Archive 3


Mystery Shopping Scams Increase

Recently we have received increased reports of employment schemes relating to mystery/secret shopper positions. Scammers are taking advantage of the fact that many retail and service corporations do hire people to evaluate themselves or their competitors.

We have been advised that the victims have been contacted by e-mail and U.S. mail to apply to be a mystery shopper and asked to send a resume and are supposedly subject to an extensive background check before being accepted as a mystery shopper.

The employees are then sent a check with instructions to shop at a specified retailer for a specific length of time and spend a specific amount of money on merchandise from the store. The employees receive instructions to take note of the store's environment, color, payment procedures, gift items, and shopping/carrier bags and report back to the employer.

The second evaluation is to evaluate the ease and accuracy of wiring money from the retail location. The money to be wired is also included in the check sent to the employee.

The remaining balance is the employee's payment for the completion of the assignment. After the merchandise is purchased and the money is wired, the employees are advised by the bank that the check cashed was counterfeit, and they are responsible for the money lost in addition to bank fees incurred.

In other versions of the scheme, applicants are requested to provide bank account information to have money directly deposited into their accounts. The scammers then have gained access to these victims' accounts and can withdraw money, which makes the applicant a victim of identity theft.

Here are some tips you can use to avoid becoming a victim of employment schemes associated with mystery/secret shopping:

•Do not respond to unsolicited [spam] e-mail

•Do not click on links contained within an unsolicited e-mail

•Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan all attachments, if possible

•Avoid filling out forms contained in e-mail messages that ask for personal information

•Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site

•There are legitimate mystery/secret shopper programs available. Research the legitimacy of companies hiring mystery shoppers. Legitimate companies will not charge an application fee and will accept applications on-line

•No legitimate mystery/secret shopper program will send payment in advance and ask the employee to send a portion of it back.

Haitian Earthquake Relief Fraud Alert

Reports have already been coming in of Haitian earthquake relief scams.

Fraudulent websites have sprung up overnight, and there have been mass appeal emails sent out with fake postal and website addresses to send donations to.


If you intend to donate money in the aftermath of the earthquake in Haiti, you need to be very alert and do your due diligence before responding to those requests. Past tragedies and natural disasters have triggered many scams that are promoted through mass emails as well as advertisements on the Internet and newspapers.

So, before making a donation of any kind, consider these guidelines:

• Do not respond to any unsolicited [SPAM] incoming emails, including clicking links contained within those messages

• Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites

• Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group's existence and its nonprofit status rather than following a supposed link to the site

• Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders

• Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes

• Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft

Identity Theft

With just under 9 million identity theft attempts online every day, you need to be on the alert to avoid becoming a victim.

The theft of your identity occurs by either tricking you into providing your personal information such as login details, credit card numbers or social security numbers, or by physically stealing your wallet etc.

The most common way to get your personal details is by sending you a message via text, email or phone, indicating there is a problem with your account. The message tries to get you to call a number or visit a website and enter your details.

Within the message you receive is usually a link to the website they want you to login to, which is usually a fake replica of the real website you think you are going to.

You can avoid this type of scam by never clicking on a link in the message, and always typing the name of the business into the address bar yourself. If you are asked to ring a phone number, always look it up in the directory.

Although the physical theft may include your purse or wallet, sometimes it includes your written personal details recovered from your trash cans on a variety of accounts, invoices and credit card invitations.

The way to avoid this is to shred all documents with your personal information on them.

There are instances of identity theft that you can't prevent such as large scale hacking of business computers that store your personal details, or where your credit card is taken out of your sight for processing [restaurant] and the staff can record your details and the security number on the back.

You can minimize the effects of this type of theft by monitoring your accounts online and subscribing to an ID theft protection service.


Social Security Scam Email

This email appears to be sent from "Social Security Administration" and claims that your annual Social Security statement may contain errors. It urges you to click a link in the message so that you can review a copy of your statement and look for possible calculation errors.

The email is a scam and is not from Social Security Administration. It is designed to collect social security numbers and fool you into installing a Trojan that will steal information from your computer.

If you click on the link you will be taken to a fake website designed to look like the genuine United States Social Security Online website.

You are first asked to enter your Social Security Number and then click a "Continue" button, upon which you will be taken to a second fake webpage where you will be instructed to click another button that will supposedly generate your annual Social Security statement.

By clicking the button however you do not generate a statement, but instead download a Trojan called the Zbot.P Trojan. Once it is installed on your computer, the Trojan can collect information such as your passwords and send them to Internet criminals.

Scammers often use government department names on their emails in an attempt to trick you into giving up personal information or downloading malware.

Always be wary of unsolicited email from government departments if they are asking you to enter private information. If you need to access the government department's website, do so by typing the address into your browser's address bar, instead of clicking a link.


Return to Scam Alerts