Top email hoaxes:
By Amy C. Fleitas - Bankrate.com
Ever wondered if anyone makes the money promised in those work-at-home advertisements? Or if each forwarded e-mail will really mean a donation of 10 cents from Microsoft to an orphan's organ-transplant operation? The answer is no. These stories are urban legends, e-mail rumors and scams. They are but a few of what we like to call financial fiction. The following are some of the most popular and most creative examples waiting in inboxes.
Neiman Marcus expensive cookie
recipe
Here's what happened. My Aunt Cynthia was having lunch at Neiman Marcus with my cousin. For
dessert, they had these delicious cookies and my aunt asked the waitress for the recipe.
The waitress said they the recipe sold for "two fifty." My Aunt thought that meant $2.50
said OK. But when she got her bill they charged her $250. She was furious but they wouldn't
refund her money. So in revenge, she's giving away the recipe to anyone who wants it.
Can you believe that? You can? Sucker. It never happened. But this rumor has been
circulating for decades. A similar story about a $25 red velvet cake recipe has been traced
as far back as the 1940s. If you want the cookie recipe, Neiman Marcus has gotten so sick
of the bad press about this false rumor that the company posted the recipe on its Web
site.
Forwarded e-mail for money or
donations
Microsoft and Disney are both beta-testing an e-mail tracker and will send you money if you
forward this e-mail. The Gap is testing an e-mail tracker and will send you a gift
certificate. The Red
Cross is using its e-mail tracker and will donate money for some poor kid's operation or to
raise funds for an orphan of Sept.
11.
If you believe any of these stories, I have some
bad news for you. There is no such thing as an e-mail tracker. Coke won't send you free
cans. Gerber won't send you savings bonds.
Cracker Barrel won't send you gift certificates. A Britney Spears' video won't pop up as
the result of you forwarding an e-mail. And AOL has a public relations department that gets
news out a lot more
efficiently than any chain mail ever could. You get nothing but the embarrassment of
knowing that everyone you forward this e-mail to will think you're a fool.
Nigerian scam letter
Greetings, sir. I got your e-mail address from a very confidential source (The Internet). I
am the prince, minister and Grand Poo-ba of one of many foreign nations that you stupid
Americans have never heard of. There is a billion, kazillion dollars in an account here
that rightfully belongs to my family and my people. Due to some horrid-bloody military coup
in which my entire family, several accountants and various goats lost their lives, I cannot
reach this money. But you, an American who has never heard of my country, can march right
into the corner branch of God-Forsaken-War-Torn-East-of-Nowhere-Africa and deposit this
money right into your fat American bank account. For your trouble, I'll give you a few
million off the top -- because what's a few million between confidential best friends who
have never actually even heard of one another?
OK, let's start from the top. Do not kid yourself. You are not so important that the High Priest of Anywhere will e-mail you requesting help. Rid yourself of your delusions of grandeur -- or as we say back home, you may sing "Like a Virgin" into your hairbrush every night, but that doesn't make you Madonna.
Here's what will happen when you give strangers your bank account information: They will take your money. Period. End of story. You get nothing, but you lose a lot.
Scam Alert! - Beware of New Online Scams
Business and Personal Safety in the Internet by Joe Gonzalez, Jr.
The IRS warns of a late-breaking Internet tax scam, just before the April 17 deadline. Are you at risk?
The Internal Revenue Service announced Friday that they had discovered a new late-breaking scam: bogus Web sites are masquerading as affiliates of the IRS’s Free File Alliance of 19 tax-software companies. The people who set up these scam sites take tax information from well-meaning taxpayers, change their bank account numbers to their own and then file the return through a legitimate Free File partner.
Solution: The only way to safely participate in the Free File program is by going directly to the official IRS site.
|
Charity Scams Hurricane Katrina/Wilma and Asia Earthquake/Tsunami Fraud: If you would like to contribute to the recent rash of natural disasters, please view list of established charities providing relief. We are providing this list as we fear that criminal-minded individuals will seize this opportunity to collect donations for their personal gain or direct only 1% of your donation and retain 99% for "administrative expenses" This is a trick among bogus charities. Be extremely cautious of email solicitations using established charities names and clicking on link provided. It will most likely redirect you to a fake "look-alike" website to steal your donation as well as your financial information or execute a malicious script to get "backdoor" access into your computer. Safety tip: When making a donation, go directly to charities website (search Google) or call by phone, DO NOT click on an email link. |
Phishing Scams
New and clever techniques are being used by hackers to get at your information and your computer. In the past we've alerted you to "phishing attacks", where hackers put up web pages imitating legitimate websites and then use email to trick people to visit these sites. The sites then attempt to collect personal information such as account numbers and username/password combinations. Industry analysts say there were more of these types of attacks in February 2004 than in all of last year. Some may appear to come from eBay, PayPal, CitiBank, Bank of America, Mortgage applications to be filled-out and so forth requesting user ID's and passwords. NONE of these institutions will request that type of information by email or by having you click on a "link" - That is the VERY FIRST thing that should make you suspicious. If our company needs to request any further information from you on a background screening search, we will do so in a validated and secure manner that for security reasons cannot detail here.
A new type of attack is a twist on the common virus attack but sent with a clever bit of "social engineering," which attempts to subvert your normal tendency to delete these unsolicited emails and instead open them. For example:
-
They purport to be from the same domain or company that your work for, i.e. we receive many "from" our own domain names.
-
They appear to be from government or well-known entities, like Microsoft, Amazon, Verisign, etc. One of this variety even claims that you have visited illegal sites, comes from a .gov domain and purports to have a list of these sites in an attachment.
-
They contain a link that appears to be to an internal web site that is in fact a link to a hidden attachment in the email.
-
They contain realistic messages that declare them virus-free 5. The attachments they contain are zipped and password protected, bypassing some of the major anti-virus programs.
And the biggest problem with these is they change constantly--the same
virus can send itself out in almost limitless ways.
The Solution:
- Realize that much of the unsolicited email prompting you to action (click on a link, log in, open an attachment) are either "phishing" attacks or viruses. It's best practice to ignore all of these emails if they are unsolicited and you are not expecting mail from the sender.
- We strongly suggest you set your antivirus and mail scan software to update itself every day.
- Most of the newer forms of viruses and Trojan horses also
automatically probe the Internet for vulnerable hosts, targeting
specific aspects of computers (ports) known to be vulnerable. Many also open a port on your computer to allow others to further compromise your machine. Windows Live OneCare, McAfee Security, Zone Alarm and other personal firewalls can significantly reduce your vulnerability to these automated attacks.
How can I decrease my chance of being a "phishing" victim? - Here are some safety tips:
-
Be suspicious of demanding messages. Messages threatening to terminate or suspend your account without your quick response should be treated as suspicious. A legitimate business should not request personal information from you over an unsecured Web site. When in doubt, call the business customer service number (available on your account statement) to confirm the status of your account. Do not use telephone numbers found on the suspected Web site or email.
-
Be cautious of downloads. Installing unknown software on your computer can put your personal information at risk and potentially harm your computer's hard drive. Make sure the software comes from a legitimate Web site, not an e-mail message. If you are not sure whether you should download a program, contact a customer service representative for more information.
-
Always type in the URL of the Web page you need. Phishing scams rely on embedded links that take you to fake Web sites. It is safer to type your intended Web address directly into your browser so you know you are visiting the legitimate site.
-
Protect your password. Do not write down sensitive personal information such as your login ID, password or Social Security number.
-
Keep your computer up-to-date. Industry best practices recommend that you install anti-virus and firewall programs to help keep your computer safe and that you keep updated with the latest security improvements of your software providers.
Channels
While the world-wide-web and email are the two most heavily used functions of the Internet
and thus the most widely abused to send viruses and cultivate chaos, other services are
also used to compromise vulnerable systems and steal important information.
Chat services, such as AOL's Instant Messaging, Microsoft's Messenger, IRC, ICQ and Yahoo!
Chat can be used to exchange files and send potentially malicious links. It is easy in chat
services to spoof the site that a web link appears to belong, sending you to a hacker's
website that looks like a legitimate company site. It is also simple to alter a character
or two of a chat username or handle, creating the ability to pose as someone else. For
example, changing the letter "O" to the number "0" (zero), making BOB = B0B
Files can be sent via chat sessions much the same way that files can be sent as attachments
in emails. These are usually automatically stored in locations on your computer's hard
drive known to hackers. With this knowledge, a hacker can potentially trick you into
running malicious programs with a disguised web address in an email, a chat window or a web
page. Be extremely cautious when exchanging files sent via chat sessions, and always
confirm the sender's identity.
Sasser Worm
In a May 11, 2004, a USA Today newspaper article said that much of the reason the Sasser
worm spread through the Internet, disabling company networks so quickly and effectively,
was due to poor VPN and mobile computer policies. The article went on to say that more and
more networks are at risk because the strong security policies enforced within an office
are often not carried over to road warriors, people working from home and remote offices.
Unsuspecting travelers might connect at vulnerable facilities such as coffee shops or allow
unsuspecting family members to compromise a laptop due to ignorance?
Part of the solution is to have provisions in place that can potentially identify a compromised or infected computer reconnecting to the network. Each returning company laptop should be treated as if it had contracted a virus or other malady while away, effectively quarantining it prior to allowing it full access.
Virus Tricks!!! - A new method of tricking users into installing
malicious mobile code is to imbed an executable file within an email message and then
provide what appears to be a web page address in the body of the email, but is instead a
disguised pointer to the file within the email message. The body of these emails is in this
format:
*************** If the message will not displayed automatically, follow the link to read
the delivered message. Received message is available at:
www[dot]yourdomain[dot]com/inbox/compliance/read.php?sessionid-1500
***************
If you scroll your mouse over the link of an actual virus email in Microsoft Outlook, you
would notice the real web site address displayed in the lower status window, and it would
begin with something similar to outbind://{a really long number].
Clicking on the link would effectively run the virus program or
prompt you to run/save it. No computer connected to the Internet should be considered even
nominally safe without up-to-date versions of anti-virus software, a personal firewall and
a completely patched operating system. Identification theft is turning more and more to the
easily and anonymously accessible vulnerable systems on the Internet. Vulnerable computers
are often used as jumping-off points which make perpetrators of crimes extremely difficult
to track and identify.
More scams to be wary of...
Work at Home Scams
Old scam, new format. You should immediately run from anyone who promises lots of money for little work that requires no experience. While there are companies that allow their employees to work from home, they require job skills and interviews, just like regular jobs. Work-at-home scams will ask you to purchase supplies and equipment from them to perform the "job." That's how they make their money. You will lose -- not make -- money.You Won and You Didn't Even Enter! Scam
How can you take anything seriously that uses so many exclamation marks?!!!!! Guess what!!!!! You didn't win anything!!!! These people will try to finagle money out of you by saying you need to pay taxes or fees to collect your prize!!!!! Or they will give you a free trip that requires you to buy very expensive airline tickets through their agency!!!! Don't be a sucker!!!!!You'll receive $5,000 for sending $25 Scam
Here's how it works. Send $5 to the five people on the list or to the address that will send you the "reports." In return for your money you'll get -- nothing -- because this is a scam. Well, maybe you'll get something -- a conviction for mail fraud because this is illegal.
Tricking the Traffic Court
The Web-watching site Truthorfiction.com reports that a rumor is currently circling e-mails accounts claiming that there's a sneaky way to keep a traffic ticket off your driving record: pay a little more than the amount on the ticket. The court will send you a refund check. If you don't cash the check, the computer won't mark your case as closed and the ticket will never show up on your record. This idea is great in theory, lousy in reality. It doesn't work. Here's a way to keep tickets off your record that does work: Slow Down.
Tax or long distance phone charges on email
You got a forwarded e-mail from your friend that says you will soon be charged for your long-distance e-mails, just like you are charged for long-distance phone calls. Oh, really? And what will the phone company use to compute your bill -- its e-mail tracker? Calm down. No one is going to charge you long distance for your e-mails. This is an e-mail myth.
Clinton got rid of the IRS. No more taxes.
That sneaky Bill Clinton -- did you know that when he wasn't gallivanting
about with interns he was busy getting Congress to
pass secret legislation that would forgive all debts and abolish the Internal Revenue
Service? Alan Greenspan was going to announce it on Sept. 11, 2001 but didn't because of
the terrorist attacks. Oh, wishful thinking -- or maybe not. A move like that is the
equivalent of tossing what's left of our economy into a vast financial toilet and flushing
with the combined might of the National Football League. In the plausible department, this
rumor, reported by Truthorfiction.com, is right up there with alien cattle mutilations and
Cameron Diaz spending a Friday night alone at home, eating Ben & Jerry's because she
couldn't get a date--completely ridiculous.
Of Special Interest
Ever seen anyone "twitching" or making weird body gestures repeatedly? - Learn about "Tourette Syndrome" (a rare OCD neurological disease) before passing any judgment. It does not hurt to know and understand those around us.Surf The Web Safely.
Sincerely.
Background Checks Systems, Inc.
Online Credit Card Transactions Safety
Most of the online credit card fraud happens when someone fraudulently obtains your card number and expiration date from a malicious employee of any establishment where you used it. From there on they simply look up your home address on any Online White Pages Phone Directory assuming you receive credit card billing statements at home. You are even more of a target if you have a unique name combination which makes it easier for them to zero-in on. When they attempt a fraudulent Online transaction - card number, expiration date and billing address and zip code will match and transaction will go through.
Who gets hurt:
The Online Merchant. Credit card issuing companies will debit the amount from online
merchant's bank account once they determine it to be of fraudulent nature plus Online
Merchant takes a loss on internal costs be it inventory or information technology
researcher's costs. In addition, Online Merchant will get hit with chargeback penalty fees
ranging anywhere from $25.00 to a $100.00 per individual fraudulent transaction and if too
many of those happen within an specific time period, they will lose their ability to accept
credit card payments from ALL credit card processors and be put OUT-OF-BUSINESS!
Cardholder Scenario - Picture this scenario: You are on a vacation far from home or
overseas or simply dining out with a potential client or date, perpetrator has been making
fraudulent purchases in your credit card, you now go to pay and not only is card declined,
but a "card pick-up" is issued. Aside from the embarrassment and having to prove your
identity to law enforcement called in by now - what if you do not have any other method of
payment on you or you are too far away from home on a vacation with your family?
The Solution:
- Have all of your financial and banking correspondence mailed
to a US Postal Service Box or a Private Mail service such as Mailboxes, etc. in order to
deter an address and zip code match on your credit card transactions.
You may have to get that address validated first by credit card issuing banks after explaining your security concerns for doing so. - CVV2 or CID codes (last 3 or 4 digits at extreme right of signature strip in back of card) also work very well in further validating that credit card is physically in your possession.
- Do Not sign signature strip on back of card, simply print "ask for ID", so thieves will have to go one step further to produce a photo identification.
- Have a separate credit card ONLY for online transactions or better yet, some credit card issuers will now provide you with a "temporary" credit card number for an specific time period to be used for online purchases.
Cant' find what you are looking for? Try our Google site search tool located in our Sitemap
Copyright 2007 Background Checks Systems, Inc. All Rights Reserved