Here are five scams visitors to Prague should know about

Honest Guide is a YouTube channel for people interested in visiting Prague. It's got tips and cautions that are great to know about in advance of going there. I wish there were similar YouTube channels for other places.

In its latest episode, Honest Guide describes five common scams that tourists should watch out for. The most interesting one is not so much a scam, but a sucker bet. Some guy has built a structure with a horizontal bar, sort of like a pull-up bar. He sets it up in the middle of Wenceslas Square and has a sign that tells people that if they can hang from it for two minutes, they make 5 times the money they paid for. But no one can do it because the bar spins, making it impossible to hang from.

The host also recorded a recent encounter with a scammer who drove up to him in a Mercerdes while he was sitting on a sidewalk bench. The scammer explained that he had lost his wallet and needed to buy gas. He gave the host his "valuable" ring as collateral, but the host started recording the scammer. The scammer threatened to call the cops, and when the host encouraged him to do so, the scammer quickly drove away.

(One of the many reasons I like Japan is that in the 8 times I've been there, no one has ever tried to cheat me.) Read the rest

UK readers, beware of this fake VISA credit card scam

Jim Browning, who runs the YouTube channel called Tech Support Scams, recorded this call from fraudsters who "are robo-calling thousands of people in the UK with alarming messages apparently from 'VISA.' These messages are designed to alarm potential victims and is a ruse to gain access to people's bank accounts via remote access software." Read the rest

DOJ indicts 80, many based in Nigeria, in business email scam and money laundering

The Justice Department today announced indictments for 80 individuals on charges they ran a massive business email and money laundering scam that operated in part out of Southern California.

DoJ's 145-page indictment was unsealed Thursday, and charges 80 named individuals with conspiracy to commit mail and bank fraud, plus aggravated identity theft and money laundering.

More than a dozen individuals were arrested during raids on Thursday, most of which took place in the greater Los Angeles area.

News of the early-morning Southern California raids on Thursday were first reported by LA's ABC7 News.

Zack Whittaker at TechCrunch:

But it’s not immediately known if the Nigerian nationals will be extradited to the U.S., however a treaty exists between the two nations making extraditions possible.

U.S. Attorney Nicola Hanna said the case was part of an ongoing effort to protect citizens and businesses from email scams.

“Today, we have taken a major step to disrupt criminal networks that use [business email scam] schemes, romance scams and other frauds to fleece victims,” he said. “This indictment sends a message that we will identify perpetrators — no matter where they reside — and we will cut off the flow of ill-gotten gains.”

These business email compromise scams rely partly on deception and in some cases hacking. Scammers send specially crafted spearphishing emails to their targets in order to trick them into turning over sensitive information about the company, such as sending employee W-2 tax documents so scammers can generate fraudulent refunds, or tricking an employee into making wire transfers to bank accounts controlled by the scammers.

Read the rest

Affluent parents surrender custody of their kids to "scam" their way into needs-based college scholarships

Propublica Illinois has identified "dozens of suburban Chicago families" who surrendered custody of their children during the kids' junior and senior years of high-school, turning them over to aunts, grandparents, friends, and cousins, so that the kids claim to be independent and qualify for needs-based scholarships, crowding out the poor kids the scholarship was designed for. Read the rest

When Trump's #TaxScam meant that affluent people no longer had to use the paid version of Turbotax, Turbotax started charging poor people, disabled people, students and elderly people

In most countries, you don't have to pay an accountant to prepare your tax return: the government already knows how much you made, so every year they just send you a pre-filled in form to check over and sign. Read the rest

Enjoy this fantastically weak bike accident insurance scam

From Wuhu in China's Anhui province comes one of the best worst insurance scam attempts ever.

(Newsflare) Read the rest

Google Maps is still overrun with scammers pretending to be local businesses, and Google's profiting from them

We bought a house in 2018 and have been renovating it pretty much constantly ever since: I've had to call out movers, emergency plumbers and electricians, find HVAC repairpeople, hire locksmiths, contract with a roofer, etc etc. Despite the longstanding and serious problems with fraud on Google Maps, I often start my search there, because I am an idiot, because 100% of the time, Google Maps sends me to a scammer. One hundred percent. Read the rest

How con artists use the Ouija board effect for their scams

In 1851, Michael Faraday secretly measured the muscle movements of Ouija board users who believed that the planchette was under ghostly control. According to Faraday, the users were unconsciously moving their muscles and but truly thought a spirit was pushing the planchette. A few decades later, physiologist William Carpenter dubbed this the "ideomotor effect." To this day, the ideomotor effect is a powerful phenomena and one that scammers have used to sell bogus "scientific" instruments. From the Wellcome Collection:

For example, in 2014, James McCormick, a British businessman, was convicted of selling fake bomb detectors to various international police forces. McCormick’s devices were marketed as using principles similar to dowsing, with extreme life-or-death stakes. The operator was supposed hold the device, called the ‘ADE 651’, like a wand, and allow its subtle movements to direct them towards dangerous substances.

The devices themselves have been determined to be entirely non-functional. But thanks in part to the ideomotor effect, they could easily feel functional, especially if the operator were confident in their legitimacy.

Since the late 1990s, non-functional detection devices with names such as ‘Sniffex’, ‘GT 200’ and ‘Alpha 6’ were sold by various scammers to governments throughout the world, including those of Iraq, Egypt, Syria, India, Thailand and Mexico. The World Peace Foundation of Tufts University, which tracks corruption related to international arms trading, estimates that fake bomb detectors generated more than $100 million in profit between 1999 and 2010.

"The psychology of Ouija" (Wellcome Collection via Daily Grail)

Vintage image: SFO Museum Read the rest

How to remove a common Amazon-bought car boot

The Lockpicking Lawyer saw a report about an illegal car-booting outfit in Chicago (embedded below), and decided to see how hard it is to remove the Amazon-bought car boots that scammers use.

It is easily defeated in a few seconds... so long as you have a screwdriver and a lock impressioning tool.

Looks like an angle grinder would make short work of it, too! Read the rest

Why you should never return a robocall - it could cost you a small fortune

You know when your phone rings once, then stops? Don't call back, unless you are willing to risk a very costly international call to Mauritania, even though the called ID shows it as a local call.

From Lifehacker:

If you get a call from a familiar area code, you might feel tempted to return it, but the Federal Communications Commission is now warning consumers not to call any unknown numbers back. If you do, you risk paying huge fees in toll number charges.

According to a recent statement by the FCC, this “Wangiri” (Japanese for “one ring”) robocall scheme is targeting numbers in short bursts, often during the middle of the night, using a “222" country code (located in Mauritania in West Africa). But scammers can mask their area code by “spoofing” or changing their caller ID information to reflect a local area code, according to Alex Quilici, founder of YouMail, a robocall-blocking voicemail app.

Image: g-stockstudio/Shutterstock Read the rest

What it's like in a scam call center

Jim Browning got a look into a Kolkata call center via one of the scammers' insecure machines: "You're looking at the webcam of a scammer named Deva ██████. He's currently uploading the phone numbers of people who will be his next potential victims. All are numbers of people who have previously fallen victim to a popup scam."

These guys are a particularly nasty group from Kolkata in India. They run a refund scam and this video shows what their call center looks like, how they operate, who and where they are. I've sent a link to the unblurred version of this video to the Kolkata Cyber Police (for all the good that it will do).

The offices are "small and cramped" and full of smoke. Read the rest

Exposing the "Razzle Dazzle" carnival scam

Razzle Dazzle is a carnival game in which you roll marbles into a tray with numbered holes. Once you get to 100 points, you can win fabulous prizes. It looks like a can't lose game, but in this video Brian Brushwood and mathematician James Grime reveal why it's a scam.

[via Doobybrain] Read the rest

Thanks to the 2008 foreclosure crisis, a Kuwaiti ponzi schemer was able to single-handedly blight cities across America

After the 2008 economic crash and the ensuing foreclosure crisis, AbdulAziz HouHou ran a ponzi scheme that bilked other Kuwaitis out of millions that were spent buying and flipping foreclosed houses across America, particularly in hard-hit rustbelt towns like Buffalo and Rochester. Read the rest

FBI: Online theft, fraud, exploitation caused losses of $2.7B globally in 2018, up from $1.4B in 2017

It could happen to you. Read the rest

Scammer asks for password, gets his database wiped by prospective victim

Scammer software is usually quite crude and, as demonstrated here, vulnerable to clever victims aware of their shortcomings.

Engineer Man: "Taking it to another scammer using some nmap analysis and a common exploit to save 105 people. Mission accomplished."

Note that what he's showing here is not necessarily what he's doing, and doing it without due care and attention to the risks is gonna get you in trouble.

UPDATE: The video disappered. For posterity, it showed a scammer getting their just desserts because the server they used to log marks' passwords used an unsecured SQL database, allowing an intended victim to get in and wipe it. Read the rest

Here's how to spot a pyramid scheme

Pyramid schemes are the perpetual motion machines of the business world. They seem like they just might work until you do the math. Don't be a sucker.

Read the rest

Office Depot, OfficeMax fined over faked malware scans

Office Depot, OfficeMax and other retailers will pay $35 million to the FTC over their use of fraudulent software that falsely reported malware infections on customers' PCs.

Customers who took their computers in for a free “PC Health Check” at Office Depot or OfficeMax stores between 2009 and November 2016 were told their computers had malware symptoms or infections — but that wasn’t true. The FTC says Office Depot and OfficeMax ran PC Health Check, a diagnostic scan program created and licensed by Support.com, that tricked those consumers into thinking their computers had symptoms of malware or actual “infections,” even though the scan hadn’t found any such issues. Many consumers who got false scan results bought computer diagnostic and repair services from Office Depot and OfficeMax that cost up to $300. Suppport.com completed the services and got a cut of each purchase.

It's likely that anyone reading this knows that handing over your computers to teenagers at big box stores is the exact opposite of computer security and the temptation to victim-blame will be overwhelming. Instead, consider this: if a human was held responsible they'd be jailed, but the humans who did this won't be getting in any trouble at all. Read the rest

More posts