29/02/2016

Online Dating Extortion and Other Scams

The latest report from the Internet Crime Complaint Center (IC3) reinforces the fact that people looking for love online need to remain vigilant about who they choose to communicate with and how they do so. 
In a recently reported dating extortion scam, victims usually met someone on an online dating site and then were asked to move the conversation to a particular social networking site, where the talk often turned intimate. Victims were later sent a link to a website where those conversations were posted, along with photos, their phone numbers, and claims that they were “cheaters.” In order to have that information removed, victims were told they could make a $99 payment—but there is no indication that the other side of the bargain was upheld.
Other items in this month’s IC3 report include a new variation on the classic payday loan scam; new malware that has infected at least 250,000 victims, including 46 Fortune 500 companies; and the top words used by cyber criminals in fake e-mails.

Internet Crime Complaint Center's (IC3)
Scam Alerts

October 23, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends and new twists to previously-existing cyber scams.

DATING EXTORTION SCAM

The IC3 has recently received reports regarding a scam that baits individuals into intimate online conversations and then extorting them for financial gain. The scam was initiated after the victims met someone online, such as on a dating site, and were asked to connect via a specific online social network. Shortly after, the conversations became sexual in nature. Later, victims received text messages, either containing their names, asking if it was them or containing a statement that indicated their names were posted on a particular website. The victims were provided a link to a page on the website that claimed they were a “cheater.” Photos of the victims and their telephone numbers were also posted. There was an option to view and buy the posted conversations for $9. Victims were also given the option to have their names and conversations removed for $99. Some were even told that once the payment was made, the information would be removed within an hour and the website would not allow anyone to post anything pertaining to the victims’ names again. However, reports do not indicate that the information was ever removed. 

PAYDAY LOAN SCAMS

The IC3 has received thousands of complaints regarding pay day loan scams over the last three years and continues to see new variations of the scam. The scam involves victims who are relentlessly contacted, via the telephone, at their residences and places of employment. The subjects claim the victims are delinquent on a payday loan and must repay the loan to avoid legal consequences. The subjects use coercion techniques such as harassment, threats, and claims that they were representatives of government agencies and law firms. Only some of the victims have reported previously applying for a payday loan, others said they have never made such an application. 
The subjects seem to have accurate information on the victims, including social security numbers, dates of birth, addresses, employer information, bank account numbers, names and telephone numbers of relatives and friends. 
The subjects refuse to provide any details of the alleged payday loans and become abusive when questioned. Victims are threatened with legal actions, arrests and, in some cases, physical violence if they refuse to pay. Some have been told there was an outstanding warrant for their arrest. Many reported that subjects have also harassed their relatives, friends, and employers. In a couple of instances, the subjects came to the victims’ places of employment and residences claiming to be process servers. 
Over the last couple of months, the scam has evolved from just receiving telephone calls to also receiving official-looking emails purportedly from the United States Attorney. The emails reference the FBI, court proceedings, and serious allegations. Allegations include violation of federal banking regulations such as collateral check fraud, theft by deception, and fraudulently conducting electronic fund transfers. Recipients were instructed to contact the subject within 48 hours of receiving the email. 
To educate consumers and reduce the number of victims of this scam, the IC3 has posted two Public Service Announcements (PSA) warning consumers. The first PSA was posted in December 2010 and the most recent was posted in February 2012. Both PSAs are available at http://www.ic3.gov/media/2012/120221.aspx and 
http://www.ic3.gov/media/2010/101201.aspx
Dark Reading posted the following article on September 18, 2012: 

NEW TDSS/TDL4 MALWARE INFECTS 46 OF FORTUNE 500

New Domain Generation Algorithm-Based Malware Claims At Least 250,000 Victims 
A new iteration of TDSS/TDL4 malware has infected at least 250,000 victims, including 46 companies in the Fortune 500, researchers said Monday. 
According to a new report on the TDSS/TDL4 malware published by security firm Damballa, the new attack is using domain generation algorithm (DGA)-based communication for command-and-control (C&C). 
Used by Murofet, Sinowal and the recent Mac-based Flashback malware, DGA communications techniques are being used to successfully evade detection by blacklists, signature filters and static reputation systems, and to hide C&C infrastructure, Damballa reported. 
TDSS/TDL4 is malware known to infect the master boot record (MBR) of computers, making it resistant to common practices in remediation. It has been described as the "indestructible" botnet, with the ability to act as a launch pad for other malware. At one point it was reported as having infected over 4.5 million victims. 
A total of 85 hosting servers and 418 unique domains were identified as being related to the new TDSS/TDL4 threat, Damballa said. The top three hosting countries for the C&C servers are Russia (26 hosts), Romania (15 hosts) and the Netherlands (12 hosts). 
"By adding elusive DGA C&C capabilities to malware that already evades detection and circumvents best practices in remediation by infecting master boot records, TDL4 is becoming increasingly problematic," said Manos Antonakakis, director of academic sciences for Damballa. 
"With its known ability to act as a launch pad for other malware and TDSS' history of sub-leasing access to their victims, these hidden infections in corporate networks go undetected for long periods of time," Antonakakis said. 
Net-Security.org posted the following article on September 25, 2012: 

TOP WORDS CYBER CRIMINALS USE IN FAKE EMAILS

The top words cybercriminals use create a sense of urgency, to trick unsuspecting recipients into downloading malicious files. The top word category used to evade traditional IT security defenses in email-based attacks relates to express shipping, according to FireEye. 

Urgent terms such as "notification" and "alert" are included in about 10 percent of attacks. An example of a malicious attachment is "UPS-Delivery-Confirmation-Alert_April-2012.zip." 
"Cybercriminals continue to evolve and refine their attack tactics to evade detection and use techniques that work. Spear phishing emails are on the rise because they work," said Ashar Aziz, founder and CEO, FireEye. "Signature-based detection is ineffective against these constantly changing advanced attacks, so IT security departments need to add a layer of advanced threat protection to their security defenses." 
Cybercriminals also tend to use finance-related words, such as the names of financial institutions and an associated transaction such as "Lloyds TSB - Login Form.html," and tax-related words, such as "Tax_Refund.zip." Travel and billing words including "American Airlines Ticket" and "invoice" are also popular spear phishing email attachment key words. 
Spear phishing emails are particularly effective as cybercriminals often use information from social networking sites to personalize emails and make them look mostly authentic. When unsuspecting users respond, they may inadvertently download malicious files or click on malicious links in the email, allowing criminal access to corporate networks and the potential exfiltration of intellectual property, customer information, and other valuable corporate assets. 
FireEye highlights that cybercriminals primarily use zip files in order to hide malicious code, but also ranks additional file types, including PDFs and executable files. 

Looking for Love? Beware of Online Dating Scams
Millions of Americans(Nigerians) visit online dating websites every year, hoping to find a companion or even a soul mate.
But today, on Valentine’s Day, we want to warn you that criminals use these sites, too, looking to turn the lonely and vulnerable into fast money through a variety of scams.
These criminals—who also troll social media sites and chat rooms in search of romantic victims—usually claim to be Americans traveling or working abroad. In reality, they often live overseas. Their most common targets are women over 40 who are divorced, widowed, and/or disabled, but every age group and demographic is at risk.
Here’s how the scam usually works. You’re contacted online by someone who appears interested in you. He or she may have a profile you can read or a picture that is e-mailed to you. For weeks, even months, you may chat back and forth with one another, forming a connection. You may even be sent flowers or other gifts. But ultimately, it’s going to happen—your new-found “friend” is going to ask you for money.
So you send money…but rest assured the requests won’t stop there. There will be more hardships that only you can help alleviate with your financial gifts. He may also send you checks to cash since he’s out of the country and can’t cash them himself, or he may ask you to forward him a package.
So what really happened? You were targeted by criminals, probably based on personal information you uploaded on dating or social media sites. The pictures you were sent were most likely phony lifted from other websites. The profiles were fake as well, carefully crafted to match your interests.
In addition to losing your money to someone who had no intention of ever visiting you, you may also have unknowingly taken part in a money laundering scheme by cashing phony checks and sending the money overseas and by shipping stolen merchandise (the forwarded package).
While the FBI and other federal partners work some of these cases—in particular those with a large number of victims or large dollar losses and/or those involving organized criminal groups—many are investigated by local and state authorities.
We strongly recommend, however, that if you think you’ve been victimized by a dating scam or any other online scam, file a complaint with our Internet Crime Complaint Center. Before forwarding the complaints to the appropriate agencies, IC3 collates and analyzes the data—looking for common threads that could link complaints together and help identify the culprits. Which helps keep everyone safer on the Internet.
For specific tips on how to keep from being lured into an online dating scam, see the sidebar above. Awareness is the best tool for preventing crime…and in this case, even from preventing a broken heart.
Recognizing an Online Dating  Scam Artist
Your online “date” may only be interested in your money if he or she:
- Presses you to leave the dating website you met through and to communicate using personal e-mail or instant messaging;
- Professes instant feelings of love;
- Sends you a photograph of himself or herself that looks like something from a glamour magazine;
  
- Claims to be from the U.S. and is traveling or working overseas;
- Makes plans to visit you but is then unable to do so because of a tragic event; or
- Asks for money for a variety of reasons (travel, medical emergencies, hotel bills, hospitals bills for child or other relative, visas or other official documents, losses from a financial setback or crime victimization).
One way to steer clear of these criminals all together is to stick to online dating websites with nationally known reputations.

No comments:

Post a Comment

Tolulope Basirat Adeoyethe notorious bully on Facebook, once again exposed herself on live chat

  Abike jagaban, the notorious bully on Facebook, once again exposed herself on live chat yesterday. While she was on her live program, she ...