Thursday, July 9, 2009

UPDATE: New E-Scams & Warnings

FRAUDSTERS CONTINUE TO EXPLOIT TELECOMMUNICATIONS RELAY SERVICES (TRS)

07/08/09—The IC3 continues to receive complaints pertaining to scam artists using Telecommunications Relay Services (TRS) to defraud U.S. businesses and consumers. Under Title IV of the Americans with Disabilities Act, all telephone companies must provide TRS for individuals with hearing impairments or speech impairments.

This IC3 alert is to make the public aware of the continuing abuse of TRS to exploit U.S. businesses. Recent reports indicate scam artists are using TRS to exploit auto repair shops. The scam entails the fraudster using TRS to request services for a vehicle. The fraudster claims the vehicle has to be shipped to the auto repair business and requests the repairs and shipping fees be charged to a credit card. Unbeknownst to the business, the credit card is fraudulent or stolen; however, the charges initially go through without any complications. The business is then directed to wire the money to the shipper to cover the shipping costs. It is not until the shipper’s money is wired that the business is notified of the fraudulent credit card; therefore, the business bears the loss.

ASIAN EXTORTION SCHEME

06/10/09—The FBI is currently aware of a nationwide attempt to extort ethnic business owners, mostly of Asian decent, through telephonic threats of violence. The telephone calls appear to be originating from foreign countries. The caller acquires an adequate amount of open source information about the victim through Internet searches. This misleads the victim into believing the subject has personal knowledge about the victim. There have been no reported incidents of violence actually perpetrated to date.

SCHEME PURPORTEDLY ANNOUNCING A MILLIONAIRE CONTEST

04/07/09—The IC3 has been alerted to the circulation of a fraudulent e-mail, purportedly from The Oprah Winfrey Show, notifying recipients of their nomination for the “Oprah Millionaire Contest Show.” To participate, recipients are requested to mail their contact information such as full name, address, telephone number, and e-mail address; however, no mailing address was provided. Verified contestants are then required to purchase airfare and a ticket to attend The Oprah Winfrey Show, as well as complete a forthcoming contest form containing personal questions. The contestants are then promised a seat for The Oprah Winfrey Show in April and asked to provide their responses to the personal questions for a chance to win a million dollars.

Consumers always need to be alert to unsolicited e-mails. Do not open unsolicited e-mails or click on any embedded links, as they may contain viruses or malware. Providing your personally identifiable information will compromise your identity!

FAKE MILITARY TWIST ON VEHICLE SALE SCAMS

03/05/09—The FBI continues to receive reports of individuals victimized while attempting to purchase vehicles via the Internet. Victims find attractively priced vehicles advertised at different Internet classified ad sites. Most of the scams include some type of third-party vehicle protection program to ensure a safe transaction. After receiving convincing e-mails from the phony vehicle protection program, the victims are directed to send either the full payment, or a percentage of the payment, to the third-party agent via a wire payment service. No vehicles are delivered to the victims.

In a new twist, scammers are posing as members of the United States military. The fictitious military personnel in the scam have either been sent to a foreign country to improve military relations, or they need to sell a vehicle quickly and cheaply because of their upcoming deployment to either Iraq or Afghanistan.

Consumers are advised to do as much due diligence as possible before engaging in transactions to purchase vehicles advertised online. Consumers are also cautioned to be aware of the rules of or warnings posted by the Internet sites they visit. If someone is asking you as a consumer to break or avoid the rules of the website, it is possible that person is trying to scam you.

WORK-AT-HOME SCAMS

02/04/09—Consumers need to be vigilant when seeking employment online. The IC3 continues to receive numerous complaints from individuals who have fallen victim to work-at-home scams.

Victims are often hired to “process payments,” “transfer funds,” or “reship products.” These job scams involve the victims receiving and cashing fraudulent checks, transferring illegally obtained funds for the criminals, or receiving stolen merchandise and shipping it to the criminals.

Other victims sign up to be a “mystery shopper,” receiving fraudulent checks with instructions to cash the checks and wire the funds to “test” a company’s services. Victims are told they will be compensated with a portion of the merchandise or funds.

Work-at-home schemes attract otherwise innocent individuals, causing them to become part of criminal schemes without realizing they are engaging in illegal behavior.

Job scams often provide criminals the opportunity to commit identity theft when victims provide their personal information, sometimes even bank account information, to their potential “employer.” The criminal/employer can then use the victim’s information to open credit cards, post on-line auctions, register websites, etc., in the victim’s name to commit additional crimes.

NEW TECHNIQUE UTILIZING PRIVATE BRANCH EXCHANGE (PBX) SYSTEMS TO CONDUCT VISHING ATTACKS

12/09/08—The FBI has received information concerning a new technique used to conduct vishing (1) attacks. The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBX (2) systems with Voice over Internet Protocol (VoIP) digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability. The vulnerability can be exploited by cyber criminals to use the system as an auto dialer, generating thousands of vishing telephone calls to consumers within one hour.

The vulnerability referred to in this alert is a known vulnerability. Digium, the original creator and primary developer of Asterisk, released a Security Advisory, AST-2008-003, in March of 2008, which contains the information necessary for users to configure a system, patch the software, or upgrade the software to protect against this vulnerability.

If a consumer falls victim to this exploit, their personally identifiable information (PII) will be compromised. To prevent further loss of consumers’ PII and to reduce the spread of this new technique, it is imperative that businesses using Asterisk upgrade their software to a version that has had the vulnerability fixed.

Further, consumers should not release personal information in response to unsolicited telephone calls. Providing your PII will compromise your identity!

(1) Vishing utilizes caller ID spoofing via VoIP to contact potential victims in order to gain access to their PII by convincing the victim that the criminal is associated with a legitimate business with a need to know the victim’s PII.

(2) PBX Systems are used by companies to allow telephone calls between VoIP enterprise users on local lines while allowing all users to share a limited number of external lines

HIT MAN E-MAIL SCAM RETURNS

08/28/08—The IC3 continues to receive thousands of reports concerning the hit man e-mail scheme. The e-mail content has evolved since late 2006; however, the messages remain similar in nature, claiming the sender has been hired to kill the recipient.

Two new versions of the scheme began appearing in July 2008. One instructed the recipient to contact a telephone number contained in the e-mail and the other claimed the recipient or a “loved one” was going to be kidnapped unless a ransom was paid. Recipients of the kidnapping threat were told to respond via e-mail within 48 hours. The sender was to provide the location of the wire transfer five minutes before the deadline and was threatened with bodily harm if the ransom was not received within 30 minutes of the time frame given. The recipients’ personally identifiable information (PII) was included in the e-mail to promote the appearance that the sender actually knew the recipient and their location.

Perpetrators of Internet crimes often use fictitious names, addresses, telephone numbers, and threats or warnings regarding the failure to comply to further their schemes.

In some instances, the use of names, titles, addresses, and telephone numbers of government officials and business executives, and/or the victims’ PII are used in an attempt to make the fraud appear more authentic.

Below are links for the two previous public service announcements published by the IC3 concerning the hit man scheme:

Consumers always need to be alert to unsolicited e-mails. Do not open unsolicited e-mails or click on any embedded links, as they may contain viruses or malware. Providing your PII will compromise your identity!

STORM WORM VIRUS

07/30/08—Be on the lookout for spam e-mail spreading malicious software (malware) which mentions “F.B.I. vs. facebook.” The e-mail directs the recipient to click on a link to view an article about the FBI and Facebook. Once the user clicks on the link, the “Storm Worm”malware is downloaded to the Internet-connected device, causing it to become infected with the virus and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays and fictitious world events in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

TIPS ON AVOIDING FRAUDULENT CHARITABLE CONTRIBUTION SCHEMES

07/08/08—Since late May and early June 2008, there have been several natural disasters throughout the country—including tornadoes, wildfires, and floods—that have devastated lives and property. In the wake of these events, which cause emotional distress and great financial loss to numerous victims, individuals across the nation often feel a desire to help, frequently through monetary donations.

Tragic incidents such as 9/11, Hurricanes Katrina and Rita, and the recent earthquake in China have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:

  • Do not respond to unsolicited (spam) e-mail.
  • Be skeptical of individuals representing themselves as officials soliciting via e-mail for donations.
  • Do not click on links contained within an unsolicited e-mail.
  • Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
  • To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf.
  • Validate the legitimacy of the organization by directly accessing the recognized charity or aid organization's website rather than following an alleged link to the site.
  • Attempt to verify the legitimacy of the non-profit status of the organization by using various Internet-based resources, which also may assist in confirming the actual existence of the organization.
  • Do not provide personal or financial information to anyone who solicits contributions: providing such information may compromise your identity and make you vulnerable to identity theft.

    PHISHING RELATED TO ISSUANCE OF ECONOMIC STIMULUS CHECKS

    05/08/08—The FBI warns consumers of recently reported spam e-mail purportedly from the Internal Revenue Service (IRS) which is actually an attempt to steal consumer information. The e-mail advises the recipient that direct deposit is the fastest and easiest way to receive their economic stimulus tax rebate. The message contains a hyperlink to a fraudulent form which requests the recipient's personally identifiable information, including bank account information. To convince consumers to reply, the e-mail warns that a failure to complete the form in a timely manner will delay the issuance of the rebate check.

    One example of this IRS spam e-mail message is as follows:

    "Over 130 million Americans will receive refunds as part of President Bush's program to jumpstart the economy.

    Our records indicate that you are qualified to receive the 2008 Economic Stimulus Refund.

    The fastest and easiest way to receive your refund is by direct deposit to your checking/savings account.

    Please follow the link and fill out the form and submit before May 10th, 2008 to ensure that your refund will be processed as soon as possible.

    Submitting your form on May 10th, 2008 or later means that your refund will be delayed due to the volume of requests we anticipate for the Economic Stimulus Refund.

    To access Economic Stimulus refund, please click here."

    Consumers are advised that the IRS does not initiate taxpayer communications via e-mail. In addition, the IRS does not request detailed personal information via e-mail or ask taxpayers for the PIN numbers, passwords, or similar secret access information for their credit card, bank, or other financial accounts.

    Please be cautious of unsolicited e-mails. It is recommended not to open e-mails from unknown senders because they often contain viruses or other malicious software. It is also recommended to avoid clicking links in e-mails received from unknown senders as this is a popular method of directing victims to phishing websites.

    VISHING ATTACKS INCREASE

    01/17/08—Are you one of many who have received an e-mail, text message, or telephone call, supposedly from your credit card/debit card company directing you to contact a telephone number to re-activate your card due to a security issue? The IC3 has received multiple reports of different variations of this scheme known as "vishing". These attacks against US financial institutions and consumers continue to rise at an alarming rate.

    Vishing operates like phishing by persuading consumers to divulge their Personally Identifiable Information (PII), claiming their account was suspended, deactivated, or terminated. Recipients are directed to contact their bank via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with "Welcome to the bank of ……" and then requested to enter their card number in order to resolve a pending security issue.

    For authenticity, some fraudulent e-mails claim the bank would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."

    Please beware—spam e-mails may actually contain malicious code (malware) which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.

    A new version recently reported involves the sending of text messages to cell phones claiming the recipient's on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided.

    Due to rapidly evolving criminal methodologies, it is impossible to include every scenario. Therefore, be cognizant and protect your PII. Beware of e-mails, telephone calls, or text messages requesting your PII.

    If you have a question concerning your account or credit/debit card, you should contact your bank using a telephone number obtained independently, such as from your statement, a telephone book, or other independent means.

    Source: www.fbi.gov.


No comments:

Post a Comment