The Common Scams People Still Fall for All the Time

The scams are dumb, but the victims are not. Here's why we keep falling for these fraudulent tricks and how to stop doing so.

The top site for classified ads in the U.K. conducted a study recently that should send a wave or two to this side of the Atlantic. When it comes to scams, it’s all about the bait. Gumtree found that even with the forethought that a listing was a scam, more than a third of their users would still go ahead with a transaction. As my mother would say … Actually, she’d probably just shake her head.

It doesn’t matter where they happen. Scams are as international and ubiquitous as the human capacity to be tricked. And while some scams are super-nova dumb, that does not always mean that most people who fall for them are.

Scams rely on a simple fact of life: People are busy. Most of us aren’t Zen masters of meditation. It’s hard to fully occupy each and every moment because we lead distraction-filled lives. We’re not constantly up on the fire tower scanning the horizon for smoke, and that’s a good thing.

Unfortunately, there are some real slime balls out there who rely on this problem of ours.

Here are some recent scams that are making the rounds:

Amazon Phishing Scam

In this scam, you get an email from Amazon. It informs you that there’s been a problem of some sort. Don’t focus on what sort, because it’s these nuances that will get you got. If you get an email from Amazon telling you that there’s been a problem with an order, or that a recent order was canceled, it’s time to focus. It could be a scam.

How it works: There’s a link in the email that leads to a site that looks identical to Amazon, but you’re not anywhere near the site. The scammers are looking to get your personal information to use in the commission of identity theft, and your financial information to drain your credit card or bank account.

What to do: Visit your Amazon account by logging in directly. Do not use the link in the scam phishing email.

[Editor’s note: Keeping track of your credit scores can help you spot signs of fraud early on. A significant decrease in your scores could be a sign that someone has gotten hold of your information and using it without your permission. You can check your credit scores regularly using Credit.com’s absolutely free Credit Report Summary.]

Smishing Scams

Smishing isn’t terribly different from phishing, but if you’re not expecting at least the possibility of a smishing text, you might fall for it. The text arrives and appears to be from your bank. It could be from your internet provider. Generally, it’s from somewhere that can negatively impact your life, and that would also be in possession of your mobile digits.

How It Works: The smishing text informs you that someone has tried to access your account or it’s been frozen (again don’t get caught up on the details, the account or anything else), and your password or some other data needs to be updated. There’s a link to use where you can authenticate yourself by entering your personal information (for example, your Social Security number), and secure your account.

What to Do: If you regularly use your smartphone to access the internet, bear in mind that there are hidden dangers everywhere, and pause before you pounce on text warnings.

Sweepstakes Scam

You get a phone call from someone very cheerful, and maybe even a little breathless in the delivery of their blue-sky greetings. You’ve just won the Publishers Clearinghouse Sweepstakes. You’re a millionaire or a $500,000-aire. The prize patrol is 20 minutes away, so get dressed and be ready for your photo op with a beach towel-sized check.

How It Works: This scam preys on the wonderful human trait that, no matter how our day or month or year is going, hope springs eternal. Part of your prep for the prize patrol, however, requires that you pay the processing fee upfront. There could be many explanations for it, but the bottom line is you’re going to have to spend money to collect the prize.

What to Do: Hang up, and don’t bother changing your clothes. If you really have money coming to you from the sweepstakes or lottery, they are legally obligated to get it to you.

IRS Phone Scam

You get a phone call from the IRS, which is not entirely far-fetched anymore because Congress directed the IRS to collect back taxes with help from collection agencies. So, you could get a legitimate call from one of these four collection agencies: CBE Group of Cedar Falls, Iowa; Conserve of Fairport, New York; Performant of Livermore, California; or Pioneer of Horseheads, New York.

How It Works: The caller says you owe taxes (never mind the particulars as this is the nuance stuff that fuels any good scam), and if you don’t pay you’re going to be arrested (or some other bad thing will happen). Payment can only be made through a prepaid debit card or gift card, because of the particular kind of hell you created with your fictional bad behavior. You are informed that the purchase of whatever card you are told to buy is linked to the Electronic Federal Tax Payment System.

What to Do: Hang up and wait for a letter from the IRS notifying you of the situation, or call the IRS directly to inquire about any taxes you may owe.

The Grandparent Scam

Here’s one that doesn’t prey on the attention deficit disorder called daily life, but rather, it plays on the heartstrings. This scam relies on the sharing of information on social media, and the universal inability among some people to recognize a relative’s voice.

How It Works: A targeted grandparent gets a call asking for emergency funds, either directly from the grandchild who is actually a scammer armed with family names gleaned from your social media account — or someone representing them (a lawyer, bail bondsman, police officer). The story is good. All scammers are good storytellers. The ask is doable. They need money wired now.

What to Do: Never wire money unless you are absolutely certain where and to whom it’s going. If possible, double check a request with another relative. If you’re told secrecy is necessary (because a parent or sibling will be mad), just say no. Bigger picture advice: Don’t overshare. Set your privacy as tight as it will go, and don’t let people tag you in photos. And while it’s hard to sift through these days, get rid of any friends on social media who aren’t actually friends. Perhaps you should use this as an opportunity to prune a few friends too. You know, the ones that are always asking you for money.

The One-Ring Scam

This one is simple. Your phone rings once. That’s it. The scam relies on a couple things, though. First, there’s a curiosity factor. Second, there’s the very real possibility that most people have not memorized every area code used in the United States. But forget that, because caller ID can be be gamed with a spoofed phone number. Here’s what you need to know: Your phone rang once.

How It Works: You call back the number, and you’re automatically charged for a service that you didn’t want, or money is otherwise sucked out of your phone account to appear at the end of the billing cycle.

What to Do: If your phone rings once, assume the conversation that didn’t happen wasn’t worth happening. Wait for whomever called to leave a message, and never (ever) return fire.

There are more scams happening all the time, and no way to chronicle every one of them. But the baseline behavior of pausing and thinking for a moment, “Could this be a scam?” is your best protection to keep fraudsters at bay.

Image: Kerkez

The post The Common Scams People Still Fall for All the Time appeared first on Credit.com.

5 Scary Wedding Scams to Avoid This Season

The wrong call can mean the difference between an unforgettable wonderful day and a day that makes you angry every time you think about it.

Weddings require many important decisions and the wrong call can mean the difference between an unforgettable wonderful day and a day that makes you angry every time you think about it.

The often unreasonably high expectations of families and friends and at least one spouse-to-be only makes matters more fraught. With such a high level of stress, it’s only a matter of luck that mistakes don’t get made. Scam artists are counting on that.

There will be a repeating theme in this article, and it’s this: Be certain you know who you’re dealing with, and when you think you’re sure, check some more. Here are five wedding scams you want to avoid.

1. Sham Wedding Planners

Scammers take advantage of distraction, and there are few things in life so exquisitely discombobulating as the planning of a wedding. Add to that the high likelihood that the bride and groom may not be overly familiar with different kinds of transactions that help make an event run smoothly — purchases, contracts, rentals, hiring — and you have fertile ground for fraud.

It is a good rule of thumb to look for trouble when anything out of the ordinary comes up. I’ve heard of scams that were run through radio stations, where the “planner” offered a free wedding to a couple who couldn’t afford one and then raised the money from listeners. That counts as out of the ordinary, but the scam that lands in your inbox may be subtler. In the radio scam, vendors are hired but never paid. The “planner” skips town with all the money.

Another familiar scam involves blank checks and the flakiness of many vendor hires. A “planner” will ask the couple for checks written out for a specific amount but without filling in the payee because, they are told, it’s up in the air as to who’s going to get the gig. The scammer cashes all the checks, no one is hired and the wedding doesn’t happen quite so wonderfully as planned. (Here’s what you need to know about bounced checks.)

2. Pricey Wedding Photographer Scams

A photographer shows up and takes pictures. He sends proofs to you. They are tiny and low-resolution, but you can see they are fantastic. Next comes the bill.

Now, wedding photography is expensive, but we’re talking crazy-town prices here. One scammer banked $140,000 before getting nailed. The ruse: Take the money and never deliver the goods or extort a huge payment in exchange for them. The variation on this theme is taking a size-able deposit and simply not showing up.

3. Missing Flowers

When it comes to flower scams, we’re talking about a different line of business but very similar types of fraud. Maybe this scam takes the form of an independent contractor who assures you they make breathtaking arrangements for a fraction of the cost other places charge. All you have to do is write them a check for the flowers you need and show up to your wedding. They’ll handle everything. They never show up, and you can guess the rest.

How to Avoid Vendor Scams

There is no substitute for checking references. You should look for reviews online, but know that this will not help detect a fraudster with several aliases. Ask for references, no fewer than five, and then call them.

Bear in mind that a quality scammer may have a wing man or two, but not five. That said, you never know. Maybe they’ll give you what you request. You still have some agency here. Listen carefully to the references when you call, because if they’re not for real you’ll be able to tell. Get detailed. Be friendly. You’re getting married. They know how great and frenzied that can be (if they are for real).

Additional tactics: Ask about the reference provider’s honeymoon or for the name of another vendor used at their wedding. Be creative. Do your homework, and you won’t get got by these kinds of scams.

4. Gift Theft

According to Vogue, the average cost of a wedding gift in 2016 for a co-worker or distant relative was $50 to $75. For someone closer, it was $75 to $150. While some gifts are purchased online and sent straight to the home of the newlyweds, many are brought to the wedding. And you guessed it — thieves are waiting to steal them.

To avoid the tragedy of walking wedding gifts, make arrangements to either have all the gifts watched or stored somewhere secure.

5. Home Invasion

Nothing like a wedding to signal to a home-invasion specialist exactly when you and your relatives will for sure not be home. The best rule of thumb here is to avoid making public the precise plans for your wedding.

But assuming word gets out, what should you do? Let your neighbors know you’ll be away and ask them to keep an eye on things. If you have an alarm system, make sure it’s armed. It’s also worth calling your local police department to explain your concern. It depends where you live, but they may send a car out to check on your house while you’re away.

Weddings bring out the best and worst in people, but there are ways to ensure you protect what should be one of the most joyous occasions of your life. Avoiding scams is 99.9% a matter of approaching transactions with caution and common sense. When planning your wedding, take the time to make it the time of your life.

Finally, if you have reason to believe you’ve been the victim of fraud, don’t shrug it off. You can view two of your credit scores for free on Credit.com.

Image: maximkabb

The post 5 Scary Wedding Scams to Avoid This Season appeared first on Credit.com.

Boss Asking for Wired Money? It Could Be a Scam

impersonating-CEOS

It’s much easier to steal $1 million from one person than $1 from a million people, so naturally that’s where identity thieves have taken their “industry.” Small-dollar credit card fraud is old, tricking corporations into wiring millions of dollars overseas is in.

At the root of the latest scariest trend in identity fraud is a new twist on an old scam routine: impersonation. But in this con criminals aren’t impersonating a teenager in trouble to trick Grandma into wiring $1,000. They are impersonating executives with urgent requests to pay multi-million-dollar invoices. The scam works because employees naturally want to please their boss.

How the Scam Works

“Glen, I have assigned you to manage file T521,” read one such message sent by a scammer impersonating an executive. It was provided by the American Institute of Certified Public Accountants (AICPA) in a recent report on this kind of fraud.

“This is a strictly confidential financial operation, which takes priority over other tasks,” the message continued. “Have you already been contacted by [name of person and company]? This is very sensitive, so please only communicate with me through this email, in order for us not to infringe SEC regulations. Please do not speak with anyone by email or phone regarding this.”

Thirty minutes later, the “executive” convinced the employee to make an upfront payment toward an acquisition in China. “Glen” wired $480,000, and didn’t become suspicious until the “boss” asked for a second payment worth millions.

In professional circles, the crime goes by the pedantic name “business email compromise,” but there’s nothing bland about the trend. Reports of the crime to the FBI’s Internet Crime Complaint Center have soared — from 1,198 incidents during 2013 to a total of almost 16,000 in the FBI’s most recent report in 2014. Worse yet, losses have grown 1,300% since January 2015, to almost $1 billion.

Individual firms have been hit hard. One technology company reported in an SEC filing last year that it had been hit by a con that led to “transfers of funds aggregating $46.7 million.”

In its report, the AICPA said the scam is so successful because criminals do a lot of legwork to prepare.

“Cybercriminals conduct extensive research online to mimic a company’s email protocols, design and structure. They monitor social networks to target employees who have a working relationship with the senior executive attributed to the fake email,” the report said. “It’s all meant to be plausible enough to persuade the employee to be responsive to the senior executive’s request and to bypass the controls associated with a wire transfer.”

Other elements that make the crime work so well, according to the report:

  • The email address is substantially similar to the purported sender’s address, with very minor, subtle differences. The email display name may appear correct, but when the cursor hovers over the email address, a different underlying address is displayed. For example, if the actual address is CEO@victimco.com, the impersonator address might be CEO@vicitmco.com. (Note the misspelled domain.)

  • Requests occur when the executive is traveling and cannot be contacted.

  • There is an element of urgency or secrecy regarding the disbursement.

  • The amount is within the normal range of transactions so as not to arouse suspicion.

  • Other employees are referred to or copied in the email, however, their email addresses are also modified.

Executive ID theft can take two main forms, the report says. In the first, an employee receives a rather panicky email from a supervisor saying a transaction must be ordered immediately to complete some kind of secret business deal. In the second form, dubbed “strong-armed vendor request,” a criminal pretends to be a vendor with an outstanding invoice — often based on a real invoice. The criminal then asks the payment be redirected to an account they control.

“The fraudulent email contains a PDF file of an invoice that appears to be from the trusted supplier, and the email text and header information appear to contain the hallmarks of an actual business communication from the supplier,” the report said.

At its core, business email compromise is the same old internet scam: There’s the usual time pressure technique, designed to confuse targets so they drop their guard, and the usual irrevocable payment method, such as a wire transfer.

“This sophisticated type of cyberattack is stealing millions of dollars from companies in a manner that should be particularly concerning to company stakeholders because it persuades employees to ignore internal controls,” said Annette Stalker, owner of Stalker Forensics and chair of the AICPA’s Forensic and Litigation Services Committee. “Executive impersonation bypasses the security systems that company IT departments have put in place to neutralize cyberattacks by going where companies and their employees are most vulnerable: their email systems.”

How to Protect Yourself

The time-tested internet fraud advice still holds true: If you ever feel unusual pressure from someone to make any kind of payment, back away from the computer and take a stroll around the block. Hit the pause button. Nearly all scams would fail if victims didn’t bow to time pressure that criminals utilize as their tool of choice. And stick to procedure when making payments, be they $10 credit card transactions to buy a pair of winter gloves or $10 million payments to overseas vendors. Don’t let someone talk you into doing an end-around — such as a one-time wire transfer to a new account — when you are dealing with money. Pauses and procedures are your best fraud-fighting tools.

If you do fall victim to a scam and your personal information is compromised, be sure to keep an eye on your credit, as this can indicate possible fraud. A sudden drop in credit scores, for instance, is a big sign that your identity has been stolen as are mysterious credit inquiries on your credit report. You can view a free snapshot of your credit report, updated every 14 days, on Credit.com.

Image: monkeybusinessimages

The post Boss Asking for Wired Money? It Could Be a Scam appeared first on Credit.com.