Scamlines 22: Global scams hit millions

ID theft, bogus ticket sales underline scale of worldwide crimes

Two large-scale global scams have hit the headlines during the past couple of weeks, underlining the scale of card card number theft and Internet fraud.

First, we have the disclosure that tens of millions of debit and credit card numbers have been stolen by an international gang and used to withdraw huge sums of money.

Second, after ripping off victims to the tune of millions of dollars for bogus, non-existent tickets to the Beijing Olympic Games, scammers are still hard at it trying to exploit the global popularity of the event to their advantage.

Scamlines readers won’t have fallen for the tickets scam because we warned about it long ago. Now we’re updating you with news of their latest, insidious tricks.

Also among this week’s round up of the scam headlines, we have reports of tricksters who claim they’ve found missing persons and the story of a restaurant owner who handed over $4,000 cash to a man in a parking lot and never saw him again.

1. 11 charged with stealing 40 million card numbers

The scam: In what is reckoned to be the biggest ever theft of credit and debit card numbers, an international gang collected more than 40 million numbers by hacking into computer systems of major retailers like T J Maxx and Barnes & Noble.

The US Justice Department says the ring stretched from Miami, through Eastern Europe to China and announced charges against 11 alleged members, though not all of them are in custody yet. The stolen data was used to encode blank cards which were then used to withdraw millions of dollars from ATMs.

Security experts say the discovery is only the tip of an iceberg and that the case underlines the increasing vulnerability of personal information to theft.

As one security analyst commented, the charges and arrests are a great victory for law enforcement — “But the big question is: How many didn’t they get?”

One very interesting aspect of this case is that the scammers did not steal credit and debit card numbers online. All of the thefts of these credit card numbers were done offline.

Read more articles on credit card fraud and what you do to protect yourself from credit card fraud, here.

And find out more about your liability if your credit card or number is stolen here.

2. Olympic scammers switch to malware, phishing

The scam: With Olympic fever running at high pitch, millions of people are taking the first-ever opportunity to watch the games live on the Internet via streaming video. For the scammers, that means millions of potential victims.

In the wake of the bogus tickets disaster — which we warned Scamlines readers about 8 weeks ago — scammers have come up with another con. They’re sending out spam messages about the Games with viruses, trojans and spyware attached, or with links to bogus sites that phish for financial details.

Security company McAfee warns Internet users to beware of emails and websites offering free downloads of Olympics-related software. There’s a good chance it will be malware, the firm says.

The solution: A touch of healthy skepticism will steer you clear of these tricksters. Don’t click those links and be wary of software downloads.

For more information about cheap ticket scams, go here.

3. “Spam” spam is a virus scam

The scam: A sneaky trick intended to pique readers’ curiosity – a spammed email, purportedly from news TV station CNN, with the subject heading “CNN: Top 10 Spam.”

Of course, you want to know what the Top 10 spam messages are. But this message is just a spam itself — pointing to hacked websites that will download viruses onto your PC.

In fact, according to one monitoring agency, this scam accounts for nearly 10 percent of all spam emails sent out recently. And, at least in the early stages, spam filters failed to pick it up.

The solution: You don’t click on links in this type of email do you?

4. Heartless scammers claim they’ve found missing person

The scam: Families of missing people receive an email offering them help to find their loved one. In some cases the sender actually claims to know the exact location of the missing person.

The subject line often reads: “I have information about your missing person.” The message then demands a large cash payment — typically $10,000 — and baits the recipient by making claims that the loved one is in a cult or is being held against their will.

The solution: The FBI is especially concerned because families of missing people are sometimes desperate for information and will clutch at any straw — paying large sums upfront. The answer is: don’t.

Contact the police immediately, even though the mail sender asks you not to go to the police.

5. Pop up nabs your credit card number and bills you

The scam: You’re on a legitimate but poorly protected website making a purchase when a pop-up window open, offering utilities or services with titles like “Shoppers Advantage”, “Privacy Guard” or any one of 50 other titles that all come from the same company.

One click on them and you’ve signed up for a service you probably don’t want, with a monthly deduction from your credit card.

You didn’t give your card number? Well you just entered it for your purchase on a non-secure page and, without further ado, the pop-up software reads it and you’ll be charged between $12 and $60 for your click.

The solution: Switch off pop-ups on your web browser. If one does open, take great care to click only the ‘x’ box in the top right to close it. Don’t buy from sites that don’t display the padlock security icon.

You can find information on other types of fake pop-ups and fake antivirus software here.

6. Firms billed for needless report processing

The scam: A “Due Now” payment notice turns up in the mail of businesses in Tucson, AZ. It’s from “The Board of Business Compliance”, demanding a fee of $125 supposedly for processing the minutes of the companies’ annual meetings.

The notice looks official, with a document on the back entitled “Arizona Revised Statutes Guide.” But it’s not official and this so-called processing is not a mandatory business requirement.

The solution: This is a variation of the phony invoicing scam where businesses and people are asked to pay a fee for anything from domain name renewal to copies of house deeds.

Always read the fine print and check out payment claims with genuine agencies.

We covered invoice scams in issue #280.

7. Points message points to big trouble

The scam: Users of Microsoft Points — a sort of currency that bypasses the need to use credit cards for things like the Xbox games console — may be tempted by an offer of free points promoted on the Xbox Live (XBL) marketplace.

A posting reads: “…everybody, go to loginbox.tk I just got 1600 MS points Hurry though!! I think it’s a limited time offer.” But the site just collects login information and then sends the same message to everyone on the victim’s friends list.

The solution: This is a phishing attempt for XBL log-on details. Sometimes genuine Microsoft Points can be picked up for free but you should never disclose your log-on to anything but the genuine XBL site (which, of course, you would key in yourself).

8. Not so much TVs, more TGTBT

The scam: This week’s contender for the unbelievable-dupe-of-the-week is a restaurant owner in the Salem area of New Hampshire. His big-screen TV burns out in an electric storm and a caller offers not only to replace it for a bargain price but also to throw in a couple of extra sets.

In fact, he says he can get four 60-inch plasma TVs from Sears at $1,000 apiece. The pair meet in a mall parking lot, the restaurant owner hands $4,000 to the conman who goes inside the store — and disappears.

The solution: How can people be so trusting? An in-store camera captured a photo of the conman who looked anything but trustworthy.

Never hand over money to someone you don’t know for something you’re promised in the future — especially, as we always say, in a parking lot and if the deal is Too Good To Be True (TGTBT)!

What a week! With so many scams, on such a huge scale, it makes you wonder how much integrity’s left in the world. But really we know that the answer is “plenty”.

Even though individually we may be powerless to avoid the impact of scams on the scale of the global credit card number theft, there is still much we can do to anticipate and beat the scammers on our door steps and in parking lots.