The BBB Scam Tracker is a robust interactive tool to track fraudulent activity in throughout North America. The data I viewed from Mexico seems to be minimal at this point, although this might be because Mexico was added after the United States and Canada.
The site collects data from users, who were the victims of a scam, or from smart people who figured out someone was trying to scam them.
The tool enables the user to search potential fraudulent activity by keyword, type of scam, location, and time frame. Please note that scams are most successful when they hit a new geographical area because the "word is not out yet." Because of this, scammers frequently travel and even rotate the particular scam in order to catch innocent people/businesses off guard. Just because the particular scam is not showing up in your geographical area doesn't mean that it won't knock on your doorstep tomorrow.
The scam activities tracked include home repair, tree trimming, tax, advance fee, job, lottery, collection, counterfeit checks, bogus credit cards, vishing, phishing, and identity theft. There is even an "other" category to cover anything that is a previously unknown activity. New scams are hatched all the time. The main thing all scams have in common is that they are "too good to be true."
The data collected is provided to the National Cyber-Forensics and Training Alliance, who in turns shares it with law enforcement,
Here is a link to the BBB Scam Tracker. Scammers count on people not taking the time to report their activity (assuming they do not fall for it). Reporting it is a good deed because it protects other people.
The BBB also has a video on YouTube on this tool, if you would like to watch it.
Showing posts with label BBB. Show all posts
Showing posts with label BBB. Show all posts
Tuesday, February 05, 2019
Thursday, August 30, 2007
Fake e-mail from the BBB stating someone complained about you is a scam!
If you get an e-mail from the Better Business Bureau stating that a complaint has been made against you - it might be a good idea to just delete it.
Websense is reporting:
Keyloggers record the keystokes on a computer and then send them back to the crooks, who installed them.
They are normally interested in your password information, especially if it gives them access to personal financial data. That way they can rob you blind.
In case, you just have to know, whether or not, you've received a complaint at the Better Business Bureau, it might be a good idea to contact them independently to inquire into it.
Their website is here.
The best way to avoid becoming compromised is to have updated security software protecting your system and even better yet -- avoid clicking, or even opening unsolicited e-mails no matter, who they claim to be from!
Websense alert (with screenshots), here.
Websense is reporting:
Websense® Security Labs™ has received reports of a new email spam variant similar to an attack launched early this year. The spoofed email purports to be from the Better Business Bureau (BBB). The message claims that a complaint has been filed against the recipient's company. Attached to the message is a Microsoft Word document (Document_for_Case.doc), supposedly containing additional details regarding the complaint. The Word document actually contains a Trojan Downloader that, when opened, attempts to download and install a keylogger. This keylogger uploads stolen data to an IP address in Malaysia.
Keyloggers record the keystokes on a computer and then send them back to the crooks, who installed them.
They are normally interested in your password information, especially if it gives them access to personal financial data. That way they can rob you blind.
In case, you just have to know, whether or not, you've received a complaint at the Better Business Bureau, it might be a good idea to contact them independently to inquire into it.
Their website is here.
The best way to avoid becoming compromised is to have updated security software protecting your system and even better yet -- avoid clicking, or even opening unsolicited e-mails no matter, who they claim to be from!
Websense alert (with screenshots), here.
Tuesday, June 05, 2007
Spear phishermen target executives to steal company information
Shamus McGillicuddy of CIO News highlights an interesting fact, which is you never know, who is going to fall for a phishing scam.
The phishermen normally send out a lot of bait (spam) in the hopes of hooking a few phish.
Shamus writes:
With all the information plastered over the Internet, or available for sale; it isn't hard for phishermen to get what they need (personal information) to go spear phishing.
Many private companies and government organizations recognize the danger phishing poses in the workplace. To counter this, and raise awareness; they are phishing their own employees.
Recently, I did a post about this, which revealed more employees fall for this, than many would like to admit:
Technology alone isn't going to stop phishermen and other cyber ghouls on the Internet
There seems to be more and more phishing out there, which might be inspired by DIY (do it yourself) kits being sold over the Internet. DIY kits make it easy for not very sophisticated criminals to become expert phishermen.
The only good news about phishing is that with a little awareness, most people can spot this activity, because the phishing ploy doesn't make much sense, or is too good to be true.
CIO News story, here.
BBB Alert, here.
IRS Alert, here.
The phishermen normally send out a lot of bait (spam) in the hopes of hooking a few phish.
Shamus writes:
Over the last week and a half, spam messages purported to be from the Internal Revenue Service and the Better Business Bureau have been specifically targeting senior-level corporate executives with phishing scams.Spear phishing is simply a more focused form of phishing, which uses more personal touches, such as a person's real name, and or title.
Experts say these targeted phishing attacks, sometimes called "spear phishing," are nothing new, but they illustrate that spammers are getting more adept at targeting sophisticated email users who have access to the most sensitive data within their companies.
With all the information plastered over the Internet, or available for sale; it isn't hard for phishermen to get what they need (personal information) to go spear phishing.
Many private companies and government organizations recognize the danger phishing poses in the workplace. To counter this, and raise awareness; they are phishing their own employees.
Recently, I did a post about this, which revealed more employees fall for this, than many would like to admit:
Technology alone isn't going to stop phishermen and other cyber ghouls on the Internet
There seems to be more and more phishing out there, which might be inspired by DIY (do it yourself) kits being sold over the Internet. DIY kits make it easy for not very sophisticated criminals to become expert phishermen.
The only good news about phishing is that with a little awareness, most people can spot this activity, because the phishing ploy doesn't make much sense, or is too good to be true.
CIO News story, here.
BBB Alert, here.
IRS Alert, here.
Thursday, April 13, 2006
BBB Worker Takes Job Processing Fraudulent eBay Transactions
A Better Business Bureau worker was recently involved in eBay fraud by taking a part-time (work-at-home job) processing account receivables for criminals from Eastern Europe. According to her, she even checked them out before accepting the job and found nothing that would suggest a scam.
The job was to process payments (primarily from eBay transactions) and wire the money to her employers.
These scams, known as check-cashing schemes solicit people to process fraudulent financial instruments and wire the money to a far-away locale. Their employers normally prefer the use of Western Union, or Money Gram, which offer little to no protection once the money is sent.
News clip from 9News.com in Denver, here.
There is also another version of the work-at-home scam, which entails receiving the stolen merchandise and then reshipping it.
In work-at-home (check cashing) schemes, the worker is normally instructed to set up an account (using their information and good credit) to process the financial instruments. Quite often, they are held financially responsible after the financial instruments are discovered fraudulent and they have wired the money.
No matter what the scam entails, the fraudsters always prefer "unprotected" methods of wiring money. I would highly recommend NEVER wiring money to someone you don't know, or haven't done a lot of business with for a LONG TIME.
To add to the confusion many auction fraud victims buy merchandise from seemingly highly rated sellers when their account is taken over. Account takeovers are normally accomplished via phishing, where a legitimate account holder is duped into giving up their account information.
Phishy e-mails from eBay and PayPal are circulating the internet at a record rate.
Interesting that the BBB worker was savvy enough to do a little "due diligence" on the scam company, which revealed nothing. When I looked at their site, I found two articles that describe activity very similiar to this.
Work-at-Home Schemes
Work-At-Home-Schemes Now Peddled On-Line
I wasn't able to find an article on the BBB regarding "check cashing schemes," but in reality this scam is nothing more than a "mutation" of the "work at home" scheme.
I'd offer to write it for them, but after writing this post, I doubt they will solicit my services.
It's becoming quite common for organized gangs to set up fraudulent businesses as a front for the various scams out there. They are often complete with office space, telephones and even web sites.
I guess the moral of the story is that when a business has no verifiable track record a prudent person should dig a little deeper? I stole that one from my friend Paul, who writes prying1.
Let's face it, processing proceeds from auctions using your own account and wiring the money to Eastern Europe seems a little risky. At least to me, it does.
The job was to process payments (primarily from eBay transactions) and wire the money to her employers.
These scams, known as check-cashing schemes solicit people to process fraudulent financial instruments and wire the money to a far-away locale. Their employers normally prefer the use of Western Union, or Money Gram, which offer little to no protection once the money is sent.
News clip from 9News.com in Denver, here.
There is also another version of the work-at-home scam, which entails receiving the stolen merchandise and then reshipping it.
In work-at-home (check cashing) schemes, the worker is normally instructed to set up an account (using their information and good credit) to process the financial instruments. Quite often, they are held financially responsible after the financial instruments are discovered fraudulent and they have wired the money.
No matter what the scam entails, the fraudsters always prefer "unprotected" methods of wiring money. I would highly recommend NEVER wiring money to someone you don't know, or haven't done a lot of business with for a LONG TIME.
To add to the confusion many auction fraud victims buy merchandise from seemingly highly rated sellers when their account is taken over. Account takeovers are normally accomplished via phishing, where a legitimate account holder is duped into giving up their account information.
Phishy e-mails from eBay and PayPal are circulating the internet at a record rate.
Interesting that the BBB worker was savvy enough to do a little "due diligence" on the scam company, which revealed nothing. When I looked at their site, I found two articles that describe activity very similiar to this.
Work-at-Home Schemes
Work-At-Home-Schemes Now Peddled On-Line
I wasn't able to find an article on the BBB regarding "check cashing schemes," but in reality this scam is nothing more than a "mutation" of the "work at home" scheme.
I'd offer to write it for them, but after writing this post, I doubt they will solicit my services.
It's becoming quite common for organized gangs to set up fraudulent businesses as a front for the various scams out there. They are often complete with office space, telephones and even web sites.
I guess the moral of the story is that when a business has no verifiable track record a prudent person should dig a little deeper? I stole that one from my friend Paul, who writes prying1.
Let's face it, processing proceeds from auctions using your own account and wiring the money to Eastern Europe seems a little risky. At least to me, it does.
Subscribe to:
Posts (Atom)
