‘Found’ Money for a Fee? Beware of New Surge in Unclaimed Property Scams

‘Found’ Money for a Fee? Beware of New Surge in Unclaimed Property Scams



A longtime scam is back with a vengeance: Claims that state officials are holding money or property that belongs to you, and all you need to do is pay a fee to claim it.

Actually, the first part could be true. You could be entitled to a slice of some $43 billion in “unclaimed property” that sits in state treasuries – money from forgotten bank accounts, insurance policies, stock dividends, utility security deposits, even contents from abandoned safe deposit boxes.

But you don‘t have to pay anyone to get it. The only cost is spending a few minutes at www.MissingMoney.com, www.Unclaimed.org, or websites of the treasurer’s office in each state where you lived.

Ignore “pay-for-payment” requests that come via mailed letter, email or telephone calls because they are from scammers, and reports about the come-on cons have increased ten-fold this year compared to 2016…and in recent weeks, have exploded in many parts of the U.S.

There are several variations in unclaimed property scams, each angling for personal information (that could be used for later identity theft) and upfront payment to secure missing money that, if actually awaits you, can always be claimed for free:

  • Fraudsters lie about being an employee or affiliate of a State Treasurer’s office where you currently live, or a state where you previously resided.
  • Fake correspondence comes on letterhead from the National Association of Unclaimed Property Administrators (NAUPA), a legitimate organization that represents state unclaimed property programs but does not directly contact citizens.
  • Self-described “finders” or “locators” who say they have already located your missing money or will do the legwork on your behalf. Some are legal but unnecessary middlemen who charge commissions up to 40 percent (although some states cap allowed fees at 10 percent); others are crooks who do nothing more than collect your payment and personal information – including Social Security number – to direct you to publically available websites…if they do anything at all.

Most targets in unclaimed property scams are chosen randomly. Fraudsters buy mailing lists to reach hundreds or thousands of citizens with the same bogus claim. (Last year, it was a letter claiming to be from NAUPA or the “Office of the State Treasurer” that falsely stated that recipients had unclaimed sweepstakes winnings whose allocation would require a $2,250 service fee.)

But for a more convincing con, some would-be victims are contacted after fraudsters search MissingMoney.com or Unclaimed.org to unearth specific details such past addresses or actual entitlements.

In addition to those two websites, DIY (and no-cost) due diligence for other missing money can be done for:

 

All of these websites will require your Social Security number and other sensitive information. But unlike scammers, you will not be asked for bank or credit card information. Don’t reveal personal information unless you initiate contact with these agencies or use their websites.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area.

Also of Interest

 

Photo Credit: iStock/Pogonici

See the AARP home page for deals, savings tips, trivia and more.



Source link

Most Likely to Be Scammed? Not Seniors, but Millennials

Most Likely to Be Scammed? Not Seniors, but Millennials


Gray-haired folk have long held “most scammed” status, but it may be time to pass on that unfortunate legacy. While the retirement-aged are targeted most often, increasing data shows that it’s millennials — our children and grandchildren ages 18 to 35 — who are most likely to lose money to fraudsters. Consider these recent findings:

Phone scams. About 1 in 10 American adults lost an estimated $9.5 billon to phone scams last year. Leading the pack were millennial men between ages 18 and 34, who were three times more likely to be victimized than the overall population, reports mobile communications company Truecaller, which offers a spam-blocking phone app. Its Harris-conducted survey of 2,000 adults finds that 33 percent of male mills report losing money to phone scammers; that compares to just 3 percent of males between ages 55 and 64 and 1 percent of men 65 and older. Meanwhile, some 11 percent of female millennials got duped, four times the rate of women 55 and older.

IRS imposter scams. Among the scariest and most successful phone scams: calls from self-described IRS agents threatening arrest, property seizure or deportation. Although millennials are less likely than Gen Xers (born between 1965 and 1984) or boomers (born 1946 to 1964) to receive tax scam calls, they are six times more likely to reveal credit card and Social Security numbers and other sensitive information, finds another just-released survey of 1,000 adults. Roughly 17 percent of millennials confessed that they had forked over ID theft-worthy details to mystery callers who could cite the last four digits of their Social Security number (as tax scammers often do), compared to only 3 percent of Gen Xers and 2 percent of boomers.

Job scams. Overall, about 1 in 6 job seekers have been scammed while searching for work online, and the highest gotcha rate is among that generation considered the most tech-savvy — millennials. In a 2015 survey of 2,600 American adults, job-search website FlexJobs finds that 20 percent of millennial job seekers got scammed, compared to 13 percent of those in their 60s.

Tech support scams. Millennials, especially men between 18 and 35, are the most often targeted and leading scammer-paying victims tricked by phony pop-up ads or alerts warning of a crippling computer virus. The top danger zone to snag most-duped male mills in these tech support scams: porn websites.

Everyday fraud. In its own research of more than 2,000 adults last year, the Better Business Bureau finds that some 30 percent of those between ages 25 and 34 lost money to scammers; it’s only single digits among those 55 and older.

What explains these trends? As experts continue to study the “whys,” the leading theories:

  1. We’re better prepared. Older is wiser — at least when it comes to recognizing that we’re vulnerable to scams. And heeding news, advice and warnings by AARP’s Fraud Watch Network and others, we are better able to spot scams and act accordingly. Tracking some 30,000 consumers targeted in different schemes, the BBB finds that nearly 9 in 10 seniors recognized the scam in time, with only 11 percent reporting they lost money. Millennials, meanwhile, lose money three times more often, likely being duped because they are clueless or could care less about educating themselves to prevent scams.
  2. Millennials think they’re invulnerable. Ask mills to describe the typical scam victim and their usual reply: an elderly, naive woman with less income and education. (The reality is younger college graduates have the highest gotcha rates.) While scam-savvy oldsters know that anyone is vulnerable, some researchers believe that millennials are most likely to have an “invulnerability illusion” — the belief that other people are more vulnerable than themselves. That mindset leads to more impulsive decision-making.
  3. They overuse and overtrust technology. Raised with the internet and cellphones, the average millennial, studies say, spends about 18 hours per day using some type of digital media. Because they are so familiar and comfortable with technology, defenses (and common sense radar) can take a back seat. Compared with other age groups, millennials are more likely to be careless with their tech — such as not using passwords to lock computers and cellphones and accessing financial accounts and doing online shopping on risky public Wi-Fi.
  4. They overshare. Tweets about breakfast. Selfies over lunch. Millennials love to share their lives online with who-knows-who, and that often includes details best kept private — names, birth dates, likes and dislikes, and other personal information that could be used for identity theft and scam-targeting sucker lists. Promise them a prize or other “tangible benefits,” and the majority of millennials willingly share their personal information with even unrecognized online askers. And guess which age group, says online security firm Norton, most likely willy-nilly shares their computer and cellphone passwords? No surprise (again): those between 18 and 34.

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: iStock/Zinkevych

Also of Interest

 

See the AARP home page for deals, savings tips, trivia and more.



Source link

Mother’s Day Scams: Top Tricks to Dupe You (and Mom)

Mother’s Day Scams: Top Tricks to Dupe You (and Mom)


To that most special woman in our lives we eagerly pay tribute on Mother’s Day. And for next Sunday’s tributes, we’ll pay a record-breaking $23.6 billion – a $2 billion uptick over last year and some $9 billion more than spent on Father’s Day.

The coming days are prime time for crooks to cash in on the mother of all spring celebrations. Beware of these common Mother’s Day cons (and expect a slight tweaking in similar scams for upcoming Dad’s Day and graduations):

Floral fleecing. At least $2 billion is spent on Mother’s Day flowers. Scammers angle for their cut by posing as online florists and in emails, online ads and social media, they promise bargain-priced bouquets, “free” vouchers and overly generous coupons. Don’t be fooled: Most lead to scammer-run websites to collect (your and Mom’s) personal information and your credit card account. Some also deliver malware.

Find reputable local florists (close to Mom) through word-of-mouth or via directories from Teleflora and FTD. Online, look for proof the website is secure – including an “https” opening on pages that require personal and financial information. When calling, ask about tack-on charges and get insist on guaranteed refunds for missed or late delivery or if flowers come in poor condition.

Other gift grift. The latest Mother’s Day gift scam making the rounds on Facebook alleges to be a $50 coupon from Lowe’s. If Mom’s wish list leans more toward jewelry, designer clothing or the like, the same flower-wise rules apply: Those insanely discounted online deals for brand-name bounty often lead to copycat websites that capitalize on high-priced and respected names, but sell cheap counterfeits…if anything at all. Like phony florists, many are also fraudster-run fronts phishing for personal and financial information.

To spot trouble before it can happen, very carefully read website addresses before visiting – and especially before “buying” there. Look for extra or missing letters (like www.tiffanny.com) or even punctuation (such as www.tiffanyco.mn, a now-defunct website previously exposed by Scam Alert whose .mn ending meant it was a Mongolia-registered website). Before clicking, hover your computer mouse over the link to see its “real” address; avoid those that wildly deviate from the legit company name. If that doesn’t work, copy-and-paste the link into a Word document, then right-click on the pasted link and select “Edit Hyperlink” from the menu for a pop-up window that should display, in the “Address” field, the web address to which the link directs. When buying jewelry in-store, know what you’re buying with this advice from the FTC and how to spot fake appraisals.

Greetings gotchas. Fake notifications for electronic greeting cards are a common way to spread malware to the computers of mothers (and others) so scammers get remote access to files, passwords and online financial accounts. Scammers trick their prey with emails that promise an awaiting greeting card, usually from a bogus “sender” with a supposed title like “webmaster@hallmark.com” or touting a generic heading such as “Happy Mother’s Day from Your Loving Son/Daughter.” But even if a specific name is used (namely, yours), it could have been gleaned from online directories or social media.

So, instruct would-be recipients to not open greeting cards via links in emails. Legitimate notices will include a confirmation code that should be entered at the card company’s website, such as Hallmark or American Greetings, for malware-free viewing. If there’s no waiting for you, the email Mom got was sent by a scammer.

Courier cons. Another way to spread malware: Bogus shipping emails claiming to be from retailers or services such as FedEx, UPS or the U.S. Postal Service that claim a supposed scheduled delivery, tracking update, or shipment snafu – with a link promising details. Unless you or recipients already provided the courier with an email address, assume these as scams. If you signed up for tracking updates, expect them to be in text form, not with links promising details.

Also beware of mailed postcards about “undeliverable” packages. Although less used because of required postage, they’re sometimes an attempt to get you to make an expensive overseas phone call – most commonly used area codes include 809, 876 and 284 – or to reveal personal and financial information. And if someone shows up at Mom’s doorstep with a package and request for payment, no matter how small, know this ruse: The deliveryman claims he can’t accept cash – only a credit card, and it’s a scheme that can run up unauthorized charges on the provided plastic. Besides, what self-respecting offspring would send Mom a gift by cash on delivery (COD)?

Gift card scams. Whenever choosing that most requested present of all – gift cards – choose wisely: In-store, thieves can remove gift cards from end-cap racks, copy codes with portable scanners or pen and paper, and then dial toll-free numbers listed on gift cards to learn when those cards were activated and their value for online spending or to cloned cards for in-store use. The safer move: Purchase gift cards directly from a store cashier, customer service counter or the company’s website. And make sure the cashier scans and activates the card in your presence and that you get a receipt in case there’s a problem.

Online, buy directly from websites of retailers, restaurants or Groupon, or through gift-card exchanges such as GiftCardGranny.com, Cardpool.com and Raise.com, which buy unused cards at a discount of their face value and resell them at a profit but at a still-reduced price. Avoid low-ball offers on Craigslist or auction websites like eBay, where buyers may purchase already-redeemed gift cards or pay for cards that are never delivered.

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.



Source link

From Pop-Up Warnings to $9 Million Payout: Inside the Tech Support Scam

From Pop-Up Warnings to $9 Million Payout: Inside the Tech Support Scam



How do scammers reap more than $9.5 million with phony pop-up ads or blinking alerts warning of a crippling computer virus or security problems?

Their scareware success usually starts with “malvertisements” (malicious online advertising intended to damage or disable computers), which are designed to trick their prey into believing the bogus bug and calling a designated “support line” for help. It usually ends with a victim-made call lasting 17 minutes and a request for an average $291 to supposedly “repair” the feigned problem.

And the intriguing in-betweens? It’s all part of a new study, reported as the first analysis of its kind, by researchers at the National Security Institute (NSI) at Stony Brook University, who spent eight months studying the tactics of tech support scammers.

First, they built a tool — ROBOVIC, short for Robotic Victim — to automatically crawl the web to find the scammers. After collecting some 25,000 domains and thousands of phone numbers used in these schemes, the three researchers made 60 calls to various scammer-provided numbers displayed in pop-up warnings, posing as recruited “victims.” What they learned:

  • To spread malware that generates the bogus pop-up warnings — sometimes disguised with a Windows blue-screen background to make it more believable — fraudsters obtain thousands of low-cost domain names, such as .space and .xyz (which, after .com, .net and .org, is the fourth most-registered global top-level domain name on the internet).
  • Most scammer-run domains have a life span of only 11 days, with about half of scam domains operating no longer than three days. Con artists frequently use URL shorteners, to better hide on legitimate websites.
  • In addition to bogus warnings, these scams sometimes use intrusive programs and other techniques so computer owners can’t close their browsers or leave the “Call this number” page.
  • Of some 5 million pages visited, ROBOVIC discovered about 22,000 tech support scam pages hosted at roughly 8,700 domains. With previous research on fake antivirus scams indicating about 2 percent of targets fall for such ploys, the researchers estimate that each domain generates $2,000 per day.
  • Once targets call, swindlers usually follow a script. First, they say they need to learn more about what could have caused the alert, leading prey to a designated website to “run tests.” There, a remote administration tool is loaded so scammers can access their computers. Asking would-be victims about recent usage, they offer “all is not lost” assurances to incentivize callers to pay for bogus repair services.
  • In backtracking the scammers’ connections to their PCs, the Stony Brook team determined that the overwhelming majority of these con artists (some 85 percent) operate in India. About 10 percent work in  the U.S., and about 5 percent in Costa Rica.
  • Although 15 telecommunications providers were used, more than 90 percent of scammer-controlled support-line numbers were routed through four VoIP services — Twilio, WilTel, RingRevenue and Bandwidth.
  • Scammer call centers employ an estimated 11 tech support fraudsters.
  • Prices for rip-off repairs ranged between $70 and $1,000, but the average price was $291. All told, the research teams estimated that $9.7 million in profits were made from these scams.
  • The bottom line, according to lead researcher Nick Nikiforakis: “Don’t trust what your browser tells you about the safety and security of your system. People need to understand there’s no legitimate scenario where your computer will start beeping and ask you to call a toll-free number.”

 

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo credit: iStock/daboost



Source link

Smart Moves to Hack-Proof Your “Smart Home”

Smart Moves to Hack-Proof Your “Smart Home”


With innovative and in vogue “smart home” devices, you can control your home’s lighting, temperature, sprinkler system, door locks, TV, even dinner…all with a smartphone app. Maybe that’s why these high-tech household helpers are already in millions of American homes – with predictions that by decade’s end, some 50 billion household devices will be connected to the internet via the user’s home Wi-Fi network.

But these gizmos, part of increasingly popular Internet of Things technology designed to help homes operate more easily and efficiently, also bring risk. Millions have already been hacked, used for nefarious purposes ranging from screaming obscenities at a baby to being enlisted as soldiers in a botnet army that, temporarily knocked  offline top websites including Amazon, PayPal, Netflix and Twitter, as demonstrated last October in what some experts believe was a “test” cyber attack to gauge vulnerabilities.

And the more connected you home is, the better chance cyber crooks can use those devices to track your movements or remotely access your home computer and smartphone to glean email, banking and online shopping data. Your defense:

Change default passwords. Make sure you don’t use the manufacturer’s default password on your router or any smart home device. Most people never change those typically weak, factory-issued passwords – and that’s why so many devices, including routers, printers and cameras, were enlisted for the October attack. Each device should have a unique (and strong) password. A password manager can help: Popular versions that use cloud technology include LastPass, Dashlane and 1Password; apps on your computer’s hard drive include RoboForm, Password Safe and KeePass.

Create separate Wi-Fi networks. You want one for your computers and another for smart home devices. Many routers have a guest network option, which you can use for smart devices. Or you can purchase a separate internet connection for the new-fangled gizmos, or split an existing internet connection using a virtual local area network (with help from a tech-savvy buddy or Geek Squad-type business).

Stay “updated.” Promptly download legitimate updates when you receive a legitimate prompt for your connected device. These can improve function, and include patches for newly discovered security vulnerabilities.

Disable unnecessary features. Deactivate functions you don’t need – especially cameras and microphones, which are hackers’ most favored exploitable features.

Use multifactor authentication. Many smart home device apps offer two-step authentication that users can opt into under “settings.” In addition to your password (something you know), this second layer of protection could be a security key or a one-time code sent to your cellphone (something you have).

Don’t use public Wi-Fi. Turn off the “automatically connect” setting on phones and don’t access device apps in airports, coffee shops or other vulnerable locations.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: iStock/faithiecannoise

 

 



Source link

Fear by Phone: High Anxiety for You, High Profits for Scammers

Fear by Phone: High Anxiety for You, High Profits for Scammers


The telephone is a scammer’s best weapon, used in 77 percent of money-netting schemes, reports the government’s latest scam-tracking data. The best ammo: Fear, and here’s how it bangs best for the biggest bucks:

“Official” intimidation. The most profitable and most-played schemes have fraudsters posing from a government agency – Medicare, the Social Security Administration, FBI, local police and, of course, the IRS. (Until busted last year, one India-based ring of IRS imposters was netting $150,000 per day preying on retirees and other Americans.)  These self-described G-men threaten dire consequences – lost benefits, impending arrest and hefty fines – for supposed (even minor) offenses unless a fine is immediately paid and/or ID theft-worthy personal information is “verified.”

Why hang up: If there’s really an issue, government agencies will contact you by U.S. mail – not phone. Arrests aren’t pre-announced. Tax-supported agencies do not demand, or may even accept, scammer-requested payments such as prepaid debit and iTunes cards.

“Friendly” fraud. Along with emotions, the fear factor climbs with scare tactics made by those you supposedly know and trust: Grandchildren claiming trouble while traveling (which nets some imposters $10,000 per day) or in a recent resurgence, subject to a telephoned virtual kidnapping. Online sweethearts with a sudden overseas emergency that requires financial help. Your bank, credit card or utility company, supposedly warning of account problems and lost service.

Why hang up: So you can verify the claim and contact your loved one or institution before providing money or information to those just claiming to be. Scammers can glean call-convincing information like relatives’ names from social media and online directories.

Robocalls. The messages are terrifying in many of 2.4 billion robocalls made each day: You are being sued. You can fall and die without that “free” medical alert device. You are overpaying interest on your plastic. You need quick action to avoid these and other problems.

Why hang up: Notice what isn’t mentioned in these robocalls? Your name. Autodialers are programmed to blast millions of prerecorded calls per day; until recipients respond, fraudsters typically have no idea of who gets their robocalls, or if dialed numbers are active. So don’t say anything after “Hello” or push any key, not even to supposedly “opt out” of future calls; that only alerts callers that your number is live. Meanwhile, the Federal Communications Commission recently proposed new rules, expected to take effect in coming months, to allow phone companies to block robocallers that “spoof” Caller ID numbers to conceal their actual area codes and identities or make them appear as to belong to a trusted entity.

Debt collectors. Generating more complaints than any category – including identity theft – debt collectors often try to scare targets into paying a debt…whether legitimately theirs or not.

Why hang up: It’s illegal for collectors to threaten or be abusive. Despite their lies, police don’t arrest for unpaid debts and garnished wages or Social Security benefits can only occur for delinquent state or federal debts such as unpaid student loans, taxes, government-backed mortgages or child support – not private debt.

If you really owe, you may want to talk once with calling collectors to try to resolve the matter. If it’s not your debt or you don’t wanted continued calls, write a letter saying so – sent by certified mail with “return receipt.” Once receiving your letter, collectors may not contact you again, with two exceptions: to tell you there will be no further contact or to let you know that they or the creditor intend to take a specific action, like filing a lawsuit. (Your letter doesn’t get rid of legitimate debts, only calls related to them). Report violators to the Federal Trade Commission or Consumer Financial Protection Bureau.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.

Photo: ponsulak/iStock

Also of Interest

 

See the AARP home page for deals, savings tips, trivia and more.



Source link

Pin It on Pinterest