Posts Tagged ‘scams’

h1

A different sort of scam

October 5, 2012

As regular readers know, if I provide instructions on how to do or solve something, I put a PayPal Donate button at the bottom of the post. PayPal notifies me via email of each donation.

I got this notification email from PayPal:

My suspicions were raised immediately. Why?

  • The amount was for one cent (my default donation amount is $5, and no-one has ever paid less than $1).
  • I’ve never heard of the Swedish company referred to — an internet search shows that it exists, but I’ve watched too many ‘long-con’ TV shows (like ‘Hu$tle’) to believe that just because a site exists it’s legitimate. Likewise the legal firm named in the message — it exists according to Google and the US Whitepages.com site, but the phone number varies depending on which site you look at. In some cases the phone number for the legal company is the same as that in the message; on other sites, it’s a different number. The addresses in the message match those I found on the internet. (Yes, I have deliberately blurred out this information.)
  • A search for the Fred person showed that there is such a person who is listed as the CEO of this company, including a LinkedIn profile. Again, it could be legitimate — or fake.
  • There’s no email contact information in the message itself, so whoever this is wants me to call them. Or write them a letter.
  • The message says that I’m using their name in ads on my blog. And that they’ll ‘purse’ me. But I pay an annual fee to WordPress.com to NOT have ads on my blog. There ARE NO ads on my blog. EVER.
  • The message also says they’ll ‘purse’ me for $1 million A DAY for each day the ad has appeared. Nothing like scare tactics to make people comply! Seeing as though I have no ads on this blog, I know that these supposed ads have never appeared, thus they cannot ‘purse’ me for anything. But such a warning might be enough to scare someone into making contact with the person or the companies listed.
  • The sentence construction leaves a lot to be desired, especially if it supposedly emanates from a legal firm — they are usually SO particular about wording. For example: ‘You have 24 hours to remove your ads to at least put our legal efforts on hold while we consider the ethics of your marketing efforts.’ What on earth does that mean??
  • The final suspicious bit of information is the email address of the person who donated the one cent — it’s a Gmail address, which absolutely anyone can set up with any name. Had the email address been from either the company or the legal firm, I’d have a bit more faith in it, but I don’t trust a Gmail address like this when the message content names names and companies and addresses and phone numbers.

So, what to do about this? Well, I guess I have a few options:

  • Do nothing.
  • Contact PayPal
  • Contact WordPress.com

Contacting the people/companies listed is not an option as I suspect this is just a scam to get me to do just that and then threaten me with legal action if I don’t pay them some unspecified amount of money.

Update 8 October 2012:

I sent a copy of the email notification to the ‘abuse’ email addresses at PayPal and WordPress. WordPress said they couldn’t do anything about it as it wasn’t a comment or threat made on my blog and to contact PayPal. I hadn’t received any response from PayPal so today I called them.

The upshot is that someone in Chicago has a website with a PayPal Donate button that uses the SAME PayPal code as mine (possible transcription error on their part?), and that person’s website has cosmetics information, including information about the company mentioned in the threat (I couldn’t find that page today, but PayPal told me it was where the donation originated from last week). PayPal was able to see exactly the URLs that were clicked for all my donations in the past two months and confirmed that only one had come via that Chicago person’s link — the donation with the threat.

What action will PayPal take? According to the person I discussed this with, PayPal will:

  • Try to contact the person behind the other website and get them to fix the code # for the link on their PayPal Donate button (IN PROCESS).
  • Reverse the donation from my PayPal account (DONE).
  • Contact the person who donated the one cent and let them know that their threat went to the wrong person and scared the cr@p out of someone in Australia!
  • Email me to confirm that I am not legally responsible for any of this (RECEIVED).

Yes, I have the URL of the other website and can confirm that their PayPal code behind their Donate button is the same as the one on this blog. And a quick search of Whois showed me that the domain was created on 29 September 2012. The company who made the threat was on to it pretty quickly as they made the threat only a couple of days later.

So, after several 90+ minutes on the phone with PayPal, I can breathe a little easier.

Update 24 October 2012: <sigh> I received another legal threat from yet another company about this Chicago person… And I’ve called PayPal again, but the upshot is that they can’t (won’t?) try to find the person behind the other website even though that person MUST have a PayPal account to even have a Donate button on their site. The bottom line is that I have to generate a new button code with PayPal (they assure me the codes are unique…) and then apply it to ALL my posts that have a Donate button… some 400 blog posts! I’m NOT happy, but I will have to do it to protect myself from further baseless legal threats. (I actually decided to test out a sidebar widget for the Donate button, and that works. So I’m in the process of deleting ALL PayPal Donate button options at the end of the individual blog posts. Why? Because if there’s ever another instance like this, I’ll only have to update the code in ONE place, not hundreds.)

h1

Do they really think we’re that stupid?

October 4, 2012

Phishing scams have been around for a long time. Emails supposedly from banks and the like are caught quite well by Outlook (at least, by Outlook 2010), and dropped into the Junk email folder. Outlook also exposes the full URL of a link in these sorts of emails, which means we can see where the link will take us.

For example, this is the email I got a few days ago:

Let me list how many clues there are that this email is a phishing scam:

  • It was identified as Junk by Outlook — a good clue to be wary of its contents.
  • It was sent around the time that many Australians might be about to receive their tax refund, if they are getting one. Another reason to be suspicious. Any Australian who’s ever received a refund from the Australian Tax Office (ATO) knows that they send a cheque with the notice of refund, or deposit the amount directly into your bank account and follow up with a notice of refund, which is printed and MAILED to you via Australia Post. I’ve never known the ATO to send out emails, particularly emails related to tax refunds.
  • ‘You are eligible to receive…’, ‘submit the tax refund request’ — neither of these state that you WILL receive a tax refund. And the ATO NEVER asks you to submit any request other than your official tax return.
  • ‘Allow 6-9 days to process it’ — maybe you’ll have forgotten all about it in 6-9 days so by the time you start to wonder what happened to your ‘request’ (which will no doubt ask you for money), they will have LONG gone with your money. That’s assuming the ‘reply to’ email address is correct, and if it is, that the poor ATO person inundated with ‘Where’s my refund?’ questions can answer you and tell you you’ve been suckered in to a scam.
  • ‘our Taxation Office’ — but isn’t this email supposedly from the ATO? If so, then what’s the ‘our Taxation office’ sentence construction all about?
  • ‘if you are eligible to receive’ — but earlier they told you you ARE eligible to receive a refund. Contradictory information in the one email is a clue that you’re being scammed.
  • ‘contact you by phone or email in 48-96 hours’ — yeah, right. The follow-up email will likely be to tell you where to send the ‘fee’ they will charge for you to access your non-existent refund. And phone? Where did they get your phone number from?
  • ‘access the form for your tax refund’ — again, only your official tax return is used by the ATO to assess any refund you will receive or any payment you have to make, so this is another red flag that this email is not legitimate.
  • ‘Click here’ link is exposed as a site based in the Netherlands that has NOTHING to do with the ATO.
  • ‘Boris DuFrene’ — does Boris really exist? According to a quick Google search, the only Boris DuFrene’s in the world are based in France and there are none associated with the Australian Securities and Investments Commission.
  • ‘Australian Securities & Investments Commission’ — why would a supposed ATO email be signed by someone from ASIC? ASIC and the ATO are both Australian Government agencies, but they are NOT the same. ASIC regulates Australia’s ‘corporate, markets and financial services’, not taxation.
  • The email was sent to an email address that is ONLY on my website and not used by me, which is a sure sign that some sort of crawling bot harvested it.

The sad thing is that some people might receive an email like this and click the link and get conned into revealing their details, including their phone number, address, possibly their bank account or credit card details, or conned into paying a ‘fee’ to release the non-existent money. Even more sadly is that those on limited incomes and with limited knowledge of the internet and these sorts of scams (e.g. old age pensioners), might be tempted by the promise of an amount that will pay a few bills and take the pressure off.

There should be a special place in hell for these scammers.

See also:

[Links last checked October 2012]

h1

Somebody got burned…

October 31, 2007

I came across this warning list of things to look for when trying to identify a scam publisher. It’s pretty comprehensive and mostly good advice. I get the feeling from the tone of the writing – especially the list of nasty companies and websites at the end – that the person has been badly burned by the ‘get rich quick by publishing your own book’ schemes.

I like the title of the page too – ‘Preditors and Editors’. Clever.