New PayPal scam spoofs money transfer warning: Internet Scambusters #512
A new PayPal scam heads up this week’s Snippets issue, which
includes details of the latest social networking phishing
We also sound two new alerts: the potential dangers that could
arise from a suggested “virtual tax audit” process and the
risk of dangerous, recalled goods reappearing on store
As usual, we have all the details on what you need to look out
for to protect yourself from scammers.
But first, we urge you to take a look at these top articles
from our other websites:
Coupons: What Not to Do: Coupons are great, and they can save you money if you use them wisely, but you need to learn how they can backfire.
Cranberry Treats: Think Tangy For Fall! These cranberry recipes will help you celebrate that autumn chill in the air!
Have A Halloween Baby Shower: Here’s how to have a howling good time with a Halloween baby shower to celebrate that new birth.
Beginning Investment: Tips for Newbies: Check out this easy to read guide on investing for beginners.
And now for the main feature…
LinkedIn, Twitter and PayPal Scam Alerts
This is a busy time for new variations of old scams and we
have a couple for you in this week’s Snippets issue, starting
off with a sneaky new PayPal scam.
We’ve warned about bogus PayPal messages in several previous
In the latest trick, the crooks try to beat your natural
skepticism by shocking you into clicking a link.
The message, received by one of the Scambusters team, appears
to be from PayPal acknowledging a transfer of a big sum of
money — in this case, more than $24,000.
That’s enough to make your heart skip a beat. But hang on,
says the message, because it’s your first big money transfer
so PayPal is holding it until you confirm the payment.
There’s the trap! You’re invited to click an “accept/decline”
link. If you do, you’ll be connected to a hijacked website
that downloads a virus onto your PC in the blink of an eye.
Poor English usage gives the game away. For instance, the
message includes the following statement:
“We congratulate you with your first PayPal money transfer.
But we have hold it for the moment because the amount is over
the security borders of our rules.”
Also, fortunately, most Internet security programs will block
the malware attempt — provided they’re up to date.
Even so, this PayPal scam attempt emphasizes the fact that you
should never click on links in this kind of message.
Instead, go to PayPal.com and check your account there.
Phishing was the name of the game in the latest scam to hit
members of the business social networking site LinkedIn.
Messages from what seemed to be a performance-rating website,
supposedly on behalf of one of the victim’s “connections,”
invited them to give an assessment of this person’s
To make the message seem more authentic, it included a photo
of and quote from Apple founder Steve Jobs.
Seems reasonable enough, no? But once the testimonial was
written, recipients were then asked for their LinkedIn sign-on
As well as giving away this confidential information, victims
who did this had their LinkedIn accounts hijacked and the same
message was then sent out to all their contacts.
A clever way, indeed, of harvesting thousands of login details
The site that initiated this scam has now been taken down but
the incident reinforces the need to protect your sign-on
details and, as we constantly warn, use a different password
for each important site you use.
If you already fell for this trick, change your LinkedIn
Twitter Survey Scam
Twitter is another social networking site that’s a frequent
target for scammers.
One of the crooks’ latest techniques is to monitor trending
terms and words on the site, then invite the tweeters to
complete a survey supposedly connected with their subject of
For example, a recent scam capitalized on the popularity of a
Anyone mentioning this app on Twitter received a tweet
directing them to a website survey where they were told they
could win a prize for filling out the online form.
No prizes were ever awarded, however, but the site operators
collected a lot of useful information for spam attacks.
The offending account seems subsequently to have been closed
but variations of the trick could be repeated at any time.
Don’t be fooled into giving away your email address or cell
phone number by the lure of surveys and prize offers. It’s
usually a spaham scam.
If you really must, use a “disposable” email address that you
can subsequently delete.
Virtual Scam Opportunity?
Normally, here at Scambusters, we focus on fraudulent
activities that already have taken place but here we want to
flag up a concern about something that could happen in the
There is the possibility, reported recently by CNN, that the
IRS could introduce virtual tax audits — done over the
Internet using a video link but including the transmission of
taxpayer documents to the IRS.
The IRS already runs a pilot two-way video service to help
taxpayers with questions and problems.
Now, says CNN, the independent Taxpayers Advocate Service is
calling for this to be extended to virtual tax audits.
If this happens, we’re raising a warning flag right now to be
on the lookout for scams by crooks posing as the IRS.
No doubt, the IRS will put all sorts of procedures in place to
try to avoid misuse but we think any process that involves
uploading highly confidential financial documents is fraught
If virtual tax audits become a reality, let’s hope taxpayers
have the alternative choice of still visiting the tax office.
We know which we’d choose.
Back On the Shelf
Finally, just in time to slip in a warning about consumer
products, recalled for safety reasons, suddenly reappearing on
This isn’t always a scam but its potential effects are just as
dangerous whether it is or not.
Earlier this year, the US Consumer Product Safety Commission
said that a range of toys that had been withdrawn from the
shelves of a store’s chain had subsequently been offered for
sale at discount stores and flea markets.
It’s hard to counter this danger but one thing you could do is
keep track of recalled products.
The easiest way to do this is to sign up for regular recall
notifications using the Online Form for CPSC Subscription Lists.
As all of our Snippets items demonstrate this week, scammers
look to attack consumers from all sorts of directions.
Whether it’s a malware-charged PayPal scam or a crafty
phishing attack, they hope that, one way or another, you’ll
eventually get snared. Don’t let your guard down!
Time to close today, but we’ll be back next week with another
issue. See you then!