Happy Cyber Monday! Today is the largest internet traffic day of the year. Whether or not orders are placed, this is the day most people get their Holiday shopping lists planned and browsing the internet is another viable option. Happy shopping. . .I am sharing my list to my favorite stores and restaurants with you so it is much easier to shop and/or browse to get your shopping lists finalized or even placing an order.
This past weekend all the way through the holidays is definitely the busiest shopping, and also the largest fraud season, including a big Zelle scam. To steer clear of the latest schemes and some classic cases, I am sharing a list and some tips and pointers to help assist in avoiding scammers and criminals–so this holiday season does not have to go down with the pain and agony of having to be taken! Scroll below my list of retailers for more information. . .
In order to frequent your favorite stores and take advantage of the sales this year, I am providing a great list of links to the store’s websites:
Some Suggested Stores – Gift Giving Store Shopping & Restaurants To Visit While Shopping:
Special Feature: Scams and Recent Fraud
Largest Scale Scam of Today: Phishing scams
8 current items to avoid as big events come back
- Zelle scamming started with Bank of America and has meandered to several other banks
- Secret Santa scams on Facebook, other social medias and through email and/or texts
- Unemployment scams
- Ticket scams
- Unemployment scams: watch your mail for government issued income statements to file your tax return
- Fake Cures: there really is no easy way
- Other Phishing attempts: watch your emails and texts
- Malicious “apps”: research and trust before going the the Play Store or Google Play, and especially manually installing with an .apk file
- Connections to public wifi: NEVER use a password
- Social media sharing: watch for cloned accounts
- Selling puppies that don’t exist, especially with promises to deliver by the holiday
Scammers have been getting more and more desperate with no excuses to come up with the reasons that they do it. Always be careful.
Here is a list of some more recent reported alleged fraud crimes:
Zelle and Peer-To_Peer (P2P) Payment systems: One of the more common ways cybercriminals are casing in big on victim’s funds is to access their bank accounts involving draining the victim’s funds via “peer-to-peer” (P2P) payment services like Zelle. the service is used by many financial institutions, and it allows customers to quickly send cash to friends and family with very low to no fee “wiring” of funds. A great deal of phishing schemes involve temporary bank account takeovers that begin with providing a spoofed text message from the victim’s bank. The text or sometimes even email warn of a suspicious Zelle transfer before the crime takes place. What follows is a deep dive into continuing more spoofed messages that are cleverly put together via the criminal knowing the keystrokes needed in order to obtain access to funds and providing the victim with messages that state the opposite of what is necessary in order to keep the transaction in flow and complete the fraudulent transaction to complete. Think of it this way: It is like having a green light at an intersection mean “STOP”. So when the message states to do something, because it is spoofed, it will tell the victim to do the “opposite” action, thereby being able to get two-factored communication in order to complete these fraudulent transactions. This is by far the most clever operation in recent history, and the transactions are completed before the victim is able to stop it.
Some other scam messages are more classic and look like: Anyone who responds “yes,” “no” or at all will very soon after receive a phone call from a scammer pretending to be from the financial institution’s fraud department. The caller’s number will be spoofed so that it appears to be coming from the victim’s bank.
Verification: To “verify identity” (of the customer), the fraudster asks for their online banking username, and then tells the customer to read back a two-factor passcode that was sent via text or email. In true reality, the fraudster initiates the transaction — such as the “forgot password” feature on the financial institution’s site — which then generates the authentication passcode delivered to the member, and used by the fraudster. The fraudster typically will attempt to obtain your username by statements such as “Before I get into the details, I need to verify that I’m speaking to the right person. What’s your username?” In the background, they’re really using the username with the forgot password feature, and that’s going to generate one of these two-factor authentication passcodes, In order to complete this, the fraudster will say, “I’m going to send you the password and you’re going to read it back to me over the phone.” The fraudster then uses these codes to complete a password reset process, changes the victim’s online banking password, and then uses Zelle to transfer the victim’s funds to others, sometimes out of the country. The most important aspect of this scam is that the fraudsters never even need to know or phish the victim’s password. By sharing the username and reading back the one-time code sent to them, victims are allowing the fraudsters to reset their online banking password, leaving them completely vulnerable. A lot of times, the victim has never even heard of Zelle, or that they could move money in that way.
Being done recently: To combat this scam Zelle introduced out-of-band authentication with transaction details. This involves sending the member a text containing the complete details of a Zelle transfer, payee and dollar amount that is initiated by the member. Now the member must authorize the transfer by replying to the text. Unfortunately, the scammers are defeating the layered security control as well. They will modify to tailor the new guidelines as well. The easiest way to avoid this scam is to remember to “Hang up, Look Up, and Call Back”. If you receive a call from someone warning about fraud, hang up, because it is very unusual, not even 50/50 that a bank, agent or other type of institution would actually call about a fraud case unless it was emergent. Typically, no agent would ever ask for your username or a PIN number, EVER!! If you believe the call might be legitimate, look up the number of the organization supposedly calling you, and call them back from the number you found, bot the calling number.
Remedies: Anyone interested in letting the CFPB know about a fraud scam that abused a P2P payment platform like Zelle, CashApp, or Venmo, for example, should send an email describing the incident to BigTechPaymentsInquiry@cfpb.gov. Be sure to include Docket No. CFPB-2021-0017 in the subject line of the message.
Secret Santa: You obtain an Instant or Direct message to join an online group to join a Secret Santa “clubs”, groups and other ways and means to obtain even $10 (usually more). Also there have been “Secret Sister Gift Exchange” on Facebook which are total scams, Says the Better Business Bureau. Also scams involving a holiday wine bottle exchange, which is just as illegal. The best way to avoid this is to avoid joining groups that you are not aware of the members included, as the fellow members may just be as big of targets ars you are by joining them. Always know a group that you join, just like a friendship on Facebook!
Recent reports of unemployment scams, including Delaware Department of Unemployment. The U.S. Department of Justice recently issued a warning to those seeking unemployment insurance benefits. You need to watch your mail for tax forms with tax season right upon us now, to see if there are any government issued income statements that come in the mail, especially if it is not issued in your state. The income statement is issued for a reason, not at random. If you receive one, someone has probably stolen your identity one of many ways, including the “dark web”. If you receive one, and it is not income that you incurred, you will not be able to file your taxes without the information included or corrected first. If you think that someone stole your identity, always call police first. There are plenty of other actions, up to and including contacting the department of unemployment for whichever state has sent you the tax form–that you are going to have to go through in order to file your taxes. You probably won’t be able to file on time, so immediately, file for an extension of time to file with both your Federal return and your state return*. Calling your tax professional will help out dramatically. Getting insurance like Life-Lock by Norton by Norton can help, but if you already have your identity stolen before you get insurance, they may be able to help you for a charge, but like any insurance–if it is not valid on the day of an incidence, you will not have any coverage.
* = A recent post lists the 9 states that do not have a state tax or return due: Tax Day Delay: Tax Return’s Due Dates By State — 2021. If you are in one of these states, you only have to get with the I.R.S. to rectify the filing.
Use a VPN. by using a VPN, you are able to switch IP addresses for each implement of surfing the web. For instance doing a giveaway, like at VersaTileer Giveaways, I can see what a VPN does to protect yourself, that while visiting Facebook, then Twitter, and then other sources, that the IP address changes for all different sources. This is how you protect yourself. Because the IP address is changing back and forth, tracking is becoming more and more impossible for hackers to use viruses and Trojan-horse bug to send information to other unknown sources, because when the IP address keeps changing, the Trojan-horse bug calls to transfer information and the information sometimes is blocked because it cannot access the switching compound it need in order to work, and sometimes it does attempt to send the information, and when it does, it goes to an error page instead because with the VPN switching from source to source, it put the spammers, scammers and virus installer, out of business at the course. There are many VPNs available. Feel free to search for one, but you do the search. Don’t fall for someone claiming to be a reputable VPN source and find out it is a scammer. If you think that someone hacked you, always call police first, then see my suggestions at the bottom.
You get call/communication to save money on utilities. Calls from “agents” that are trying to lower your utilities. Remember, it no one is ever going to call you, and save you money. They have to work for a living too. What reputable people will do is make lists like I do here and give suggestions, and also go on events, symposiums, and other ways and means. One time I was at Menards and switched my electric and they offered a gift card in return. Why was this not a scammer? Because the company decided to do an event of solicitation where people would come into a store and solicit. Difference: The combination effort of a reputable store like Menards to be involved puts them on the hook that the company had done research and background checks first before putting a solicitor on their floor of business. I did get cheaper rates and got the gift card. But you still have to be careful. People calling your phone cannot qualify for the expert checking that the store had done before I ever stepped into the Menards. If you think that someone hacked you in a utility scam, always call police first, then see my suggestions at the bottom.
Business transaction requests payment by gift card/wire-transfer. You are in the middle of a transaction with a company you think is a good company to do business with, and a attempt to defraud you by stating that they will save you money if you pay by a way and means that is often bizarre and uncustomary. Any company not honoring the way your want, is usually always a scammer. This is a especially true if you are going along with the tactics, and have a slight change of mind, and then the scammer often gets downright belligerent with you as you threaten to cut their scheme off. In recent years, there have been transactions in the amounts between $3,300 to $250,000 (ouch!) in gift cards to a scam artist who might have known the person. The scammers have also been known to pose as friends, family, and your known associates. Scammers even pose as charity, so be careful Never complete a transaction by reading any gift cards over the phone. If you encounter an attempt, the best thing to do is cease communication–hang up, drop the website, etc.–then always call police first, then see my suggestions at the bottom.
You don’t want to wait in that long line. Recently, the PlayStation 5 was in high demand that websites were crashing, and despite COVID-19, there were somewhat the longest lines in any store’s recent history to be able to purchase them. so turning to other sources, remember that listings are not always what they seem to be. scammers realize this and try to capitalize on the facts. They are out there to get the first person they can scam. Don’t let it be you. Be leery of any posts that support an Instagram account as being legit. All sorts of high quality fashion items including apparel, jewelry and shoes are out there right now with either counterfeit merchandise or no merchandise at all, and once you complete what you think is a real transaction, you find out that it is not a real store or entity at all, nothing but a scam. If you are victim to a Facebook or Instagram scam, contact police and review the Instagram help page: Instagram help forum or Facebook help forum. If you are defrauded, the only way you will successfully be able to contact either of Facebook or Instagram via telephone would be to have the police directly reach out to them while at the station.
What To Do If You Think You Have Been Scammed
Report the incident immediately to any of the following agencies:
- Your local police station if you are at any monetary loss, especially if you have any recourse to issue a fraud claim, because they will need a police report number in order to initiate a claim.
- The Federal Trade Commission at FTC Complaint Assistant.
- The U.S. Postal Inspection Service if you received a check by mail or if the mail was used as a tool to facilitate the fraud.
- Your state or local consumer protection agencies. Visit NAAG for a list of state Attorneys General.
- For online crimes involving cash, counterfeit checks and money orders, file an online complaint with the Internet Crime Complaint Center which is a joint project of both the FBI and National White Collar Crime Center.
- If it involves a check or draft, notifying the bank whose name is on the check or draft.
- Notify the website or online service where you encountered the scammer (Online auction website or a job posting website), so they can be blocked from utilizing their services to further the scamming in the future.
- If it involved counterfeiting or other bank related criminal activities, contact FDIC.gov or call the FDIC at 1-877-ASK-FDIC (1-877-275-3342).
Never become victim to offers convincing you to do a transaction. If it sound too good to be true, it probably is. I am there to help keep your money in your wallet and safe!
Please continue to enjoy your holiday shopping season. Always keep your guard up, but have a wonderful experience, whether it is by going out to the store, or a great online experience. Have a happy and safe shopper’s experience this Cyber Monday!