e-edition eEdition Subscribe Log in
Wednesday, October 16, 2024
55.0°F

Cyberjerks rewarded for patience

| December 5, 2019 12:00 AM

Scammers are astute in how they go about stealing our money and our personal information. They’re also patient. More cases are being exposed where hackers lurk and monitor business owners’ conversations and then wait for the right moment to strike.

This is known as business email compromise. Those most likely to be targeted are business owners who deal with disbursements between partners and customers and real estate agents who are transacting a buy or sell of a home or commercial building. Once wiring funds is discussed, the hacker hijacks the conversation.

Hackers take control of the conversation to insert their own wiring instructions. They pretend to be one of the legitimate party members to the transaction but they have the money sent to a bank account they control. The timing of the email has to be perfect to not raise suspicions, which is where the patience comes in. That way the duped partner is none the wiser until after the transaction is completed.

In the case of wiring money, the transaction is so expedited that before it can be caught as a fraud, the money is often long gone. Businesses are targeted because the money being transferred is a high dollar amount so monitoring a conversation can really pay off big time for the scammer. In cases like these, the bank is not responsible for the missing funds because the wire was authorized by the business partner or owner.

Bottom line: Be careful if your business routinely wires funds. Always double check with the person or entity you’re wiring funds to with a follow up phone call. The FBI’s Internet Crime Complaint Center reports these crimes accounted for more than $1.2 billion in 2018, nearly triple the 2016 figure.

•••

FUNERAL EXPENSES: I’ve received calls and emails from concerned readers about a letter they received with the headline “2019 Benefit Information for Idaho Citizens.” The correspondence is designed to fool the reader into thinking it came from the U.S. government by copying the format of government notices. It informs recipients they may qualify for a state-regulated program to pay for final funeral expenses and that they may qualify for a benefit of up to $35,000.

The notice further claims you are entitled to free information and this payment is tax-free for Idaho residents.

These notices are not being sent out by the government but instead are coming from a private company called Direct Processing Center. They are a referral agency in the business of collecting our personal information and then selling it to insurance companies that actually do sell funeral services, but not through the government and certainly not at a steep discount. The insurance companies either send a representative to your door or call you and try to sell you a funeral policy.

How do they get away with this deceptive marketing practice? If you read the very fine print (that I had trouble reading even with my glasses on), it does state that they have no affiliation with the U.S. government and this offer isn’t coming from the government. What they’re doing isn’t illegal but it is highly misleading and they can get away with it because of the disclaimer.

Final thought: If you get one of these notices just throw it away.

•••

SECONDARY CELLPHONE ID ALERT: If your cellphone starts acting funny, pay attention because there could be something going on with your account. There’s an uptick in what is known as SIM-Swap scams.

A SIM-Swap is a social engineering trick fraudsters use to take control of somebody else’s phone number and hijack it. There are a couple of ways this can be done:

1. Sometimes the crook fools the phone company representative into believing they are the number’s rightful owner, who lost their phone and needs to transfer service to a new device, or

2. Sometimes it’s an inside job (as alleged by federal prosecutors in a previous case), with a phone company employee helping to make the switch.

Either way, it can have devastating results for the number’s rightful owner.

Once the scammers control your number, they can get your text messages, including the verification codes many online service providers send when customers reset their passwords. Using the text-message verification version is popular because it’s simple; however, since it does depend on a phone number, it has become more vulnerable to this type of SIM-Swap scam.

With verification codes, scammers can get into many of the user’s online accounts. Organizations that fight cybercrime realize phone numbers are becoming more valuable and are irresistible targets.

Most financial institutions, health care providers and social media accounts ask for a phone number from us, which is where the vulnerability is created. This is a labor-intensive scam, so thieves look for rich targets including those who invest in crypto-currencies.

It’s best to continue to protect ourselves by not replying to unsolicited calls, emails and text messages that ask for personal information. Limit the personal information you share online and set up a PIN on your cellular account.

Remember: I’m on your side.

•••

If you’ve encountered a consumer issue that you have questions about or think our readers should know about, please send me an email at terridickersonadvocate@gmail.com or call me at 208-274-4458. As The CDA Press Consumer Gal, I’m here to help. I’m a full-time copywriter working with businesses on marketing strategy, a columnist and a consumer advocate living in Coeur d’Alene.