Posts tagged ‘fraud’

For the past year or so, we’ve seen a significant uptick in attempted scams and frauds around every holiday. Many of them trace back to the Storm Warn gang, a crime ring based out of Germany that sells hacker software. Their last big attack was at the Fourth of July and tricked many thousands of users into downloading the ‘storm-bot’ trojan by offering a fake video clip of “the largest fireworks” celebration in the nation. Victims found their computer hijacked as part of a bot-net or had keystroke loggers and other malicious software loaded onto their computer.

If past patterns hold true, we can expect to see a dramatic rise in the volume of spam and phishing attempts during this holiday season. Some of their cons last holiday season included dedicated sites like the Merrychristmasdude.com website (a site offering suggestive holiday-themed photos along with a very malicious download) and spam emails such as the Happy New Year phishes. This group develops very sophisticated software with hundreds of variants that attempt to evade and outrun standard anti-virus software.

To combat these scams, first be suspicious. Never open unexpected messages or attachments.

Second, keep your anti-virus up to date at all times. Set your anti-virus to automatically update itself as often as the software allows. And if you’re particularly suspicious about an email or website, force a manual update before clicking the link. Remember that if your kids have a computer at home that runs under parental controls, their computer may not be able to complete the update under the restricted ID. Their computer may be at risk until you log on under your parental ID so the updates can take hold.

Finally, keep your firewall turned on and be very suspicious of any ‘free’ video or other offer sent through the internet. In particular, be cautious about electronic greeting cards. While some are legit, many are frauds. See this tip for some thoughts on how to sort out e-card invitations.

The Ohio Department of Insurance has confirmed an on-going scam targeting insurance policyholders. According to the ODI, the scam is currently targeted primarily at auto policies. In this scam, the caller alleges that “there was a problem with your insurance payment” and asks for confidential information such as bank account numbers, birthdates, SSNs, etc. The call often includes a threat that “your coverage will lapse” if the customer does not comply.

You can read the full ODI press release at ohioinsurance.gov.

Insurance companies do sometimes ask for confidential information such as SSNs and birthdates in the normal course of business. However, it would be highly unusual for the insurance carrier to contact the customer directly or to do so other than in writing. If you receive a call that strikes you as suspicious, hang up and call the number printed on your last policy statement. If the call was legitimate, the customer service representative will be able to look up your account and confirm it.

Be very cautious about handing out your personal information to anyone you do not know well. Ohio customers who have already received one of these fraudulent calls, are asked to report it to the ODI at 1-800-686-1527.

Lastly, if you believe that you may have given up your confidential information to a fraudulent caller, you should check your credit report and consider putting a fraud alert on your account. For more on how to check your credit report, you can follow this link to the archive of tips on this topic.

I still remember the first time someone sent me an electronic greeting card. It was kind of hokey but it really brightened up my day. Sending one back was convenient, fun and best of all, free. Unfortunately, someone has recently launched an aggressive campaign that combines the worst aspects of spam and malicious software and is exploiting the popularity of e-cards. The hacker is using pre-packaged software to spam millions of messages across the internet that read with some variation of "You have received an ecard from" a school mate, a colleague or a family member.

If you open the message, you’ll see a standard text-only message describing the e-card and offering you a link to a website where you can download your e-card. The messages claim to be from any of several legitimate ecard websites but in the versions that I’ve seen, the link is a raw IP address (such as http://12.345.67.89), not a domain name (www.example.com). Other versions may get more sophisticated and cover the IP address with a fraudulent domain. The IP addresses trace back to hundreds of different owners. My suspicion is that these are individual machines which have been hijacked as part of someone’s botnet.

Opening the email won’t do anything immediately bad to your computer (other than waste your time) but following one of the links is another story. Do not under any circumstances follow these links. Merely opening the page will trigger the download of a particularly nasty computer trojan horse which will then attempt to download even more malicious software onto your machine.

If your anti-virus program is up-to-date and running, it should catch and stop this trojan. However, if you get any kind of alert or think that you might have triggered one of these downloaders, you should run a full virus scan on your system. Call your IT department for instructions. Never open a message from an unrecognized sender and never open an attachment or follow a link in a message that you were not expecting.

Note: If you think the email card might be legitimate, you can check by opening a browser and typing the address of the greeting card company (for example, www.hallmark.com or www.bluemountain.com) and follow the instructions on the site to ‘pick up an e-card’. This will usually involve entering the email address of the sender and a confirmation number from the email. If the message was legit, it will show up on the website. As long as you type in the address yourself (rather than following a possibly faked link) and you’re going to a major company that you trust, it should be safe to check.