Don’t let website spoofing ruin your holiday shopping

Thanksgiving is just a few days away.  While for many of us, the perfect way to wrap up that big meal is a long nap, there are just as many people who will jump on their computers and officially kick off the Christmas shopping marathon.

Things have certainly changed a lot in the past 30 years.  No longer do we bundle up and race to the shopping malls to jump on those One Day Only Black Friday doorbusters.  Now we can sit at our desks in our pajamas with a hot cup of coffee for several days scooping up deals on our Christmas shopping lists.

The internet has definitely changed the game of how most of us handle the holiday season.  But with the convenience of online Christmas shopping comes the pitfalls.  It is without a doubt the most lucrative time of year for scammers.

Scammers have always been hyperactive during the holiday season.  But with so many of us using the internet to do our shopping, taking advantage of unsuspecting shoppers has never been easier.  Anyone with a little web design talent can use a basic trap to scam thousands of dollars from those unable to tell the real from the fake.

What we’re talking about is called website spoofing.  It’s the practice of creating a dummy website—one that looks incredibly like a trusted and popular retail site—and using it to collect credit card and other personal information.

There are a number of ways you might encounter a spoofed website.  More often than not, it’ll be linked to you through a bogus email saying it’s from your bank, offering you a deal or prize from a reputable retailer, or pretending it’s a receipt, invoice, or some other critical communication from a trusted online portal.  However, you can run into a spoofed website simply by mistyping a real URL or finding it through a simple Google search.

Scammers go to great lengths to impersonate the website you’re actually looking for.  Everything from the logos, arrangement of elements on the page, font type and size, color scheme, and catchphrases will be as close to the real thing as possible.  On first glance, a good spoofed website will be almost indistinguishable from the legitimate site.

But there are almost always warning signs on the page if you know where to look:

website-spoofing

Amazon is a heavy-hitter in the Christmas shopping world.  Even outside of the holidays, many of us use Amazon to do our day-to-day shopping.  We wouldn’t think twice about receiving emails from the retail giant.

But take a look at that URL.  Amazonn.com?  That’s not correct.  This is a scammer hoping you won’t notice that you’re on a completely different web address.

spoof3

Here’s the login to Paypal, a secure payment service that many people use while making online purchases.

Except, not so fast.  This is another spoofed site.  In this example, many of the tabs and hyperlinks are nonfunctional.  There is also nothing indicating that the page is secure and protected—just a phony lock symbol on the page itself.

Telling the real from the fake is challenging, but it’s not impossible.  It just takes a few minutes of investigation and verification before you click links and enter your information.

Always verify that the URL is absolutely correct.  Hover over hyperlinks to display the URL to which the link leads and verify that these are safe pages.  Look for broken links, nonfunctioning links, and blatant errors.  Be sure the URL begins with “https.”

And in the case of the fake promotional emails that lead you to these sites, the old adage stands: if it seems too good to be true, it probably is.

Study reveals the sad, shocking truth about the true culprits behind senior financial abuse

This is Agent XXX from the Social Security Administration.  Your Social Security number has been linked to criminal activities…

I am XXX, a daughter to XXX of Libya.  I will offer you 20% of the total sum of $4.2 million for your assistance…

I’m from Medicare.  We’re sending out new Medicare cards and I need to confirm your billing information to keep your coverage active…

By now we are all sadly aware of the numerous tactics used by fraudsters to drain seniors’ life savings.  The situation is so bad, anyone with a cell phone is probably accustomed to receiving a handful of these phishing calls every week—and that’s to speak nothing of emails, texts, and mail attempts.

When we think about senior financial abuse, these tend to be the kinds of tactics that first come to mind: the stranger cold calls and the robot voicemails we encounter every day.

The reality of senior financial abuse, however, is far more vicious than any Nigerian prince or phony Social Security Administration employee.  As with many forms of abuse and exploitation, the stranger in the back alley is rarely the real predator.

A recent study by the Journal of Applied Gerontology analyzed the characteristics of 1,939 calls coming into the National Center on Elder Abuse resource line.   Among the shared characteristics of these reports was the source of the abuse.  Not a stranger or an unknown conman, but a known and trusted family member.

The study identified 309 calls (about 46.8% of the total calls studied) that accused a family member of senior abuse.  If this sample size is truly indicative of the whole, it suggests siblings, children, nieces, nephews, and grandchildren are the most likely to exploit seniors.

And it’s not limited to strictly financial abuse.  Across all types of offenses (physical abuse, sexual abuse, and neglect), family members were always the most reported perpetrators.

It’s heartbreaking to think your own flesh and blood—someone totally trusted—would be the most likely to hurt you.  But as shocking as that seems, it’s not at all uncommon.

In fact, it’s true for all age groups and demographics: those closest to you will always be the most likely to take advantage of you.  Family members are the most intimately aware of a victim’s finances, belongings, lifestyle, and emotional state.  They have the victim’s trust and a level of access to a victim’s home and personal information a stranger would have to work to have.  

For scammers, there really is no better victim than a parent or grandparent.  Most people would never suspect a child or grandchild of something so hideous. And even if they did, who would ever want to contact the police and report a beloved family member?  Would you be able to put your child in jail?

Family member senior exploitation is rampant, but the last thing any senior should do is be scared of their families.  Though it’s estimated as much as 90% of elder abuse cases involve a family member, only one in 10 seniors will experience elder abuse. Most families will be the important and supportive social network seniors can depend on.

Nevertheless, these numbers are concerning enough that seniors need to be aware of how to protect themselves in the event of the unthinkable.

The Justice Department declares war on elder fraud in largest nationwide sweep ever

In 2018, the United States Justice Department launched a nationwide campaign against senior fraudsters–the largest such sweep in history.  Over 200 senior scammers–responsible for victimizing over a million Americans–have been identified and brought to justice.  Through their financial schemes alone, victims lost over half a billion dollars.

This year, the Justice Department’s sweeps were even more successful than last.  Over 260 defendants were charged with allegedly defrauding over two million Americans for over three quarters of a billion dollars.

Among other types of scams, the sweep focused specifically on identifying tech support scammers, consistently one of the most damaging scams targeting seniors.

In order to crack down on senior scammers, the Justice Department is a multi-prong attack, working with overseas governments to stop bogus foreign call centers, catching and stopping international “money mules,” and coordinating with the United States Postal Service to intercept payments sent to scammers.

In a press conference led by United States Attorney General William Barr, the Justice Department presents the results of their senior scam crack-down and explains how the government is fighting back against senior scammers.

Equifax breach settlement: check here to see if you’re eligible to file a claim

You probably recall Equifax’s massive scale data breach in 2017.  As many as 147 million Americans’ personal information, including their Social Security numbers, were exposed to cyber criminals and potential identity theft.

Following the breach, Equifax failed to alert consumers their data was vulnerable.  Breach victims had no idea their information was exposed for several months, so they didn’t know to take protective measures to prevent identity theft.

Two years later, the Federal Trade Commission has ordered Equifax to pay as much as a $700 million settlement to those affected by the data breach.

With 147 million Americans affected, YOU have most likely had your personal information exposed in the breach.

By visiting the official Equifax settlement claims website, you can check to confirm that you are one of those affected by the breach and quickly file a claim to be included in the settlement.

We suggest that if you’re affected, you file a claim right away and keep a close eye on your credit report for any suspicious activity in the future.

Old scam, new packaging: genetic testing scam offers free medical screening in exchange for your identity

Say what you will, but identity thieves are nothing if not creative.

But behind their ever-evolving scare tactics and too-good-to-be-true giveaways and opportunities hides the exact same scam: convince the victim to hand over their Social Security number and banking information.

The newest iteration of this con is making headlines across the country.  It’s occurring both by phone and in person, with scammers even having the audacity to make their pitches in local seniors centers.

It’s being called the “genetic testing” or “DNA testing” scam. Similar to the medical equipment offers we discussed last year, the genetic testing scam promises seniors Medicare-covered genetic screening to identify serious health risks.  

All you’d have to do is use their 100% free at-home DNA swab kit, package it up, and send it back to the agency along with your Medicare information, your personal information, your Social Security number, and your bank information.

…See where this is going?

The truth is this is nothing but fresh paint on a falling down house.  Preying on seniors and their health concerns, genetic testing scammers dangle the hope of preventing life-threatening illness over their victims’ heads with no intention of doing anything but stealing their identities.

This scam is springing up nationwide.  Seniors report both being contacted by phone and encountering these creeps collecting information in places seniors spend time. 

If you should also run into someone making a “free” genetic testing pitch to Medicare recipients, just follow these simple rules to avoid becoming their next victim:

  • As with all medication, medical equipment, and medical testing offers, you should only be discussing these things with your doctor.  Should you need anything of a medical nature, your trusted physician will be the one to order it or point you in the right direction.  Don’t trust anyone making you any medical offers that you or your doctor haven’t solicited.
  • DO NOT give ANYONE your Social Security number, banking information, or personal information except those that absolutely need it.  Especially if it is solicited by phone or by an unknown person or organization.
  • Protect those around you by reporting these calls and solicitations to the appropriate agency

If you receive one of these calls or are encountered by someone pitching a free genetic test to you, do not engage them.  These people are charismatic and extremely convincing.  Any attempt to argue or confront them could open a door for them to ensnare you in their scam.   Hang up the phone or walk away.  It’s not rude.  It’s not wrong.  You don’t owe any type of courtesy or conversation to someone trying to take advantage of you. 

Half of all calls to U.S. cell phones predicted to be spam in 2019

A few months ago, some team members at The Seniors Center attended a workshop inviting seniors to speak directly to Congressmen and representatives from several agencies specializing in seniors issues.

Although the workshop generally focused on federal economic policy, when opened for question-and-answer time, a large percentage of attendees’ questions had little to do with economic legislation.

Instead, they were about robocalls—specifically, what is the government planning on doing to stop the constant spam and scam calls seniors receive each day?

While Americans of all ages can attest to the frustrating increase of spam calling in the past few years, it is clear after listening to seniors themselves this is a major concern for older Americans in particular.  This is unsurprising given phone scammers often target vulnerable seniors, using tried-and-true techniques specifically designed to part retirees from their cash.  Seniors are often disproportionately affected by phone scams.

What attendees wanted to know is why the problem seems to be getting worse rather than better.   And why isn’t the federal government able (or willing) to do anything about a problem affecting every single American with a cell phone.

Data from First Union confirms the problem is indeed worsening.  They project by the end of this year, nearly half of all calls made to U.S. cell phones will be spam calls.

What we learned that day from the experts themselves is stopping the onslaught of bogus calls is much more complicated than it may seem.  Call “spoofing” combined with the fact that most of these calls originate internationally makes regulating these calls almost impossible.

While cell providers are doing what they can to identify and intercept these calls where they can, it seems for now, it’s up to cell users themselves to protect themselves.

The best thing seniors can do to defend themselves from scam callers is not give scammers the opportunity in the first place: never pick up or answer unknown calls—even if they come from a local area code.

Just picking up and answering one of these calls—even if you don’t give away any of your information—is enough to confirm to a scammer or robocaller that your number is valid and a human will pick up the phone.  This can result in a huge uptick in spam calls.

Allow unknown callers to go to voicemail.  Friends, family, and legitimate business callers will have no problem leaving a message should they really need to get in touch.

And under no circumstances give any unknown caller any of your personal information.  If you are unsure if a caller is legitimate or not, hang up and try to locate their place of business online.  If you can locate a contact number for the caller’s business online, call back using that number and ask if a representative there has called or needs to get in touch with you.

Senior scams contributing to suicide among older adults

According to the Centers for Disease Control, suicide rates among the elderly have increased by over 30% since 1999.

Some of the biggest increases in suicide rates have occurred in the Midwest and Northeast, in states like Kansas, the Dakotas, Minnesota, Vermont and New Hampshire.

While the CDC states there is no definitive cause for these increases, they have identified a pattern of stressors and life events that contribute heavily to many of these cases. Several of these stressors have to do with economic and housing instability, immediate crises, legal trouble, relationship problems, and health challenges.

These are problems that impact everyone, but the implications for seniors are often far greater than with other age groups.  Seniors are extremely vulnerable in all of these areas, and in many cases, they are far less likely to bounce back from a major emotional or financial blow.

These are exactly the types of blows scammers are delivering to seniors each and every day.

The same anxieties the CDC identifies as major factors in the growing amount of self-harm and suicide cases in the United States are the tools scammers use to hook and completely destroy their victims.

They create relationship stress with dating scams.  They create fake family crises with grandparent scams.  They threaten legal action with IRS tax scams.  They promise miracle cures and treatments through medical scams.  And ultimately, they drain the savings of the financially vulnerable and create very real economic hardship for people who do not have the means to replace what was lost.

In the end, the fear, anxiety, and guilt victims feel when they realize what has happened is sometimes too much to bear.  In some cases, the victims of senior scams are being driven to death.

The consequences of senior financial scams in reality are far more serious than stolen savings. When many seniors live in social isolation, struggle with illness and depression, and largely blame themselves for the actions of predators, we’re talking about a problem that is truly life-threatening.

And the problem is far from uniquely American.  Seniors all over the world are falling prey to scam calls and wire transfer scams.  In Japan, several seniors have killed themselves after being victimized by a scammer.

It is important to remember, both as a potential victim or someone who may one day witness someone get taken in by a scammer, that it is NEVER a victim’s fault when someone lies and steals from them. The ONLY one who has to answer for exploitation is the exploiter.

It is not your fault.

While reporting and regaining what was stolen may seem paramount, your first and immediate priority should always be assuring the health of the affected.  Senior scams leave victims feeling embarrassed, alone, unsafe, unstable, and guilty.

If you or someone you love is taken advantage of by a senior scammer, please consider counseling, visiting a primary care physician, or locating a senior support group in your area. Get to know the warning signs of suicide and depression, and take immediate treatment action if you recognize them.

If you are in immediate distress and need emotional support, please call the National Suicide Prevention Lifeline at 1-800-273-TALK(8255) or visit https://suicidepreventionlifeline.org to chat with trained staff who CAN help you.

Common tech support scams exploit users’ inexperience to gain access to their devices and their credit cards

Imagine you’re surfing the web looking for an entertaining video to watch while you’re waiting for the kettle to whistle or a phone call or maybe to flip your laundry over to the dryer.

You pull up your browser and type in YouTube’s URL.

Suddenly, instead of the homepage you’re expecting, your browser loads a bright blue screen that says “your computer is infected—call Microsoft tech support immediately at this toll-free number.”  It may even say that if you don’t call within a certain amount of time, your hard drive will be destroyed.  Maybe there’s a pop-up window directing you to contact tech support complete with the Windows and Microsoft logos.

This is the gateway to a classic tech support scam.  And it starts as soon as you dial the number listed on your warning screen.

But for as threatening as that warning is what you’re looking at is simply a web page like any other.

In panic, many users don’t think to look at the address bar to notice they’ve accidentally mistyped www.youtube.com, leading them to a page created to catch traffic from millions of users flocking to a popular site and typing the URL incorrectly.

Your computer isn’t infected.  You can navigate away from the page at any time.

But many users, fearing they could lose their (likely not-backed-up) data in the next five minutes, fall for the trap and call the number.

There are many different flavors of the tech support scam, but the goal is usually to get remote access to your computer, fabricate evidence of a critical issue, and eventually get you to hand over your credit card number in exchange for “fixing” the problem.

Here is a great walkthrough of how a typical tech support scam works (warning: this video contains some profanity):

If you’re lucky, the scammer will only charge your card for the value of the “protection plan” they discussed with you prior to payment.  If not, the scammer could charge your card for any amount, sell your card number to other scammers online, steal bank and personal information from your computer, or irreparably destroy your entire machine out of sheer maliciousness.

A particularly angering feature of this scam is how much it relies on a user’s unfamiliarity with their own systems to function.  The “evidence” the scammer presents to prove the need for purchasing his “tech support services” is pure nonsense—he’s merely walking the user through a series of normal command prompts and system processes a very casual computer user might not recognize, totally lying to the user about what they’re looking at to scare them.

Though seniors aren’t the only targets of this scam (more Millennials fall prey to tech support scams than any other age group), they do tend to lose far more money overall to tech support scammers.  For many, the financial damages are devastating.  One large loss like this can completely change a retiree’s life.

Stay skeptical about warning pop-ups and sites you may come across while surfing.  Always check the URL in the address bar to make sure you’ve navigated to the correct place, and always click the back button, try navigating to another page, or try closing and reopening your browser before you panic—just because your browser may say your computer is locked doesn’t mean it is.

Never call a random tech support number some web page or pop-up gave you unsolicited.  If you suspect your computer has been infected with malware, the best thing to do is call a reputable local professional.

To put yourself at ease, consider investing in a good antivirus program so you can regularly scan your computer yourself for any unwanted activity.

EMPLOYEES AT MICROSOFT, DELL, SYMANTEC, MCAFEE, HEWLETT-PACKARD, OR APPLE WILL NEVER CONTACT YOU TO ALERT YOU ABOUT COMPUTER PROBLEMS. Many of these tech scammers and their pages will try to tell you they’re from Microsoft or some other reputable software company.  They’re not. These companies do not keep track of your devices’ health and will not contact like this you to warn you about problems.  Anyone telling you that is lying.  The only thing that will monitor your device and alert you in the event of infection is your firewall and your antivirus software.

With a fairly basic knowledge of their computer’s operating system, many victims of this scam may have been able to recognize some extremely obvious falsehoods the scammer probably told while trying to show “evidence” of an infection.  If you aren’t totally confident in your computer literacy, taking a few computing classes could go a long way in protecting you from these scammers. Check your local senior center, community college, or check out one of the many online computer courses available for seniors.

 

AND PLEASE, PLEASE, PLEASE, PLEASE BACK UP YOUR DATA REGULARLY.

Senators Moran and Casey introduce Senior Scams Prevention Act to prevent the most common forms of senior financial abuse

On September 27, Ranking Member of the U.S. Senate Special Committee on Aging Senator Bob Casey (D-PA) and Chairman of the Senate Committee on Commerce Subcommittee on Consumer Protection Senator Jerry Moran (R-KS) introduced S.3522, a bipartisan bill aimed at training financial establishments to stop senior scams.

S.3522, known as the Senior Scams Prevention Act, would create an advisory council at the federal level to develop and distribute information and training materials to the very banks and retailers most scammers use to conduct their crimes.

“Now more than ever, it is imperative we bring industry leaders together to examine ways and propose actions American businesses can take to help educate the public, specifically senior citizens, on how to identify and avoid these harmful scams,” Senator Moran explained in an October 1 press release.

S.3522 operates under the oft-uttered advice that the best way to protect yourself from fraud is to recognize and prevent the fraud before it happens.  In many cases, stopping the theft before it happens may be a victim’s only relief given the ways scammers most frequently extract money from their targets.

Among the vocal supporters of this legislation are Green Dot Corp., MoneyGram, and Western Union, prepaid debit card and wire transfer companies scammers love to use to keep their transactions with victims anonymous and irreversible.  Transactions made with gift cards, prepaid debit cards, and wire transfers are as good as dealing with cash—once the scammer has the number from the card or picks up the wire transfer at the pick-up location, the victim can’t ever get his money back.

In these situations, it behooves both potential victims and companies used to commit fraud to notice the red flags before the transaction is completed.  Catching these criminals is next to impossible after the money ends up in their hands.

And victims of scammers aren’t the only ones who lose.  In 2017, the Federal Trade Commission and the Department of Justice required Western Union to pay $586 million to victims of wire transfer scams using their services.

Not only will intensive education on blocking senior scams prevent millions of Americans from becoming victims, but it will save companies millions of dollars in investigations, refunds, and settlements.

Though these measures will benefit all Americans in the long run, S.3522 is specifically focused on protecting the most targeted and vulnerable population when it comes to scams: senior citizens.

“Far too many older Americans have been targeted by scam artists. These criminals threaten legal action against seniors or loved ones if ‘payment’ is not made immediately through a wire transfer or gift card,” said Senator Casey. “The Senior Scams Prevention Act would help stop a payment before it is ever made so that seniors don’t lose one more penny to a fraud or scam.”

Don’t worry, says the FTC. Your Social Security number can NEVER be suspended.

 

 

 

Last week, the Federal Trade Commission released an official statement regarding reports of a new phone scam telling targets their Social Security number has been “suspended.”

The caller, impersonating a government official, attempts to trick call recipients into giving up personal information, saying due to some kind of fraud their SSN will need to be reactivated.

In order to reactivate, the caller will press their victim into the classic account “verification” process with which we’ve become so familiar: asking for a ton of sensitive personal details the scammer can use later to steal their victim’s identity.

The key to avoiding this scam is understanding there’s no such thing as Social Security number suspension.  Neither the Social Security Administration, the Internal Revenue Service, nor any other federal entity with which a scammer might claim to be associated will EVER suspend a Social Security number.  That’s just not how SSNs work.

No matter what a caller might say to you to intimidate you, if you hear that your SSN is suspended, the scam should be dead in the water. 

This one is absolute baloney.

As with any sketchy phone call asking you for personal information like your name, address, bank information, Social Security information, or the names of those close to you, hang up the phone immediately.

Don’t attempt to speak to, argue with, or insult the caller (not only are you giving them more opportunity to manipulate you, but also some phone scammers are known to record your voice so they can use it to authorize charges and changes to your accounts). Just hang up.