Welcome to Orange Frog Productions Scams, Shams & Flim-Flams Section [Banner]

Search this site powered by FreeFind

Page Title:

Skip to Things You Should Know | Protect Yourself | External Links | Where to Forward Fraud Emails

NOTE: External links on this page open a new window.

This page contains information and links for various examples of fraudulent schemes, most of which I, myself, have received. A couple have come to family members and were sent to me to check out.

All are (or appear to be) attempts by someone to try to get our money (direct fraud) or information (phishing), of free work out of you. (Some offer work, and, while the work may be real, it's not what it was described. Others offer work, you buy supplies and/or equipment from them, do anything from assemble items, stuff envelopes, etc., and then say your work isn't good enough for the pay, if it even gets THAT far.)

DO NOT FALL FOR THESE SCAMS. Many of them will wipe out your bank accounts, ask for/demand more money from you, allow your identity and/or credit cards to be used by people you don't know, and in some cases, can provide nefarious characters with enough information to stalk and endanger your lives.

It used to be that the "bad guys" had to literally break into businesses and steal to get hold of cash, checks, credit cards, jewelry, and actual file-folders of other stuff they could sell for money. Obviously, this is still going on. (examples: Discovery Channel's "It Takes a Thief," news accounts, and various movies.)

Governments had already been, and then businesses began, computerizing their records. It makes it more efficient (read easier and faster) for them to get the information they need for individuals, groups and other companies, and for them to do what they do. The more sophisticated "bad guys" began "hacking" into the governments' and businesses' local networks to retrieve bank account numbers and passwords, as well as information. Everyone's heard of how hackers have "broken into" various databases, some to prove a point, some "simply" to create fake ids for themselves or for sale, and some to sell or use the information to steal from those whose information was stolen.

Now that almost everyone's got email, and so many are naive about these scams, the "bad guys" can reach MILLIONS of people with a single emailing, and it doesn't cost them the price of the envelopes, printing and stamps, as it did before. Most of these emails will arrive as spam (like the "junk mail" you get in your postal mail boxes) and entice or threaten those who have not heard about them (or do not understand what they heard) to enter their personal/credit card information. Some will then contact the responders, requesting money they say is necessary to complete the transactions. Some will ask for information. Some have the information they need and the responders will NEVER hear from them, but will only find out they've been scammed when money in their bank account disappears, they notice charges on their credit card or other loan bills that they never made, they notice long-distance or international phone calls on their phone(s) they never made, etc.

Scams like these transcend all classes, all races, all religions, all "walks of life". The victims are not (all) dumb, but may be naive about their own security. This is what the "bad guys" count on.

Hopefully, the examples and analysis in this section, and the information at the external links below, will help "educate", inform and make it much more difficult for the "bad guys".

Remember. I am NOT an expert. I have just found things that you, yourself could find if you had an idea of what to look for, and have analyzed these emails to let you KNOW some of what to look for.

I hope my information, suggestions, examples and analyses help you avoid these scams.

Things You Should Know

Any and ALL (and more) of the scams listed and noted on this site can come to you in various ways:

  • Email (usually as Spam)
  • Postal Mail (usually as Junk Mail)
  • Unsolicited Phone Calls
  • Even occasionally Personal Contact with someone you don't know

Many of these scams come from Nigeria, where Scams are the fifth (5th) largest industry

Source: The Dr Phil Show, aired on WTHR, Channel 13, Indianapolis, on November 23, 2006, Episode #760: [Internet] Love Scams.

They are also meeting women online in chat rooms, IMs, etc., "falling in love", and, after cultivating relationships for a couple of months, asking for money... Most say they were contracted to do work in Nigeria, and were conned, or had their money stolen, or ... You get the idea? And some women fall for it (and them), sending the requested money, then, usually something else happens and they need money, and the women send more money, and... This goes on until they can't get money from them any more. Sound familiar? (read some of the other scams - most DO seem to come from or start in Nigeria.)

Oh... The pictures they use are generally model shots, possibly from the internet, possibly from magazine or newspaper articles. Dr Phil's investigators found the two men in the pictures that the women thought were the men they'd fallen in love with. One was definitely a model. The head of the modeling agency was there, identified him as Mike, who lived in Hawaii, and was livid that someone was using his picture to scam people. The other was from London, and said the picture was him, albeit many years ago. He also had a family. He didn't show his face, because there's a pretty strong Nigerian contingent in London, and Nigerians, in general, have been known to blackmail, kidnap, and even murder (especially in Nigeria), and people all over the world are afraid.

I've, personally, received many different types of email, and almost all types have mentioned Nigeria; the actual email was sent from Nigeria (you have to look at the headers and, sometimes, translate the IP address (the ###.###.###.###) through something like GeoBytes - IP Address Locator; or the "script" is the pretty much the same as email others or I have received with either of the former attributes.

In other words:

If an email, chat or instant message mentions or is from Nigeria,
IT IS MOST LIKELY A SCAM ATTEMPT!

Once you know many of these "scripts" (think of these as "script"), you will, hopefully, be able to spot and or research any scam that you run across.

NEVER NEVER NEVER give your information to, or accept a check/checks to deposit in your account, and wire someone some of the cash from it. (You will be out the full amount of the check, and possibly prosecuted for passing bad checks, and the person from whom you got the check, and the one to whom you wired the cash, are LONG GONE.) See examples and victim stories at FakeChecks.org.

NEVER NEVER NEVER give ANY personal information to a site you do not KNOW and TRUST.

NEVER NEVER NEVER send personal information (including account numbers, passwords, social security numbers, etc.) in response to any email.

  • If you don't have an account there, it's probably a phishing email.
  • If you DO have an account there, DO NOT CLICK THE LINK TO GO THERE. The fraudulent page may very well look real. Open your browser, type in the business' website address, go there and log on to it directly.

If nothing else, and you click the link or enter information, they now hove your name and email address to which to send spam, or sell to potential spammers.

NEVER, NEVER, NEVER pay ANYONE who offers you a job where you can "work at home", for supplies, equipment, or "the privilege" of working with/for them. And be sure you check out any other "job offers", making sure they come from legitimate companies, and you will be doing what they said you will be dong.

Worst case scenarios:

  • You click on a link which will download a virus, adware and/or spyware, which could cause major problems on your and/or your friend's and family's computer.
  • If they ask for, and get your bank account or credit/debit account numbers and you "verify" your passwords, they can clean those accounts out, and maybe even get a loan in your name, which, of course, they will NEVER pay back - It will be YOUR responsibility.
  • If they ask for, and you give them, your social security number, they can use it to steal your identity, doing all the things in the second bullet point, much easier.
  • Job Offers - You pay the company to hire you, buy supplies and equipment, do the work, and don't get paid. You are out the money for the stuff. If you used a credit card to pay for it (through the company), they now have your information.

If you are the one your family and friends ask to check things like this out,  and you pass your findings on to them or your mailing lists, be sure to check these and my other Scam, Sham and FlimFlam pages for more information. Then, don't just say "I checked it out on ... (wherever)". Send them the link to the proof or refutation.

From Tips for Avoiding Internet Scams, from the Internet Fraud Watch:

Know who you’re dealing with. If the seller or charity is unfamiliar, check with your state or local consumer protection agency and the Better Business Bureau. Some Web sites have feedback forums, which can provide useful information about other people’s experiences with particular sellers. Get the physical address and phone number in case there is a problem later.

Look for information about how complaints are handled. It can be difficult to resolve complaints, especially if the seller or charity is located in another country. Look on the Web site for information about programs the company or organization participates in that require it to meet standards for reliability and help to handle disputes.

Be aware that no complaints is no guarantee. Fraudulent operators open and close quickly, so the fact that no one has made a complaint yet doesn’t meant that the seller or charity is legitimate. You still need to look for other danger signs of fraud.

Don’t believe promises of easy money. If someone claims that you can earn money with little or no work, get a loan or credit card even if you have bad credit, or make money on an investment with little or no risk, it’s probably a scam.

Understand the offer. A legitimate seller will give you all the details about the products or services, the total price, the delivery time, the refund and cancellation policies, and the terms of any warranty. For more information about shopping safely online, go to National Consumers League - Shopping Online Home.

Resist pressure. Legitimate companies and charities will be happy to give you time to make a decision. It’s probably a scam if they demand that you act immediately or won’t take “No” for an answer.

Think twice before entering contests operated by unfamiliar companies. Fraudulent marketers sometimes use contest entry forms to identify potential victims.

Be cautious about unsolicited emails.  They are often fraudulent. If you are familiar with the company or charity that sent you the email and you don’t want to receive further messages, send a reply asking to be removed from the email list. However, responding to unknown senders may simply verify that yours is a working email address and result in even more unwanted messages from strangers. The best approach may simply be to delete the email.  

Beware of imposters. Someone might send you an email pretending to be connected with a business or charity, or create a Web site that looks just like that of a well-known company or charitable organization. If you’re not sure that you’re dealing with the real thing, find another way to contact the legitimate business or charity and ask.

Guard your personal information. Don’t provide your credit card or bank account number unless you are actually paying for something. Your social security number should not be necessary unless you are applying for credit. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has.

Beware of “dangerous downloads.” In downloading programs to see pictures, hear music, play games, etc., you could download a virus that wipes out your computer files or connects your modem to a foreign telephone number, resulting in expensive phone charges. Only download programs from Web sites you know and trust. Read all user agreements carefully.

Pay the safest way. Credit cards are the safest way to pay for online purchases because you can dispute the charges if you never get the goods or services or the offer was misrepresented. Federal law limits your liability to $50 if someone makes unauthorized charges to your account, and most credit card issuers will remove them completely if you report the problem promptly. There are new technologies, such as “substitute” credit card numbers and password programs, that can offer extra measures of protection from someone else using your credit card. For more information about paying safely online, go to:

Protect Yourself

Following is a list of some of the "rules" that I, myself, follow to keep from handing the "bad guys" my money and/or information. It is NOT meant to be an exhaustive list of ways to protect yourself. I suggest you read the pages in the links on this page and those in THOSE pages, for more information, and create your own "battle plan" to protect your identity. I will NOT be responsible if you follow MY "rules" and get "caught" in the "bad guys"' web.

[I've been using some of these "rules" for myself for some time. They've been added to as I received more and more fraud/phishing emails. I realize that they repeat some of the tips from above, but the ones below are MINE, if you know what I mean! smiley - wink I hope between the tips from other sites, and my tips, you can create your own set of "rules". -bs]

In an email, be sure you use the status bar and rollover capabilities to see where links go without clicking on it. If the first part of the link (between the "http://" and the next slash ("/") is not the site of the business requesting the information, or is just an ISP number (###.###.###.###), be VERY wary.

Be aware that I know of no businesses, government agencies or financial institutions that will send you an email asking you to verify your information. (They already have it.) If you receive email or phone call) requesting this information, be sure to check with the actual agency on the phone (by calling THEM, not the other way around) or in person. Remember, they should be verifying your information. If you're on the phone and you can, have THEM read it to YOU to verify it. (Though if you made the call, they won't do this... YOU could be the scammer.) You should also be able to go directly to their site (open your browser, type in their site address and log on there... DO NOT CLICK THE LINK IN THE EMAIL).

While it's not fool-proof, because they are very sophisticated, watch the little padlock on the status bar of your internet connection. If you are to enter personal information, it should be CLOSED. If it is OPEN, the data you enter and send MAY NOT BE secured. The same holds true for the page address in the address bar - It should start HTTPS (the "s" is for "Secure".) (Note that some sites allow ENTRY to certain fields, then go through the secured server to verify it.)

If you receive anything, asking for information, possibly threatening to drop your accounts, etc., don't answer it. Call the institution/agency or log directly into your account with them, and check it out and/or handle it. Most likely the email is fake.

Spam "job offers" (even those that have all of your information), should be checked out thoroughly. Search for the company name on the internet. DO NOT click the link in the email. Roll over it and check the status bar. Anything after the ".com", ".net", ".org", or any other top-level domain, is a "parameter" telling them the affiliate who sent you to their site, and/or your email address, and it's also been known to include a link to a disguised executable file, that downloads a trojan horse, spyware, adware, a virus, redials your modem (if you have one), or resets your connection. If you want to check out the company, either "cut-and-paste" only the first part of the email address (from the "http" through the top-level domain (to the first question-mark or slash - should include ".com", ".net", ".org", and COULD end in a foreign country suffix (".ca" - Canada, ".mx" - Mexico, ".uk" -United Kingdom, ".us" - United States, or others)), bring up your browser and either paste it, or retype it from the email, and see what you get. Sometimes it will be a blank page - They use a subdomain for the company in question. Sometimes it will forward you to another domain. In ANY case, before doing any of this type of your own research, BE SURE YOUR VIRUS SCANNER IS RUNNING, and periodically, at least, run your adware and/or spyware scanner programs.

Be aware that you can receive any of these scams as emails, phone calls, snail mail, or maybe even some other form. Understand that scammer and "bunco artists" (old name for fraud perpetrators), will take any pathway they can to your money (or now, personal and banking information). Always check anything that's questionable with the company in question, with Snopes or other links below, with your own common sense. (And, if you don't have any of the latter of your own, check with someone you know does have some!)

Remember that any link you click, any attachment you open, any program you run from people you don't know can download a virus, adware or spyware. I, personally have an antivirus program that's caught many an attempted virus download, an anti-adware program that found a few dozen adware programs the first time I ran it, and an anti-spyware program that found around 300 spyware program the first time I ran it. These take up CPU, memory and space you YOUR disk. The latter two may not be THAT malevolent, depending on your feelings about privacy, but cleaning them up made my computer run faster and better.

The short version:

  1. You should only receive "clickable links" if you receive HTML emails.
  2. NEVER click a link in a Spam email without KNOWING where it will go.
  3. Pay attention to emailed links go, even if the name LOOKS valid.
  4. NEVER click a link in an email which purports to send you to a logon page.
    Apparently, they can send you to the actual page, but a popup will appear for you to enter your information. Again, the page is valid, the popup is the scammer's. NO LEGITIMATE BUSINESS SHOULD/WILL USE POPUPS FOR YOU TO ENTER YOUR INFORMATION.
  5. ALWAYS go to the site, itself, (enter the business' main site domain name - www.company_name.dom - in your browser) and logon from there.
  6. ALWAYS make sure when you are entering ID numbers like a Credit Card number that it is a SECURED PAGE.
  7. BE VERY CAREFUL in doing research. Make sure at least your virus scanner is updated and running if you insist on visiting the (home page) of the site.
  8. REMEMBER: Some of these emailed links may run an "executable file" which can  download a VIRUS, ADWARE or SPYWARE.
    1. Get an anti-virus program, MAKE SURE it's running, the definitions are up-to-date, and it runs at the very least once-a-week, if not daily. Make sure it's set to check any file that's downloaded.
      1. There ARE online virus scanners. (See links, below.) They CANNOT PROTECT your computer, but they can find viruses on it.
    2. Download, keep definitions updated, and run, at least periodically. anti-adware software. Some are available for free. (See links, below.)
    3. Download, keep definitions updated, and run, at least periodically anti-spyware software. Some are available for free. (See links, below.)

If you have found or come across other "rules" that you feel should be here, let me know, and let me know your name or id, and I will include them here with acknowledgement.

Links to Onsite Information/Examples

NOTE: These links are also in the Division Links, above.

Links to External Information

The following are just some of the sites out there in internet-land that provide information about fraud, fraudulent activities, and "phishing" (using fake emails and websites designed to fool recipients into giving personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.). Some of them include ways to report this information to them and/or authorities.

Anti-Whatever Software

Search for More

General Links

Company-Specific Links

There's also general information on most of these pages/sites. Be sure to check them out. I have received (as have friends and family) emails from the following companies, requesting that I "click a link" in it and fill out the information on the attached page.

  • Chase - Security Center

    • Chase - Reporting Fraud
      I have received multiple emails from "Chase" from different email addresses and even different parts of the world. Since this is the case, I have forwarded a few of them to Chase (making sure all email header information is included - from email "properties"), so if they can track the perpetrators down, they can prosecute them to the fullest extent of the law.

      From Chase - Reporting Fraud (Question #9) (07/20/2006)

      I have e-mail that looks like it's from Chase. How can I tell if it's legitimate?

      Looks can be deceiving. As criminals make more credible forgeries of legitimate e-mail and websites, you can no longer rely on seeing familiar graphics like the Chase logo. The key to determining the authenticity of e-mail lies in the tone of the message and in the nature of the solicitation. Criminals want you to give them information and they're not very subtle about it. Our goal in marketing via e-mail is to inform you about a product or service we think you might be interested in.

      It's not our practice to:

      • Send e-mail that requires you to enter personal information directly into the e-mail
      • Send e-mail threatening to close your account if you do not take the immediate action of providing personal information
      • Send e-mail asking you to reply by sending personal information
      • Share your name with any contacts outside our firm in a manner inconsistent with our Privacy Policy
       
  • eBay Help: Online Security

    • from How do I know that an email is really from eBay? (07/20/2006)

      Legitimate eBay emails

      eBay will never ask you to provide account numbers, passwords or other sensitive information through email. If eBay does request information from you, a copy of that email will be in the My Messages box in My eBay. If you have any doubt that an email really is from eBay, open a new browser window, type www.ebay.com, and sign in. Any email that looks as if it is from eBay, mentions a problem with your account or requests personal information, and is not in My Messages in My eBay, is a spoof (fake) email.

       

    • from Help > Online Security > Account Security > Reporting Spoof (Fake) Emails (07/20/2006)

      An email message from eBay:

      • Never asks you to provide financial account numbers, passwords, or other sensitive information through email. If eBay requests information from you, a copy of that email will be in the My Messages box in My eBay. For more information, see Using My Messages.
      • Does not require you to enter information on a page that cannot be accessed from the eBay site. When possible, you should avoid clicking links. Instead of clicking the link, you should copy the address and paste it into the Address/Location area of your Web browser. While eBay may send email that contains links, the links are provided for convenience only. You will not be required to submit sensitive information if a direct link is provided to an eBay page.
      • Will not include attachments. If you receive a message that appears to have been sent from eBay that includes an attachment, do not open it.
      • May be a misdirected "Forgot your password" message. These messages are sent when a member enters a User ID using the "Forgot your password" feature. After the User ID is entered, a notice is sent to the email address registered to that account. If you received this email unexpectedly, it is probably because someone else mistyped his or her own User ID when attempting to use this feature.

       

  • PayPal - Security Center

    • from PayPal - Security Tips and Fraud Prevention (07/20/2006)

      Email Security

      • Look for a PayPal Greeting: PayPal will never send an email with the greeting "Dear PayPal User" or "Dear PayPal Member." Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account. If you believe you have received a fraudulent email, please forward the entire email—including the header information—to spoof@paypal.com. We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.
      • Don't share personal information via email: We will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in to https://www.paypal.com/.
      • Don't download attachments: PayPal will never send you an attachment or software update to install on your computer.

Email Addresses

This is a list of email address to which you may forward fraud and phishing emails. Do NOT cut-and-paste a fraudulent email, as it may lose some of the stuff "behind the scenes." Do NOT forward Spam to them as Spam is usually just an annoyance... Fraud and Phishing are trying to get your personal information for identity theft. Let them work on the crimes, not the crap!

If possible, make sure the full headers of the email you received will go to these sites, too. The full headers contain tracking information, meaning these sites may be able to trace the email back to its origin.

There are instructions at Anti-Phishing Working Group: Report Phishing, that will allow them to receive the whole email (without losing any information in it.) Please read and follow them. It should also work the same to pass the spoof emails to all of these emails.

If you know of other informative sites and/or email address I should include here, please let me know.

Send comments/questions about this page to Bill Sanders at:
 

| Home | Main | Owner | Scams, Shams & More Flim-Flams | Glossary | Sitemap | Contact |

Send email to Bill Sanders ()
with questions or comments about this page or site.

This site, all text and graphics (unless otherwise noted) on it
were designed, developed and published by Bill Sanders of Orange Frog Productions.
It and it's CSS was validated and complies with both the: CSS and HTML 4.01 validators from W3C.
NOTE: All CSS validates except the "New Window Buttons" which include some invalid code (ie: hacks),
added PicoSearch Tables, and warnings for using transparent backgrounds when color foregrounds defined.
Copyright © 2003, 2004, 2005, 2006, 2007 by Bill Sanders / Full site last modified: October 21, 2006
Any reproduction, printing, or selling of this content is prohibited without express written consent from William D. Sanders.
ctr