Defeat Scammers
So, someone has sent an e-mail, called, sent a physical letter, or they impudently walked right up to you or your door and they are asking for confidential information. They sound like they are contacting you about something important and they’re making it sound urgent…. This is a very standard ploy used by scammers. They’ll pretend to be from the IRS for back taxes or that your account with Apple (or some other organization) is about to be deleted or disabled [never mind that you’ve never had an account with that organization], they might even be pretending to be offering you a job.
+ No legitimate business will call you to ask you for your username and password. NOT EVER! They don’t need it, because they already have it.
+ The IRS doesn’t call you or send e-mails. Look for Registered mail. Look for people with badges at your door. Not e-mails. Not phone calls.
These evildoers do their best to not give you enough time to think about what they are telling you or to run the information past someone else for a logic check. These people wouldn’t be doing this if they knew they couldn’t make money doing it. This means that enough people fall for these scams that these evildoers can live off of the general populous’ naivety (gullibility).
** Who’s the general populous you say? That’s you, me, and everybody. I’ve taken proof of one of these scams to the police. They said they couldn’t do anything about it, but they could take the check for training purposes… What training purposes, if they can’t do anything about it? I reported the matter as mail fraud (which is a separate entity from the police). The police should have recommended this, rather than blowing it off. Ok. I digress, but just because you don’t get traction using one support path, doesn’t mean you should lose heart and give up. These people won’t stop, until it is no longer profitable for them.
What to look for:
Test 1: You have a virus on your computer.
* Logic Fail 1: Who are you and why do you THINK you have the right to access to my computer to be able to tell me that? i.e. I’m not paying anyone to actively monitor and report on such things. Not even Antivirus services do this.
+ These people are trying to get you to give them access to your computer to put something on there (possibly even the virus they’re claiming to be trying to help you get rid of).
Test 2: Hi this is your son/daughter/grandchild (they might even use that relative’s name). I’m in Florida/Utah/where ever and I need bail. If I can pay $xx,xxx the police will drop all charges.
* Logic Fail 2: The police do not drop charges because they’ve been paid. That’s called bribery and is a good way to get arrested.
* Logic Fail 3: My son/daughter/grandchild is nowhere near that location and would have advised me, before going to such a place. (Check with another family member or call that person on another phone if you’re uncertain of their current situation.)
+ These people are obviously after your money. They will go giggling off into the night, never to be seen again. Don’t do it.
Test 3: A fake offer of employment. You can work from home (awesome!), they’re going to send a check, so you can buy the equipment (huh… flag 1), you just need to buy the equipment from their vendor (really… flag 2). Oh… and they want you to deposit the check outside of banking hours (seriously… flag 3), then spend your money, with their vendor… before the check can clear (Wait, stop final flag. You’re done).
* Logic Fail – Flags 1 & 2: Why are they sending me a check to use with their vendor instead of having the vendor ship the equipment to me, while they pick up the bill?
* Logic Fail – Flag 3: They obviously don’t want me to talk to a bank clerk, who could tell me straightaway that this is a fraud.
* Logic Fail – Flag 4: Never let anyone talk you into cashing a check, then spending your money on faith that a check will clear. NEVER, EVER, EVER.
What to do about it?
* Never give your personal information Birthday, Social Security Number, usernames, passwords, or bank information to anyone that you have not contacted via verifiably legitimate means. In other words, look up their phone number in a legitimate directory.
What can our service providers do about it (Internet and Phone)? They can set up servers that prevent calls and e-mails from pretending to be from sources that they are not from. They could protect us from scammers, but as of now, they are not doing so. I personally am tired of the constant barrage of calls pretending to be calling from within my home state, which are actually coming from outside the U.S. altogether.
Useful Resources:
Cyber Attack Maps – Accurate or Eye Candy?
https://blog.knowbe4.com/cyber-attack-maps…accurate-or-just-eye-candy
Phone Call Attack Scams – Security Awareness
https://www.sans.org/security-awareness-training/resources/phone-call-attacks-scams
Discussion ¬