift.org/resource/05_t3_eval_charities.shtml
New Email Worm Already Exploits the Iraq Conflict
A new worm, called W32/Ganda-A, which was first detected on Monday, is a mass-mailing worm that spreads by sending email to contacts from the Windows Address Book. It appears to have started in Sweden, and sends out messages in either Swedish or English, depending on the systems' language.
So far, quite a few variants have been found. Here are a few of the English subject fields found: Screensaver advice, Spy pics, GO USA !!!!, and G.W Bush animation.
For more on this Worm, visit:
==> http://www.sarc.com/avcenter/venc/data/w32.ganda.a@mm.html
==> http://www.theage.com.au/articles/2003/03/19/1047749802011.html
Third-Party Endorsements: Are They Legitimate?
Next to word of mouth, endorsements are a powerful way to add credibility to the sales process. If you know that Celebrity X or Company Y endorses a particular product or service, you may be more willing to buy, based on the legitimacy the endorsement gives.
Now, if you saw on a Web site that US Small Business Association endorsed a product or service, would you be more likely to buy it? How about if Consumer Reports endorsed it?
The fact is the SBA and Consumer Reports never endorse a particular product, service or investment opportunity. By remaining independent, organizations like these can provide you with objective, unbiased advice and information.
In your travels on the Internet, you may see other companies and organizations endorsing deals or products. That's a normal (and fine) part of business.
What isn't fine is when an unscrupulous promoter creates endorsements out of thin air.
How can you tell if an endorsement is legitimate? There are two simple ways:
1. Ask. Contact the organization that provided the endorsement and ask them to confirm that they endorse the product/service. You may want to ask if they endorse it "without reservation," since the endorsement may have been edited in such a way as to remove negative or neutral comments.
2. Check the endorsing organization's Web site. If they have non-endorsement policies, they will likely be posted on the site. Here are links to a couple of organizations with these types of policies:
SBA Warns Businesses of Callers Who Imply Links with Agency, Seek Financial Data, Fees
==> http://www.sba.gov/news/current03/03-19.html
Consumer Reports No Commercial Use Policy
==> consumerreports.org
And Here's Our Internet ScamBusters Policy
==> http://www.scambusters.org (it's on our home page)
Job-Search Sites Identity Theft Scams
If you're using job-search sites to hunt for a new position, you need to be aware of a possible risk to your personal information.
It's common for potential employers you've applied to, or ones who've seen your posted resume, to ask you for more details about yourself. Scammers are taking advantage of this to perpetrate identity theft -- getting enough personal information to drain bank accounts or ring up credit card charges.
Here's how it works: The scammer pretends to be a prospective employer that offers you a job that may seem almost too good to be true (surprise, surprise). All he wants are some details so he can do a 'routine' background check. These details can include your Social Security Number, bank account numbers, even your mother's maiden name.
As you can imagine, a scammer can wreak havoc on your finances and credit rating with this information.
Even more disturbing, a scammer may ask you to create a four-digit PIN number to access a special Web site -- since scammers know that people tend to reuse their PIN numbers, this can be a sly way to access your bank account.
Given the economy these days, job seekers may be tempted to do anything to try to get a job. But be vigilant with your personal information, and look for clues that the prospective employer may be a scammer (you can find more information in the Monster.com article listed below).
If you've been the subject of identity theft, you can file a complaint with the FTC at:
==> https://rn.ftc.gov/dod/widtpubl$.startup?Z_ORG_CODE=PU03
More Resources on Job-Search Identity Theft
Monster.com's Be Smart page:
==> http://help.monster.com/besafe/
Monster.com Article: "Protect Your Personal Info"
==> http://resume.monster.com/articles/personalinfo/
MSNBC Article: "Online job listing an ID theft scam"
==> http://www.msnbc.com/news/830411.asp?cp1=1
How Churches Become Victims of Nigerian Fee Scams
We've talked about the Nigerian (419) fee scam many times, but it seems that criminals out there are always coming up with ways to bilk good people. Here's an unusual twist where they're stooping perhaps even lower by approaching churches and other religious organizations.
(The "regular" scam in a nutshell: A supposed official from an African -- or other -- country offers you a large sum of money in exchange for some supposed assistance getting money out of their country. You end up paying endless "fees" to the scammer, and you never see anything in return. You may well find yourself the victim of identity theft.)
A minister of a small church contacted us to tell us his sad story. He was contacted by a woman in Africa who claimed that her husband had died, and that she wanted to leave some of his estate -- millions of dollars -- to a good church.
Pulling out all the fraudulent stops, she claimed that she'd prayed for advice, had visited the minister's church's Web site, and had been told by God that his was the right church to donate to.
Later, a "lawyer" for the "war widow" contacted the minister, seeking information for the supposed donation to the church, but in reality collecting potential data for identity theft, as well as huge closing fees.
This scam is particularly well crafted because it pushes hard on the victim's "hot buttons," using all the right language. It focuses on creating a lot of credibility. For example, in addition to the lawyers calling as promised, the victim is given a private cell phone number so they can call the supposed donor.
The bottom line: If you're promised a huge sum of money for any reason, think Nigerian Fee Scam first. Then, walk away.
Nigerian Fraud Letter Scam Targeting Charities & Churches:
==> http://www.lpconline.com/Nigerian_charity.html
More About the Nigerian Fee Scam:
==> http://www.scambusters.org/NigerianFee.html
Counterfeit Cashier's Check Scam
Although the Nigerian fee scam is becoming more well-known, a new type of overseas financial scam is making the rounds. While the Nigerian scam targets victims' greed (who doesn't want a large sum of money?), the counterfeit cashier's check scam targets the average person who's selling or auctioning goods on the Internet.
Here's how it works: You put up a large item for sale (a car, for example) or auction. Then you're contacted by someone from overseas pretending to be interested in buying the item. They ask you if a friend in the United States can mail you a cashier's check to cover the cost plus transportation fees.
You may see no reason to object, since, unlike personal checks, cashier's checks cannot bounce because the amount is paid to the bank when the check is issued (similar to a money order).
After the cashier's check is deposited, you are asked to wire the transportation cost to the buyer so he can arrange for the transportation. It's only when the cashier's check is discovered to be counterfeit that you realize you've lost a large sum of money.
There are also variants where you ship the item and lose everything.
How to protect yourself: If you receive a cashier's check, call the bank that issued it (the bank's name will be printed on the check) and ask them if they authorized that check.
For more information on this scam:
Wired News Article: Nigerian Net Scam, Version 3.0
==> http://www.wired.com/news/culture/0,1284,56829,00.html
eBay and EarthLink Personal Information Scams
Scammers continue to try to get users' personal information (typically, credit card and bank account numbers) by spamming them and claiming to be from a legitimate service.
The latest such scams appear to be from eBay and EarthLink, but are actually from scammers using forged 'from' email addresses.
The emails tell users that for various reasons (crashed servers, lost information, updates), the users must re-enter their personal information. The URL provided leads to a Web site run by the scammers, and you can guess the rest.
Here are some simple tips to avoid this kind of scam:
1. *Legitimate businesses will not ask you to provide credit card information, or any other information you've already given them by sending out an email.*
2. Check for red flags in the email. Is the URL the same URL as the business? (For example, the EarthLink scam used www.earthlink-billing.com, instead of EarthLink's www.earthlink.net.)
3. Your best bet: If you're asked to provide this information, contact the business directly (go to their Web site by typing in their URL, and email or call them), then ask them if this request is legitimate.
Learn more:
TechTV Article: EarthLink Scam Is a Classic
==> http://www.techtv.com/news/security/story/0,24195,3417595,00.html
TechTV Article: eBay Scam Spam
==> http://www.techtv.com/news/security/story/0,24195,3408463,00.html