Category: FraudAlert

OVER 50% OF THE CALLS YOU RECEIVE ARE SPAM OR SCAM AND THE NUMBER WILL KEEP INCREASING. THE MAIN PURPOSE OF SUCH CALLS IS TO DETERMINE IF YOU A “LIVE” NUMBER. IF SO, YOUR NUMBER WILL BE SOLD TO SCAMMERS AND TELEMARKETERS. 

HERE ARE SOME TIPS FROM AARP TO AVOID BEING TAGGED AS “LIVE.” 

1. Be Silent. If you do, most robocalls disconnect and don’t call back. 

2. Use a Small Tape Recorder. Record the message “this is not a working number” and play it into the handset. THe recommender says he’s never gotten a callback with this technique. 

3. Use a Call Block App or *77 On Your Landline to Block “Private” or “Unknown” Caller ID. Be aware that sometimes the call could be from a doctor or someone else you want. 

4. Never Bite on the One Ring Trick By Calling Back to See Who It Is. 

5. If It Is a Live Caller Making a Sales Pitch or Appeal and You Answered Simply Cut Them Off By Saying “I don’t respond to sales calls” and Hang Up Immediately.

 

If these are too much, simply do what I do. Change your voicemail greeting to say “Due to the Volume of SPAM Calls I Do Not Answer Unrecognized Numbers. If You Wish to Speak to Me Leave a Voicemail Message and I Will Return Your Call.”

There is a new phone scam hitting Hershysmill. The alert is courtesy of of our vigilant neighbor Margaret Covatta. The call appears to come from MAIN LINE HEALTH demanding money you owe them. The calls come from Main Line Health 888-273-3303. This is a verified fraud. Just hang up.

Last weekend the FBI issued an urgent bulletin for anyone with a home or small office internet router to immediately turn it off and then turn it on again as a way to temporarily thwart the spread of foreign malware linked to Russia.

 

Over 500,000 routers have already been infected.

 

There are two steps to fully protect your router but the second step is too technical for the average HM resident without simplifying those instructions which I will try to do.

 

However, the first step is very easy to do. Simply unplug your router and plug it back in after one minute. Then press the WPS button on top of the router. Then the lights will begin to blink (hopefully green) and you will have your FIOS service back.

 

The ROUTER is the piece of Verizon equipment where the cable enters your house and is about a foot with blinking green lights.

 

You can stop reading here unless you want a little more information about the danger and what the government is doing about it.

The spyware known, as VPNFilter, has been quietly spreading since at least 2016, according to researchers.

 

Once a router is infected, the hackers would potentially be able to use the device as a jumping-off point to launch further attacks. The cybercriminals could also collect personal information, block network traffic — or just turn your router into an expensive brick.

 

The following is STEP2:

 

“If you have an older router, the odds are greater it may have shipped with a standard password which is the same across all types of the device. Change the router password, make sure the firmware is update and in some cases, even replace the router

 

STEP 1 will minimize some of the risk, because some portion of the attack may be deleted after rebooting

This a necessary step, experts said, but they warned that it is not a foolproof fix.

 

“If this is addressed broadly, it will cause the malware campaign to lose a lot of its access and reduce the broader risk on a macro level,” said a CEO of a cyber security company.

A LIST OF SCAMS NEW AND OLD COURTESY OF CARL FLETCHER.

The descriptions are too long to post here so below are a list of the OLD and NEW ones. For more information on any of these copy and paste the following URL into your browser:

https://www.experian.com/blogs/ask-experian/the-ultimate-list-of-the-years-worst-scams/?ty=na&pc=crm_exp_0&cc=emm_c_m_pro_9971180515_mktfttLeads_20180515_x_101

OLD

IRS Collection
Veteran’s Charities
Tech Support
Romance
Home Improvement

NEW

AIR BnB
Record You Saying YES
Fake Car Sales
Cryptocurrency
Death Threat
Downloading Fake Bank Apps
Failure to Report for Jury Duty
Getting You to Give Them Your New Medicare Number
NETFLIX Payment Failure
Getting Your Cellphone # for Two Factor Identification (Porting)
Secretary of State Money Owed to You
Stealing Your CHIP Credit Card Info at Checkout (Shimmer)

 

Spring is here, the grass is riz. I wonder where the flowers is?

Full apologies to Ms. Ginny Newlan for this awful poem.

 

Spring, unlike winter, does not have any season specific scams that are especially crafted to take advantage of your seasonal generosity. Instead we just have the latest scams from the fertile minds of these evil doers.

 

Therefore, in this issue we’ll just be covering the following items:

• Gas Pump Scams
• How to Recover Money Lost on Western Union Scams
• Signs That Your Identity Has Been Stolen
• Tips for Creating a Strong Password
• Be Aware of the Key Cloning Scam

 

 

GAS PUMP SCAMS

 

Along with skimmers, microcameras etc., there’s another couple gasoline pumping frauds being perpetrated. The first is when the price per gallon actually charged is different than the pricing shown on the pump. The second is when the volume charged is more than the volume delivered.

 

Fake Per Gallon Price

 

Along with skimmers, microcameras etc., there’s another couple gasoline pumping frauds being perpetrated, incorrect $/ gallon setting on pump, or incorrect volume pumped setting.

 

Price Scam

 

A SHELL station in Mesa, Arizona) had the price 12 cents per gallon HIGHER than the advertised price on the pump and the sign out front. That particular SHELL station was being operated by 2 men from India.

 

They get away with this because the State seldom physically inspects the pumps as it is very labor intensive, so it often goes overlooked for months or years   At any rate you can call the official number on the gas pump. In some case, they even have counterfeit official stickers to put on the pumps when they re-calibrate. which is why you should call. But by all means if you are overcharged take your receipt inside and demand a refund. You will get it.

 

When a Gallon is  Not a Gallon

 

This one may be too much trouble to actually check but if you want to here’s how:

 

Always check the first gallon before pumping more – simply to MATCH the PRICE (advertised) against the ONE gallon pumped into my car. (but can’t check that I actually got 1 gallon, not less) without bringing along a one gallon gas can that you would pour directly into your tank.

 

 

.

 

East Goshen Township Help Recovering Money Lost by Western Union Scam

 

For years, many people who lost money to scams sent their payment through a Western Union wire transfer. Scammers contacted people and promised prizes, loans, jobs, discounted products or other financial rewards in exchange for money upfront. They also pretended to be family members in need of cash or law enforcement officers demanding payment. The scammers told people to send money through Western Union. No one received the cash, prizes or services they were promised

Western Union admitted to aiding and abetting wire fraud and has agreed to pay $586 million. Westtown-East Goshen Regional Police Department contacted residents who have been victims of this type of scam. Hopefully you were contacted because the deadline to file has passed but kudos for the officers’ efforts.

 

Make Your Passwords More Secure by Answering These Five Questions

 

There are new techniques that are coming to protect your identity such as Facial recognition software, fingerprint authentication, but the most widespread method continues to be the traditional, keyboard-entered, alpha-numeric password. So here are the ways to be more secure.

1. Am I including identifiable information?

Your personal info is available on-line via Facebook, Pinterest, etc. Therefore, even though it makes it easier to remember your password, don’t use birthday, dog’s name, high school etc as your password.

2. Don’t Use the Same Password on Multiple Sites

 

3. Is it complex enough?

Many sites now have requirements, like using a certain combination of numbers, letters and symbols. This is good advice even for sites that don’t require it.

4. Is 2-factor authentication available? If so, have I enabled it?

This is a simple technique to greatly insure your on-line safety. I would use it for financial or other sensitive sites. It’s very simple. I use it for Vanguard and my bank. You simply give the bank your number and when you log on they will send a code to your cellphone that you must enter to continue. This would stop someone who has your ID and password. If you only have a landline they will call you with the code.

5. How frequently should I change it?

You should change it at regular intervals, but this is a royal pain. I suggest you do this for any critical sites and leave the rest alone.

Finally, I personally use a system to create passwords that allows me to recreate a password if I can’t remember it. These passwords don’t meet all of the 5 criteria, but I use them for unimportant sites.

 

Mystery Device Could Let Thieves Get In Your Car in Seconds

The device is a receiver / transmitter combination that picks up the signal that your fob is sending and in effect, becomes the key to your car. This device work very sneakily and very fast. It then takes only seconds using it to open your car and start it.

How does it work? The thief trails behind you with the device in hand. Within seconds, the device cloned the signal of your car’s key fob.

Experts so far were able to use the same device to break into and even start 17 different makes and models of cars.

The Alliance of Automobile Manufacturers, an auto industry association, told NBC News that “protecting vehicle access and security continue to be top priorities” and that “automakers have been working on multiple fronts” to address security and enhance it.

 

Clues That Your Identity Has Been Stolen

Sometimes a credit card or credit bureau will notify you that your information has been stolen but no personally identifiable information was taken. This is absolute BS. If it took them weeks or months to spot the hack how the hell do they know what was stolen.

To protect yourself better, look for the following signs:

 

• Missing Mail – especially bank or credit card statements
• Purchases You Didn’t Make
• New Accounts you Didn’t Open
• Companies Refuse Your Checks
• Trips You Didn’t Take
• Strange Hospital Bills
• Changes to Your Credit Score (check at least monthly)
• Insurance Rejection for Pre-Existing Conditions You Don’t Have
• Rejected Insurance Claims
• Too Many Tax Forms
• Income You Can’t Account For
• Bill Collectors
• New Social Media Accounts
• Data Breach Notifications for Accounts You Don’t Have

 

 

 

 

 

 

The information below is boilerplate for each newsletter for new readers

 

This leads me to couple of points that readers have asked and I think everyone should know. First, you don’t have to give up your subscription if you move elsewhere. So long as I have a current E-Mail address your subscription will continue. Second, I have been asked to allow other communities to distribute this newsletter. I have absolutely no problem with that. Third, although most of you are already aware of this, a quarterly news is letter is too slow to protect you so for those who use the internet I put alerts out on the Hershysmill web site as I become aware of them. The web address is http://hersheysmill.org/.

 

 

 

Don’t pay any ransom.

GandCrab is the latest family of ransomware that started to claim victims late January, demanding exorbitant prices (ranging from $400 to $700,000) in exchange for the decryptor.

I use a security product called BITDEFENDER s I am protected against it

I cannot recommend this product because it depends on your view of security products but I do find it easy to use.

Regardless, now you can get rid of the GandCrab for free, and, of course, without paying the ransom attackers request.

BITDEFENDER has teamed up with Europol, the local police, and the Directorate for Investigating Organized Crime and Terrorism and just released a free GandCrab decryption utility. The free tool works for all known versions of GandCrab.

Go to the website labs.bitdefender.com and click on the ransomware decryption tools section to download a free version.

Again, you’ll be trusting the website. I do, but I can’t make any guarantees

On 4/1/18 Medicare will start a year long project to replace all current Medicare cards for beneficiaries to convert to alphanumeric ID numbers which by the way was supposed to be done when Medicare was first rolled out. 

However, as we hopefully all know scammers are opportunistic. There is no better opportunity for them than any government changes such as IRS rules or new Medicare cards. 

To help protect yourself remember this overall government rule: Agencies needing to contact you will use US mail, not E-Mail or phone. 

Scam 1 – Cash 

You will receive a call from someone at Medicare who will tell you your new card is on the way but you will need a temp card in the meantime for a charge of $5 to $50.

Of course Medicare doesn’t work this way and your old card will still be good. After all, this a change to protect you not a revenue generator.

Scam 2 – ID Theft 

In all likelihood these will be done together. They will say they need all your personal information to process your request. Things like a credit card with your security code, date of birth, address and even social security number. Of course, if they were really from Medicare they would have everything except your credit card number 

What to Do? 

If you only got dinged for some cash consider yourself lucky and be more cautious in the future. 

If you more likely got hit for ID theft call the bank whose credit card you gave away and ask for help with identity theft.

Special thanks to our neighbor Mary Ann Kushner for this tip.

 

 

GAS PUMP SCAM

 

Along with skimmers, microcameras etc., there’s another couple gasoline pumping frauds being perpetrated, incorrect $/ gallon setting on pump, or incorrect volume pumped setting. 

 

Always check the first gallon before pumping more – simply to MATCH the PRICE (advertised) against the ONE gallon pumped into my car. (but can’t check that I actually got 1 gallon, not less) without bringing along a one gallon gas can that you would pour directly into your tank.

 

A SHELL station in Mesa, Arizona) had the price 12 cents per gallon HIGHER than the advertised price on the pump and the sign out front. That particular SHELL station was being operated by 2 men from India.

At any rate you can call the official number on the gas pump. In some case, they even have counterfeit official stickers to put on the pumps when they re-calibrate. The State seldom physically inspects the pumps as it is very labor intensive, so it often goes overlooked for months or years which is why you should call.

But by all means if you are overcharged take your receipt inside and demand a refund. You will get it.

 

 

AVOID THESE SCAMS THIS HOLIDAY

Package Theft.

You can avoid this by making your delivery require a signature or have them delivered to a carrier pickup point such as Amazon’s Locker.

Fake Shopping Sites

Using these will at best send you shoddy goods for high prices and identity theft at worst.  You can avoid this by carefully checking the website for a name brand that’s one letter off or has come-ons as part of the name such as DEALS, DISCOUNTS, or SALES. Also avoid if discounts are too step or the site only lists a PO Box or an E-Mail address not a phone number or postal address. Google the company name or YELP.COM

 

Fake E-mails or Phone Calls

The fake E-Mail will say there was a problem with delivering your gift so click on the link to arrange delivery. DON’T. You’ll get malware.

The fake phone calls ask you to return their call to area codes with very high per minute charges.

Fake Freebies

All sorts of mischief here from credit card theft to malware to ID theft. Check the manufacturer’s web site. If the offer is not there RUN.

Gift Card Rip-offs

Avoid buying cards from gift card racks. Buy from the store issuing it or their websites. Thieves can open gift cards, steal info and cash them when you activate them.

Fake E-Cards

Can contain malware or annoying pop up ads. If you don’t know the sender or the card company or see spelling errors DELETE.

Fake Holiday Job Adds

They will gather enough information to steal your identity.

To avoid this, verify the company is real contact them to see if they are really hiring.

 

For years, many people who lost money to scams sent their payment through a Western Union wire transfer. Scammers contacted people and promised prizes, loans, jobs, discounted products or other financial rewards in exchange for money upfront. They also pretended to be family members in need of cash or law enforcement officers demanding payment. The scammers told people to send money through Western Union. No one received the cash, prizes or services they were promised.   Because of joint investigations by the FTC, the Department of Justice (DOJ), and the U. S. Postal Inspection Service, Western Union admitted to aiding and abetting wire fraud and has agreed to pay $586 million. The Department of Justice is now using that money to provide refunds to people who were tricked into using Western Union to pay scammers. Deadline to file a claim is February 12, 2018.   In the immediate future, the Westtown-East Goshen Regional Police Department will be attempting to contact its residents who have been victims of this type of scam to advise them that they may be eligible to file a claim.   To learn more or to submit a claim, victims are encouraged to visit the following link: https://www.ftc.gov/enforcement/cases-proceedings/refunds/western-union-settlement-faqs.