What they're up to

Lee este artículo en español

Because it’s National Consumer Protection Week, today I’m going to share the latest trends in scams. In this series I usually speak about cybercrime and malware, but there’s so much going on in malware and scams, that I will write a separate article on cybersecurity issues later in March.

*72
This scam is not just illegal but can also be described as immoral. Someone gets a phone

call that says that a relative has listed him/her in case of emergency and that this person is in the hospital or even dead. The caller provides the victim with a special phone number that starts with *72 so that he/she can gain “direct access” to the nurse’s station or coroner’s office. If the victim uses that number and makes the call, he/she has just authorized his own phone number for call forwarding purposes, and criminals can now sell that number to people to make long distance and international calls. The victim has no idea until he/she gets the next phone bill.

Wangiri calls
Wangiri means “one ring and hang up”. This scam consists of calling a victim from a foreign country and letting the phone ring just enough for the calling number to show on the receiver’s caller Id system; then they hang up. If the person who receives the call decides to call the back, once it answers they get some music, a soft voice, and they’re placed on hold. One waits and waits, without realizing that this is a pay-to-call number and the charges are just accumulating while he or she waits. When the victim gets tired, he or she hangs up, and next month there’s a nasty surprise on the phone bill. If you receive phone calls from a country where you don’t know anyone, ignore the number; if they keep calling, you can always block the number.

New scams preying on the elderly
The FTC warns of two types of scam that are on the rise among retirees these days: 
During a Technical Support scam, the victim receives a phone call from the supposed technical assistance department of a well-known antivirus or software company. They are

told that their computer, a close friend’s computer, or the computers in the victims’ area (an oxymoron) are under attack by a specific type of computer virus or malware. The technician indicates that the victim must visit a specific website (that seems legitimate) to download a patch, and they charge the person for the download. Other “technicians” request remote access to the computer. In both cases the end result is the installation of malware, one that often the victim has even paid for!

These fake technicians sound very well informed and tend to be persuasive and convincing.The reality is that computer, software, and antivirus companies never, ever

initiate contact with consumers directly. If you receive any calls of this type or get a pop-up window saying your computer is infected with malware, hang up/close the window right away. It will be a scam.


Which reminds me: sometimes these scams start when the victim is online browsing. They may get a seemingly-legitimate popup window, or a sudden chat opens from an “authorized technical support representative” from a well reputed software or antivirus company.

The second scam is an oldie that refuses to wither away, the one where you have won a lot of money in the lottery but must pay a fee to get your winnings. In these scams you may be contacted by phone, email, or regular mail letter. They’re the same Nigerian scams of old: please ignore them. Just ask yourselves “did I play this lottery?” If your answer is no, but you think you might have forgotten, or still have doubts, go online and google the main words of the call/letter/email and add the word scam at the end.

Fake invoices or receipts
You get an email from a known company that offers streaming, eBooks, or online music,

thanking you for your recent purchase of such and such things: a film, a few books, or some music albums. Attached on the email is a link to the invoice or the bill to pay for the items, in file format. Because you know you didn’t order anything, you click the link or open the file, and you’ve just installed malware or ransomware in your computer without realizing.

The only way to avoid falling for these is learning to read fake World Wide Web addresses. To check on an address, mouse over the link without clicking it and you will see, floating above, the actual link you will be opening if you click:

• Watch for discrepancies, such as seeing a link named www.trustycompany.com but, once you hover says www.anythingelse.com and you will know it’s a fake. 
• Your link contains ending codes with words or country codes that don’t correspond to the country or type of business contacting you. For example, a message from OAS FCU would not link the address www.oasfcu.eu. 
• Examine the address content very carefully. It isn’t the same to go to http://www.1acaixa.com than https://www.lacaixa.com. In the first address, the first letter in La Caixa is a 1, not an L. 
• Does your address have “https://” at the beginning? It used to be that this made an address safe, because that s at the end meant it was secure. Not anymore; now you can have a scam link that comes with its own secure connection that installs malware to your computer, just the same! 
• If you’re looking at a condensed link that starts with something like or bit.ly, buf.ly and you don’t know what’s behind it: the first logical assumption is that companies like Spotify or iTunes wouldn’t be sending you condensed links. But, if you want to double-check, there’s a website to see what hides behind a condensed link without ever clicking it. It’s Get Link Info, a free service. You can copy and paste any condensed link and it will tell you. 
• If after this, you still aren’t sure, look up that company’s name online and compare the two addresses. 

Love online
Did you know that OAS FCU’s on Quora? Quora is an online forum where people seek

specialized information on specific subjects, and people/companies with the knowledge provide expert answers. I write OAS FCU’s answers on economy, personal finance, budgeting, credit history, etc. A couple of weeks ago someone asked if anyone else had ever had their hearts and wallet broken by a person they had met online. At first, I wasn’t going to answer, because it was clear the person wasn’t asking for an expert answer. But in the end, I answered with a response that was not going to help his/her situation, but at least it would make the person feel a little better. If you want to read it, it's here.

I’m a staunch defender of meeting people online. My partner and I met online almost 12 years ago now (in a Massive Multiplayer Online game, or MMO) and we’ve been together almost as long; I think we’ll be getting married soon. However I do remember a Swedish

friend in the same game who met a young woman to whom he sent over $2,000 worth of gifts online during the span of a year, and in the end it turned out she was in reality a he, and my friend was scammed and heartbroken.

There are many heartless people that seek online relationships for monetary gain; they work several relationships at once, with care and polish, with the sole purpose of getting moneylater on. Some are very smart and assuage their victims’ fears by sending them small gifts and flowers to gain their trust; later, when it’s time to meet, suddenly they don’t have enough money for the airline ticket, or they’re business people and their company is not doing very well just then and they need help paying their employees… After giving them money once or twice, suddenly the person disappears, and the victim's left with a broken heart and a hole in their savings.

If someone you’ve met online, no matter how long you’ve known them, asks you for money to come and see you or for any other reason, know that there’s a 99% chance you’re getting scammed, and the type of scam is known as a catfish.