FinCEN has recovered more than $500m to dateWhile you're sweating to make an honest crust, email scammers are counting at least $301m in untaxed takings every month in the US alone, according to research by the Financial Crimes Enforcement Network.The FinCEN agency tallied the figures for 2018 (PDF) and found the number of suspicious activity reports describing business email compromises had more than doubled from around 500 per month in 2016, to over 1,100 per month last year.Meanwhile, the number of scammers ballsy enough to impersonate a CEO or other members of the C-suite declined to 12 per cent, down from 33 per cent in 2017.The total value of attempted scams more than tripled in the same period.The agency revealed the favourite method of extracting payment information in 2018 involved fraudulent vendor or client invoices, with this method responsible for 39 per cent of incidents in 2018, up from 30 per cent in 2017.
Collateral damage: Web advert crackdown broke our fix-it businesses, sigh ownersWith America's trade watchdog on Tuesday hosting a workshop in Washington DC on restrictions that limit the feasibility of repair devices, hardware rehab forum iFixit has penned an open letter to the FTC to complain about Google's ad policies that hinder the mending of machines.Last August, the Chocolate Factory announced that because its ad system lacks an easy way to distinguish between legitimate businesses and scammers, it was planning to institute a verification program limiting ads for third-party tech support and repair services to legitimate providers.And Google's program may well be thwarting these crooks, though at the cost of denying legitimate repair businesses the ability to market themselves to customers."By treating all third-party repair as a fraud-prone liability, and directing all interest in device repair to their own Maps and search results, Google is severely handicapping repair businesses, prioritizing purchases over repair and reuse, and deciding which companies customers can turn to when they need to fix electronics," explained Kevin Purdy, a writer for iFixit.Dozens of complaints from repair businesses on social media underscore the impact of Google's ad policy change.
Facebook is spending £3m on making it harder for people to use Facebook to spread various scams, with the move part of a deal to make peace with internet legend Martin Lewis -- a man whose likeness has previously been stolen and used to launch a thousand unauthorised online scams.Lewis has agreed to settle his High Court claim against Facebook in return for the investment in anti-scam measures, that have got the social network launching a Citizens Advice Scams Action team dedicated to scouring its listings for rip-off nonsense to do with Bitcoin or whatever the current pyramid-sales scam of the day might be, offering "one-to-one support" for victims of fraud.Or, more likely, a chat window for Martin Lewis to let them know when someone's pasted his photo atop a guaranteed* returns** win-win*** financial scheme.Facebook has also agreed to launch an in-app reporting tool for scam ads, but this'll only be available in the UK; presumably there's no global-markets equivalent to Martin Lewis that routinely finds his or her face and brand passed off and used to endorse dodgy financial schemes.
Welcome to Hard Fork Basics, a collection of tips, tricks, guides, and info to keep you up to date in the cryptocurrency and blockchain world.Google ‘cryptocurrency’ and the likelihood is you’ll see ‘exit scam’ somewhere in the results.To do so, the scammers typically launch a new cryptocurrency based on a promising concept.Then, they raise money from investors through an ICO.The business may or may not operate for some time, but eventually the scammers who collected the funds disappear leaving unsuspecting victims in the lurch.Having said this, consider these tips before making any decisions:
The UK’s is the world’s biggest target for phone scams, with 15 per cent of the world’s fraudulent telecoms traffic directed at British numbers, new research has found.BICS, a subsidiary of Belgian telco Proximus, says its FraudGuard platform analyses traffic from more than 900 communications providers around the world and found the UK was the only G20 country in the top ten, with 25 million scam calls during 2018.It added that the number of global call attempts increased by two per cent last year, with telecoms fraud causing losses in excess of $30 billion worldwide.“The results … illustrate what a persistent – and damaging – threat telecoms fraud is to the industry, whilst continuing to prop up serious organised crime,” said Katia Gonzalez, Head of Fraud Prevention.“Eradicating telecoms fraud is an ongoing battle, and one which will only be successfully waged with industry-wide collaboration.Sharing information and knowledge will allow the sector to take a proactive approach to minimising fraud, protecting subscribers in the UK, and globally.”
The fake-Facebook-ad-spotting service goes live today, backed by a £3m donation to Citizens Advice coughed by the social network as a result of legal action from MoneySavingExpert scribe Martin Lewis.Lewis settled out of court after hurling a defamation sueball at Facebook for failing to remove ads for "get-rich-quick" scams that used his face.He successfully claimed the fake ads were damaging his reputation.From today, your nan can get personal guidance from Citizens Advice Scams Action if they fear they are being, or have been, scammed due to a Facebook advert.Users will also be able to flag adverts they consider dodgy.These reports will now be dealt with by a Facebook ops team, which will tell coppers about trends it has tracked.
Facebook has launched a tool for UK users to report ads they suspect of being scams.The feature can be accessed by clicking the three dots in the top right corner of each ad on Facebook, then selecting ‘Report ad’, then ‘Misleading or scam ad’ and finally: ‘Send a detailed scam report’.So if you want to think of it as a reporting ‘button’ it’s a button that actually requires four presses to function as intended…Once a scam ad report has been filed, the feature will alert a dedicated internal ops team at Facebook that is tasked with handling reports — so will be reviewing reports and removing violating ads.The new consumer safety feature follows a defamation lawsuit filed in April last year by consumer advice personality, Martin Lewis, who had become exasperated by the volume of scam ads misappropriating his image on social media to try to trick users into parting with their savings.Facebook also agreed to donate £3M worth of support in cash and Facebook ad credits to UK consumer advice charity, Citizens Advice, to fund the setting up of a Citizens Advice Scams Action (Casa) service — which has also launched today.
Bargain hunters have been warned to be on alert today as they shop for the best Amazon Prime Day deals.With Amazon's mid-year sale extravaganza already in full swing, security firm McAfee has warned shoppers to be on alert for scams looking to take advantage of over-eager bargain hunters.The firm is urging users to take extra care before clicking on adverts or links to deals that seem to good to be true, especially those shared on social media sites or in emails and messages received through platforms such as Facebook, Twitter, WhatsApp.The best e-commerce platform of 2019: get an online store now!McAfee revealed research on online shopping habits that found over a third (39 percent) of Brits were unable to tell if a website is real or fake - but half said that if the price was cheaper than a trusted retailer, they would purchase from an online site even if they were not fully confident it was genuine or secure.Twenty percent said they would make an online purchase over public or unsecured Wi-Fi, which could expose their payment details and personal information to cybercriminal lurking on the network.
Canine cancer research could also help humans, there's an Amazon phishing scam to watch out for, and Facebook gets hit with a record settlement.Here's the news you need to know, in two minutes or less.Dogs are playing a big role in human cancer researchCancer in aging dogs is all too common, but it turns out treatments for your furry friend have implications for people, too.Many of the types of cancer dogs get are similar to those in humans, and with collaborative work between animal and human medicine in the Obama-launched Cancer Moonshot Initiative, researchers are exploring treatments that could save the lives of both dogs and people.With Amazon's Prime Day around the corner, security company Mcafee detailed a phishing scam that enables hackers to send an email that looks like it's from Amazon, with a PDF attachment that leads anyone who clicks to a website mimicking an Amazon login page.
Amazon’s made-up holiday dedicated to “epic deals” and working its warehouse workers to the bone is fast approaching, and so, apparently, are pretty convincing phishing scams disguised as emails from the tech giant.McAfee researchers discovered an “Amazon Phishing Kit” in May of this year designed after a phishing scam that hit Apple users last year, according to a blog post from the security firm.The researchers believe the same group is behind the Amazon attack alongside another malicious actor.The kit lets someone create an email with a PDF attachment that looks like it’s sent from Amazon.The links included in the email direct the victim to a fake Amazon log-in page.According to images posted by McAfee, they’re pretty convincing, if fairly basic as far as phishing scams go.
Security researchers at McAfee say that hackers have released a do-it-yourself kit that allows people to easily put together phishing scams targeting Amazon users – just in time for Prime Day next week.McAfee first noticed the so-called 16Shop phishing kit in action in November, when it was being used to create fake emails, supposedly from Apple, trying to gain access to people’s Apple accounts.The scam let hackers create a realistic-looking Apple sign-in page to steal your login credentials.Starting in May, 16Shop expanded to target Amazon users, McAfee wrote on Friday, July 12.The new version allows would-be hackers to create their own realistic-looking Amazon login page that would give them your username and password — pretty much everything they would need to log into your account.Here’s what it looks like:
But amid the flurry of cheap TVs and ebooks and what else, maybe Instant Pots?While McAfee discovered this particular kit in May, it appears to be a spinoff of one that had targeted Apple users in the US and Japan last November.The kit is called 16Shop; its author goes by the handle DevilScreaM.In both the Apple and Amazon campaigns, 16Shop makes it easy for anyone to craft an email that looks like it comes from a major tech company, with a PDF attached.As with the previous Apple campaign, those links direct victims to a page that requests not just their name but also their birthday, home address, credit card info, and Social Security number.“The use of major brands looks to leverage the subconscious lever of authority to invoke user interaction,” says McAfee chief scientist Raj Samani.
Scammers have found a way to steal future income from those eligible for the new Universal Credit benefit, and are advertising their thievery as a form of "grant" people are eligible for on social media.Researchers found the scams being promoted on Facebook, Instagram and Snapchat, where heaps of fake people were found leaving positive comments beneath the ads for official-sounding grants along the lines of "Wow, mates, thanks for hooking me up with all this legitimate free government money!"and encouraging others to do the same.The BBC charts one such case, where a victim handed over her personal details to fraudsters who were offering a series of entirely free government "grants" -- only to find they'd used her details to reverse engineer her benefits accounts to withdraw a chunk of Universal Credit allowance.That's where the grant came from.It's an issue with the way Universal Credit itself works; new claimants or those transferring to UC from other benefits systems are able to get large chunks of their claim paid in advance to cover bills while the forms are being processed, although this advance is then slowly repaid over following months.
Angry victims have looted and torched the home of a man who reportedly operated an alleged Bitcoin BTC Ponzi scheme in South Africa.Firefighters in Ladysmith, approximately 365 kilometres south of Johannesburg, were called to Sphelele “Sgumza” Mbatha’s house on Wednesday afternoon after several angry citizens set the building on fire.An anonymous source told TimesLIVE that victims were taking the law into their own hands because Mbatha was unreachable.Mbatha operated Bitcoin Wallet, a company which reportedly enticed victims to invest in exchange for easy and big returns on investments.Earlier this week, Mbatha told the Ladysmith Gazette that he didn’t have any more cash to pay out to clients.The same outlet confirmed on July 9 that Mbatha had not been arrested, despite rumours on social media.
AT has become the first US carrier to turn on automatic scam call blocking, the company has announced.The change follows an FCC vote last month that approved this approach to dealing with the nation’s robocalling problem.According to AT, new wireless customers will see the feature turned on by default when they sign up for a new line, while existing customers will see the feature arrive in coming months.On June 6, the FCC voted in favor of allowing wireless carriers to block robocalls by default, enabling them to stop these scammers and spammers before they reach the customer’s phone.Under the declaratory ruling, carriers are allowed to make automatic spam call blocking an opt-out feature, meaning it is turned on by default and customers will need to opt out of receiving it rather than being required to opt in.On July 9, AT announced that it will bring automatic fraud call blocking as well as suspected spam call alerts to all of its mobile customers for free.
Today we’re going to have a chat about how to avoid such things and how to destroy the pop-ups you’ve got already.You’ve almost certainly got more than a couple computer-illiterate people in your life, people that believe whatever’s written and do whatever they’re told.If it looks like it’s important, it must be true!An advertisement button will appear on your iPhone and will say one of the following super scary and/or exciting messages.Malicious iOS pop-up contents could potentially include include:• Amazon Prize Winner notification
Law enforcement agencies around the world have recently begun extricating themselves from expensive, ineffective predictive policing systems.The machine learning equivalent of psychic detectives, it turns out, simply doesn’t work.In Palo Alto, California a three-year long program using predictive policing is finally being shuttered.Police spokesperson Janine De la Vega told the LA Times: “We didn’t get any value out of it.It didn’t help us solve crime.” In nearby Mountain View as well, a spokesperson for the police department said “we tested the software and eventually subscribed to the service for a few years, but ultimately the results were mixed and we discontinued the service.”Predictive policing is a black box AI technology purported to take years of historical policing data (maps, arrest records, etc.)
On Monday, Federal Communications Commission chairman Ajit Pai proposed a new rule that would make malicious text message spoofing and overseas robocalls illegal, something that the agency has yet to fully address in its attempts to fight robocalls.The measure formally implements rules approved by Congress last year that authorize the FCC to go after text message fraudsters and international robocallers.If approved, calls and texts that use spoofing to imitate a different phone number would be unlawful and would allow the FCC to bring enforcement actions against bad actors outside of the country who are looking to defraud or scam people in the US.“Scammers often robocall us from overseas, and when they do, they typically spoof their numbers to try and trick consumers,” Pai said in a statement.“Call center fraudsters often pretend to be calling from trusted organizations and use pressure tactics to steal from Americans.We must attack this problem with every tool we have.”
Last week, a report from the CSIS Security Group pointed ZDNet (and the rest of us) to a very shady app on the Google Play Store called “Updates for Samsung.” It offered to provide system-level Android updates to phones — and, in fact, it did redistribute Samsung’s software, though it was essentially a scam to get you to pay money for said updates.Today, after we inquired, Google told The Verge that the app violated its policies and has been “suspended.” It is unclear what specific policy Google cited and when it became aware of the app.Last week, the developer of the app, Updato, told BleepingComputer that it was pulling the app to “remove the firmware service portion and non Google payments,” though it defended the app as a “convenience to our audience.”The app had racked up more than 10 million downloads, according to Google Play’s counter.That doesn’t necessarily mean 10 million people were duped, however.The app’s user rating was weirdly high for a scam (nearly four stars), so it’s possible that in addition to trying to scam money from users, it was also gaming the Google Play Store’s analytics.
While the FCC and Congress hammer out new rules to (hopefully) banish robocalls forever, there are some short-term solutions that can help in the meantime — and one may arrive in just a few weeks.A new FCC proposal allows the agency to go after scam calls that originate overseas or use other methods to evade existing spoofing laws.The rule isn’t exactly new in that it is a follow-up to Ray Baum’s Act, which was passed last year and, among other things, bulked up the Truth in Caller ID Act.Previously, the latter law prohibited scammy spoofing of numbers, a practice that makes robocalling much easier — but it only applied to calls originating in the country.That opened up a huge loophole for scammers, who are not short on means to make calls internationally.Ray Baum’s Act modifies those rules to specifically prohibit international spoofing, as well as robocall techniques using modern infrastructure like VoIP.