Baker Fraud Report

If there is one thing everyone hates it is prerecorded “robocalls.” Though the Federal Trade Commission has the Do Not Call list, and has brought over a hundred cases closing down robocall operations, these continue to be a problem. I got one ten minutes ago. The FTC recently reported that complaints about robocalls went up 50% in 2016, so we are nowhere near an end to these.

A company called Nomorobo offers a free service to block robocalls, even many by politicians, while still allowing calls about prescription refills and the like. But it does not work with the traditional land line phones most of us grew up with. But many of us now get our phone service through the internet, often packaged with our TV cable system. (Apparently it does not work with Magic Jack).

To get this just go to Nomorobo.com. This company won the FTC award for the best technology to fight robocalls. They do this by compiling a list of known robocalls and not permitting those to ring through to your phone.

But what about calls to my mobile phone?

Nomorobo also offers a service for cell phones, though you have to pay for it. They also offer a paid service that will also block calls on one smartphone for $1.99 per month. In addition, there are a variety of apps, some free, designed to help. This article by a cell phone industry group lists some of these apps.

What about my old home landline?
Sorry, I’m not aware of any effective way to cheaply end calls to landlines, though the Federal Communications Commission has announced that it is working with the phone companies to find a way to end the scourge of robocalls.

The National Consumers League has just released data on the top 10 complaints they received in 2016. You can find it here. A few points to mention about their data, and some useful tips.

• #1 overall was things ordered over the internet that were paid for but never received. This includes used cars, counterfeit designer or sports goods, event tickets, and pets.

• #2 was sweepstakes and lottery fraud, such as Jamaican lottery fraud.

• #3 was fraud involving fake checks. These were up by 1/3 from 2015.

• #4 was demands for money that you really don’t really owe, such as IRS impersonators.

• # 5 was tech support fraud, wanting money to fix supposed problems with your computer.

• Average losses for these fraud complaints doubled from the year before, with the biggest losses coming from romance scams.

• The age range with the most complains were victims 26-35 years old

Helpful tips:

• Before paying money to any business check them out with the Better Business Bureau. The BBB has reports on essentially ALL real businesses, not just members. It is easy to check in advance. Go to BBB.org.

• Especially if you are buying on line never pay any way other than by credit card. If you use a credit card you may be able to get your money back if it is a fraud. Anyone who will not take a credit card is very likely a fraud.

• Never pay for anything by buying gift cards.

The National Consumers League takes consumer complaints on line and shares them with law enforcement in the US and Canada. They also download these complaints into the FTC’s Consumer Sentinel Database. Many of these are internet-based complaints, often from around the world. You can file a complaint with them here.

We all get dodgy spam emails, some of which initially appear to be legitimate bills or notices from companies we deal with. But many of these are actually “phishing scams” that have attachments which, when opened, install secret programs on our computers. Some news reports, in fact, suggest that the hack of John Podesta’s emails at the Democratic National Committee were the result of such an attack.

But if our emails are not dumped onto wikileaks, what exactly happens if we open a bad attachment? In December the Justice Department, working with Europol and 40 other countries, announced “Operation Avalanche” against a massive worldwide operation that had been providing very sophisticated computer support to hide the activities of the crooks since at least 2010.

What were the frauds?
This seems to involved both ransomware and stealing money from victim’s online bank account.

Ransomware
This fraud appears to be exploding in size, and is expected to account for a billion dollars in losses in 2016. In addition to defrauding businesses, it also is now being seen on people’s personal computers and cell phones. It is relatively simple. A victim opens an email attachment from a phishing email, which then encrypts all the data on the computer or phone. The victim gets an email telling them they can only get their data back if they send money through bitcoin to the fraudsters. It is essentially impossible to learn who received the money.

Stealing money from bank accounts
This was the other fraud that was involved here. After victims opened the attachment, spyware on their computer would monitor keystrokes on their computer and thus get the login information for victims’ online bank accounts. The frauds would then wire money from the victims account to a money mule, someone working with the fraudsters. The Mules would then buy goods, presumably computers and other electronics, and ship them to the fraudsters. (for more on how mules operate see this article on Baker Fraud Report.

What were the effects of this fraud?
Hundreds of millions of dollars were lost through the fraud using the Avalanche network. Tens of millions of computers were infected. This network was using at least 500,000 infected computers every day. The cybercriminals use the computers they have infected as networks, known as “botnets.” Thus if your computer is running slow it may be part of a botnet, sending email and other information when you don’t even know it. This enterprise sent at least one million phishing emails out every week.

So what did Operation Avalanche Accomplish?
This enterprise was involved in sending out more than two dozen of world’s most pernicious families of malware. Five people were arrested, 37 locations were searched, and 39 servers were seized. Another 221 servers were taken off line. In addition, law enforcement crippled the connection between individual computers and this fraud network. Thus for likely millions of people, the spyware is still on their computers, but communications now go back to law enforcement instead of the fraudsters.

DOJ press release
Europol press release

FTC shuts down large Craigslist rental fraud

Many people looking for a house to rent or buy go to Craigslist. Craigslist provides a great free service – but the crooks are using the site as well to rip people off. The FTC has just shut down Credit Bureau Center. This company advertised attractive rentals by posting pictures of great places at good prices. Addresses were not provided in the ad. Those interested in renting could only contact the company by email. The company responded by email, telling victims that in order to see the property they had to go to a website, get a “free” credit report, and bring it along to the walkthrough.

But those who obtained the credit report were not told that by putting in their credit card number and other personal information, such as a social security number, they were really signing up with a credit monitoring service – and would be charged $29.95 every month until they could make the charges stop. The FTC says that this company billed victims for more than $6 million.

There was no walkthrough. The rental properties either did not exist or the Defendants had no right to rent them. The fraud was all about conning people into providing their credit card numbers.

The FTC’s court brief said between it and the BBB there were over 500 consumer complaints.

This is not the only case involving fake houses offered for sale on craigslist. Last fall there were news reports of a search warrant being served in Santa Barbara, CA.

A study was released a year or so ago doing an in depth look at Craigslist rental frauds.

Sextortion

 One of the new kinds of cybercrime has resulted in a new word – Sextortion.  This term has come to cover two different kinds of online activity. It is not surprising that sexual predators or those trafficking in child porn sometimes obtain, or coerce people into providing, nude pictures or videos and use those for blackmail. A number of these have been prosecuted.  In fact, Nigerian police recently arrested two Canadian women, Kardashian look-alikes, who apparently had sex with wealthy Nigerian men, recorded the events, and then blackmailed them for money.

But this has also become a very widespread scheme run internationally by organized fraud gangs.  A group that deals with this fraud, scamsurvivors, says that it has helped over 15,000 people around the world who have become victims.   Though victims are often reluctant to go to law enforcement, UK officials say that the number of complaints that they receive have doubled in the last year, and they are aware of at least four suicides.  In addition, this scam has been targeting young members of the U.S. military.

Here is how it works

A young man (usually) meets a beautiful young woman online at a chat site or a dating site.  They communicate, perhaps texting and exchanging photos, and then she suggests that become friends on Facebook.  Before long they both use webcams such as Skype to perform sexually explicit acts.  The crooks tape record the session, and then demand money or they will send the video to the victim’s family and friends.  Sometimes victims are called by the woman’s “father” claiming the girl was underage, and that this was therefore child pornography that could be reported to the police and result in criminal charges against the guy.

Who is behind this?

The organized frauds appear to be operating primarily from the Philippines, Morocco, and the Ivory Coast. But of course the victim does not know that they are dealing with someone outside the country.

How do they contact victims?
It is sometimes dating sites, but they often reach victims through chat sites such as such as chatroulette or omegle.   The frauds also typically set up fake Facebook profiles, stealing pictures of women from porn sites or other places on the internet.  Then they scour Facebook for likely subjects.  From looking at a victim’s Facebook page they may have a good idea of their social status and thus how much money they have.  Some frauds also seem to be using Linkedin to contact potential victims.

Who are the women?

The “women” in these situations don’t really exist.  They are computer generated sexbots, though that is not apparent to the viewer.  Those running the frauds can easily control the actions of these bots, making them wave, toss their hair, or do other things.

Who are the victims?

The vast majority of victims are males between 15 and 25.  Some are young members of the military.  The Naval Criminal Investigative Service (NCIS) reports that it received 300 sextortion reports over four years, but in 2016 they received more than 120.  It seems likely that this fraud is also targeting military members in other countries as well.  Here is a good article on the response to this scam by the US military.

How much do they want?

This varies depending on the fraudsters estimate of ability to pay, but initial demands seen to be about $500.  Of course anyone who pays will face demands for still more money.

What effect does this have on victims?

Like many frauds, victims suffer from more than the loss of money.  As noted, there are several reported suicides. In addition, victims who are Muslim or come from a family with strong religious beliefs may be especially worried.

How do victims pay? 

Most of the time the money is sent through Western Union or MoneyGram, though a few use Paypal.  Other payment methods are possible.

What if you don’t pay? 

In this fraud the gangs apparently do not actually follow up with their threats.  It is easier to just move on to new victims.

Similar tactics of recording sessions on webcams are also sometimes used by romance scammers, and those frauds have been known to actually post explicit videos.  But romance fraudsters tend to have a longer term interest in their victims and may know about their ability to pay or vulnerability to this type of blackmail.

What is law enforcement doing? 

International fraud is a real challenge for most law enforcement.  However, after a suicide in Scotland by a 17 year old victim UK police worked with Interpol to take action in the Philippines.  In 2014 police searched a number of large operations near Manila that were engaged in this fraud and arrested at least 55 people.  These fraud operations had victims in Hong Kong, Singapore, the UK and the U.S.  U.S. service members were also victims.

The woman in charge of one operation was reportedly the owner of two different Western Union outlets that was used to receive the money from victims.  In an interesting twist, this enterprise was texting with potential victims and convincing the victims that they had a problem with their phones. The fraudsters sent them a “fix” to install on their phone which contained a Trojan virus.  This allowed the fraudsters to download all the victims’ contact information.  Armed with that information, the crooks apparently could even threaten to send the video to specific people such as their mother or father.

There is an excellent TV news report on this effort on Undercover Asia.  It runs about 45 minutes but is extremely well done and is fascinating.

I’ve seen no news on convictions in this case.  In the Philippines victims must file formal complaints, and many victims are, understandably, reluctant to come forward.

Law enforcement in the UK has also made a real attempt to educate the public about this fraud and encourage victims to come forward.

 What to do if you’re a victim.

DO NOT PAY!  I would recommend as a first step going to scamsurvivors.com.  They have a step by step guide for victims to go through, such as closing down all Facebook pages and cutting off all communications from the fraud.

COMPLAIN TO LAW ENFORCEMENT.   Even if  an agency can’t help with this particular instance,  the information you provide may help them stop the fraud and help protect other people from becoming victims.  Here is information on where and now to complain.

Robocalls on the rise

On December 9 the Federal Trade Commission released a report on data about Do Not Call for the previous year.   Most of us know about the National Do Not Call list — 226 million phone numbers are now registered.   To no one’s surprise, it shows a dramatic rise in robocalls.

We all also know that being on the Do Not call list does not stop illegal robocalls. Though the Federal Trade Commission has brought over a hundred cases involving robocalls these illegal calls  continue.  In fact, the new report shows that Do Not Call complaints rose from 3.5 million in 2014 to 5.3 million in 2015 – a 50% increase in the last year.

The report also lists the states that have the most complaints per 100,000 people.  The top 4, in order, are the District of Columbia (2771), New Jersey (2282), Connecticut (2147), and Illinois (2116).  This does not necessarily mean that those locations get more illegal calls, just that they are more likely to complain.

The states with the most registrations for Do Not Call per capita are:  New Hampshire, the District of Columbia, New Jersey and Massachusetts.

Law enforcement uses these complaints  to track patterns and locate violators.  It is quick and easy to complain.  Go to:

And if you are curious about a call, simply do an internet search of the number that appears in the Caller ID.  Often you can learn more about the scam behind the call.

Steve Baker

December 16, 2001

Costa Rica Sweepstakes Scammers Sentenced in Federal court

On December 14, 2006 the three people in the US were sentenced to federal prison for running sweepstakes fraud schemes in Costa Rica that ripped off elderly US consumers.  One Costa Rica room running this fraud took in nearly $10 million.  One Defendant was sentenced to 15 years in federal prison.  Here is the DOJ press release.

How the fraud worked

US consumers received calls telling victims that they had won a large prize from a sweepstakes.  These calls used “spoofed” caller ID’s to make it look like they were coming from area code 202 (Washington DC).  They pretended to be calling from government agencies informing victims of their winnings.   (I know that some of these sweepstakes frauds were impersonating real people at the Federal Trade Commission, including me).  Victims were told to send money by Western Union or MoneyGram to pay a “refundable insurance fee.”  Those who paid were then called again, told that their winnings had increased, and that they needed to send additional money.  Of course no one had actually won anything.

This is, of course, very similar to sweepstakes frauds coming from Jamaica.  See my separate in depth article on Jamaican sweepstakes fraud.

Mystery Shoppers

One of the more common frauds today are bogus mystery shopper, or secret shopper, jobs.  The U.S. Attorney’s office in Los Angeles on December 6 announced convictions of a Canadian couple that had been running this fraud from Toronto.  Idris Nuradin got 27 months in federal prison, and his wife spent eight months in prison and was released for time served.  Here is the press release: canadian-telemarketers-nuradin-gayad-sent-299    And article on this case in Canada.

What is mystery shopping?

Businesses do hire people to go to stores and evaluate customer service or the prices being offered by their own stores or those of competitors, but these are not terribly well paying jobs. Often these involve fast food companies.

In fact, the Federal Trade Commission shut down a company advertising nationally several years ago claiming people could make make $200-$500 per week being a mystery shopper – if they signed up with the company for a $100 fee.  It was bogus – you don’t need to pay anyone to get such a job, and there were not nearly as many mystery shopping jobs available as the company claimed. Here is information that case. /marketers-mystery-shopper-scam-settle-ftc-agree-pay-850000

Those truly interested in mystery shopping opportunities might want to take a look at this article.   And there is a trade association for this industry, the Mystery Shopper Providers (MSPA).

What is the scam?

There are a variety of scams that rely on fake checks to rip people off. The Federal Trade Commission received nearly 15,000 complaints about fake checks in 2015.  In the case of the Nuradins, they contacted victims by mail offering recipients jobs as mystery shoppers, and enclosed checks, some of which purported to be from Warner Brothers.  Victims were directed to deposit the check into their own checking account, then to mystery shop Wal-Mart.  Every US Wal-Mart has a MoneyGram counter.  Consumers were told to wire transfer part of the money from the check they had received, write up a report on their experience at the store, and keep the “remainder” as their pay.  But the checks were fake, and victims had simply sent their own money to the crooks.  Wal-Mart has told me that it never hires mystery shoppers.  I’ve seen a number of cases where the fake check was for the sum of $5000, and victims were directed to wire $4600 and keep the “remainder” as their pay.

How do fake checks work?

The frauds obtain checks used by real businesses, perhaps by the theft of mail, scan them into computers, and then print them on check stock.  The check may have the real name and account number of a real company, but any phone numbers on the check will be numbers answered by the frauds. Many of these are cashier’s checks, which most people believe are as good as cash.

When you deposit a check, federal banking rules require the bank to credit the money to your account very quickly, between 1 day (for cashier’s checks) and five days (for many others).    So victims see that the money is in their bank account, and presume that means that the check is valid.  But it is not.  It takes 10 days or more for the actual physical check to move through the system before the banking system determines whether the check is real or counterfeit.

Of course by that time the victim has sent money through Western Union or MoneyGram. The bank does not eat the loss – they simply subtract the funds from the victim’s bank account.  Some fake check victims have even been arrested themselves for using a counterfeit check.

Fake checks are used in a variety of frauds, a subject which will be the subject of a separate article soon.  For more about fake checks see fakechecks.org.

How can you tell if a check is fake?

Never call the phone number on the check. That will be answered by someone assisting with the fraud.  Instead find the real phone number of the company yourself and call.  Even then, I would recommend waiting at least two weeks before spending the money from the check.

How does this fraud contact victims?

In the case above, they simply sent these offers by mail.  Today they also offer these jobs on internet job boards, through email offers, facebook, and many other ways.  But they all involve sending a check.

 Tips to avoid frauds

• Those interested in mystery shopping jobs should make sure they are dealing with a reputable company. The MSPA has information here.

• NEVER send money through Western Union or MoneyGram to anyone you have not met in person.   It is like sending cash. Once the money has been picked up there is no way to get your money back.

• Try doing an internet search on the check, such as “fake check warner brothers.” You may find other victims that have receive similar checks for the same type of fraud.

• See the section on filing a complaint on this web site. It is also very important to be sure and also complain directly to Western Union or MoneyGram. They know where the money was actually picked up. (You know where you were told to send it; that is not necessarily where it was received).

Steve Baker

December 15, 2016

Sextortion

 Around the world, we are seeing a big increase in Sextortion frauds.  As it sounds, this is a combination of sex and extortion.  As you’d imagine, there are occasions when people have photos of themselves unclothed which end up in the hands of sexual predators which use them to demand money.  These are often prosecuted.   But separately there is a worldwide organized crime effort to extort money, with thousands of victims around the globe.

Here is how it works.

A young guy (usually) is contacted on facebook or a dating site by a gorgeous young woman.   After some back and forth, such as email or exchanges or racy photos,  she suggests that they communicate by Skype or another webcam, and things lead to them watching each other performing sex acts.   But what the victim does not know is that the video of him is being recorded.  Thus immediately after the victims if contacted and told that he must pay money or the video will be posted on the internet and shared with all of his friends and family.  Sometimes the scammer claims that the girl was a minor, meaning that this might consist of child pornography, and threatens to contact the police unless the victim pays.

How much of this is there?

We believe the vast majority of victims of this fraud do not file complaints, and thus accurate information on the extent this fraud does not exist.  But both the US military and the UK’s National Crime Agency report that complaints about this fraud have doubled in the last year.  The NCIS itself has received over 300 complaints about this fraud, more than 120 this year alone.   Scamsurvivors.com, which helps internet fraud victims, has received over 15,000 complaints from victims around the world. The US military has come to recognize that its young service members are being targeted.  It seems very likely that the same holds true for other the military in other countries as well.

Here is a good article explaining what the US military is confronting.

What effect does this have on victims?

This fraud does not result only in the loss of money.  It can cause serious emotional distress.  The National Crime Agency reports four suicides in the UK in the last year.  This may pose special problems for victims from strictly religious cultures, such as Muslims.  Note that Romance scams sometimes use the same tactics if victims stop sending money.  See the separate article on romance scam and how they work.

How much do victims lose and how do they pay?

I’ve seen losses range from $500 to $10,000.  If the frauds have access to the victim’s facebook page they may be able to estimate what victims can afford.  Most of the time victims make payments through Western Union or MoneyGram, though a few have paid through paypal.

Where are these scammers and what is being done about this?

There are apparently large organized groups conducting this fraud from the Philippines, Morocco, and the Ivory Coast.  But the victim may not even know where the fraud is actually located.  The organized frauds are difficult to locate and prosecute, though law enforcement in the Philippines, working with Europol, took action in 2014.  They busted several locations where this fraud was running and arrested 58 people.  Here is the press conference announcing the busts.  And this is another news report.

What to do if caught up in one of these?

•  DO NOT PAY — They will not post your information online. And paying will result in demands for more money.
•  Victims are understandably reluctant to go to the police, but reporting these is important so that law enforcement can understand how big a problem this is. In addition, reporting may provide information that helps prevent other people from being defrauded.   The FBI’s Internet Crime Complaint Center is also a good place to report these crimes.  Click here to report it.

• For real help I recommend reaching out to scamsurvivors.com. This is a great organization, located in the UK, and it provides a step by step guide for those who have encountered this fraud.

Steve Baker

December 13, 2016