Identity Theft

Hippy-eye-ay – WTF is a HYIP?

According to Wikipedia, a High Yield Investment Program (aka HYIP) is …

A high-yield investment program (HYIP) is a type of Ponzi scheme, which is an investment scam that promises an unsustainably high return on investment by paying previous investors with the money invested by newcomers.

Ok, yet another scam – so what?

Well, there’s a few spam emails going about currently that sounds like a big one. People will get hurt so it’s my duty to warn you all!

Spam like this one:

Hello,

I would like to introduce the Investment Committee.
I represent Prosperity Organization that is committed to provide with life changing returns and services. Investment programs can bring you no risk
interest to pay of your mortgage

If you are interested, please visit: http://groups.yahoo.com/group/bevetutabykax90/message/1

[OR: Ed.]  http://groups.yahoo.com/group/lohywejyfolyd12/message/1

[OR EVEN: Ed.] http://groups.yahoo.com/group/fujuxoryfymyg58/message/1

Regards,
Moderator

fujuxoryfymyg58-message-taximetu

One thing they all have in common is a Yahoo Groups Page as a jump point to the real scammer’s page http://sdhfiweof.com/.

One thing about working in the IT industry for so long (especially working with email systems) has taught me is NEVER BUY PRODUCTS/SERVICES MARKETED BY SPAM, especially if

  1. you get several copies of the same spam
  2. especially if they mention ‘God’
  3. especially if the website owner claims to be from your town, but the domain name/website is registered/hosted in Hong Kong
  4. ESPECIALLY if the website offers an ‘Affiliate Program’ (ie, they let you do the spamming for them!).

These jokers fit all of the above. Here’s a Pic of their site:hyip-self-made-millionare

Now, I’m sure that there is a God-fearing lady called Marta, and there may even be one in Baltimore with two kids, but I’m absolutely certain that this isn’t her. It’s much more likely to be  Fred Milto (FredMilto@gmail.com), a "Private Person" in New York, 10017 - at least that's who the domain name is registered to.

Of course, Fred (Aka Marta) may not be the owner of this mess – they’re likely to be affiliates and the real scammers ground zero are CherryShares.com

Anyway, I don’t have the time or the resources to investigate this one further, but if anyone knows more or has tried this particular scam, let me know.

The FTC and others have been issuing warnings for years about this scam – here’s one just in case you still don’t believe me From the SEC

and here’s a snippet

Signs of Banking-Related Investment Fraud

Below are warning signs of prime bank or other fraudulent bank-related investment schemes.

Excessive Guaranteed Returns

These fraudulent investment pitches typically offer or guarantee spectacular returns of 20 to 200 percent monthly, absolutely risk free. Promises of unrealistic returns at no risk are hallmarks of prime bank fraud.

I was alerted to a website called HYIPExplorer (http://www.hyipexplorer.com), who acknowledge that HYIPs are high risk investments but with high potential returns. They know there are a lot of scammers out there and provide a forum for people to rate and investigate these notoriously mercurial entities. If you are ever convinced to try HYIPs, please visit them and do A LOT OF RESEARCH BEFORE SENDING ANYONE ANY MONEY!!!


HYIPexplorer - High Yield Investment Program - HYIP Rating - The premier HYIP monitoring service!

Golden 1 Phone Scam hits Sacramento

Social engineering is an approach used to gain unauthorized access to or acquisition of information assets. This approach relies on misrepresentation and the trusting nature of individuals, and is often carried out through the use of phishing telephone calls or email.
A phishing telephone call or phishing email may sound or look as though it comes from an organization you do business with, such as a bank or government entity, but they are generally from a scammer trying to obtain your personal information under false pretenses.

This particular scam is being carried out by telephone as follows:

An individual leaves a message on an employee’s work phone number, stating they are with the Golden 1 Credit Union. In this scam, the message states that the targeted person’s credit and/or debit card has been temporarily suspended and instructs them to push “1” to reach security. Do not push “1”. If you push “1”, a second recording will ask you put your card number. DO NOT PUT IN YOUR CARD NUMBER!!!!

The following are general practices to avoid becoming a victim of these types of scams:

• Do not respond to unsolicited (spam) e-mail. Simply delete it.
• Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail, telephone or other means.
• Do not click on links contained within an unsolicited e-mail.
• Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
• Validate the legitimacy of the organization by directly accessing the organization’s website rather than following an alleged link to the site.
• Do not provide personal or financial information to anyone who solicits information.

The Golden 1 Credit Union has been made aware of this scam. Additional information from Golden 1 Credit Union regarding fraud is available on their website at: https://www.golden1.com/privacysecurity/phonefraud.aspx

Gringotts Bank Business Opportunity – Harry Potter Spoof Email

In a lighter vein, here’s one I knocked up myself – guess what I’m reading at the moment!

Though seems unsolicited, this owlmail is a business proposal to you. I appreciate the fact that you have every reason to be suspension, please note this proposal is very real. I will employ you to read it with open mind and act in the best way as directed by your mind and instinct.

My name is Amelia Bundweazel, Chief Operating Goblin (Magical Transactions) of Gringotts Bank (Durmstrang). It is understandable that you might be a little bit apprehensive because you do not know me but I have a lucrative business proposal of mutual benefits to share with you.

In June, 2001, a late client of the bank, a Wealthy Wizard from the Ministry of Magic whom we presumed (rightly or wrongly) to be a relative of yours made a numbered fixed deposit of Twenty-one million Five Hundred Thousand Gold Galleons (GG 21,500,000.00) We later found out that he and his family had been killed in an unfortunate accident involving a mid-air collision between a Magical Defense Forces High Speed Dragon and their flying muggle car (A Reliant Robin).


(See http://www.dailyprophet.com/brknwz/2001-020-20.htm for details).

After further investigation it was also discovered that he did not declare any next of kin and no one except me knows of his deposit in our bank and the secret password (‘Hamza Scamza’). So, the gold is still laying unclaimed deep in our vaults. What bothers me most is that according to the laws of my bank, at the expiration of seven {7} years the gold will turn to ashes and the vault will disappear if nobody applies to claim the funds.

Against this backdrop, my suggestion to you is that I will like you to stand as the next of kin so that you will be able to receive the funds.

I want you to know that I have had everything planned out so that we shall come out successful. I have a memory modification spell prepared that will show that you are his next of kin (AT NO COST OF YOURS), all that is required from you is to provide me with your Full Names and Address so that I can complete the spell. After you have been made the next of kin, I will help move the contents of the vault to your own, or made accessible to you with a Wizard Unionâ„¢ (Secure Floo Network) MTM spell.

There is no risk involved at all in this transaction, As a bank goblin, I am forbidden to reveal the banks secrets so I am taking a great risk in discussing this with you. I am the only one who knows of this situation, good fortune has blessed you with a name that has planted you into the center of relevance in my life. Please endeavor to observe utmost discretion in all matters concerning this issue. Once the funds have been transferred to your vault, we shall share in the ratio of 50% for me, 40% for you and 20% for bribes to Dragons (but this can be subjected to further negotiations). I send you this mail not without a measure of fear as to the consequences, but I know within me that nothing ventured is nothing gained and that success and riches never come easy or on a platter of gold. Please observe this instruction religiously.

Should you be interested please send me your,

1, Full Names,

2, Current Contact Address,

3, Bank Vault Personal Identification Spell (PIS)

And I will prefer you reach me on my private email address: Graham.crabbe@yahoo.wiz and finally after that I shall furnish you with more information’s about this operation. Your earliest response to this letter will be appreciated.

Kind Regards,

Amelia Bundweazel,

Graham.crabbe@yahoo.wiz

__________________________________________________________________________________

Yahoo.wiz – Get your own free owlmail account today!

Was this message Owlspam? Report it to owlspam@yahoo.wiz
Yahoo.wiz is not responsible for nips, droppings or other owl damage.  Please remember, Owls are only the messenger, treat all owls kindly!
————————————————————————————————————–

THIS OWLMAIL HAS BEEN CHECKED FOR VIRUSES, TROJANS, HEXES, CURSES AND JINXES BY HEXMARSHALL

On a related note, Warner Bros have the following warning at the top of their massively successful-but-oddly-named “Harry Potter Dialogue Centre“.

ALERT – EMAIL FRAUD ADVISORY
There have recently been a number of emails circulating claiming to be casting for upcoming Harry Potter films. Many of these emails request personal information and some have the subject line of “WARNERBROS CASTSEARCH” or something to that effect. This is to advise that Warner Bros. Entertainment Inc. does not engage in casting activity through email. These emails are fraudulent and you should not respond to any such email. Feel free to forward any such messages to anti-piracy@warnerbros.com and we will do our best to investigate the fraudulent activity.

It’s a nice place, the gorgeous design and graphics you’d expect from a movie studio, but the website nazis have been in and issue the usual anti-fan type warnings about posting links to your own websites. I hate this arrogant stance – they abuse and allienate their biggest fans (and customers!) with their intolerant and snarky ‘Intellectual Copyright Protection’ crud.  I once got the most miserable letter from a lawyer when I posted a photo of ‘Miffy’ on a website. I pointed out that this character was my daughter’s favourite, but that thenceforth and notwithstanding, I would be unwilling to buy any more of their ‘Miffy’ themed products.

We have been seeing a lot of members advertising their own websites on the boards. This is not allowed as per our Community Guidelines and the Terms of Usage of the Harry Potter Message Boards. The only place you are allowed to post links to other Harry Potter related sites is on the Web Masters board. If you have a link to your site in your profile you also need to remove the link.

…. if you call yourself any name of any character in the Harry Potter series or allude to any character in the Harry Potter franchise or even mention the name ‘Harry’ and/or ‘Potter’, you will be banned for life and a WB representative will turn up at your house and publicly burn all and any books, posters, videos, video games, Lego, action figures, bedside lamps, keyrings, cellphone covers, candy and/or sleepware (including sheets and all other bedding) that is under the ownership of Voldemort Warner Brothers.

PhishTank.com – Anti Phishing Website that Gets Results!

PhishTank.com – Anti Phishing Website!

Here’s the thing – from now on, ANY TIME you get an email that sends you to a PayPal/Bank of America/Google Adsense/eBay/your-bank-name site that you know is a scam site [that just wants your login/password/credit card/bank details] – immediately report it to PhishTank.com.

Image

They are the database that many browsers and security firewalls automatically use – within seconds, millions of people are protected!.  To see if YOUR browser/network is using this service, try this url picked at random from Phishtank’s database this morning – http://bloccatoinlinea.net/

I use Firefox mainly and for me, I get a nice message like this:

Firefox Warns about visiting a Phishing Site

Firefox Warns about visiting a Phishing Site

If you get ‘straight through’ without any warnings then you need to seriously consider upgrading your browser to FireFox 3 or even the spiffy new Google Chrome.

Is it worth the effort of reporting it?

Trust  me , this isn’t the same as sending an email to abuse@hotwebsites-r-us.cn and hoping that something will happen – this is the real deal – Your submission goes into the Phishing database, people are invited to check your submission and vote on it (for or against) and (assuming it’s approved) one more scam website is defeated!

Once you’ve done it once, you might like to signup and join the band of selfless individuals who monitor, verify and discuss these things (look out for ‘scamdex’!).

Good for your sense of moral outrage and good for the general public – help stamp out Phishing – go to Phishtank.com and sign up NOW!

Monthly round up of scams. July 2008

The scam that inspired a poem
WalesOnline – United Kingdom

I JOINED our local OAP group last year and was asked to bring along my favourite poem. Not having an interest in poetry or having a book of poems meant I was in quite a quandary. However, the day before the meeting I received a scam letter, so I wrote this poem:

It’s a Scam

Today I received a letter that contained some very good news,

I’d like to impart its message and ask you for your views.

The letter said that I had won nearly 50,000 pounds.

So why am I suspicious, I surely had no grounds?

The letter came from Holland and it said it was not a joke.

So I’d like to share this fortune with all of you good folks.

They asked me to send them a very little cheque.

I’m writing to thank them, and thought what the heck.

Deduct the £20 I owe – deduct it from the prize.
And send the balance back post haste. I await a big surprise.

DILYS MORGAN, Church Terrace

6 Bay Area Women Arrested In Gift Card Scam
CBS 5 – San Francisco,CA,USA
Sacramento police announced Tuesday the details of a gift card scam that has netted the arrests of six women, some from Richmond in the Bay Area of Northern California, that are allegedly part of an international crime ring.

A group of women, who investigators are calling the “Richmond Girls,” allegedly went on shopping sprees around Northern California, using gift cards with stolen credit card information on them, police said.

Sacramento County Sheriff’s Department Detective Sean Smith said that the women, who targeted stores from Hayward to Roseville in eastern Sacramento County, earned the nickname because all of them are either from or have close ties to Richmond. Smith also said that there’s a “significant number of other suspects we’re attempting to identify” in the investigation.

The women allegedly wired more than $120,000 to various countries in Eastern Europe, where investigators believe individuals paid for the stolen account numbers. Sanna Louise “Shilo” Cross, 23, and Dawn Edward, 31, were arrested on Dec. 30, 2007. Cherice Dempsey, 37, and Melissa Anderson, 29, were both arrested on Jan. 19.

Davina Hollier, 27, was arrested Feb. 19, while Ebony McDowell, 21, the last woman of the group to be arrested, was taken into custody on April 10.

The suspects are being held at the Sacramento County Main Jail, and face more than 180 charges of identity theft and fraud between them. Investigators recovered more than 65 re-encoded gift cards and more than $1 million in fraudulent credit card transactions, along with $45,000 in cash and an estimated $80,000 in merchandise.

The investigation, spearheaded by the Sacramento Valley Hi-Tech Crimes Task Force, is still ongoing, and has involved various police organizations in Northern California, including Richmond police. The U.S. Secret Service also joined the investigation to look into the international aspect of the case.

Scamdex advises all US-based victims of Internet Crime to contact their local Police Unit for  ‘High-Tech’ Crimes.

Scam uses text messages to lure victims
Kentucky.com – Lexington,KY,USA

Last month, hundreds of people in Lexington, KY, received an automated telephone message that states it is from Commonwealth Credit Union and claims the person’s account has been suspended because of suspicious activity. The message told the people to call a phone number, which asked people for bank account numbers. The text message read, “Dear Commonwealth CU Member, Your online account is limited for security purpose.”

The text message asked the person to call a number with a Vermont area code for more information.

Callers told the BBB that an automated message then asks callers to enter their debit or credit card numbers.

Gloria Thomas, the fraud and loss-prevention manager at the credit union, said the credit union isn’t the only place being targeted. But she said last month that the CCU might be targeted because it’s a large

DNS (whassat?) it’s a great tool against Scammers!

The DNS Route to Scam Protection Online.

When you type in ‘www.scammingsite.com’ on your browser, a lookup is performed to translate the domain name into a unique address (IP Address) that all networked computers understand and which contains the path to the right server.
Use OpenDNS

Your ISP will have given you two longish ‘numbers-separated-by-dots’ (eg. 207.44.123.28) to type in to your Network Settings. These are the Domain Name Servers (DNS) that your computer will use whenever you ask to go to a domain name.

Right? Well, never mind, just trust me on this one.

Wouldn’t it be great if, when you did the lookup/translate part, the result was filtered for Scams/Profanity/Pornography/Crime/Violence etc etc?

Well, by changing the DNS servers you use, you can have this great feature – for free, I may ad – and you (and your children/employees) can surf a little easier. No software to download, no subscriptions, no spam – it couldn’t be easier. Free, simple to do, free, great protection …. Use OpenDNSwhat more can I say other than if you don’t believe me, Click this button to find out why you need to change your DNS servers NOW!

(or, you can just change your DNS servers to 208.67.222.222 and 208.67.220.220 and get on with your life)

BTW, the same people who run OpenDNS.com also run an Anti-Phishing site called, amusingly, PhishTank

Worried about Identity Theft? Get a Million Dollar Protection

LifeLock, a provider of identity theft prevention services, has developed the nation’s first and only PROACTIVE identity theft solution designed to help PREVENT crimes before they occur. They back the service with a hefty $1 million guarantee.

The services they provide break down as:

  1. They BLOCK your credit so only you can use it – They put alerts on your credit reports with all major credit bureaus. So, if anyone tries to do anything with your credit report, get new credit, change your address, expand credit lines, open a checking account, get insurance or utilities, and more, you will be called directly for approval first.
  2. They back up their services a $1 million guarantee – If your identity is ever stolen, they will fix the problem and reimburse you up to $1,000,000 in financial losses.
  3. Stop pre-approved credit offers, thus saving a few trees and helping to curb one of the most popular ID theft systems, getting a credit card from a trashed credit card offer – They say that they also reduce the amount of other junk mail to your home.
  4. Ensure that things go smoothly when you apply for credit – they don’t give much detail on this point, but they also provide ‘free’ annual credit reports.
  5. They even monitor your children’s identities.

LifeLock retails for $10 per month or $110 annually but you can get a 10% discount..$9/month or $99/annually if you signup from the Scamdex Site.

Scamdex approves of this product, especially in the case of elderly relatives, young adults and others at risk due to confusion or inexperience, both of which are the scammer’s stock in trade. If you’re worried about Granny wiring all her assets to a Nigerian Widow then I’d definitely take a look!

Who owns Westpac-site.org?

Why do I ask? Well, I got a spam/scam email today that pretends to be an alert from Microsoft, via the Secret Service that a backdoor has been found in Windows XP and that a patch has been released which will ‘fix’ this vulnerability.

Well, as you can imagine, the ‘patch‘ turns out to be a trojan/virus/worm thingy itself.

interestingly, this scammer uses imageshack.us to host his images. Here’s one:
Scammer ImageThe download site was WWW.WESTPAC-SITE.ORG which is hosted by one-and-one, a huge internet web hosting company and the rest of the details are probably spurious (Ian Arend from Victoria, Australia).

If you go to the westpac-site.org website, you find the beginnings of a Pharming operation, attempting to extract the PIN numbers of people’s credit cards for Bank of America accounts.

I have send emails to the relevant ISPs to try to get this site down as soon as possible, but people will get burned (unless that is, they see this posting first!)