How extortion tricksters try to convince you they're for real: Internet Scambusters #820
Receiving an extortion threat is terrifying, even if you believe the pay-up-or-else crook is telling lies.
That's the experience thousands of people across North America and Europe are currently finding out about.
In this week's Snippets issue, we'll tell you who the scam works and why you shouldn't pay - plus details of new scams tricking investors, Amazon shoppers, and credit card users.
Let's get started...
New Extortion Scam Sweeping the Nation
It's not new, but one of the most widespread Internet extortion scams seen in recent years and based on a claim your PC has been hacked, is currently sweeping North America and parts of Europe.
It works most effectively on people who have previously visited "adult" sites or other unsavory corners of the web or have taken compromising photos of themselves with their webcam.
But sometimes even those who haven't done this get caught up in the scam out of sheer fear.
The crooks send an email to random potential victims claiming they hacked the recipients' computers and recorded their Internet activities.
Not only that, they say, but they activated the victims' webcam and recorded them during their activities -- and they threaten to release the video and screen-grabs to all the victims' contacts.
Finally, just to make their threat seem all the more convincing, the message includes details of recipients' passwords followed by a demand for a blackmail payment in Bitcoin, an untraceable cyber-currency.
The demand is usually in excess of $1,000, payable within 24 hours -- and people have been paying up like crazy.
Of course, if you receive this kind of message, all of these claims could, in theory, be true. But unless you have been behaving inappropriately and you don't have up-to-date security software on your PC, it's almost certainly a scam that you can ignore.
Knowing your password(s) means little or nothing in this case. Mostly, they've been bought from dealers on the dark web and often they're old ones. And if they are, that's another way of identifying this as a scam.
But the disclosure does underline the importance of using different passwords for different sites and regularly changing them.
Even if you do have something you'd rather others didn't know about -- perhaps you were just innocently nosing around the Internet or tricked into visiting a particular site -- it would be foolish to pay the crooks.
Blackmailers always return for more. Instead, you should contact the police.
As an extra precaution, always switch off and (if possible) disconnect your webcam when you're not using it -- and keep your security software updated.
More New Scams
The extortion scam is a good demonstration of how crooks are always dreaming up new ways to employ established scams. Here are three more currently making the rounds:
FINRA Fakes -- The U.S. Financial Industry Regulatory Authority (FINRA) has issued an alert about the use of its name and logo in documents pretending that it has guaranteed some type of investment or refund program.
Crooks are mailing out details of phony investment schemes involving share buyback programs with a one-page guarantee document that looks like it came from FINRA.
It's laden with legal wording that makes it hard to understand but also very official-seeming. And it appears to be signed by FINRA "Chairman" Robert F. Cook. In fact, Cook is not the chairman but instead is the organization's President and CEO.
The supposed investment is a pure con trick to get you to put money into something that probably doesn't even exist, and you'll never see your money again.
In addition to mislabeling Cook and the use of other fake terms in the document, this scam is easy to detect because FINRA, in its own words, "does not guarantee investments, and our officers play no role in facilitating investment opportunities." If someone claims it does, it's a scam.
By the way, FINRA's Scam Meter is a useful tool for testing out investment opportunities.
Wrong Number -- If you're looking for support from Internet retailing giant Amazon, watch out for fake customer service numbers that appear at or near the top of Google and Bing searches.
Crooks, many of whom are masters of the art of ensuring their listings appear high up in searches, use the numbers to lure victims into giving away details of their bank account or credit card.
The listings often refer to helping people gain refunds for merchandise, which makes them more willing to disclose these details.
The best way to avoid this scam is to work within the customer support services offered on Amazon's website. If you want to call them, the correct number is 1-888-280-4331.
Small Charges -- How closely do you inspect your credit card bills? If you don't really scrutinize them, you may be letting ID thieves have a regular spend on your account.
These crooks have realized you'll raise the alarm if a big ticket purchase you never made shows up on your bill. But maybe you won't spot a small spend that pops up every month.
They use this trick to pay for recurring subscriptions, such as streaming services like Netflix or Spotify.
Whether you check your card account online at least weekly (recommended) or just wait for the monthly bill to drop, always check every single entry and query anything that doesn't look right.
Alert of the Week
If you're a Bank of America customer, don't be taken in by a new and cleverly-constructed message that pretends the bank needs you to review your personal account information.
It immediately looks suspicious because the text is sprinkled with period punctuation between each word, presumably to try to evade spam filters. And, of course there's a link that leads to a phony BoA sign-on page.
The message even warns you that you'll be asked for your sign-on details. You bet you will.
If you ever need to review your bank or credit card accounts, don't click links -- just go to the real website of the organization and check from there.
Time to conclude for today -- have a great week!