New E-Scams & Warnings

New E-Scams & Warnings
-Birdymckee 06 November 2010

Involvement in Criminal Activity Through Work-From-Home Scams:

10/20/10—Consumers continue to lose money from work-from-home scams that assist cyber criminals move stolen funds. Worse yet, due to their deliberate or unknowing participation in the scams, these individuals may face criminal charges. Work-from-home scam victims are often recruited by organized cyber criminals through newspaper ads, online employment services, unsolicited emails or “spam,” one and social networking sites advertising work-from-home opportunities. Once recruited, however, rather than becoming an employee of a legitimate business, the consumer is actually a “mule” for cyber criminals who use the consumer’s or other victim's accounts to steal and launder money. In addition, the consumer’s own identity or account may be compromised by the cyber criminals.


Cyber Criminals Take Over Corporate Accounts:

10/20/10—Cyber criminals are targeting the financial accounts of owners and employees of small and medium sized businesses, resulting in significant business disruption and substantial monetary losses due to fraudulent transfers from these accounts. Often these funds may not be recovered.

Claims of Being Stranded Swindle Consumers Out of Thousands of Dollars:

07/01/10—The IC3 continues to receive reports of individuals' e-mail or social networking accounts being compromised and used in a social engineering scam to swindle consumers out of thousands of dollars. Portraying to be the victim, the hacker uses the victim's account to send a notice to their contacts. The notice claims the victim is in immediate need of money due to being robbed of their credit cards, passport, money, and cell phone; leaving them stranded in London or some other location. Some claim they only have a few days to pay their hotel bill and promise to reimburse upon their return home. A sense of urgency to help their friend/contact may cause the recipient to fail to validate the claim, increasing the likelihood of them falling for this scam.

If you receive a similar notice and are not sure it is a scam, you should always verify the information before sending any money.

If you have been a victim of this type of scam or any other Cyber crime, you can report it to the IC3 website at www.IC3.gov. The IC3 complaint database links complaints for potential referral to the appropriate law enforcement agency for case consideration. Complaint information is also used to identity emerging trends and patterns.


Fraudulent Telephone Calls Allow Fraudsters Access to Consumer Financial and Brokerage Accounts

06/21/10—The FBI Newark Division released a warning to consumers concerning a new scheme using telecommunications denial-of-service attacks.

The FBI determined fraudsters compromised victim accounts and contacted financial institutions to change the victim profile information (i.e., e-mail addresses, telephone numbers, and bank account numbers).

The Telecommunications denial-of-service attacks used automated dialing programs and multiple accounts to overwhelm victims’ cell phones and land lines with thousands of calls. When victims answered the calls they heard dead air (nothing on the other end), an innocuous recorded message, advertisement, or a telephone sex menu. Calls were typically short in duration but so numerous that victims changed their phone numbers to terminate the attack.

These telecommunications denial-of-service attacks were used as a diversion to prevent financial and brokerage institutions from verifying victim account changes and transactions. Fraudsters were afforded adequate time to transfer funds from victim brokerage and financial online accounts.

Protection from telecommunications denial-of-service attacks and other types of fraud requires consumers to be vigilant and proactive. In Newark’s Public Service Announcement (PSA), they recommend the following guidelines for consumers to protect themselves:

* Implement security measures for all financial accounts by placing fraud alerts with the major credit bureaus if you believe they were targeted by a telecommunications denial-of-service attack or other forms of fraud.
* Use strong passwords for all financial accounts and change them regularly.
* Obtain and review your annual credit report for fraudulent activity.

If you were a target of a telecommunications denial-of-service attack, immediately contact your financial institutions, notify your telephone provider, and promptly report it to the IC3 website at www.ic3.gov. The IC3 complaint database links complaints to assist in referrals to the appropriate law enforcement agency for case consideration. The complaint information is also used to identity emerging trends and patterns.

Rental and Real Estate Scams:

03/12/10—Individuals need to be cautious when posting rental properties and real estate on-line. The IC3 continues to receive numerous complaints from individuals who have fallen victim to scams involving rentals of apartments and houses, as well as postings of real estate online.

Rental scams occur when the victim has rental property advertised and is contacted by an interested party. Once the rental price is agreed-upon, the scammer forwards a check for the deposit on the rental property to the victim. The check is to cover housing expenses and is, either written in excess of the amount required, with the scammer asking for the remainder to be remitted back, or the check is written for the correct amount, but the scammer backs out of the rental agreement and asks for a refund. Since the banks do not usually place a hold on the funds, the victim has immediate access to them and believes the check has cleared. In the end, the check is found to be counterfeit and the victim is held responsible by the bank for all losses.

Another type of scam involves real estate that is posted via classified advertisement websites. The scammer duplicates postings from legitimate real estate websites and reposts these ads, after altering them. Often, the scammers use the broker’s real name to create a fake e-mail, which gives the fraud more legitimacy. When the victim sends an e-mail through the classified advertisement website inquiring about the home, they receive a response from someone claiming to be the owner. The “owner” claims he and his wife are currently on missionary work in a foreign country. Therefore, he needs someone to rent their home while they are away. If the victim is interested in renting the home, they are asked to send money to the owner in the foreign country.

If you have been a victim of Internet crime, please file a complaint at http://www.IC3.gov/.


New Twist on Counterfeit Check Schemes Targeting U.S. Law Firms:

01/21/10—The FBI continues to receive reports of counterfeit check schemes targeting U.S. law firms. As previously reported, scammers send e-mails to lawyers, claiming to be overseas and seeking legal representation to collect delinquent payments from third parties in the U.S. The law firm receives a retainer agreement, invoices reflecting the amount owed, and a check payable to the law firm. The firm is instructed to extract the retainer fee, including any other fees associated with the transaction, and wire the remaining funds to banks in Korea, China, Ireland, or Canada. By the time the check is determined to be counterfeit, the funds have already been wired overseas.

In a new twist, the fraudulent client seeking legal representation is an ex-wife "on assignment" in an Asian country, and she claims to be pursuing a collection of divorce settlement monies from her ex-husband in the U.S. The law firm agrees to represent the ex-wife, sends an e-mail to the ex-husband, and receives a "certified" check for the settlement via delivery service. The ex-wife instructs the firm to wire the funds, less the retainer fee, to an overseas bank account. When the scam is executed successfully, the law firm wires the money before discovering the check is counterfeit.

All Internet users need to be cautious when they receive unsolicited e-mails. Law firms are advised to conduct as much due diligence as possible before engaging in transactions with parties who are handling their business solely via e-mail, particularly those parties claiming to reside overseas.

Please view an additional public service announcement posted to the IC3 website regarding a similar Asian extortion scheme. Individuals who receive information pertaining to counterfeit check schemes are encouraged to file a complaint at www.IC3.gov.

Mystery/Secret Shopper Schemes:

01/20/10—The IC3 has been alerted to an increase in employment schemes pertaining to mystery/secret shopper positions. Many retail and service corporations hire evaluators to perform secret or random checks on themselves or their competitors, and fraudsters are capitalizing on this employment opportunity.

Victims have reported to the IC3 they were contacted via e-mail and U.S. mail to apply to be a mystery shopper. Applicants are asked to send a resume and are purportedly subject to an extensive background check before being accepted as a mystery shopper. The employees are sent a check with instructions to shop at a specified retailer for a specific length of time and spend a specific amount on merchandise from the store. The employees receive instructions to take note of the store's environment, color, payment procedures, gift items, and shopping/carrier bags and report back to the employer. The second evaluation is the ease and accuracy of wiring money from the retail location. The money to be wired is also included in the check sent to the employee. The remaining balance is the employee's payment for the completion of the assignment. After merchandise is purchased and money is wired, the employees are advised by the bank the check cashed was counterfeit, and they are responsible for the money lost in addition to bank fees incurred.

In other versions of the scheme, applicants are requested to provide bank account information to have money directly deposited into their accounts. The fraudster then has acquired access to these victims' accounts and can withdraw money, which makes the applicant a victim of identity theft.

Tips:

Here are some tips you can use to avoid becoming a victim of employment schemes associated with mystery/secret shopping:

* Do not respond to unsolicited (spam) e-mail.
* Do not click on links contained within an unsolicited e-mail.
* Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan all attachments, if possible.
* Avoid filling out forms contained in e-mail messages that ask for personal information.
* Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
* There are legitimate mystery/secret shopper programs available. Research the legitimacy on companies hiring mystery shoppers. Legitimate companies will not charge an application fee and will accept applications online.
* No legitimate mystery/secret shopper program will send payment in advance and ask the employee to send a portion of it back.

Haitian Earthquake Relief Fraud Alert:

01/13/10—The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause.

Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:

* Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
* Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
* Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
* Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
* Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
* Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.

-Birdy