Scam Alerts

Parrot Scam

The scammers usually word the message claiming that they need to find a new home for their parrot, and will either sell it very cheaply, or it is an adoption request. The bird chosen is usually a popular/rare bird such as a Macaw.

The price for the bird is usually a fraction of its value or is being given away for free, as long as the new owner pays for the delivery fee. The message will contain photographs of the bird that is being sold/given away. The photographs will be stolen from another website without the owner's knowledge.

However, the promised cheap or free parrot does not exist. If you answer one of these fake ads, the scammers will respond with more information about the bird they claim to own. Typically, the scammers invent some sad tale to explain why they must sell or give away their much-loved parrot. However, the owner will insist that any payments must be made before the bird is delivered.

If you send money to buy the bird or pay transport costs, requests for more money will likely follow. If you send what you believe to be the full payment, the scammers may then reply with an "urgent" request for more money to cover "unexpected" expenses such as vet bills or permit fees.

If you then send still more money the scammers will probably ask for extra payments for higher than expected delivery charges, or some other fake expenses.

This will continue until you realize you have been scammed and are never going to receive your parrot.

When people just want a good home for their bird and will only charge you shipping, BE CAUTIOUS. Ask for photos with date stamps, ask for phone calls with the people you’re in contact with, and talk to the vet who checks the bird before shipping them.

If you are purchasing the bird from overseas, you will have to complete paperwork so don’t believe the sender has it “all taken care of” because they can’t!

Both parties are required to complete paperwork such as import/export permits and go through designated ports of entry. Vets have to check the animals at take off and landing destinations. In some cases, the scammers will also demand a lot of personal information from you during the course of the scam. They claim that they require such information to verify your identity and reputation, so that they can be confident that their much loved parrot will be in safe hands. In reality, the personal information submitted may subsequently be used to steal your identity.

Advance fee scammers also use the promise of other free or cheap pets as the bait in similar scams.

Visa Phishing Scam

The email however is not from Visa but is instead a phishing scam designed to steal your private information. If you follow the link in the scam email you will be taken to a fake webpage that asks you to provide credit card details, date of birth, social security number, contact details and residential address on a fake online form.

All information entered into the fake form will be harvested by scammers and used for credit card fraud and identity theft.

To make the scam email seem more legitimate, the scammers have formatted it so that it appears to be a genuine Visa message, complete with graphics, Visa website colour scheme and disguised sender address.

Visa will not send Visa card holders unsolicited emails asking them to provide personal and financial details. In fact, Internet users should be very cautious of any email that asks them to follow a link or open an attachment in order to provide private information.

A copy of the wording is included below:

Hello

We have recently determined that different computers connected to your account Verified by Visa, Password and multiple failures were present before the connection. We now need you to confirm your account information Verified by Visa.

If not completed within 48 hours we will be forced to suspend your account indefinitely, as it can be used for fraudulent purposes. Thank you for your understanding in this way.

To confirm your online account:

The procedure is very simple: 1. Click on the link below to open a browser window secure. 2. Confirm that you are the owner of the account and follow the instructions.

Access Your Account

Advance Fee Scam on Facebook

The message claims that the owner of the Facebook account has won $50,000 in the "Face Book 2010 promotion". You are instructed to contact the "Payment Department" immediately by an email address [that is included in the email] in order to claim the prize money.

If you respond you will be asked to send a fee to cover the cost of the transfer of the prize money. Like all the advance fee scams, the person offered the sum of money [whether it is a prize, inheritance, assistance to get money out of a country etc] is required to pay some money first before they supposedly receive their money.

If money is sent to 'claim the prize money', there will be further requests for money to cover other unforeseen problems or processes. The requests will continue until the victim runs out of money, or realizes it is a scam.

Some Facebook users have also been asked for some personal information as proof that they are who they say they are. This is designed to allow the scammers to steal the victim's identity.

The advance fee scams are designed to appeal to greed or the people who want something for nothing.

Over the years people have become wary of the advance fee scam, made famous by the Nigerians, and are now cautious of receiving emails requesting help to get millions of dollars out of an African country in return for a share of the money.

As a result, the scammers have invented new ways of serving up the advance fee scam, and are now using social networking sites as an effective way of reaching lots of people.

Remember to be very wary of messages that claim that you have won money or prizes in a promotion or lottery that you have never entered.

Stranded Email Scam

Pretending to be the victim, the hacker uses the victim's account to send a notice to their contacts. The notice claims the victim is in immediate need of money due to being robbed of their credit cards, passport, money, and cell phone; leaving them stranded in London or some other location.

Some claim they only have a few days to pay their hotel bill and promise to reimburse upon their return home. A sense of urgency to help their friend/contact may cause the recipient to fail to validate the claim, increasing the likelihood of them falling for this scam.

If you receive a similar notice and are not sure it is a scam, you should always verify the information before sending any money.

If you have been a victim of this type of scam or any other Cyber crime, you can report it to the IC3 website at: www.IC3.gov. The IC3 complaint database links complaints for potential referral to the appropriate law enforcement agency for case consideration. Complaint information is also used to identity emerging trends and patterns. Remember - always watch for scams!

Fraudulent Telephone Calls Allowing Fraudsters Access to Consumer Financial and Brokerage Accounts

The FBI advise that fraudsters compromised their victim accounts and contacted financial institutions to change the victim profile information [i.e. email addresses, telephone numbers and bank account numbers].

The TDoS attacks used automated dialing programs and multiple accounts to overwhelm victims' cell phones and land lines with thousands of calls. When victims answered the calls they heard dead air [nothing on the other end], an innocuous recorded message, advertisement, or a telephone sex menu. Calls were typically short in duration but so numerous that victims changed their phone numbers to terminate the attack.

These TDoS attacks were used as a diversion to prevent financial and brokerage institutions from verifying victim account changes and transactions. Fraudsters then had adequate time to transfer funds from victim brokerage and financial online accounts.

Protection from TDoS attacks and other types of fraud requires consumers to be vigilant and proactive. In Newark’s Public Service Announcement [PSA], they recommend consumers protect themselves by:

•Implement security measures for all financial accounts by placing fraud alerts with the major credit bureaus if you believe they were targeted by a TDoS attack or other forms of fraud

•Use strong passwords for all financial accounts and change them regularly

•Obtain and review your annual credit report for fraudulent activity

If you were a target of a TDoS attack, immediately contact your financial institutions, notify your telephone provider, and promptly report it to the IC3 website at: www.IC3.gov.

The IC3 complaint database links complaints to assist in referrals to the appropriate law enforcement agency for case consideration. The complaint information is also used to identity emerging trends and patterns.

Facebook Scam

This time it is disguised as a video that states it is showing 'Distracting Beach Babes'. The malware messages have been appearing on the Walls of a lot of Facebook users. The messages look like they have been posted by friends of the Facebook user. It shows a thumbnail of a woman's bottom in a skimpy bikini and a has link labeled 'Distracting Beach Babes HQ'".

The wording includes the name of the Facebook user followed by 'this is hilarious LOL :P :P :P' If you click on the link hoping to see the hilarious beach babe video, you will actually open a rogue Facebook application. If you give permission for the rogue application to run, you will then be prompted to follow another link to update your Flash video player. However, if you click this 'update' you will actually download and install adware on the your computer.

While this is happening, the application will have automatically posted the same malware message to the Walls of your Facebook friends. To make the message seem more legitimate, the rogue application adds the name of each Facebook friend to the bogus Wall posts.

If you have already become a victim, delete the offending message from your page, scan your computer with an up-to-date anti-virus, change your passwords, and review your Facebook application settings.

It would also pay to advise your friends to do the same.

This attack is believed to be a new incarnation of the earlier 'Candid Camera Prank malware attack, which used similar tactics.

iTunes Gift Certificate

You may receive [or have already received] an email that appears to come from iTunes that advises that you have been given a gift certificate to the value of $50.

It is designed to get you to open the attachment so that a trojan can be downloaded onto your computer that will give hackers access to your computer.

The email is designed to look like an official message from the iTunes Store and states that on the iTunes Gift Certificate is a code that can be used to purchase music and other items from the iTunes store. The gift certificate is supposed to be in a file attached to the email.

The email however is not from iTunes and the $50 gift certificate is bait used to entice you into opening the email's attachment. If you open the attachment, you will launch a malicious application that can install a trojan on your computer. Once it is installed on your computer it can then modify your Windows registry, potentially giving hackers access by connecting your computer to a remote server, and downloading and installing even more malware.

Internet criminals often use the bait of supposedly free gifts, products and services as a means of tricking you into opening malicious attachments. By offering what appears to be an unexpected gift, these criminals hope you will be tempted with the "something for nothing" approach. This has more credibility when the names of legitimate organisations are used.

Remember that iTunes users can buy iTunes Gift Certificates for their friends or family members and send them an email with the details, however the email usually shows it is from someone you know, and the code is not in an attached file.

Business Scams

The main types of business fraud include anything from bounced checks, forged cash, and fake invoices, as well as online banking fraud, unauthorised direct debits, eBay and PayPal scams, charity calendars, and advertising in publications that don't exist.

An increasingly common business scam is the theft of domain names, which can be bought and used fraudulently, as well as the use of legitimate business e-mail addresses for criminal and fraudulent spam e-mails.

Other common scams include:

*Competitors using another business’s name as a search engine tag and directing potential customers elsewhere

*Trojan viruses being used to steal a business’s IP identity and using it to commit crime

*Scammers impersonating legitimate companies, and then opening an eBay account selling items that don’t exist. The e-mail address is false and the legitimate company then gets the bill

The majority of businesses [85%] have a firewall to protect themselves against fraud and online crime, however only 49% used updates to receive patches to ensure their security software had up-to-date protection.

Remember:

* Do not click on links contained within spam e-mail

* Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders

* To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf

* Validate the legitimacy of the organization by directly accessing the recognized charity or aid organization's website rather than following an alleged link to the site

* Attempt to verify the legitimacy of the non-profit status of the organization by using various Internet-based resources, which also may assist in confirming the actual existence of the organization

* Do not provide personal or financial information to anyone who solicits contributions as providing such information may compromise your identity and make you vulnerable to identity theft

Alarming Statistics

• The scam ratio for work-at-home jobs posted online is 59:1. which means out of every 60 advertised jobs, only one is genuine

• On average, 3,500 new sites harboring malware are set up every day. Online security experts McAfee believe there are now more than 1.2 million different types of Internet malware

• Almost two-thirds of people incorrectly believe a check is valid if a bank pays out funds on it. (That is incorrect, and if the check subsequently bounces, the account holder is responsible for repaying any money they withdrew)

• A scan of 22 million PCs by security firm Panda Labs in the second quarter of 2009 showed that just short of 12 million of them were infected. If the same proportion applies elsewhere, that means over half of PCs worldwide could be infected with viruses, Trojans, spyware and other malware. The biggest single category of infection is by banking Trojans and password stealers

• Scammers are known to profile their victims -- they know who makes the best target. For instance, a woman aged 70-plus is the most common target for a lottery scam, while a man in the 55-61 age range is the most common investment fraud victim. The age group that attracts the most scams is the 30-39 year olds

• The typical victim of a lottery money scam loses around $3,000, usually for supposed tax, administration or Customs fees, while those who fall for advance fee scams lose on average, up to $4,000. The average identity theft victim gets taken for $5,000

Here are some tips you can use to avoid becoming a victim of cyber fraud:

•Do not respond to unsolicited [spam] e-mail

•Do not click on links contained within an unsolicited e-mail

•Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan the attachments if possible

•Avoid filling out forms contained in e-mail messages that ask for personal information

•Always compare the link in the e-mail to the link you are actually directed to and determine if they actually match and will lead you to a legitimate site

•Log on directly to the official Web site for the business identified in the e-mail, instead of "linking" to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information

•Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine

Archive 8

Archive 7

Archive 6

Archive 5

Archive 4

Archive 3

Archive 2

Archive 1