Rss

Archives for : July2016

Expert tip: The real tax office never asks you to pay with iTunes gift cards

ATO SHADY SIGN LOGO IMAGE www.scamsfakes.com

You know you’re being scammed when an aggressive caller, supposedly from the ATO, demands you settle a tax debt using pre-paid iTunes or Visa cards.

There was a time when scammers tried to con you with promises which seem too good to be true, such as inheriting money from a long-lost uncle. These days they try to trick you with scams which seem too boring to be fake or too scary to ignore.

Watch out for telephone scammers demanding you pay your tax bill using gift cards image www.scamsfakes.com

Watch out for telephone scammers demanding you pay your tax bill using gift cards.  

Threatening phone calls from the taxman are enough to grab most people’s attention, but as soon as the caller gets aggressive and starts demanding payment on the spot you know something is wrong. Especially if they expect you to pay using pre-paid gift cards.

I would have thought asking for iTunes cards would be a huge red flag for anyone who received a call claiming to be from the tax office, but apparently some Australians fall for this – spending thousands of dollars on gift cards and then sending the scammers the redemption codes. More than 300 people have reported lost more than $1 million in total to tax scams in the first half of this year, including $174,830 spent on iTunes cards.

It’s easy to laugh at these people but scammers are practiced at the art of manipulating confused and frightened  people. Sometimes the caller seems to know a lot about you, which helps them sound more genuine. They can also be very intimidating and aggressive, such as insisting that if you don’t pay you’ll go to jail and the police are already on their way to your house. You can see how this might frighten elderly people, especially if English isn’t their first language.

Even if you’d never fall for these scams, it’s important to word up your less tech-savvy friends and relatives who might not view such calls with a healthy skepticism. The golden rule is “trust no-one” when you answer the phone, especially when the caller starts asking you to prove who you are or demanding payment.

Love_Russia_250_250

Henry Sapiecha

Zhenya Tsvetnenko [A Perth millionaire] to fight text message scam & fraud charges

Australian millionaire Zhenya Tsvetnenko is planning to fight charges he defrauded unsuspecting mobile phone users for unwanted text messages as part of a multi-million-dollar scheme in the United States.

An indictment filed in federal court in Manhattan on Friday charged Mr Tsvetnenko, Fraser Thompson, an ex-executive at mobile aggregation company Mobile Messenger, as well as Fancis Assifuah, who authorities say ran digital content providers.

Perth digital entrepreneur Zhenya Tsvetnenko image www.scamsfakes.com

Perth digital entrepreneur Zhenya Tsvetnenko. Photo: Aaron Bunch Photographer

The indictments relate to a period from 2011 to 2013.

The trio were added to a pre-existing case against five other people and accused of participating in an “auto-subscribing” scheme to charge mobile phone customers monthly fees for unsolicited, recurring text messages without their consent.

Thompson was arrested on Friday in California. Mr Tsvetnenko lives in Perth and has not been arrested, while Assifuah had already been arrested in April. The trio face charges including wire fraud and conspiracy to commit money laundering.

Mr Tsvetnenko co-owns Voyeur night club which opened its doors in July at the refurbished Llama Bar site in Subiaco.

ubytkjt

Henry Sapiecha

www.intelagencies.com

www.crimefiles.net

www.freephonelink.net

 

ID theft in three steps: ‘Adequate’ Telstra and telco identity checks questioned

Sue King was holidaying in the US when she received an odd email from Uber on her Wi-Fi connected phone saying she had just taken a short ride to the Sydney suburb of Canterbury

That day in late May became stranger when her Facebook friends began asking her why she was requesting a reference for a loan. One pointed out her account may have been hacked.

Alarmed, she contacted her broadband provider Telstra, which told her an impersonator had passed all identity checks and gained access to her account, changing her Bigpond email password.

Sue King had her identity stolen image www.scamsfakes.com

Sue King had her identity stolen.  Photo: Katherine Griffiths

“All that person needed was my full name, date of birth and home address to get into my inbox and I’m concerned it’s just too easy,” said Ms King, a teacher from Lilyfield.

“I also have a feeling they stole my mail, because they gave Telstra my account billing number.”

The use of such simple identity verification processes is widespread, with information security experts saying big organisations are struggling to strike a balance between solid security and seamless customer experience.

Ms King managed to change her email password but the worst was yet to come. When she returned home, she couldn’t use her mobile phone because her Optus number had been transferred to another SIM.

telstra logo on cage image www.scamsfakes.com

A fraudster gained access to Sue King’s Telstra account. 

She found out the fraudster had tried to mess with her details at Teachers Mutual Bank and enter her PayPal account.

Her Commonwealth Bank card was swallowed by an ATM because of irregularities. And she discovered $3800 was transferred over 10 days to a Surry Hills-based online merchant using her St George credit card.

A Telstra spokesman confirmed that as a minimum it verified a customer’s identity using their full name, date of birth and home address.

He said the telco considered its identification process as “adequate” and similar to that used by other business across many industries. It was constantly under review.

“In this instance, it appears the customer’s identity was obtained fraudulently as the scammer provided the necessary verification information … also providing the account billing number,” he said.

Ms King has since swapped from paper bills to email and changed her passwords. She said the police were also investigating her case.

Mail theft and identity fraud has been on the rise, with organised crime syndicates taking advantage of Sydney’s apartment boom and targeting the clusters of letter boxes.

Identity crime costs governments, private industry and individuals upwards of $1.6 billion each year, according to Attorney-General’s Department.

James Turner, an advisor at Intelligent Business Research Services, which counts Telstra as a client, said security teams at companies were working hard to strengthen identity verification procedures, but this had to be balanced with customer experience.

He said while identity checks, such as that used by Telstra, were common, it was important to note signatures – “the weakest biometric ever” – were still being used.

“We’re dealing with the area of risk. It’s not a binary situation of ‘They must have done more’,” he said.

“I know the heads of security of all these large organisations and they are genuinely concerned and constantly trying to raise their capabilities so the easy way is the secure way. That’s the end game,” he said.

“It’s like turning an oil tanker, when you’ve got marketing people saying: ‘No, no, we need to make this as fast and friction-less as possible’.”

David Lacey, founder of Australia’s only free helpline for victims of identity fraud IDCARE, said companies should place greater focus on the way they help victims who in some cases feel like they’re treated as criminals.

“If you’re not harmed by the crime itself, you almost certainly will be by the response [of the telcos and other service providers],” he said.

He said the number of calls to the hotline has been doubling every three months. He said a criminal begins abusing a person’s identity within 48 hours of it being stolen.

“You don’t ever get your identity back once it’s stolen. They have a life sentence, because the problem can re-appear in the future,” he said.

An Optus spokesman said it verifies identity using security questions, including personal details and account information.

“Optus also provides customers the opportunity to add a PIN to their account which can be used to help verify identify,” he said.

A Vodafone spokeswoman said if a customer can’t provide account details and a PIN, they proceed to a set of questions.

“If we are not satisfied, we may ask the caller to provide further evidence to authenticate their identity and their claim to the account or direct them to a retail store with appropriate identification,” she said.

Protect your identity (credit: IDCARE)

  • Ensure all devices have the newest available security updates and run weekly anti-virus and malware protection software.
  • Never open or click on links from emails you don’t know.
  • Never provide your personal or security details in response to any email, even if it looks legitimate.
  • Where available use two-step authentication – such as SMS codes to your mobile.
  • Regularly change your passwords and PINs and be careful about selecting your passwords.
  • Never communicate personal details on social media sites.
  • Ensure you have a secure letterbox for postal deliveries.
  • www.crimefiles.net
  • www.intelagencies.com
  • www.ispysite.com

3r5g6yu

Henry Sapiecha

Telstra clients scammed with fake refund email

shady-hacker-on-keyboard image www.scamsfakes.com

More than just chasing your credit card details, scammers are looking to steal the identity of Telstra customers.

Saying to you that you’ve paid your bill twice, scammers are tricking Telstra customers into handing over their credit card details.

These days most of us are savvy enough not to fall for promises that look too good to be true, whether it’s a win in the British Lottery or an inheritance from a long-lost uncle in deepest, darkest Peru.

Scammers have moved with the times and their new promises are a lot more boring and realistic, such as a small tax refund, unexpected parcel delivery or billing error in your favour

fake letter emailed toTelstra customers image www.scamsfakes.com

A copy of the fake letter emailed toTelstra customers. Photo: MailGuard

The latest wave of convincing-looking scam emails, identified by MailGuard, claim you’ve somehow paid your Telstra bill twice so you’re entitled to a refund. Rather than take a shotgun approach the scammers have only sent it to Telstra customers – more than 20,000 of them – who probably won’t find it too hard to believe that the telco has managed to stuff up their bill.

This isn’t a cryptolocker attack like many fake emails that have probably arrived in your inbox lately – there isn’t an infected malware attachment or dodgy link designed to encrypt all your documents and demand a ransom. Instead the official-looking letter, supposedly signed by Telstra executive Gerd Schenkel, points you to Telstra’s My Account online portal where you can log into your Telstra account and claim your refund.

Of course the link doesn’t send you to Telstra’s real My Account page, just a very convincing-looking forgery as part of a “phishing” attack hoping to trick you into handing over sensitive information. Along with your Telstra login and password you’re asked to provide all your credit card and billing address details along with your date of birth.

Not only can scammers use these details to go on a shopping spree with your credit card, it’s also enough information for them to pretend to be you and start racking up other debts in your name.

The best defence against these attacks is a healthy sense of paranoia. Often they’ll be riddled with grammatical errors, come from a suspicious-looking email address or rely on a suspicious-looking website name. This latest Telstra attack does look very convincing, but if nothing else the fact that it asks for so much information should ring alarm bells.

Always assume that any unexpected email you received from a service provider is a fake. Never open attachments, click on links in the email or trust the supplied phone number. If in doubt, contact the provider directly to clarify.

If you’ve been caught by this scam the best thing to do is notify Telstra, change your My Account password and notify your bank so it can cancel your credit card.

Have you been caught out by these kinds of scams? How do you spot the fakes?

Tell us your story HERE

SDR

www.intelagencies.com

Henry Sapiecha