now browsing by tag


#nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police

Source: National Cyber Security – Produced By Gregory Evans

Numerous scams have emerged as criminals seek to take advantage of concerns ranging from how to reclaim money lost on holidays to financial support when schools close.

West Yorkshire Police, Action Fraud and others have been using their own social media channels to raise awareness of the tactics being used.

Ramona Senior, the head of West Yorkshire’s Economic Crime Unit, said her team was anticipating an influx in reports of such scams as fraudsters were very good at “diversifying”.

West Yorkshire Police are warning people about coronavirus scams Copyright: jpimedia

Investigators typically see seasonal scams tied into things like Christmas shopping, Hajj pilgrimages or HMRC tax return deadlines.

Tickets scams linked to big events like music festivals are another example of how the criminals will seek to exploit people using whatever is topical.

Ms Senior said fraudsters will also look at big talking points in the news like last year’s collapse of Thomas Cook, using emails, text messages and cold calling to try to lure in potential victims.

“They make up all sorts of things that sound legitimate at the time,” she said. “Everything that’s in the public eye, a news report about something that creates anxiety or people may lose money and want to protect themselves, is a bit of an opportunity for the fraudsters.”

The force’s Cybercrime Team has warned in recent days about the risk of downloading apps claiming to provide information on the spread of the virus, which are being used as a way to get malware onto people’s phones.

It also shared an image of a malicious website which is luring in people searching for coronavirus maps. Visiting the website infects the user’s phone or computer with malware, steals information and accesses sensitive data.

And within days of the news that the UK’s schools would be closing to everyone but the children of key workers, another scam has emerged.

One such email containing fake links and promising funding for families says that if your child’s school is closed and they are entitled to free school meals, then you should click on the link to send your bank details to the school.

Industry body UK Finance advised earlier this week that criminals were using publicity around coronavirus to “pose as genuine organisations, including banks, police officers, government, the World Health Organisation or other health service providers”.

Katy Worobec, managing director of economic crime at UK Finance, said: “We would urge the public to be vigilant against criminals using the publicity around the coronavirus as a chance to target their victims with fraudulent emails, phone calls, text messages or social media posts”.

The organisation said criminals have used coronavirus as a cover story to attempt to get victims to “disclose personal or financial information or click on links that may contain malware”.

Take Five, the national campaign led by UK Finance and others, is also advising people unable to take planned holidays to be wary as criminals may pose as travel companies or airlines.

It has urged anyone in that situation to contact the organisation they made their booking with directly to enquire about refunds.

Meanwhile, experts from the National Cyber Security Centre (NCSC) have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit coronavirus, known officially as Covid-19.

Techniques seen since the start of the year include bogus ‘phishing’ emails with links claiming to have important updates, which once clicked on lead to devices being infected.

Also in crime: ‘The scammers don’t discriminate’ warns trainer with advice on staying safe

As part of GCHQ created to keep the UK safe online, the NCSC has taken measures to automatically discover and remove malicious sites which serve phishing and malware. These sites use Covid-19 and coronavirus as a lure to make victims ‘click the link’.

Director of operations Paul Chichester said: “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.

“In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

Last month, the World Health Organisation (WHO) warned of fraudulent emails sent by criminals posing as the WHO.

This followed a warning from the US Federal Trade Commission about scammers spreading phishing ‘clickbait’ via email and social media, as well as creating fraudulent websites to sell fake antiviral equipment.

Elsewhere, cyber criminals have impersonated the US Center for Disease Control (CDC), creating domain names similar to the CDC’s web address to request passwords and even bitcoin donations to fund a fake vaccine.

Individuals in the UK have also been targeted by coronavirus-themed phishing emails with infected attachments containing fictitious ‘safety measures.’

Source link

The post #nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Social Security Scammers Are Trying a New Trick

Source: National Cyber Security – Produced By Gregory Evans

Millions of seniors depend on their Social Security payments to help them cover their monthly bills, so if that money were to get diverted into the hands of fraudsters, they’d be in big trouble. Unfortunately, retirees are among the most common targets of financial scams — so much so that elder financial abuse has been called “the crime of the 21st century.”

A recent warning from the Social Security Administration (SSA) further drives home this point. The agency is alerting beneficiaries that — in addition to the previously common telephone scams — criminals are now faking documents and emailing them to their targets. Such documents may appear to come from the SSA and may include its official letterhead, which isn’t difficult to replicate. But complying with their instructions could result in a world of financial stress.


How to spot a Social Security scam

Social Security scams aren’t always easy to identify, but among the first red flags to look out for in any questionable communication are poor spelling and improper  grammar. Though the agency is understaffed, it surely has room in its budget for someone to do some proofreading, so if you receive documents under its letterhead that look unprofessional, it’s fair to assume that a criminal is behind them.

Additionally, if you receive a letter that includes any of the following, you can bet it’s a scam:

  • Threats of jail time or legal action unless you pay a fine.
  • Promises of benefit increases.
  • Payment demands, particularly through wire transfer, internet currency, or cash.

If there is a problem with your Social Security account, the SSA will usually send you a letter by mail, not email. It won’t call you up out of the blue. And while you may, in some cases, be asked to make a payment, it will never be via the aforementioned forms.

If you do receive a letter from the SSA and you’re not sure it’s legitimate, call the agency back at its main number — (800) 772-1213 — and speak to a live person. And if you get an email that’s clearly suspicious, don’t just delete it — report it. The same holds true for phone scams. While you shouldn’t engage the person on the other end of the line, you should report the incident to the SSA. There’s a dedicated online form that makes that simple to do.

It’s also a good idea to create a “my Social Security” account on the SSA’s website so you can easily keep tabs on your own benefits. This is an especially wise move if you’re not ready to claim Social Security yet, but are at an age where you would be allowed to — i.e., 62 or older. If a criminal files a benefit claim on your behalf, your later legitimate application may get rejected. But if you’re following the activity on your account, you’ll be able to take action to counter the scammer sooner.

Remember, just because you’re savvy enough to avoid falling victim to a Social Security con doesn’t mean everyone is, so report criminals’ behavior when you spot it. You could be saving others from becoming victims later. But on the plus side, with age does come some wisdom. According to a recent Better Business Bureau survey, it’s millennials — not seniors — who are most likely to fall victim to financial scams. Those aged 18 to 24 were more than three times more likely than those 65 and over to lose money to such cons. So maybe you should warn your grandchildren.

The $16,728 Social Security bonus most retirees completely overlook
If you’re like most Americans, you’re a few years (or more) behind on your retirement savings. But a handful of little-known “Social Security secrets” could help ensure a boost in your retirement income. For example: one easy trick could pay you as much as $16,728 more… each year! Once you learn how to maximize your Social Security benefits, we think you could retire confidently with the peace of mind we’re all after. Simply click here to discover how to learn more about these strategies.

The Motley Fool has a disclosure policy.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

Source link

The post #cyberfraud | #cybercriminals | Social Security Scammers Are Trying a New Trick appeared first on National Cyber Security.

View full post on National Cyber Security

Weekly Threat Briefing: Colorado Town Wires Over $1 Million To BEC Scammers

Source: National Cyber Security – Produced By Gregory Evans

The intelligence in this week’s iteration discuss the following threats: BabyShark, Fraud, Maze Ransomware, North Korea, POS malware, Ransomware, Rowhammer, Ryuk Ransomware, Thallium. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Figure 1 – IOC Summary Charts.  These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.

Source link

The post Weekly Threat Briefing: Colorado Town Wires Over $1 Million To BEC Scammers appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Tips to help you outsmart scammers in 2020

Source: National Cyber Security – Produced By Gregory Evans GREEN BAY, Wis. (WBAY) – A new year, a new push to protect your privacy. Consumer First Alert wants to help you outsmart scammers in 2020. The Better Business Bureau of Wisconsin has released its list of New Year’s Resolutions for a Consumer-Savvy 2020. Here’s the […] View full post on

#cyberfraud | #cybercriminals | Purcell column: Don’t take cyber scammers’ bait in 2020

Source: National Cyber Security – Produced By Gregory Evans One of 2019’s biggest stories will be bigger in 2020: Cyber scams are on the rise. “As people increasingly conduct business and live their lives online, more and more criminals are leveraging the internet to steal,” reports Forbes’ Stu Sjouwerman. The dirty rotten scammers continue to […] View full post on

#cyberfraud | #cybercriminals | Watch out for Cyber Monday scammers

Source: National Cyber Security – Produced By Gregory Evans

Cyber Monday — Dec. 2 this year — is poised to be among the biggest shopping days of the year. The National Retail Federation estimates total retail sales for the season to reach as high as $730.7 billion, and 56 percent of holiday shoppers plan on clicking to shop.

While most online retailers are reliable, some are not. Better Business Bureau received more than 32,000 complaints about online retailers and more than 7,200 BBB Scam Tracker reports about online purchase scams so far in 2019. Online purchase scams ranked as the second riskiest scam of 2018 in the St. Louis region.

A St. Louis woman told BBB Scam Tracker in late October 2019 she never received a college sports-themed gift she purchased for her husband in early September 2019. She said the company charged her credit card the day of the purchase and sent an order confirmation, but never sent a shipping confirmation, nor did the purchased item ever arrive. The woman told BBB when she attempted to contact the company, its phone number had been disconnected, and the website URL listed in the order confirmation email pointed to a day care in Australia.

Shoppers can prepare themselves for online shopping by watching ads and browsing for the items they’re seeking in advance. Many online retailers already have set up sites where Cyber Monday offers will be advertised. Unless you’re educated, it can be hard to tell whether an online deal actually will save you money. Read a site’s policies for returns and understand shipping schedules before you enter your credit card number.

BBB’s 10 tips for safe online shopping are as follows:

1. Protect your computer. Install a firewall, anti-virus and anti-spyware software. Check for and install the latest updates and run virus scans regularly.

2. Check a site’s security settings before entering financial data, such as a credit card number. If the site is secure, the URL (web address) on the payment page should start with “https://.”

3. Shop trustworthy websites. Look for BBB Accredited Business seals on websites and click to confirm they’re valid. BBB’s dynamic seal will take you to a site’s BBB Business Profile. You also may find reviews at

4. Protect personal information. Read a site’s privacy policy and understand what personal information is being requested and how it will be used. Don’t enter that information on unsolicited emails. If a site lacks a privacy policy, it could be a red flag that the site could sell your information without your permission.

5. Beware of too-good-to-be-true deals. Offers on websites and in unsolicited emails may display free or low prices on hard-to-find items. There may be hidden costs, or your purchase may sign you up for a monthly charge. Look for and read the fine print.

6. Beware of phishing. Legitimate businesses do not send emails claiming problems with an order, account or a package to lure the buyer into revealing financial information. If you receive such an email, BBB recommends you call the contact number on the website where the purchase was made to confirm a problem.

7. Pay with a credit card. Under federal law, you can dispute the charges if you don’t receive an item. Shoppers also have dispute rights if there are any unauthorized charges on the card, and many card issuers have zero-liability policies if someone steals and uses your card number. Check your credit card statement regularly for unauthorized charges. Never wire money to someone you don’t know.

8. Keep documentation of your order. Save a copy of the confirmation page of an order or emails confirming the order until you receive the item and are satisfied.

9. Obtain a tracking number for shipments. If you need the product before the holidays, find out when the seller intends to ship it and, if possible, how it will be shipped. The tracking number can help you find a lost order.

10. Know your rights. Federal law requires that orders made by phone, mail or online be shipped by the date promised or within 30 days if no delivery time was stated. If goods aren’t shipped on time, shoppers can cancel and demand a refund. Consumers also may reject merchandise if it is defective or was misrepresented.

Check a company’s BBB Business Profile before you make a purchase by going to or by calling 573-886-8965.

Michelle Gleba is the Mid-Missouri regional director for Better Business Bureau.

Source link

The post #cyberfraud | #cybercriminals | Watch out for Cyber Monday scammers appeared first on National Cyber Security.

View full post on National Cyber Security

Beware: #Tax season #brings out #scammers

Source: National Cyber Security News

It’s the robotic message that leads to a call with the pushy auditor, the threatening agent. It’s the out of the ordinary message from the slightly inaccurate email address.

It’s all part and parcel of the least wonderful time of the year: tax fraud and identity theft season.


“What we historically see during filing season is an uptick in fraud,” said Steven Osborne, special agent in charge of the Internal Revenue Service in Colorado. Osborne’s office is urging Colorado residents to be cautious of several different types of schemes this year.

One typical scheme involves potential victims receiving a “robo-call” from a computer-generated voice. Often the robo-call will inform the target of a “claim number,” and a call-back number that will put the would-be victim on the phone with a real person.

“It’s a low-sophistication scam, if you will,” Osborne said. “Their success rate is low, but they don’t need a high success rate.”

The real person will often claim to be an IRS employee or an agent. Recently, however, Osborne has heard of impersonators referring to themselves as “special agents,” which shows that the scammers have taken time to learn that special agents work criminal cases in the IRS’ structure.

Read More….

View full post on National Cyber Security Ventures

New #identity theft #scheme: #scammers use #US Postal #Service to #steal #information

Source: National Cyber Security – Produced By Gregory Evans

Stepahnie Vagim says it was her quick thinking mailman who saved her from identity theft just two days before Christmas.

Mail theft victim, Stephanie Vagim said, “Apparently someone went online and requested a vacation hold under my address that wasn’t me. He didn’t recognize the name so he brought me the mail.”

In the stack, letters for lines of credit – that a scammer was itching to get their hands on.

“The JC Penny, the Kohls Community Bank. Someone could have furnished their own home brought Christmas gifts for everyone they know and all under my name.”

And Vagim says it was all executed through their USPS website. The thief filled out the “request hold mail service” form to stop deliveries to her home.

The person, according to the form, planned on picking the mail up from the post office without Vagim ever knowing.

We spoke over the phone with a USPS Postal Inspector. He says this is not the first time a crime like this has happened.

“We are seeing this we’ve had similar crimes take place in the Central Valley in the Sacramento in the Bay Area and the key is the minute you realize something is not right say something,” Jeff Fitch said.

Meantime while Vagim is warning people of this new fraudulent scheme, she is hoping the government will find a way to stop it from happening so easily.

The post New #identity theft #scheme: #scammers use #US Postal #Service to #steal #information appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Scammers are #conning homebuyers out of their down #payment

Source: National Cyber Security – Produced By Gregory Evans

Scammers are #conning homebuyers out of their down #payment
  • Scammers are going after homebuyers’ down payments in a growing version of “email access compromise.”
  • Because it’s the consumer authorizing the wire transfer, the usual protections don’t apply.
  • Experts say don’t trust emailed closing instructions. Call a number you know to be correct to confirm.


It’s a number Shannyn Allan knows by heart. That’s how much money she painstakingly saved for a 20 percent down payment and closing costs on her dream home — one with a claw-foot tub and enough room to run her fundraising group for dog rescues.

It was “the only house in San Antonio in our price range,” she said.

And it’s how much money the first-time homebuyer nearly lost this spring to an increasingly common scam.

“It was a nightmare every single day,” Allan said of the three-week ordeal. “I almost lost the house.”

Variations of so-called email access scams have become a $5.3 billion problem affecting businesses and consumers in all sectors, the FBI warned in a May public service announcement.

The bureau’s notice called out real estate transactions as a trending forum for the scam, targeting “all participants … including buyers, sellers, agents, and lawyers.” In particular, complaints to the FBI from victimized title companies jumped 480 percent in 2016.

“They’re tough numbers to digest because we do think they’re underreported,” said James Barnacle, chief of the FBI’s money laundering unit.

In some of the largest real estate cases, he said, losses have been “in the low millions.” But even smaller losses are significant.

“They’re people’s life savings,” Barnacle said.

Tactics for the scam vary, but thieves’ aim is the same: Compromise the computer or email account of a person or business involved in real estate to monitor upcoming transactions. That gives them an opportunity to impersonate that party and try to intercept funds.

“Scammers and hackers want to target you when you’re either scared out of your mind or extremely happy,” said Ryan O’Leary, vice president of the Threat Research Center at WhiteHat Security. “Real estate is the perfect one-two combo, and there’s a lot of money at stake.”

Elements of real estate transactions are becoming increasingly digital, giving would-be thieves plenty of opportunities, he said. Nor does it hurt that a home purchase is one of the few instances where a request to wire money won’t set off alarm bells for the consumer.

In Allan’s case, the thieves interceded just hours before the closing.

“They waited and they watched, like a damn gator in the water,” she said.

She was on her way to the bank when she got an email that appeared to be from her title company, with a change of wire transfer instructions. Suspicious, Allan reached out to her real estate agent — who, she says, simply apologized for the hassle.

Allan wired the money at 9:34 a.m. Central time.

By a lucky coincidence, the real title company reached out to Allan shortly after, to give her the final closing instructions and confirm the money would be wired.

“They were like, ‘You wired the money? Who did you wire it to?’” she said.

How to avoid real estate wire fraud

An educated homebuyer is the first line of defense, said Jessica Edgerton, associate counsel for the National Association of Realtors. No matter what security precautions other parties, such as your title company or real estate agent, have in place, ultimately you’re the one wiring the money.

“This is happening all the time,” she said. “Attempts are happening on a daily basis.

“Don’t dismiss this as an interesting news story and distance yourself thinking this is something that won’t happen to you,” Edgerton said.

Here’s how to avoid falling victim to this kind of scam:

1) Verify everything

When you’re buying a house, you expect to hear from your real estate agent, attorney and other parties in the transaction. So you’re naturally less suspicious of emails that appear to be from those people — which thieves take advantage of, said the FBI’s Barnacle.

Don’t assume any emailed instructions or account details are legit.

“You have to call, and you have to confirm,” Barnacle said. “Having some kind of redundancy and some kind of check in place is the number one way of avoiding being hit by these frauds.”

But don’t call the phone number in the email, he said. That may redirect you to the would-be thieves. Instead, call a number you know to be correct for say, that title agency or mortgage broker, based on a web search or previous interactions.

2) Be suspicious of changes

Last-minute changes to closing procedures are a red flag — especially requests that you change the payment method or send money to a different bank or account, said Doug Johnson, senior vice president and senior advisor of risk management policy for the American Bankers Association. Real estate closings are a “standard process,” he said, and it would be unusual for those details to change.

Again, verify any changes by calling the other parties involved.

“Trust your instincts on this kind of stuff,” Johnson said. “We tend to know when something smells a little fishy.”

3) Secure your emails

Given the risk of compromise, don’t send sensitive data such as bank account details or your Social Security number over email, Edgerton said. Use a secure file-transfer service to send documents required for that home purchase, or a secure client-access portal that the business (be it your title company, mortgage broker, etc.) has set up.

Be suspicious of communications that don’t follow whatever protocol has been set up — for example, a request that you email details that you’ve previously securely submitted via a portal.

4) Use good cybersecurity hygiene

This scam begins with thieves gaining access to the computer or email account of someone involved in the real estate transaction, said O’Leary — make sure that someone isn’t you.

Keep your antivirus software and operating system up to date, use unique, complex passwords and enable protections such as two-factor authentication where available. Don’t click on any suspicious links in emails, he said.

5) Pick a secure payment method

Ask about your options for paying the down payment and closing costs, said Allan, who blogs about personal finance at and now, after her experience, at You may be able to bring a paper certified check or cashier’s check to the closing or an agent’s office ahead of time, avoiding the possibility the funds end up in a fraudster’s hands.


If you fall prey to one of these scams, you’ll need to act immediately. The odds of recovering that stolen money aren’t in your favor.

Money sent via a wire transfer is quickly moved electronically from your bank to the recipient bank, and then into the payee’s account. You typically have only a tiny window for the banks to halt a transfer, or freeze the account before fast-moving thieves withdraw the funds. Once the money is out of that account, it’s gone.

Even if you spot and report the fraud within 24 hours, you might not get your money back, said Barnacle.

“I don’t want to set false expectations for consumers,” he said. “The chance of recovery here is slim.”

Because the consumer is the one to authorize the wire transfer, protections covering unauthorized financial transactions don’t apply. The banks will work with you, but you may bear some or all of the liability for lost funds, depending on the details and extent of the crime, said Johnson.

Allan’s almost immediate notice of the fraud was instrumental in recovering of her money because the bank was able to freeze the thief’s account. In the end, she lost just $430 — including $70 in wire transfer fees. She’s quick to point out she was extremely lucky.

“I feel like a magical unicorn, because this doesn’t happen,” she said.

Here’s how to take action if you fall prey to a scam:

Alert the banks. “Immediately call your bank or financial institution,” Johnson said. “They may still be able to call back the wire.” Alert the bank on the receiving end of the wire transfer, too. They can often work with your bank to halt the transfer or freeze the recipient’s account.

Call in law enforcement. File a local police report detailing what happened. Call your local FBI office and file a complaint with the FBI’s Internet Crime Complaint Center, too. “At the FBI level, we have briefed all of our 56 field offices and all of our resident agencies, and they are equipped to rapidly respond,” Barnacle said.

The post Scammers are #conning homebuyers out of their down #payment appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Scammers Stealing Down Payments By Hacking Real Estate Agents’ Email Accounts

Source: National Cyber Security – Produced By Gregory Evans

Buying a home is the biggest purchase most Americans will make during their lifetime. But now hackers have figured out how to steal the down payment, leaving the buyer without a new home and often wiping out their life savings. “The timing was impeccable, actually,” said Kristina Soloviena, a real…

The post Scammers Stealing Down Payments By Hacking Real Estate Agents’ Email Accounts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures