Archive

Posts Tagged ‘scams’

Warning: Steve Jobs new scam

October 9, 2011 6 comments

Nowadays it is a new scam circulating around the Internet, mostly on Facebook.

Do not click on any link that comes along with any message that claims to give away free iPhones, iPads in Steve Jobs memory. It is a scam!

Check this link out: “Free iPads in memory of Steve Jobs“, provided by Scameo a Facebook security blog.

The scam is most often distributed through Facebook. Usually, a friend in your contact list posts on his/her Wall that Apple is giving away for free 1000 iPhones, iPads as a commemoration for Steve Jobs. By pressing the provided link in the message the user will be taken to different websites where will be asked to take surveys and most notably could also get  malwares/viruses on his computer or being taken over his Facebook account. Note that you Facebook friend did not post the message by herself/himself, but the message was posted there through spam or a virus. Don’t blame you friend but simply ask him/her remove the post.

Advice:

-do not press any of these links, remember: no one is giving anything for free ever! This scam is not new at all, it happens all the time when a famous person or celebrity passes away.

-ask your Facebook friends that have posted on their wall such an announcement to remove it from their Wall. Do not comment on their wall but send them a private message to ask them remove the post, and this helps to keep you protected against viruses or to simply losing your time in lengthy and unpaid surveys.

This scam method is called hoax. Check here another Artcile provided by Reuturs: “Online scammers seek to profit from the death of Steve Jobs”

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Have you already received such as message? Do you know about Steve Jobs related scams that you would like to share with us?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Facebook, Privacy, Scams, Social Media Tags: , , , , , , , , , , , , , , , , , , , , , , ,

Warning: Domain name personal data retrieval!

October 4, 2011 3 comments

This post is a special edition as this type of data vulnerabilities and scamming risks are significant.

The blog shows how sensitive personal data can be retrieved without authorization, in one of the easiest ways I personally experienced:

-Anyone can type in their browser: http://www.who.is/whois/

Next step: type in the search box a web address they know or find freely on the Internet such as: http://www.e-crimeexpert.com, then hit “enter”

Fig. 1

-After, from the bottom of the page, the link under “For complete domain details go to” can be easily copied and further use:

http://who.godaddy.com/whoischeck.aspx?Domain=E-CRIMEEXPERT.COM.

Fig. 2

-Once the link will be introduced in a web browser (copy and paste),  sensitive and complete personal data as shown bellow, will be made available:

Registration domain

Registrant’s  full name

Complete email address

Complete home address

Complete phone number

Registration date

Expiration date

Last update

Fig.3 

 

Indeed there is a “no data use” warning posted on the page, but personally I have doubts that this will stop anyone from using this data, (outlined in the red circle).

What someone can do with this data? A scam! Any kind of scam, but mostly it is preferred the domain registration one.

How it works:

A letter will be send on the name and to the address available on WHOIS website claiming to pay the registration fees for your domain name. The expiration date is indicated (it is real) and it is available on the website for anyone.

The same letter will ask the registrant to pay the registration fees for another two years and provide the credit card number and  credit card expiration date details.

Fig. 4

 

Fig.5

What would they do with it? The scammer will clone your card and buy products online or from offline stores (such as electronics, computers, jewelries) having the purpose of selling them for cash.

A website address may be a public domain but the registrant’s name, home address, email address, phone number should not be public at all!

To me not the scam itself it is the most concerning but the easiness how sensitive personal data is available to ANYONE on the world wide web !!!

There are never ending discussions about how policies should be like, how new SNS’s features should be like, but do those policies and features help effectively protect many users from privacy intrusion, unauthorized access of personal data, fraud and scams? I am not sure, but what I am sure about is that AWARENESS, EDUCATION, KNOWING which are the risks, and how could be defeated, can protect users from being victims of identity theft, privacy intrusion, financial frauds, access of personal data.

When registering a domain name, one can chose to keep the registration details private, but unfortunately the account comes with this settings set public by default, instead to be set private by default. How many users know about these risks and how to protect against them? In order to get the registration private, some steps should be done which it is not known by many users/registrants.

This post aims to emphasis one more time how vulnerable our private data is on the Internet.

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Did you know this scam? Did you know how to retrieve such info? What do you think about the easiness of this method?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Data Protection, Identity theft, Privacy, Scams Tags: , , , , , , , , , , , , , , , , , , , , ,

Rental scam

September 27, 2011 5 comments

From the same series that provides information and examples of Internet-related scams,  today E-Crime Expert is presenting another common type of scam: the Rental scam (when someone is looking to rent a place, usually in a different city/country that he/she lives).

How it works:

For example: someone copies a rental offer advertising and posts it on a website corresponded to a city where there is a high demand to rent (i.e. BrusselsParis, London, New York, Toronto, etc). The offer is posted on a specialized rental website, describing a property which exists in reality, with a real address and real pictures, and the price will be much below the market.

People start sending inquires to the fake “owner” and because they know this is a great opportunity to get a such place in a such location for such a bargain they will do anything to get it. So, the “owner” will agree to rent them the place, but before they will sign the contract (provided by regular mail) they have to pay a deposit (one or two months of rent) in order for the apartment to be reserved for them (because often times the people who are looking to rent are from other cities or countries).

Being a “great deal” they will agree to pay and will send money via Western Union or Money Gram or PayPal. Remember that potential renter could check maps online or even send a friend to confirm that the place exists in reality and it does, so they will trust the owner and send the money.

Of course the “owner” is not the real owner of that place but a scammer. He gets the money and no accommodation will be provided, because he does not own the place he might be located in a different city. So, please be careful. The fake “owner” can also get the real identification details, address, location, exact name of the owner, for example from Facebook  (Timeline, Profile or Ticker) or by using Spam, Phishing, unsecured Wi-Fi Internet connections and any other Identity theft-related scam.

If you have doubts regarding such a great offer, please consult this website or contact E-crime Expert and he can check if the property is legitimately rented out by the owner or if it is a scam.

To see a very explanatory video on how this scam works, watch the video below.

Credit: Dave Dugdale. “How to Unmask Rental Scammers” YouTube: drumat5280.

How could you prevent this scam?

  • always check if possible if there is a legitimate person or company by asking for a phone number or any identifiable information that could be further investigated.
  • check if the email address contains a company name, and if so, verify the authenticity of that company.
  • if the email address contains only a name you could check if that name/email address was involved before in a similar scam. Please check this website
  • if there are errors or contradictory information in the advertisement with the wording, directions, communications (once the scammer uses an email address, and another time a different one).
  • if the add contains spelling errors, grammar errors (many scammers use the most circulated languages which may not be their mother tongue).
  • never send money via Western Union or Money Gram. Better pay with a credit card because the payment can be cancelled.
  • better stay in a hotel/hostel for few days if moving to another city and look locally for a place to rent once arrived to your new destination. It is cheaper to spend few nights in a hotel rather than losing the money for two month rent.
  • before moving, look for a legitimated rental agency in your destination city, such as (Brussels): Home in Brussels. Immobe Apartments, Logic immo, etc.
  • if you are moving for work, ask your new employer/company, to help you in this matter. They will at least provide you with legitimated rental adds.
  • almost always what is to good to be true is valid: if the rental price is much lower than the market, there are higher chances for there to be a scam involved.
  • for more info, please watch this video here.

Any questions can be submitted to:
dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Did this scam ever happen to you? After this post, would you be able to protect yourself from this scam?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Facebook, Identity theft, Scams, Social Media Tags: , , , , , , , , , , , , , , , , ,

Charge-back scam

September 26, 2011 8 comments

This blog aims to provide awareness in regards to new types of scams. This post is part of s series that provides information and examples of Internet-related scams. Today, here it is another post which is part of an awareness campaign launched by E-Crime Expert.

How it works:

Charge-back is when someone makes a purchase with their credit card and they receive the “charge” or cost of the product back from the bank.

In the USA, any American Express card owner gets a three-chargeback option each year. Therefore, someone could cancel a payment in order to get a product for free, for example. Why? The bank will put the money back in the person’s account for the reason that buyer claims the product did not conform to the description.

Paypal chargeback scam has two modus operandi (modes of operation):

  • When the scam type involves products – and please note that Paypal only covers where a material product is involved –which results in much fewer scams with material products because the sellers can always prove that they shipped the merchandise with a receipt and also by the pick-up signature from the other end, and might be able to provide pictures of the product.
  • But still, the danger comes indirectly from huge financial institutions would do anything to keep their clients in today’s dry times. How? Because some people abuse this system and deliberately buy a product knowing that they will later charge-back the money they paid for it.

To watch a video of someone’s testimonial about it and how he lost his product and was charged the same amount of money he should have received, click here: PayPal Chargeback Scams.

The other method, which is much more successful from the scammers point of view, has a success rate of over 99 % (based on the Internet Crime Complaint Centre statistics), and involves being a “customer” for services such as: website design or selling a domain name, etc. PayPal’s policy is that they do not offer support regarding disputes or disagreements when services involved (Check PayPal website terms and conditions). How it works: the “client” fills a formal complaint claiming that the website design is not how it was agreed, or the domain name is not as was agreed either. Since these are not material objects no conformity could be verified regarding the initial agreement between the buyer and seller. the buyer always wins and gets the money back from the seller, based on this non-conformity matter. When you have a written (off-line) contract you have there samples of the product, website screenshots, prints, design proofs, where the buyer expressly gives his agreement by signing them and agreeing to the website design, domain name characteristics, etc. But with these types of online transactions in most cases people don’t take these steps anymore and the dispute results over an intangible object, and a legally unofficial agreement.

How you could prevent this scam?

  • A service provider could send samples or a written agreement (contract) to the buyer asking him to print the documents, sign them to indicate acceptance and then send them back.
  • The service provider could use different payment methods that do not have this charge-back policy as Paypal does, or use another online payment method which better protects both seller and buyer  such as: Escrow
  • The seller can check the buyer’s history of transactions (as on eBay) and if he has a good reputation and a significant amount of transactions completed, he might be more reliable than a brand new user with no feedback or transactions record. But still this is not enough: always ask for the phone number, address of the company and proof of legitimacy. If they refuse, there are significant chances that a scam is involved and you are the target.

Any questions can be submitted to:
dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Did this scam ever happen to you? If so, what did you do? Do you know other new types of scams that you would like to share?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Privacy, Scams, Social Media Tags: , , , , , , , , , , , , , , , , , ,

Personal information theft

September 25, 2011 Leave a comment

After  Facebook: introduced a “new way of living”  post where are identified new privacy and identify theft risks (due to the new Facebook’s features), today E-Crime Expert offers a new awareness material for users in order for them to be better informed when using the Internet and the electronic envirovment. Identity theft is a major problem today. Please read this post. Identity theft occurs when using Social Networking Services, Email or simply when shopping or selling online.

One common example of identity theft is when someone offers to buy the product you advertise on a buy-sell website and offers you more money claiming that the product has to be sent to a far away location. They offer to pay for shipping up front or in advance and usually offer more than the seller listed on his add.

How it works: 

the “buyer” will get back to you thanking you so much for your reply. They assure you that they are buying your product and it has to be shipped to a certain address. They will say that in order to make the payment to your bank account as soon as possible, they ask you to provide them with: your full name, full address, telephone number, sometimes bank details (in order to make the payment) and as many other details as possible. Usually they claim to be: military officials, doctors working overseas, lawyers, and any other trustable profession. Once they have your full details they could:

a) produce a fake ID on your name which they could use later to open a bank account or rent products

b) if they got your bank account details or credit card information, they could make a fake credit card on your name and could start making payments online or in-person purchasing in big cities where no one asks for an ID when you use a credit card. Or they will simply go withdraw your money from the ATM if the card has a chequing or saving account.

c) they could sell your information on a specialized website where organized crime representatives buy such details and they have more resources to make fake cards, or use in any fraudulent way your personal details and information.

How can you prevent this theft?

The safest precaution is to never send your personal details to anyone who asks them over the internet, emails, or text messages (SMS), even if they claim to be from your bank, cable company, favorite grocery store or friends, family, or someone you trust. They always use a fake website and/or email address similar to the ones your friends, businesses you trust or your financial institution use.

Any questions can be submitted to:
dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Do you know what identity theft is? Have you ever been an identity theft victim? How do you protect yourself from identity theft?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Data Protection, Facebook, Google, Identity theft, Privacy, Scams, Social Media Tags: , , , , , , , , , , ,

Risks for unsecured wifi Internet connection

September 23, 2011 2 comments

This awareness video is a real example of unsecured wifi network risks and it is part of the awareness series launched by E-Crime Expert started yesterday with Data Safety issues. Wi Fi Internet/network connection opens real vulnerabilities regarding personal files which are accessible to anyone with a laptop/smart phone, PDA, etc. In order to produce this video, E-Crime Expert got connected to a random unsecured wifi network.

This video shows how with one click of a mouse anyone could enter the unsecured personal files such as pictures, music databases, etc.
Sensitive information such as personal photos, work documents, archives are available without any protection from being accessed by anyone on the street.
You should always set a password for your Wifi network. If you don’t know how to do this, you can contact E-Crime Expert (dan@e-crimeexpert.com) for help and advice.
Disclaimer: this experiment did not retrieve, use, stored, copied any personal data, the only purpose for connecting to this unprotected network is a demonstrative one.  
Tips:
•Clear the Cookies of your browser as regularly as possible in order to remove this stored information regarding your user behavior and preferences.

•Clear the web history  and the browser cache

•Clear the search history

•Clear regularly your temporary files, your “Mail Downloads” folder or all the info available on your “Local Storage” under you “Library” folder. That  WILL NOT AFFECT YOUR EXISTING FILES OR FOLDERS ON YOUR COMPUTER, but will prevent you from privacy vulnerabilities and identity theft (e.g. this info can be accessed through an unsecured wifi, on an public wifi in the airport, park, public space, etc.)

•ALWAYS SET UP A PASSWORD for your wifi connection even if it is temporarily used in a hotel or conference room, if available.

•E-crime Expert provides tutorials on how to set up a strong password or what an identification key is. Please contact for more details: www.e-crimeexpert.com
You can watch the video here:

To download the presentation please click here.

If you have any question, contact: dan@e-crimeexpert.com

For more info, visit: www.e-crimeexpert.com

Is this video explanatory enough for you? Have you heard before about this risks? Have you ever been a victim of intrusion through wifi? Do you have a secured wifi Internet connection?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Categories: Awareness, Cybercrime, Identity theft, Privacy, Scams Tags: , , , , , , , , , , , , ,