SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

June 23, 2020

ONLINE PHARMACY SCAMS

Cost and convenience make online pharmacy purchases tempting. But placing an order can be hazardous to both your physical and financial health.

Buying prescription drugs online is not in itself illegal. But the U.S. Food and Drug Administration cautions to distinguish legitimate internet pharmacies from those posted by fraudsters and black marketers. There are many such fraudulent sites according to the National Association of Boards of Pharmacy (NABP). An estimated 95 percent do not comply with U.S. pharmacy laws or professional standards.

Rogue pharmacies often represent themselves as Canadian, exploiting its reputation as a haven of low-cost medications. They may traffic in products that are misbranded, expired, ineffective, toxic and laced with opioids and other dangerous substances. Some are tied to organized crime as reported by the nonprofit Center for Safe Internet Pharmacies (CSIP).

Threats:

In a new twist on prescription drug frauds, crooks posing as Food and Drug Administration (FDA) or Drug Enforcement Administration (DEA) agents, contact people who purchased medications online or by phone and threaten them with arrest unless they pay “fines” immediately.

Warning Signs:

*You receive unsolicited emails or social media posts promising deep discounts on well known drugs.

*A pharmacy site allows you to buy medications without a prescription.

*The site offers to ship internationally.

*The supposed pharmacy is located outside the United States, or its website does not list a location.

Do:

*Do get your prescriptions from a licensed brick-and-mortar drugstore whenever possible.

*Do make sure an online seller is licensed. The FDA, the National Association of Boards of Pharmacy (NABP) and the Center for Safe Internet Pharmacies (CSIP) offer tools for   finding safe and legal online pharmacies.

*Do check that the site has a U.S. address and phone number.

*Do look for sites with a “pharmacy” domain or a VIPPS (Verified Internet Pharmacy Practice Sites) logo.

*Do know your meds. If you notice anything different or unusual in the packaging, appearance, smell, taste or texture of drugs you bought online, consult your pharmacist.

Do not:

*Do not judge a pharmacy website as credible just because it looks slick and professional. Pharmaceutical scammers are adept at creating convincing online storefronts.

*Do not buy unless the pharmacy requires a prescription from your own doctor and has a licensed pharmacist you can consult.

*Do not give credit card or other payment information unless you are sure the pharmacy site is secure.

*Do not give money or financial information in response to a letter or phone call purportedly from the FDA or DEA. It is almost certainly an extortion scam. Those agencies do not send warnings to or demand money from individual consumers.

ATTRIBUTION: AARP

 

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

June 17, 2020

GUARD AGAINST HACKERS

Courtesy Scambusters.org

Hack-proofing your home may seem like a complicated business. But a few key actions can help you eliminate or reduce most of the risks.

Here are 5 key steps you can take:

1. Install and regularly update your Internet security software. We always start with this because it’s by far the most effective safety action you can take. But make sure your software doesn’t just stop viruses. You also want one that sets up and manages a firewall, software that can prevent intruders breaking through.

A good product can intercept most current hack attacks. Which one to buy? All the leading names like Norton, Kaspersky, and McAfee come with good reputations and frequently change places at the top of the ‘best of’ table.

Beware if you’re researching this online, as some list operators order software according to who will pay them the best affiliate marketing fee for recommending them. Instead, try an independent review site like this: https://tinyurl.com/best-security-list

Let your software do its job automatically but, every now and then, run an all-system or deep scan that you usually have to start manually.

2. Use unique passwords on your system. That goes for your PC log-on, your router and anything else that calls for an access code. Never use the defaults that come with devices you buy, especially modems, routers, and alarm systems. Hackers know all of them. Then, of course, you should change passwords regularly, in case your current ones fall into the wrong hands.

3. Keep your systems up to date. Many hardware manufacturers, like those who make burglar alarms, routers, monitoring cameras (including those used in the nursery) and, of course, computers, regularly update their firmware (the intelligent chips built into them).

But they don’t automatically tell you. Most hardware, like routers, cameras, and home ‘assistants,’ have apps that enable you to access the way they work. Use these and select something like “check for updates.”

If you register your device with the maker when you first buy it, chances are high they will notify you of any updates. So, don’t pitch that registration card.

The same applies for software programs, which are frequently updated not just for new features but also to add in security modifications.

If you don’t know how to access these devices, check with the manufacturer’s website.

4. Disconnect from the Internet. If you have a home network that enables you to switch off Internet access, the rest of your network itself — that is, the parts inside your home — can remain active. If you’re not likely to be using the Internet for a while and you have this ability, use it.

However, be cautious. If you have a home security monitoring system or cameras, this may only work via the Internet. If you switch that off, your attempt at improving security will backfire.

But, even if you don’t want to switch off, you should consider unplugging devices that aren’t in use. And if you sell them, give them away, or toss them, always do a factory reset. Devices normally have a factory reset button. But if yours doesn’t and you don’t know how to reset, again check with the manufacturer’s website.

5. Replace outdated equipment. Devices manufactured say five years ago may not have adequate built-in security, even if you update the firmware. This is particularly the case with routers, which experts say should be replaced after five years.

And make sure your router is set to the highest security level (usually referred to in your router app as WPA2). Also, set up a separate guest network if you regularly have visitors who need to use your network. Check the manual or maker’s website for details on how to do this.

It’s probably never going to be possible to 100% hack-proof your home, but following these few simple steps will protect you from all but the most determined and expert hacker.

ATTRIBUTION: scambusters.org

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo, California.

June 16, 2020

HOME IMPROVEMENT SCAMS

Crooks posing as contractors show up on a homeowner’s doorstep uninvited. They may say they happened to be doing work in the neighborhood and noticed that your house needs some repairs too. They will offer to fix your roof, repave your driveway or perform other repairs or renovations, for what sounds like a low price.

When that happens, be wary. The smiling fix-it man or woman at your door might turn out to be an unscrupulous contractor or an outright con artist, out to fleece you with a home improvement scam.

Shady contractors will often ask for payment up front. If given money, some take it and disappear. Others will do shoddy work or claim to have discovered some hidden problem in your house that needs immediate attention. They demand more money to complete the job (a dishonest variation of the sales tactic known as upselling).

Con artists look to prey on homeowners when they are vulnerable. If your house has been damaged by a storm or natural disaster, a scammer may show up and try to persuade you to sign over the payment from your insurance company. Some crooks seek out older homeowners with memory or cognitive problems, hoping to con them into paying multiple times for the same work.

What you can do to guard against being victimized by a home repair scammer:

Beware of persons who say they stopped by because they just happen to be in your neighborhood. The good ones are usually too busy to roam around in search of work.

Be skeptical if a person says he can offer a lower price because he will be using surplus material from another job.

Do

*Contact your state contractors’ license bureau to learn if the person has a contractor’s license.

*Do insist on seeing references. The Federal Trade Commission (FTC) recommends asking the contractor for names and addresses of past customers.

*The FTC also suggests asking the contractor for permission to visit a job currently in progress.

*Do require a bid in writing, and compare bids from multiple contractors before agreeing
to any work.

*Do check the Better Business Bureau (BBB) website to see contractors’ ratings and
whether any complaints have been filed against them.

*Do get a written contract before you pay any money and before the work starts.

*Do read the fine print. The BBB says a contract should include a detailed description of the work, material costs, start and completion dates, and warranty information.

*Before you make the final payment, verify that all work has been completed to your satisfaction, any subcontractors or suppliers have been paid and the job site has been cleaned up.

Do nots

*Do not put down a big deposit. By law in some states the maximum a homeowner must pay in advance is 10% of the total price before the job is completed.

*Do not pay cash. The FTC recommends using a check or credit card, or arranging
financing.

*Do not automatically take the lowest bid. Some contractors cut corners to come in lower than competitors. The FTC recommends that if one contractor’s estimate is significantly less than those of competitors, ask for an explanation.

*Do not let the contractor arrange financing for you. The FTC warns that you might be tricked into signing up for a home-equity loan with hefty fees or a high interest rate, or one in which the lender pays the contractor directly, giving him or her little incentive to finish the job or do it properly.

ATTRIBUTION: AARP

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

June 11, 2020

SMALL BUSINESS FINANCING FRAUD

Courtesy US Federal Trade Commission

Small business is an important engine in the US economy. But small companies and organizations can be targets for deceptive funders and outright scammers.

Some financing companies lie about their terms, break the law, use terrible debt collection practices, and leave businesses in worse financial conditions than before.

Before you sign to obtain financing:

Read the proposed contract. Read the “fine print” that likely will not be displayed for easy reading. If there is anything you do not understand, ask for clarification.

Find out what the consequences will be if you cannot make payments on time. Then get the answer in writing before you sign.

As an alternate source of funding, check out funding options for your business at the US Small Business Administration’s website: http://www.sba.gov.

Court Case Federal Trade Commission v. Richmond Capital

People also signed a legal document called a confession of judgment. This document let Richmond Capital go to court and get a judgment — without any objection or response from the person — if they stopped paying or breached certain provisions of the contract. But according to the complaint, Richmond Capital used these confessions of judgment to go after people’s assets in circumstances not permitted by their financing agreements. What’s worse, Richmond Capital allegedly threatened violence when people did not pay. The FTC asked the court to make Richmond Capital stop these practices and refund people’s money.

You can tell the FTC.gov about any dishonest practices you experience.

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

June 9, 2020

COVID-19 DONATION SCAMS

Many generous persons wish to help unfortunate persons who have suffered through disasters such as the COVID-19 pandemic. Scammers know of and capitalize on that goodwill.

Scammers create sham charities mimicking the real thing. They reach you via telemarketing, direct mail, email and door-to-door solicitations. They create well-designed websites with deceptive names.

A few things to consider before you donate:

*Do some research. There are many good organizations to support. Search online for recommendations — and, when you have found one that is well thought of, check it out. Type the group or fund’s name into a search engine, plus the word “scam, “review,” or “complaint.”

*Consider how you pay. Real charities will not ask you to pay by cash, money transfer, gift card, or Bitcoin. If someone tells you to donate that way, consider donating elsewhere.

*Research crowdfunding. Legitimate funds that give real help may spring up right after a tragedy. But scammers put up crowdfunding pages and it can be hard to tell the difference.

*Slow down. If someone rushes you, slow down. Scammers want to get your money as soon as they can before you have adequate time to think about a request.

*Research online. The Federal Trade Commission recommends searching for a charity’s name or a cause you want to support with terms such as “highly rated charity,” “complaints” and “scam.” http://www.ftc.gov/charity.

*Check how watchdogs like Charity Navigator, CharityWatch and the Better Business Bureau’s Wise Giving Alliance rate an organization before you donate. Your state’s charity regulator can verify that the organization is registered to raise money there.

*Ask how much of your donation goes to overhead and fundraising. One rule of thumb, used by Wise Giving Alliance, is that at least 65 percent of a charity’s total expenses should go directly to serving its mission.

*Keep a record of your donations and regularly review your credit card account to make sure you were not charged more than you agreed to give or unknowingly signed up for a recurring donation.

Do not:

*Do not give personal and financial information like your Social Security number, date of birth or bank account number to anyone soliciting a donation. Scammers use that data to steal money and identities.

*Do not donate with cash, gift card or wire transfer. Credit cards and checks are safer when donation to a legitimate charity.

*Do not donate by text without confirming the phone number on the charity’s official website.

You can report any suspicious activity to the Federal Trade Commission: http://www.ftc.gov, or
call the AARP Fraud Watch Network Helpline: 877-908-3360.

#

 

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

June 6, 2020

UNEMPLOYMENT CHECK SCAM

Criminals are working to siphon off unemployment insurance payments intended for workers laid off due to the COVID-19 pandemic.

How the scam works:

Identity thieves use databases of personal information (likely obtained via data breaches) to create phony accounts on state unemployment insurance office websites. Once they successfully create an account, they have the benefits direct deposited into a bank account controlled by the scammer or an accomplice. The scammer then uses the deposited funds to purchase untraceable bitcoins, gift cards, or money orders.

If you have recently become unemployed, the following steps can help you reduce your risk of becoming a victim of this scam:

Log on and create a profile on your state unemployment office’s website as soon as you are laid off. This will reduce the window of opportunity for scammers to create fake profiles in your name and steal your unemployment benefits.

If you have already created a profile with your state unemployment office, log in and verify that no one has filed a claim in your name. If you have used a password on your profile that you have used on other accounts, change your password to something unique that you have not already used elsewhere.

If you receive communication that someone else has applied for unemployment benefits in your name, or your unemployment benefits claim was denied because someone else already applied, file a fraud complaint with your state’s unemployment office promptly.

You can place a credit freeze on your credit report with the three major credit reporting bureaus (Experian, Equifax, and TransUnion). If identity thieves have the personal information necessary to steal your unemployment benefits, they likely also have the information they need to take out credit or engage in other criminal activity. A credit freeze will prevent anyone from accessing your credit file until you unfreeze it with a PIN. For more information on credit freezes, refer to FAQ from the US Federal Trade Commission: http://www.ftc.gov.

Work from Home Schemes

If you are looking for work, beware of online ads or unsolicited email and text offers to participate in work-from-home job opportunities. Common schemes involve offers to be a mystery shopper, payment processing agent, money transfer agent, or other similar jobs where you are asked to allow deposits to be made to your personal bank account. These jobs do not exist.

If you have been affected by an unemployment benefits fraud or any other coronavirus-related scam, you can file a complaint at http://www.Fraud.org. You can help law enforcement bring scammers to justice.

ATTRIBUTION: Fraud.org

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

May 30, 2020

CHAIN LETTER SCAM

Courtesy US Federal Trade Commission

A chain letter, by any other name, is still designed and intended to steal money.

You may be invited to play “The Circle Game,” join a “Blessing Loom,” or jump on a “Money Board”? These are some of the names for an online scam that’s making the rounds at a time when millions of people are out of work and scraping for cash. It promises a big return for a modest investment.

Do not fall for it. You’re virtually guaranteed to lose your money, or pull in friends and family who will lose theirs.

Also known as the “Mandala Game,” “Blessing Circle,” “Infinity Loom,” “Giving Circle,” and by other names, the scam is a chain letter-type of pyramid scheme. While versions vary slightly, the one we’re hearing about most promises that you’ll collect $800 for an investment of $100 and, at the same time, help bring good fortune to someone else by recruiting them to join.

Here’s how it works.

You see a post or get a direct message on Instagram, Facebook, or other social media. It invites you to join the Circle or Loom by sending $100 through PayPal or another digital payment service to the person whose name is at the center of an octagon-shaped playing board. Your payment gets you one of eight spots on the outer ring of the board and a chance to move towards the center by recruiting other people to join. As more people join, your board changes and the number of playing boards expands. Eventually, you’re supposed to land at the center of a playing board and collect $100 from each of eight new recruits on the outer ring. That’s when you leave the game or start all over again with another $100 payment.

What’s the harm? Like other types of pyramid schemes, these chain letters depend on recruiting new people to keep money flowing into the enterprise. There are no products sold or real investments creating profits. Once players run out of new recruits to bring into the game, the money dries up and everyone waiting to reach the center comes up empty handed.

If you get an offer to join an online game like this, beware ­– it’s a scam. The warning signs? Promises that you will make money by paying in yourself and recruiting others to do the same. If the offer comes from a friend or family member, warn them.

And, if you’ve paid someone to join this game, please tell us: ftc.gov/complaint. Your report can help us protect others from a scam.

SCAMS BULLETIN Host Jay White is  volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

May 29, 2020

NIGERIAN SCAMS

Nigeria is home to a wide variety of online fraud variants. They are all designed to wrongfully take a victim’s money. Nigeria has a track record of being home to e-mail scammers since the 1990s.

A Nigerian e-mail scam usually results in a victim being convinced to take leap of faith, transferring money online in anticipation of receiving a valuable good or service. In most cases, the victim does not receive anything.

How Nigerian Scam E-mails Work

A scammer may send the victim an e-mail message telling the victim that the scammer is in communication with the representative of the estate of a deceased Nigerian prince. The victim is told they have been chosen to inherit a certain amount of wealth from the “prince.” The victim is asked to send a few thousand dollars as a gesture of goodwill and pay expenses before the full sum is distributed. Once the scammer receives the money from the victim, the “prince” disappears without a trace.

A scammer may represent himself as being in questionable possession of a large amount of gold. It can be obtained for a very low price that would allow a purchaser to realize a big gain. The gold would be shipped to the victim after the victim has paid the requested amount. No gold will be delivered.

A scammer purports to be an attorney representing the estate of a victim’s relative who died in Nigeria. The victim is told they are entitled to a large distribution from the estate. First, however, the victim must send money to cover attorney fees, medical, funeral and other expenses. No such relative existed.

Caution is advised in response to any Nigerian communication requesting money.

ATTRIBUTION: scambusters.org

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal services for low income seniors in San Mateo County, California.

May 22, 2020

ZOOMBOMBING

“Zoom” is the name of a suddenly popular video chat app that allows multiple people to remotely join a conversation. It was designed for business use. It has become a boon for employees required to attend virtual meetings while working from home.

“Zoombombing” is a new crime spawned by hackers bent on invading or disrupting video conferences in many places.

Services other than Zoom could be vulnerable. Microsoft has a popular professional product called Teams, while Facebook recently joined the fray with its own version of multi-person video called Messenger Rooms.

How It works:

Hackers drop in on Zoom conversations and often disrupting them with insults and threats. They have thrown up pornographic images on participants’ screens. They can threaten security.

Tips aimed at organizers to counter the Zoombombers:

Tell your participants not to publicize the meeting, especially with links, on social networks.

Be cautious and aware of all meeting participants. Make sure you know them and why they are there.

Do not allow participants to join the meeting before you do — or to hang around afterwards.

Use the software’s “waiting room” feature, that allows you to review participants before virtually opening the door to them.

For meetings where not everyone is known, do not allow use of virtual backgrounds (downloaded from the Internet) because intruders might use them to post inappropriate messages.

Your safety feature may allow you to place a would-be participant on “hold” and unable to take part until you have established their credentials.

Be wary about how you name meetings. Zoombombers are good at guessing them and sneaking in, especially if you use family or business names. Zoom has its own mechanism for generating meeting names that you can use.

Consider using entry passwords. They are a must for meetings that include children.

Once meetings are in action, there are several controls available to organizers including the ability to mute one or more participants, turning off whiteboard sharing and disabling file transfers during chat, to prevent Zoombombers from sending malware to others taking part.

For a full Consumer Reports article, visit www.https://www.consumerreports.org/video-conferencing-services/how-to-prevent-zoombombing/

ATTRIBUTION: scambusters.org

SCAMS BULLETIN Host Jay White is a volunteer attorney who provides free legal assistance for low income seniors in San Mateo County, California.

May 17, 2020

PHONY FUNERAL NOTIFICATION

Scammers have reached a new low. They are sending bogus emails with the subject line “funeral notification.”

The message appears to be from a legitimate funeral home, offers condolences, and invites you to click on a link for more information about the upcoming “celebration of your friend’s life service.” But instead of sending you to the funeral home’s website, the link sends you to a foreign domain where the scammers can download malware to your computer.

Malware, short for “malicious software,” includes viruses and spyware that get installed on your computer without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information, send spam, and commit fraud.

If you receive an email about a friend or loved one having passed away, the Federal Trade Commission, the nation’s consumer protection agency, says hit Delete. Do not click on the link. You may then want to contact the funeral home or family directly to verify or discredit the information.

Tips to reduce your risk of downloading unwanted malware and spyware:

*Keep your security software updated.

*Don’t click on any links or open any attachment in emails unless you know who sent it and what it is.

*Download and install software only from websites you know and trust.

*Make sure your browser security setting is high enough to detect unauthorized downloads.

*Use a pop-up blocker and do not click on any links within pop-ups.

*Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That is a trick crooks use to spread malware.

*Back up your data regularly.

ATTRIBUTION: US Federal Trade Commission, http://www.ftc.gov.