Category: Hazards (Page 1 of 13)

Meta Legal Phishing

Many people are getting a scary type of message right now. It claims to be a legal notice about Walt Disney Studios and copyright infringement. While the email is realistic and scary-looking, I am sure it is a fake. If you receive this Meta Legal Phishing in your inbox, do not cooperate with it!

The Phishing Message

Here is Exhibit A for you to look out for:

Meta Legal Phishing

As phishing scams go, this one is pretty sharp. Only the sender email address is a giveaway, and I realize that some email apps hide that. Many recipients may have little indication, at the start, that this is a fake. The spelling is decent. The logos and signature are accurate. If you hover over the CONTACT US button, the URL preview shows a real Facebook.com address!

Deeper into the Scam

Meta Legal Phishing

The reason that the contact-button shows a real Facebook URL is because it leads to a specific Facebook profile. Scammers have created a new profile page, named it Legal Department, and linked directly to their Messenger Chat function. Anyone who clicks the button will begin a Facebook chat with the scammers. And they are ready to chat with you!

Meta Legal Phishing

Well, “chat” is not the right word. They have various auto-replies set up, and you will get messages that urge you to click other links and “appeal” the scary legal action against you.

I tried chatting with these criminals. Posing as a remorseful and naive Facebook user, I claimed that I regretted my actions and wanted to settle the fine ASAP. Even when I offered to pay whatever it was that I owed, they kept repeating that I was to click their links and buttons to appeal.

If they don’t want money, then what is the goal here? They aim to steal your Facebook account.

Phishing for Your Password

Anyone tricked into clicking the button to Appeal is transported off of Facebook to a dangerous website. At this point, some browsers will pop-up phishing alerts. Others will simply prevent you from loading the page. But if the next page loads, it shows a clever fake that may make you think you are still on a legit site:

After this they ask for your email and other info:

And finally they demand:

Anyone who types info into this window is delivering their Facebook password to cybercrooks. After this happens, they will:

  • Log into the Facebook account, using the provided email and password
  • Change the account password, as well as the primary email and recovery methods
  • Start doing crimes, using the victim’s identity

Facebook offers these steps to follow, if an account has been hacked and stolen. But I must warn: These steps often don’t work, if the criminal inside the account is thorough. Phishing victims often lose their Facebook accounts for good to this sort of scheme.

Dos & Don’ts

Don’t believe in thse emails! Facebook is not going to harass or threaten you with legal action because of Disney IP violations. If anything, they would just remove your post. Facebook/Meta does not have enough staff to police itself or help people recover their lost accounts, so they certainly don’t have the manpower to chase down small infringement matters.

Don’t waste your time contacting the scammers, even to tell them what-for. It’s just not worth it. And remember: Facebook is powered on engagement. That means they may recommend more of the things that you click and comment on. Do you really want Facebook steering you towards other suspicious pages and posts?

Do report this sort of scam, if you are comfortable doing so. You may mark the email as Spam/Junk Mail, if your mail provider allows for that. If a scammer has used FB Messenger to chat you, look to the right side for an option to Report the conversation (this may be hidden under Privacy and Support). If you have visited a scammer’s FB Page, the entire profile can be reported as well, using the 3 dots button under the masthead photo.


Unfortunately, Meta Support is now largely run by AI, so your reports of these scammers may be disregarded. But we should still report these scammers. The hope is that if enough reports come in, Meta will pay better attention and do their job to protect us.

DirecTV Scam – “Receiver Upgrades”

DirecTV Scam - "Receiver Upgrades"

DirecTV subscribers need to beware unexpected calls about upgrading their receivers. Anyone calling you to upgrade or replace your DirecTV receiver is likely a scammer.

How The Scam Works

A scammer calls and identifies himself as a DirecTV representative. They’ll claim that the DTV receivers in the house urgently need a software update. “We can send a technician to your home to do this upgrade for $300, or I can walk you through it over the phone for only $199.”

Alternatively, the scammer may propose to send you a new receiver unit through the mail. In this scenario, s/he will offer to charge you $480 for the new unit, but mark it down to $200, claiming they “want to do you a favor.” And they may offer to credit your bill $20 for 10 months to offset that fee.

In either case, the scammer is lying. They may have partial access to your DirecTV account, but they are not a company employee. They are spinning a tale, looking to get your money, and once they have it, they will disappear without a trace.

Why This Scam Is Convincing

This scam has a lot going for it, and has the potential to dupe a lot of people.

  • If the scammer learns your DirecTV account PIN, s/he may make changes to your account or add discounts to your billing, to convince the victim they are a capable Dish rep.
  • The scammer on the phone already knows your name, address and your phone number. This info was likely leaked from one of the many data breaches we see in this country.
  • Your CallerID may be spoofed to show “DirecTV” or “AT&T”.
  • They may instruct the victim to press buttons and navigate menus on the DirecTV receiver with a convincing level of accuracy.

Do’s & Don’ts

  • If you find yourself on this kind of call, hang up ASAP. The less you say to the scammer, the better.
  • Never antagonize or berate the caller. Remember: They have your address. These crooks can get hostile and the worst-case scenario could result in you getting swatted.
  • Don’t volunteer any extra info, especially your DirecTV account number or PIN. True DTV representatives won’t ask for this info over the phone.
  • To verify any DirecTV communications, or to report a fraudulent call, contact them at 1-800-531-5000 or chat them up on their website.
  • If you speak with a scammer and feel that they already know too many details about your DTV service, hang up and call the real DirecTV and ask about increasing your account security or changing your PIN and password.

Data Breaches

data breaches

I have a lot of conversations that start with “Did you hear about the big data breach?” My response is typically: “Which one?”, because there are just so many of them. I honestly can’t keep track of all of them. Data breaches are, sadly, common, and there’s very little we can do to prevent them.

What should you do about data breaches, if there’s no prevention? Data breaches lead to account and identity theft, so you are looking to guard against those hazards. Here are the standard recommendations:

  • Keep an eye on your credit reports
  • Freeze your credit with the 3 big credit agencies
  • File your taxes early
  • Watch all revolving accounts for unexpected/mystery charges
  • Consider & discuss the value of credit monitoring services with your bank or financial advisor
  • Avoid password reuse, set a unique password for each and every account
  • Enable 2FA where possible
  • Remain skeptical towards any unexpected emails/phone calls/texts and do not give out personal information if your spidey sense is tingling.

I wish I had more advice, but for now, we just have to hang on. For some perspective, I’ll be listing out (and adding future) noteworthy data breaches below. Note the recent National Public Data breach, as it probably affects every American and involved our addresses and SSNs. At this point, everyone should presume their info is on a list out there on the dark web.

Notable American Data Breaches

Company NameFirst ReportedNumber AffectedRelevant Links
ToyotaAugust 2024???Link, Link
City of Columbus, OHAugust 2024500,000Link, Link, Link
National Public DataAugust 20242.9BLink, Link, Link
AT&TJuly 202473MLink, Link, Link
UnitedHealth / Change HealthcareJuly 2024100M?Link, Link, Link
TicketMasterJune 2024560MLink, Link
Advance Auto PartsJune 2024380MLink
Life360 / TileJune 2024450,000Link
Christie’sMay 2024500MLink, Link
Financial Business & Consumer SolutionsApril 202442MLink
DellApril 202449MLink, Link, Link
Virginia Farm BureauFebruary 2024261,187Link, Link
XfinityDecember 202335MLink, Link, Link
Real Estate Wealth NetworkDecember 20231.5BLink, Link
MOVEitJune 202311.3MLink, Link, Link
TwitchOctober 2021???Link, Link, Link
Marriott InternationalNovember 2018500MLink, Link
EquifaxSeptember 2017163MLink

Missing Person Posts on Facebook

Posting about a missing person on Facebook just makes sense. Meta’s social media platform has incredible reach and spreads info extremely fast. But when you see such a post in your feed, don your critical thinking-cap before reacting. There are a few kinds of Missing Person Posts on Facebook. And each one merits a different response.

Legitimate Missing Person Posts

A real and trustworthy Missing Person Post will clearly display:

  • The missing person’s full name, age, height, weight and last known attire
  • A police department’s name, location and phone number, to which you would report any sighting or critical info
  • Links to an Amber Alert or other missing-persons website

Check out this Virginia State Police page for active missing person alerts. Reviewing these will make you familiar with the type of alerts you may trust. If you see these posts on social media, you should feel safe in sharing them and interacting with them.

Suspicious Missing Person Posts

On other occasions, you may see a social media post that asks for help in finding someone… but it isn’t quite as buttoned-up. The post will truly be from a local person, asking for help in locating another local, but:

  • No police department or authorities are mentioned
  • They request you call or text a personal cell number
  • The post asks for private messages only

This could be a legitimate plea for help, but without police involvement, we cannot be certain. Getting involved in this sort of alert could have unknown consequences. Play it safe and do not get involved, unless you know the poster and situation personally. A missing person alert that doesn’t pass the sniff-test could actually be:

  • A stalker trying to track down a victim
  • A parent seeking to violate a custody order
  • An abuser searching for someone who’s fled their home

While rare, you don’t want to accidentally help with those situations. Think twice before sharing or spreading the post, as well.

Scammy Missing Person Posts

Missing Person Posts on Facebook

And then there are the completely fake missing person alerts. They’re all over Facebook, especially in Facebook Groups. I’ve mentioned these before, but they range from missing kids to adults & old folks and even pets.

These posts will resemble the suspicious posts described above, but there are further tells that are hallmarks of a scam:

  • Duplicated photos are shown
  • The poster has just recently joined the group
  • The poster Likes their own post
  • Comments are disabled
  • There is no contact info, to the police or any individual
  • The town name has been hashtagged (marked with a #)
  • The only urgent request is that you Share the post

This type of post is 100% fiction, and there is no missing child/adult/pet. The photo has been swiped from somewhere else on the internet, and is being used to catch your eye and tug on your heartstrings. Once this scam post has garnered a lot of Shares all across Facebook, the original poster will Edit the original post to something more dangerous. And that Edit will echo down through all of the Shares and spread to thousands or millions of Facebook users. For more details, check out The Facebook Edited-Post Scam.

If you see this type of post, do not Like it or Share it. Use the 3-dots button in the corner of the post to report it, to Facebook and to the “group admins”.

Detecting Manipulated Photos

Not sure if you’re looking at a legitimate picture on the internet? Altered images and deepfakes abound on the web, especially with the creative help of AI. Here are some tools that might help in detecting manipulated photos:

AI Detection Tools

Detecting Manipulated Photos

AI-generated content may be easy for some to spot. Look closely and you may see 7 fingers or an extra shoelace as giveaways. But some AI images are so well-crafted that they may fool even the sharpest observer. AI detection tools can sometimes help; here are some free websites you might try:

Hive Moderation, scroll down and use the Upload button to submit a picture file.

Fake Image Detector

Illuminarty

Maybe’s AI Art Detector

Advanced AI Image Detector

Please note that not all detectors work the same, and you may get mixed or incorrect results. AI image detection tools are not (yet?) 100% reliable. Also, I am only linking to free tools. I have avoided paid tools and websites that demand user accounts.

Reverse Image Search Tools

Sometimes, you can extrapolate an image’s legitimacy, simply by knowing where it came from. Performing a reverse-image-search may quickly show you where an image has been on the internet. From that info, you might deduce that it is real or fake. So, save or copy any photo that you’re wondering about, and submit it to one of these search tools:

Google Image Search

Bing Search

Tineye.com

At the end of the Google and Bing search bars is an icon that looks like a camera. Use that to submit your saved photo.

Some developers have created browser extensions to help with this. If you install one of these extensions, you can then right-click an internet image and get an option to reverse-search the picture through many sites at once!

Search by Image for Firefox, Search by Image for Chrome

Fast Image Research for Chrome

RevEye for Firefox, RevEye for Chrome

Miscellany

Some websites are resistant to your saving a copy of their pictures. If a website won’t allow you to right-click and save something as a JPG, consider taking a screenshot. Any screen capture can be saved and cropped and then submitted to these tools’ websites.

If a questionable image is accompanied by some text, you may want to search out that text or content elsewhere, on fact-checking websites:

Snopes

VERIFY

Factcheck by AFP

LeadStories

Netflix Phishing

That email you just received about your Netflix account? Look closely, it may be a clever fake. Internet crooks know that almost everyone has a Netflix account by now. So scamming people with the Netflix name and logo probably seems like easy money to them. Here’s what to know and watch out for with Netflix phishing:

Fake Netflix Emails

Most of these fake Netflix messages arrive over email. Some are obvious and laughable fakes, while others are fairly convincing. Here’s an example of one of their better attempts.

netflix phishing

This fake email has a lot going for it: the From-email address looks legit, the grammar and spelling is believable and the overall tone resembles legitimate Netflix communications.

But notice that Gmail has put a question mark next to the sender. If you float over that question mark, Google will pop up and warn you that this message couldn’t be verified and may be from a sketchy sender. Also, the missing Netflix logo graphic is a tiny tip-off. But the clincher is when you hover the cursor over the link to “update your account”. Hovering over that usually allows your browser to tell you where that will take you. In this case, it isn’t going to any URL ending in Netflix.com!

Potential Dangers

You should not click weird link in sus emails. But I did, and I’ll show you what comes next. After clicking to “update my account”, I arrived at a cute captcha:

This is just here to groom its victims. It’s easy and familiar to do, and it preps you for cooperation on the next page:

I’m impressed. The only thing here to clue you in to the fakery is the URL. Many people would miss that it says “realcaptcha.com” instead of “netflix.com”.

Anyone tricked into filling in these fields would give their Netflix credentials to cybercriminals. I filled in some junk info, to see what comes next:

Of course, a payment screen that looks just like the real thing! But I found it telling that this sham would not allow me to put in a made-up credit card number. This site checks numbers in real-time and rejects incorrect entries. That means this is tied to a payment processing company, and I’ll bet that anyone fooled by this page will end up with fraudulent charges on their bank card!

Dos and Don’ts

If you’ve been fooled by this sort of phishing campaign, change your Netflix password ASAP. And then contact your bank and talk to them about how your account may have been compromised. They’ll take steps to secure your financial accounts.

If you receive this message, via email or text, feel free to forward it to phishing@netflix.com because the real Netflix folks are interested in tracking and preventing these things.

Also, feel free to use your email’s Report Spam function on the message. But do not use Block Sender. Since many of these messages use spoofing, the sender’s address may have been falsified to show a real Netflix address. If you block that phishing email, then you might stop receiving emails from the real Netflix!

Lastly, if you receive a Netflix email and can’t figure out its legitimacy, just put it aside. Open a new browser tab and go to www.netflix.com and sign in there. Once you’re inside the real Netflix site, you can look around and try to verify what was emailed to you.

The Muse Scam

The Muse Scam

Most people assume scammers are targetting older victims, but that’s not always the case. The Muse Scam tends to focus on younger people, as they may not be as familiar with how fake check scams work. In any case, you should know about this scam, if you are active on any social media platform.

How This Begins

This scheme begins with someone reaching out over Instagram or other social websites. Their initial messages will be easy and complimentary about something they’ve seen on your profile. “I love that one photo of you where you are doing the thing. So graceful! So inspiring… It awakens the muse in me to create something new.”

From there, they will ask to use your photo or image. They’ll describe using it in a painting or collage or new art creation, and offer to send you a free digital copy of the finished product for you to keep. It all sounds flattering and appears to have no strings attached.

And even better, the artist will insist on paying you for your photo or likeness! But here is where the danger lay. Much like the Mystery Shopper Scam, this will soon attempt a confidence trick using personal checks.

The Art of the Switcheroo

If you’ve coooperated this far with The Muse Scam, then the perp will now ask about sending you your commission. They will be very much intent on getting a payment check to you ASAP. Some will even guide you through accepting a e-Check directly into your bank account. And if you question things, they will emphasize that they want to keep everything on the level and properly pay for the photos they use.

But nothing here is on the level. They will want to pay you $500, but send a $1000 check. Or perhaps they will offer $2000, but the check is much higher than that. They will explain that the extra money is for someone else. You will need to send that money on to the artist, for them to buy their art supplies. Or that overage needs to be transferred over to the art studio to cover the rent or overhead expenses.

And cooperating with this is how you lose. Supposing you accept that deposit into your bank account, then you will see that money appear on your balance. You might then send the extra funds on to the “artist” and relax with your free money… until the bank catches up and notices something wrong with the initial deposit. Then you’ll be notified, days or even weeks later, that:

  • the deposit was found to be fraudulent and has been reversed
  • you are being assesed extra fees for depositing a bad check
  • your outbound transfer, that you made to cover the artist’s bills, stands as a separate and valid transaction, and cannot be reversed

Of course, if you’ve suffered this loss, the people you’ve been dealing with on social media will have blocked you, erased their tracks and moved on to scam others. You may inform he authorities about the crime, but sympathy is the most you’ll get from that effort.

Everyone Needs to Know

This scam is especially successful against the younger generation, because it isn’t immediately obvious where the danger lay. Depositing a bank check may feel solid and trustworthy. But cybercriminals know how to game almost every financial system that we have. It takes a while for a bad check to be invalidated, and the scammers rely on that lag-time. Teach your teenagers that there is no such thing as a free lunch!

Punchbowl Phishing

Punchbowl is a legitimate website that offers online invitations, much like Evite. And scammers are phishing for victims, by sending out email that looks like Punchbowl invites. Don’t be fooled! Here are the details:

A Good-Looking Fake

Here’s what some folks are receiving right now:

Punchbowl Phishing

This message, should you receive it, may come from an email address known to you. But please don’t trust this. This is all a sham. Anyone tricked into clicking the Open-button will be taken to a website that looks similar to Punchbowl. That impostor site will ask them to sign in with an email and password. That info is then passed on to cybercriminals, who will log on to that email and use it for other nefarious purposes.

Dos and Don’ts

If you receive this message:

  • Don’t reply to this message.
  • Don’t Block the Sender (because it really did come from one of your friends).
  • Don’t click on any links.
  • Don’t type in any passwords or other important info.
  • Call the sender, or contact them outside of email, to let them know about this.
  • Encourage the sender to change their email password or otherwise secure their account. They have likely been compromised, and someone bad is abusing their email address!
  • If problems persist, mention to the sender that they can reach out to BlueScreen for direct help!

Facebook’s Malvertising Problem

A couple of weeks ago, I posted briefly on my Facebook page about a rash of dangerous posts. Many people were clicking on Facebook content and then running afoul of scammy popups. This sort of thing is very common around the internet. But since that day, I feel like there is quite an increase in this threat, and all originating with Facebook. We need to talk about Facebook’s malvertising problem.

Malvertising is (yet another) tech portmanteau, blending together the words “malware” and “advertising”. Malvertising is when online ads and ad-networks are used and abused to infect your computers and bring tech-harm into your life. Wherever advertising occurs on the web, malvertising is possible. And right now, Facebook is where a lot of it is cropping up.

Facebook's Malvertising Problem

And Meta’s problem seems to be getting worse, not better. It started with posts about deceased celebrities and other tragic (fake) news. And right now, it’s ramping up into offers for free software and games. And the threat is changing, from fake virus alert messages to real computer infections. Sadly, Facebook can’t seem to get a tourniquet on things.

What to Know and Do

While malvertising happens on many websites, including LinkedIn and YouTube, most of the reports coming to my door right now come from Sponsored Posts on Facebook. So while my general advice is to run an ad-blocker for extra protection, my specific advice here is: Do not trust or click on any Sponsored Post you see on Facebook.

This is especially true of anything that looks salacious, too good to be true, or alarming. Tempting sponsored posts on Facebook can be traps and might lead to something entirely different. Even benign-looking sponsored posts can be dangerous. Reason being: bad actors are compromising and stealing Facebook accounts, and misusing them to spread viral content.

It gets even trickier, because Facebook is putting posts in your feed that may or may not say “Sponsored Post” in the corner. Some may be labelled “Suggested For You”. A few may simply want you to “Follow” them. And others may have no special marker or call-out. I have to prescribe a healthy amount of dubiousness for any unexpected or unfamiliar posts you encounter on Facebook!

Besides this BOLO, I can also recommend:

  • Run an ad blocker or a browser with built-in ad-blocking. Even the FBI recommends using an ad blocker!
  • Use the 3-dots button next to any Facebook to Hide or Block content that you don’t care for
  • Consider using the F.B. Purity extension
  • Do not call phone numbers on unexpected pop-ups. Also, think twice before giving out your email or phone number to anyone asking for it through Facebook
  • Use Facebook less!

Spotting a Fake Company on Facebook

Someone recently asked about a business page on Facebook: “Hey, is this company legitimate? Am I going to be scammed by them?” I took a quick look and quickly saw the danger. Please check out the details below to become better at spotting a fake company on Facebook.

The Basics

The page that I was reviewing today was Asphalt Specialist & Driveway Maintenance. In case Facebook removes that page, I’ll also link to an archived copy of that page, for anyone to review.

On the surface, this looks like a perfectly ordinary business profile. I see a local phone number and address, plenty of good reviews, and solid English used on the posts and descriptions. No obvious red flags for the casual observer!

Digging In

On this profile, I started by clicking About and then Page Transparency. This asphalt company showed:

Spotting a Fake Company on Facebook

From this, we see that the page was created only 5 months ago, and is managed by people in the US… and Spain? A rural West Virginia paving company with a connection to someone across the ocean?

Checking the Basic Contact Info

Next, I copied the phone number and threw it into a Google search, and also into DuckDuckGo. And these searches immediately connect with paving and sealcoating services. But the results link to companies with different names. And different locations. Nothing matches up with the contact info on the Facebook profile.

So I regarded the address. Copied & pasted it into Google Maps, Bing Maps and Mapquest (yes, they’re still around!). Each mapping service quickly put a pin down and offered directions to that location. But none of them mentioned a business at that pin. And something’s seemed off, satellite imagery didn’t show buildings right at the pin drop.

So I got a bit analysis-retentive. I learned that the address was in Berkeley County, WV. Most counties have a handy GIS/mapping website for their properties, and Berkeley County’s was easy to find. It wasn’t the easiest to use, but I persevered and found that the address shown on Facebook doesn’t exist.

Spotting a Fake Company on Facebook
Where’s 198 Hatchery?

Digging Deeper

I returned to the Facebook profile to admire their posts and photos. The logo looked like an AI creation, but I see that happening more and more with real businesses, so I moved on. Browsing through the photos, I picked a fairly unique one, showing a man finishing a driveway job. I right-clicked that photo and chose “Search Image with Google”.

Google quickly popped out a side panel, showing similar photos and one exact match. The exact match was on a different paving company’s page. A company in Michigan.

I repeated this with a different photo on their Facebook profile. And that photo tracked back to a Craigslist post:

It was starting to look like their images were all copied from other websites. A business that’s copying images, as well as contact info? Definitely shady, enough for me to be sure about this outfit and turn them in to Facebook. But I found one more bit of copy-fraud:

The Glowing Reviews

This profile showed a high rating, from the get-go: 4.9 Stars, from 57 reviews! Pretty good for a page that’s not only a year old. And most of the reviews are wordy and very detailed and using proper English. But the devil is in the details.

Scrolling through these reviews, I soon noticed repetition. Different people had posted the exact same verbiage as each other. Next, I clicked through to look at these people posting the reviews. Most of them seemed off. They appeared to be posting various glowing reviews for a wide variety of services. I started to wonder if they were sock puppet accounts. And that perhaps all of the companies they were reviewing were bogus, like our Asphalt fakers.

By the way, this fake review technique has a name: Astroturfing. It’s sort of the opposite of review bombing.

Case Closed

I’m convinced that this Asphalt profile smells of fraud, so I did report it to Facebook. If somehow this is a real business, then they’ve been dealing with fraudsters to get reviews and other people’s photos on their profile. Please be ready to report anything shady to Facebook… even though it doesn’t do much.

Facebook is like the wild wild west. There’s a pretense of law & order, but it’s just too big to police. Or perhaps they don’t care to. Keep in mind that this scammy page is actually paying Meta to run their ads, while you are using Facebook for free. In other words:

« Older posts

© 2024 BlueScreen Computer

Theme by Anders NorenUp ↑