If you find our resources valuable, please support us by making a small donation. Thank you!

x

July 18, 2018

THE WEEK IN REVIEW

Online dating scams are so common that it is hard to meet someone who uses dating apps and doesn’t have a story to tell.  We’ve written several articles about these scams, such as “I Love You, Send Me Money.”  We raise this point because we finally have a drop of good news for our readers.  Last week ABC News reported that 7 Nigerians were charged in an alleged dating site scheme.  No doubt, that’s 7 out of hundreds of Nigerians and others running these scams, but we’ll celebrate every win we can!

A TDS reader named David contacted us recently to say that he’s been getting weird emails every week for more than a year, and sometimes several each week.  Each email comes from a different email address and all identify him by first name and include his correct street address, which we’ve blurred out. These may not qualify as scams but they sure are creepy.  Do you know anyone who gets stuff like this? Here are two examples…

 


Phish NETS: FedEx and WeTransfer Phish

Though we can’t be 100% certain that this Fedex email is a phishing scam, it could be.  We were unable to trace the full path of the link in this email to confirm that it pointed to a fake FedEx login page.  However, we can say with certainty that this email did not come from FedEx and the link doesn’t point back to it. In fact, if you look at the link revealed by the mouse-over, you’ll see that it points to a website hosted in Russia.  (“.ru” = 2-letter country code for Russia) We loved the language used by the scammers in this email to try to engineer a click… “An email containing confidential personal information was sent to you.” Given the lack of brotherly love Russia shows toward the United States, we’ll pass on that click.  And in case you haven’t been watching the news recently, here’s a link to a WSJ article about the Mueller investigation’s recent indictment of 12 Russian nationals.

WeTransfer is a cloud-based computer file transfer service, founded in Amsterdam in 2009.  This email, and linked web page, may LOOK LIKE, it came from WeTransfer or points to WeTransfer files but it is a phishing scam for the WeTransfer login credentials.  The email address was spoofed to look legitimate. Mousing-over “Get your files” or that long download link reveals that they both point to a hacked website of a business called AlWahab Fabrics (alwahabfabric[.]com) in Lahore, Pakistan.  (We cut off the “alw” at the start of the mouse-over link in the first screenshot- oops!)  The second screenshot below clearly shows the phishing page we found on alwahabfabric[.]com.  Also, according to Checkphish.ai, the hacked website for this Pakistani fabric business has been used in multiple phishing scams recently, including fake LinkedIn logins.

Delete!

YOUR MONEY: Sam’s Club Gift Card

Suppose there was a knock on your door and when you opened it you were greeted by a sleazy guy with a Slavic accent saying “hi, I’m here with consumer survey of personal questions.  I will use your information to make money for my friends and I, and it will hurt little bit. Question one…” You would slam the door and call 911 in a heartbeat. So why do people happily turn over personal information when they see crap like this…

The email says it is from “Sam’s Club Promotions” but the address is actually PotteryBarn.com.  Does that make any sense? “Get a $250 Sam’s Club Gift Card” for taking a survey. We don’t believe any of these things are true!

 

This next screenshot is the start of the survey waiting for the consumer at that oddball domain “departurereliable[.]com.”  The survey may start off innocently enough but don’t be fooled by this crap.  And don’t give them any of your personal information! This domain was registered on May 7 through a proxy service in Panama and there is no information available that Google can determine about this website.  By the way, all that BS legalese in the dark gray box at the bottom is just social engineering to motivate you to complete all questions asked. This thing is about as trustworthy as the sleazeball at your door!

TOP STORY: Phone Call Fatigue

Just a few days ago, I was driving home when a call came through and appeared on my bluetooth car interface as my area code and the first three digits of the town next door.  I was expecting a call from a local business in that town and wondered if this might be it, though I didn’t recall that exact phone number. Stepping outside of my personal rules about answering calls from unrecognized numbers, I picked up.  “Hi, this is Michael with the Childhood Leukemia Foundation. Is this Mr. Fodeman?” And then he launches into some stats about childhood leukemia. What did I do? Reflexively, I hung up. No warning, no thank you. I just hung up.

Do you remember a time when we all had flip phones, not smartphones?  It was blissful! Rarely, if ever, would we receive solicitations, scam or marketing calls on our cell phones.  These unwanted calls would target our landline and be part of the minestrone soup of calls we received, albeit a very small part.  Though annoying, these unwanted calls would be overwhelmed by calls from friends, mom and dad, siblings, our kids, even our doctor or dentist’s office, etc.  As everyone transitioned to having smartphones, calls to the landlines dropped off significantly. A few years ago I realized that the ONLY calls that came to our landline were my 80-something mother and mother-in-law, marketers, pollsters and scammers.  My wife and I figured we could retrain our mothers and so we dropped the landline altogether! And, for a very short period of time measured in months, we received no solicitations to our smartphones, legitimate or otherwise.

My God, have times changed!  These days we receive at least two calls (or more) every day from unknown sources.  They used to come from distant area codes around the country…. Wyoming, Ohio, New York.  But not any longer. Over the last year they come from our own area code or an area code next to us.  When I answer them (and turn on my recording software as I do), or run a Google search on the number that just called me but didn’t answer, I see that I am back in purgatory again. **sigh**  Scam calls of all kinds, marketers, foreign interests, pollsters, folks looking for donations to very questionable not-for-profit organizations like the “Cancer Survivor’s Fund,” and even legitimate solicitations target my smartphone every week. And I am exhausted by the cacophony.  None of them ever leave a message if I don’t answer, and some hang up after one ring! (These 1-ring calls are scam calls, see below.) But like most people with manners and some measure of empathy, I feel badly. Was I just incredibly rude to a very legitimate and caring group trying to raise money to battle childhood leukemia?  This gnawed at me during my drive home thinking that I had been so rude to a worthy cause. Once home, I launched my web browser and visited CharityNavigator.org.   Under their “Top Ten” lists was an article called 10 Charities Overpaying Their For-Profit Fundraisers. At the top of the list, by the way, is the Cancer Survivor’s Fund, which pays their fundraisers nearly 90% of the money they raise, according to Charity Navigator.  They have an overall star rating of “0” out of a possible 4-star rating system. And what about the Childhood Leukemia Foundation and my guilt? They are 5th on that list and also have a zero star rating!  Suddenly I didn’t feel so guilty!

If you own a smartphone, we’re sure you feel this fatigue from the same barrage of unknown callers.  Nowadays, it is as inevitable as death and taxes, and the barrage of callers are not discerning. They call everyone and anyone with a smartphone… the elderly and children too.  Did you know that apps exist that enable a person to completely spoof the number or name that YOU SEE on your phone when he or she calls you? (These apps have been heavily used by criminals in the “underage girl sext” scam, pretending to be calls from local police or detective agencies and by criminals in the Sprint phone hacking scam.)  Did you know that there are dozens of prank call websites?  On some of these sites, in addition to the phone number you want called, you can enter the phone number you want the call to appear to come from, and also enter a text message to be sent.  Any text message! Or select from a menu of pre-recorded messages, some of which suggest violent or sexual actions. And of course you already know that just because an incoming call displays your area code, doesn’t mean the call originates in your area code.  That call can come from anywhere in the world.

So, in the spirit of maintaining our sanity in this world of phone call fatigue, we thought we would suggest some guidelines for you and your family members, and also point out a few of the scam calls targeting us on our smartphones:

  1. Most Important Rule #1: Never answer a call from a number you don’t recognize.  Period! If it is important, the caller will leave a message.  And don’t be lured into picking up that call because your phone screen displays something that seems legitimate, such as the IRS, Windows Tech Support, Amazon Helpline, or even your local police station!
  2. If you receive a solicitation to donate to a worthy cause (via USPS mail or phone call), never commit to donating any money without investigating the organization.  Your first visit should be to CharityNavigator.org to see how well your donation will be used.
  3. If you are truly curious about an incoming call such as a caller that has tried three times to reach you in as many days, make it a habit to look up the full telephone number, with dashes, in a Google Search.  What are others saying across the Internet about that phone number on sites like 800notes.com?
  4. If you get a call that displays your own phone number as the source, do not answer!  That is definitely a scam caller.

As for phone scams, here are a few you may not be aware of…

  1. One-Ring Phone Scam: Did you receive a call that hangs up after one ring?  DO NOT call back because you are curious. It can cost you a lot of money because these area codes may have a high cost-per-minute! (Example area codes include: 876, 268, 664)
  2. Need to look up a customer support phone number in a Google search? BEWARE!  Google has been suffering a great deal from “search engine poisoning” during the last year.  Scammers have been able to manipulate Google very successfully so that their scam phone numbers come up when you search for all kinds of things, including Windows or Office 365 tech support, MANY airline companies, Amazon, Apple Computer, Verizon, Walmart, Ebay, Instagram, Facebook, Yahoo, Dell, iTunes and dozens more.
  3. “Can you hear me?” – If you pick up a call and the caller asks “can you hear me?” it is highly likely that your “yes” response is being recorded and will be used against you. Learn more at Komando.com.
  4. Phishing for your personal account information: Many scammers spoof telephone numbers and IDs from Apple tech support, credit card services, local banks and others.  They call and tell you that there is a problem with your account or that your account has been hacked. Then they ask you to verify your information so that they know it is you.  How nice. Hangup!

A final note… If you have children or elderly parents with smartphones, teach them.  Scammers specifically target the elderly and kids. (Read about the ‘Hey Grandpa, it’s me’ scam.)  And one of the best services available to help deter these mass robocalls is NoMoRobo.

FOR YOUR SAFETY: Critical Security Alert

We recently heard from two TDS readers about an alert they received from Google regarding their accounts.  One of these alerts below is 100% legitimate and the other is 100% fraudulent and pointing directly to a malware infection.  Can you tell which is which?

Alert #1:

Alert #2:

The fraudulent alert is #1.  It didn’t come from Google.com and a mouse-over of the link “Check Activity” points to a hacked website in Turkey called depomedikal[.]com.  This website is known to be hosting LOTS of malware intent on causing you harm!  Alert #2 is a legitimate alert from Google.


Until next week, surf safely!