The holidays are almost upon us. Next week, many will be sitting down with their families to enjoy turkey, football and celebrate all that they are thankful for in their lives. Sadly, some of these folks will be less thankful after the holiday weekend having been victimized by scam artists who chose not to take the weekend off.
When folks are in the holiday spirit, they often let their guard down; here are a couple of ways con artists will be looking to take advantage of this holiday good cheer:
BOGUS COLLECTION SCAMS – Be wary of those individuals who approach folks individually to collect donations for the less fortunate. Often times, these can be con artists making an easy buck off your sympathy.
In fact, police in Northern Indiana recently released an alert for residents to be on the lookout for two men pulling this exact type of scam. They are dressed as police officers. Going door-to-door, the uniformed men claim to be troopers from the Indiana State Police who are collecting funds to feed needy children on this upcoming Thanksgiving Day.
The police advise residents who are approached either on the street or visited at home by those soliciting similar funds to ask for contact information and then thoroughly research the organization before making any donations.
Excellent advice for everyone, as this isn’t a problem localized in Northern Indiana. Remember, any legitimate organization’s representatives should happily agree to cooperate with requests for identification or questions about the organization for which they claim to be collecting.
FAKE THANKSGIVING ECARDS – As with all things online related, the last few years have seen in explosion in online greeting cards being swapped between friends, family members and business associates. Like most emerging trends, this is prime territory for a con artist to exploit. This Thanksgiving will be no different.
Most electronic greeting cards will arrive via an email informing you that you have a card waiting at such-and-such a site. A link will be provided for you, and once you click on the link you will be sent to the waiting card. But if you click, beware. You might be getting much more than a seasonal greeting.
You might be sent to what appears to be a genuine Thanksgiving Day card, with Tom Turkey doing his funny dance, but the laughter won’t last long. The ecard scams con folks by placing a malicious link in the email. When clicked, it sends the users browser to an exploitive server. After guaranteeing the potential victim doesn’t have the proper patches in the browsing software, the scammers forcibly load a rootkit and a keystroke logger. Then the victim is sent to the legitimate-appearing greeting card.
A rootkit is software which obscures the fact that your computer has been compromised. Keystroke software is exactly what it sounds like, a way the scammer’s can record every keystroke you make and then divine from the information every user name, password, credit card number, bank account number, social security number or any personal information you enter. If you type it, they now have access to it.
On the user’s end, nothing appears out of the ordinary. They got an email asking them to check out a Thanksgiving card, they clicked on the link, noticed it didn’t actually come from anyone they know and then closed it without realizing their identity and financial information was at risk.
Many of these initial emails will be vague, almost coy. A “business associate”, or “family member”, or “close friend” has sent you a Thanksgiving card and you can access it by clicking on the provided link. Never click through on emails from unidentified sources.
Even if it comes from a known person, be wary. Your friend or relative might have been the victim of a virus. They opened the card, had the malware unknowingly loaded, then the virus re-sent the bait to everyone in their address book. It would be wise to go directly to the publishing site the card is supposed to have come from and access it there. Otherwise, contact the sender and make sure they sent the card out. If they were the victim of a self-sustaining virus, they might not even realize the fake cards have been sent in their name.
PHONY TELEPHONE BANKING SCAM – With most banks closed on the Thursday that is Thanksgiving Day, some enterprising scam artists will take that opportunity to dupe overstuffed turkey-day revelers in their tryptophan-induced haze.
The Wisconsin Bankers Association (WBA) recently warned banking customers in the region of Northern Wisconsin to be on the lookout for a telephone scam targeting Thanksgiving Day of this year. A similar con was conducted on Thanksgiving Day of 2007 in Manitowoc County. Authorities warn that it could happen anywhere.
In the Manitowoc incident, customers received calls on Thanksgiving Day informing them that their bank account was frozen and gave a toll-free number for the person to call to have the account reinstated once they had verified their information. The calls were well-timed, occurring on a day that the banks were guaranteed to be closed and also the day before the busiest retail shopping day of the year. The scam artists spoke to some 20,000 potential victims on Thanksgiving Day in 2007, indicating a large scam operation. Of those 20,000, many reported the calls immediately to the police, while still some fell for the con.
When asked to verify personal information such as bank account numbers, credit or debit card numbers, PIN numbers, or Social Security numbers, consumers should never do so immediately. Do not respond. Why would the bank need this information? Call the number on your bank statement and inquire directly.
As Erik Skrum, WBA’s communications director, elaborated in a post on the Fox Valley Savings Bank Web site, “No bank or legitimate business will request a customer to verify personal information such as PINs, bank account numbers or Social Security numbers over the phone. Unless you initiate the contact, you should never give this information out.”
When this type of request is made, whether via phone or email, WBA suggests the consumer name of the person making the request, the institution they represent, and any available contact information. The consumer is then advised to contact the institution provided, but using contact information gleaned from bank statements or similar direct means. The institution can then verify if the request is legitimate.
Make this Thanksgiving Day truly one to be thankful for by keeping your wits if faced with any of the sketchy situation as described above.
Next week, we will look into another Thanksgiving Holiday tradition, Black Friday, the official beginning of the holiday shopping season. We will look into many of the questionable tools and tricks used by retailers to separate customers from their money and offer advice on how to avoid getting scammed.