Entries in Scam (10)

Wednesday
Nov062019

Business Email Compromise (BEC) scams

DateWednesday, November 6, 2019 at 4:44AM

They come in many forms, but they are getting more and more sophisticated and taking companies and individuals for larger amounts of money. Naked Security wrote a report yesterday about the City of Ocala, Florida that wrote out a check after it received fraudulent new payment information that was processed into their system. The scammers used all of the right processes and until the Construction Company called the city about the payment.

Naked Security has a great posting on the many ways that this is happening and what to look for to protect yourself and your organization from this happening to you: Click Here

AuthorBob Appleby | CommentPost a Comment |
in , , , ,
Tuesday
Sep152015

This email scam targeting businesses is a billion-dollar problem, FBI warns

DateTuesday, September 15, 2015 at 9:11AM

By John Zorabediannakedsecurity.sophos.com

The FBI is warning businesses to be on the lookout for emails sent by scammers to trick them into transferring money to fraudulent accounts.

 

Email scams have been around for decades, but old-school Advance Fee Fraud scams these are not.

The FBI calls this family of scams "Business Email Compromise" (BEC) scams, because they use phony emails that appear to come from a colleague or from a trusted supplier.

Since October 2013, BEC scams have cost businesses around the world over $1.2 billion, the FBI said last week.

Although the BEC scam has victimized businesses in 80 countries, those in the United States have suffered the most.

7000 US businesses have reported $747 million in losses, with an average loss of $130,000, the FBI said.

The scammers, who appear to be members of organized crime groups operating out of Africa, Eastern Europe and the Middle East, are targeting businesses that work with overseas suppliers or regularly make wire transfer payments.

But instead of sending funds to legitimate suppliers, the money transfers end up in bank accounts controlled by the fraudsters, mostly with banks based in China.

The scammers succeed by compromising legitimate email accounts through social engineering or malware that steals account credentials.

The fraudsters then use access to email accounts to gather intelligence such as information about billing and invoices that won't raise the suspicion of employees who send transfer payments.

FBI Special Agent Maxwell Marker said the scammers have become adept at imitating invoices and accounts, giving them a sophistication beyond any similar scam previously seen by the FBI.

According to Marker:

They know how to perpetuate the scam without raising suspicions. They have excellent tradecraft, and they do their homework. They use language specific to the company they are targeting, along with dollar amounts that lend legitimacy to the fraud. The days of these emails having horrible grammar and being easily identified are largely behind us.

In one example of the scam, an accountant from a US business reported receiving what appeared to be an email from the company CEO requesting a wire transfer by the end of the day for an important acquisition.

The email said a lawyer would be sending a letter of authorization, but the authorization letter turned out to have a forged signature from the CEO and an "official seal" that was copied from the company's public website.

The email from the "CEO" actually came from a phony email account that was off by one letter - it used a .co domain instead of the company's real .com domain.

According to the public service announcement released by the FBI'sInternet Crime Complaint Center (IC3), BEC email scams are proliferating rapidly - up 270% since the beginning of 2015.

What to do?

When the FBI previously issued a warning about BEC scams, we offered some security tips for avoiding this kind of email threat.

I asked Naked Security writer and Sophos expert Paul Ducklin to offer a few more tips - here's what he recommends:

  • Revisit your outbound email filtering rules to prevent sensitive information from going out to inappropriate destinations.
  • Require multiple approvals for overseas wire transfers.
  • Have strict controls over changes in payment details or the creation of new accounts.
  • Use strong passwords and consider two-factor authentication (2FA) to make it harder for crooks to gather intelligence from your network in the first place.
  • Consider a "back to base" VPN for remote users so their online security is kept up, even on the road.
  • Have your own "central reporting" system, in the manner of IC3, where staff can call in suspicious messages to prevent crooks trying different employees with the same scam until a weak spot is found.
  • Think twice about publicly posting personnel information that could be abused in phishing attacks.
AuthorBob Appleby | CommentPost a Comment |
in , ,
Tuesday
Aug042015

Yet Another Encryption Scam

DateTuesday, August 4, 2015 at 10:26AM

ZDNet reports that another encryption scheme has arisen to rear its ugly head using Windows 10 upgrade as the teaser. Hackers are targeting users attempting to upgrade to Windows 10 with ransomeware malware that encrypts files until a ransom is paid. The "bad guys" appear to be impersonating Microsoft in and an attempt to grab your money. 

Emails are being sent out tempting the email recipient with an attachment that is an installer that will allow them to get the new Windows 10 operating system sooner. What is making this scheme work is the fact that Microsoft is making users wait in queue for their turn to upgrade their systems. Impatience on the part of waiting users is causing plenty of heartache for those that succomb to the tempation of running the installer.

Once you download and open the attached executable file, the malware payload opens, and begins encypting data on the affected computer and locking you out of those files.

Typically you are required to pay the ransom using bitcoin which is much harder to track. And to make it even harder to track the bad guys, they are usually using the TOR network which makes it nearly impossible to trace.

Cisco research Nick Biasini said the malware payload, called CTB-Locker, is being delivered at a "high rate." "The functionality is standard however, using asymmetric encryption that allows the adversaries to encrypt the user's files without having the decryption key reside on the infected system." 

Ransomeware attacks have been on an increase since 2014 and is a quick and easy near-untraceable way to generate a lot of money in a very short time. So hackers are going to keep coming up with new ways to attack your systems. So beware of what you are clicking on and accepting, you may their very next victim!

AuthorBob Appleby | CommentPost a Comment |
in , , , , , , , ,
Thursday
Aug282014

Follow up on IRS Scam Call

DateThursday, August 28, 2014 at 5:17PM

Now a call came in from Federal Magistrate Office. Is there such a thing?

I can’t believe they are still trying this. Here is an article my accountant sent me from the IRS.

Bookmark and Share

IRS.gov Banner

IRS Newswire

August 28, 2014
 
News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Problem Alerts

Around The Nation

e-News Subscriptions

The Newsroom Topics

Tax Tips 2012

Radio PSAs

Fact Sheets

Armed Forces

Disaster Relief

Scams / Consumer Alerts

Tax Shelters

IRS Resources

Compliance & Enforcement

Contact My Local Office

Filing Options

Forms & Pubs

Frequently Asked Questions

News

Taxpayer Advocate

Where to File

IRS Social Media
Issue Number:    IR-2014-84
Inside This Issue

Scam Phone Calls Continue; IRS Identifies Five Easy Ways to Spot   Suspicious Calls

WASHINGTON — The Internal Revenue Service issued a consumer alert today providing taxpayers with additional tips to protect themselves from telephone scam artists calling and pretending to be with the IRS.

These callers may demand money or may say you have a refund due and try to trick you into sharing private information. These con artists can sound convincing when they call. They may know a lot about you, and they usually alter the caller ID to make it look like the IRS is calling. They use fake names and bogus IRS identification badge numbers. If you don’t answer, they often leave an “urgent” callback request.

“These telephone scams are being seen in every part of the country, and we urge people not to be deceived by these threatening phone calls,” IRS Commissioner John Koskinen said. “We have formal processes in place for people with tax issues. The IRS respects taxpayer rights, and these angry, shake-down calls are not how we do business.”

The IRS reminds people that they can know pretty easily when a supposed IRS caller is a fake. Here are five things the scammers often do but the IRS will not do. Any one of these five things is a tell-tale sign of a scam. The IRS will never:

1. Call you about taxes you owe without first mailing you an official notice.
2. Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
3. Require you to use a specific payment method for your taxes, such as a prepaid debit card.
4. Ask for credit or debit card numbers over the phone.
5. Threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.

If you get a phone call from someone claiming to be from the IRS and asking for money, here’s what you should do:

  • If you know you owe taxes or think you might owe, call the IRS at 1.800.829.1040. The IRS workers can help you with a payment issue.
  • If you know you don’t owe taxes or have no reason to believe that you do, report the incident to the Treasury Inspector General for Tax Administration (TIGTA) at 1.800.366.4484 or at www.tigta.gov.
  • If you’ve been targeted by this scam, also contact the Federal Trade Commission and use their “FTC Complaint Assistant” at FTC.gov. Please add "IRS Telephone Scam" to the comments of your complaint.

Remember, too, the IRS does not use email, text messages or any social media to discuss your personal tax issue. For more information on reporting tax scams, go to www.irs.gov and type “scam” in the search box.

Additional information about tax scams are available on IRS social media sites, including YouTube http://youtu.be/UHlxTX4rTRU?list=PL2A3E7A9BD8A8D41D. and Tumblr http://internalrevenueservice.tumblr.com where people can search “scam” to find all the scam-related posts.

Back to Top

Thank you for subscribing to the IRS Newswire, an IRS e-mail service.

If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe.

This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com.

This service is provided to you at no charge by the Internal Revenue Service (IRS).

AuthorBob Appleby | CommentPost a Comment |
in
Monday
Aug252014

Beware of Scam Phone Callers identifying themselves as calling from the Legal Affairs Agency (IRS)

DateMonday, August 25, 2014 at 4:58PM

imageThis past Sunday I received a call from a foreign gentleman stating he was from the Legal Affairs Agency and told me that the IRS had issued a warrant for my arrest for fraudulent tax reporting and they wanted me to wait at my house for two agents from the IRS to come and identify me and take me to jail for 6 months.

After being hung up on from the caller, (I called him back on the number he left me), I realized that this was a total scam. After spending a little time researching the phone number and referencing IRS Scam it seems that this has been going on for a very long time. It is a well documented scam so beware if you get the call. They are very convincing and for most of us, the bare mention of the IRS has us scared sh!!!less. If you have ever been through an IRS audit you will find that if they want to, they’ll find something to justify their looking at you. So when something like this happens you might have a tendency to jump to the wrong conclusion.

They never did ask for money from me but they have from other reports. Can’t imagine why they didn’t try with me but I was giving them a lot of guff. First off, the government is not going to haul you off without notification. Second, a foreign accent coming from the Southwest and not local or in DC is just not going to happen. When my accountant confronted they on the phone by asking for their supervisors name and number they just hung up. This would probably be a great way to shut them up very quickly. Anyway, I just wanted to make you aware that these guys handle social engineering real will and can get you going if you don’t sit back and think about what they are telling you.

How do you prevent being aggravated from this? If you don’t recognize the number on your caller don’t pickup! They will get discouraged if they don’t ever talk to someone and eventually go away. If you want to find out who the caller was Google the number. It should give you hint as to where it is coming from. If you are not expecting a call like this, of course you’re not, just don’t respond. Take a deep breath and erase the message and go on with your life.

AuthorBob Appleby | CommentPost a Comment |
in
Friday
Aug012014

Interesting Blog Post at Sophos

DateFriday, August 1, 2014 at 9:49AM

Author: John Zorabedian
Subject: Spam-Bot Invaders: Which countries send the most spam? (Infographic)

image

Recently we measured spam volume from around the world to find out which countries are the worst spam offenders. As we expected, the United States sends out way more spam than any other country — 24.2% of all spam was from the U.S.

When you consider the country’s huge online population, it’s not surprising that the U.S. sends so much spam. Spam comes from “bots” — computers infected with malware and under the control of a criminal. “Bot masters” can use servers anywhere in the world to give the bots instructions. So spam-bots in the countries on our list aren’t the authors of the spam, they are more like the messengers.

While it’s interesting to call out the 12 “dirty dozen” countries that send the most spam by volume, we also like to look at the amount of spam by population. It’s a diverse list of nations, and even small countries have a big spam problem.

The Dirty Dozen Spampionship

We’ve been measuring spam in our quarterly “Spampionship” going back a few years, and the U.S. consistently tops our charts. As you can see in the graphic below, bots in the U.S. send by far the most spam of any country, with second-place France (responsible for 6.7% of spam) well behind.

Other countries in our top 12 include China (third at 6.2% of spam) and Russia (fifth at 5.1% of spam), both consistently at the top of our charts quarter after quarter.

Spam per person – a fairer measure

We also look at spam “per person.” We do this because we think it’s a fairer measure of how spammy a country is. By setting the U.S. as the baseline, we can see how likely it is that a computer in a given country is a spam-sending bot compared to the U.S.

This past quarter, Bulgaria was the top country for spam per person, coming in at 2.1 times the U.S. Belarus, which had been the tops of the spam per-person chart for the past year, dropped to second place, at 1.9 times the U.S. spam level.

image

Fight back against spam and cybercrime – kill a spambot

A country’s size has nothing to do with how much spam is coming from within its borders — spam servers can be anywhere in the world.

Remember, if your computer is infected with spam-sending bot malware, you are part of the problem. Do your part to fight back against spam — download our free Virus Removal Tool to scan your computer and automatically clean up malware.

You can learn more about our “Spampionship” series by visiting our award-winning Naked Security blog.

Sophos Email Security

If you’re a business looking to keep your email secure, Sophos blocks spam and email-borne threats. Learn more about email security from Sophos.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Friday
Apr252014

Beware of a scam going around in which a "Microsoft Support Person" calls about windows system errors on your computer.

DateFriday, April 25, 2014 at 2:35PM

Paconnect

Microsoft will NEVER call YOU direct.

Microsoft says people are now falling victim to it every day, as it can be very convincing. And while you may be tech savvy your friends and family members may still fall for this, especially the elderly . Pass this on!

How The Scam Works

Mr. Smith has had a lot of problems with his laptop, including lockups and blue screens.

So he was relieved when the phone rang and the caller said he was with Microsoft Tech Support. "He said I'm from Microsoft, and we have noticed that you have had a lot of viruses," Mr. Smith said.

The caller explained that Microsoft, during a routine scan of his system, found his filled with problems that were slowing it down.

"I was gullible," Mr. Smith admits. "He said he could show me where the viruses were, and so I let him take control of the mouse."
Mr. Smith says the man directed his to a webpage that, once he logged on, allowed the caller to take control of his computer (something security companies can do).

The man then called up an internal page on the laptop that appeared to show it overrun with viruses. It showed hundreds of "errors" and "critical alerts." Mr. Smith was alarmed.

"He said he could remove the viruses for a hundred dollars, on a credit card," Mr. Smith said.

But something about it made Eyster suspicious at that point, and good thing: It was all a scam.

So What's In Your Computer?

The errors they show you are not viruses at all.

"They are calling about Windows errors,"

"But everybody has Windows errors.

So immediately you are listening."

"He spent an hour on the phone and at the end of the hour they told him they were going to charge him $300,". Then she had to remove the "malware" that the caller installed.

It's Not Microsoft

Remember: Microsoft will never call you unsolicited.

The company says this is a foreign scam to collect credit card numbers and install malware.

But if you have PC problems, like Mr. Smith did, it's so convincing. "I believed it, and I bit like a fish," he said.

Bottom line: If Microsoft calls you, hang up.

If you are having computer problems bring it into our showroom and we can assess any virus or malware issues you may be having.

Call: 724-838-7526

PAconnect

789 East Pittsburgh Street - Greensburg, PA  15601

Monday - Friday 9:00 AM - 6:00PM - Saturday and Sunday Closed
AuthorBob Appleby | CommentPost a Comment |
in
Wednesday
Apr242013

Local News Station Reports warning about ‘Microsoft’ protection plan scam

DateWednesday, April 24, 2013 at 1:18PM

imageThis newscast discusses one of the new ways that people are being tricked into sharing their personal information with scammers and tricksters. In this case the individual was called by someone claiming that they were from Microsoft and that he wanted to sell her a protection plan for her computer.

Rule #1: You are not going to get unsolicited calls from a real company. They may send you an email as advertising but nothing so in your face.

Rule #2: Anything having to do with connecting to your computer, again unsolicited by you should automatically flag an alert to you. Don’t trust this call.

Rule #3: Anything having to do with credit cards, banks or any other financial payment system that is again unsolicited by you should be flag as well. Tell the people thank you and hang up. Call your financial institution using a number that you know is right and ask them about whatever was proposed to you.

The key here is, if you haven’t noticed, don’t trust anyone that is trying to get information from your or access anything that you own that you have not asked specifically for them to do so.

AuthorBob Appleby | CommentPost a Comment |
in , ,
Friday
Jul082011

Another Source of Fraud: Urgent notice of Intellectual Property protection

DateFriday, July 8, 2011 at 1:20PM

Internet Scamming is rampant and here is yet another way these guys are trying to separate us from our hard earned money. A client of mine received an email stating that someone in the China/Asia are wants to file for a domain name that was already held by my customer. They wanted confirmation that my customer was the trademark owner. The message was as follows:

Subject: Urgent notice of Intellectual Property protection

Dear Manager:

This email is from China domain name registration center, which mainly deal with the domain name registration and dispute internationally in China and Asia.
On July 4th 2011, We received Tianhua Ltd's application that they are registering the name "[Customer’s Domain Name]" as their Internet Keyword and " [Customer’s Domain Name].cn "、" [Customer’s Domain Name].com.cn " 、" [Customer’s Domain Name].asia "domain names etc.., It is China and ASIA domain names. But after auditing we found the brand name been used by your company. As the domain name registrar in China, it is our duty to notice you, so I am sending you this Email to check. According to the principle in China, your company is the owner of the trademark, In our auditing time we can keep the domain names safe for you firstly, but our audit period is limited, if you object the third party application these domain names and need to protect the brand in china and Asia by yourself, please let the responsible officer contact us as soon as possible. Thank you!

Best regards,

John
Oversea marketing manager 
Shanghai Office (Head Office)
3002, Nanhai Building, No. 854 Nandan Road,
Xuhui District, Shanghai 200070, China
Tel: +86 216191 8696
Mobile: +86 136615 29704
Fax: +86 216191 8697
Web: www.ygnetworkltd.com

Here is a great article that goes through and picks out all of the pieces that may help you in the future to determine if email like the one above is real or a scam.

AuthorBob Appleby | CommentPost a Comment |
in , , ,
Tuesday
Feb012011

I never did like AOL!

DateTuesday, February 1, 2011 at 6:35PM

I was never one for the amount of control that AOL’s interface held you to but I could see the benefit for some people. If you were one of the people that signed up early 2011-02-01_1827for AOL and their phone dial up service got used to this type of thing. When broadband became available many of these people kept their accounts with AOL even though the signed on through their new broadband connection. What they didn’t realize was that they didn’t have to keep paying for that AOL account!

Nicolason Carlson from Business Insider found out that the majority of AOL’s business comes from selling the dialup internet access to people who already have internet access:

In his big New Yorker profile on AOL this week, Ken Auletta explained that 80% of the company’s profits STILL come from AOL’s subscription business.

What’s troubling about AOL’s subscription business is who the subscribers are and why they may be sticking around – in Auletta’s words, “older people who have cable or DSL service but don’t realize that they need not pay an additional $25 a month to get online and check their email.”

A former AOL exec explains that this is AOL’s “dirty little secret” – “that 75% of the people who subscribe to AOL’s dial-up service don’t need it.”

This is the sort of practice by companies that just infuriates me. I hate seeing people being taken advantage of just because they haven’t the knowledge to know what they are paying or need to be paying for. So hopefully this article will open your eyes and make you aware that you don’t need to pay for something that you don’t receive any benefit from. I remember how hard it was to cancel my account and over the years how hard it has been for our customers to do so as well. Good luck!

You want more information visit the Audio recording here or download the recording by clicking here, with Ken Auletta and his full article is available in The New Yorker January 24, 2011 edition p. 32.

AuthorBob Appleby | CommentPost a Comment |
in , , , ,