What is it:

Fake advertisements on social media platforms

Who is it targeting:

Social media users, consumers who have searched for specific products

How does it work:

Social media platforms are filled with advertisements for different products and services. Advertising revenue is how those companies can stay in business while not charging their users a fee for the service. However, some ads are legitimate offers for great products, while others are advertisement scams. These links steal your money and never provide the product, redirect to fake websites that steal your personal data and require you to install software that turns out to be malicious.

It can be very tricky to tell the difference between an advertisement scam and a legit ad. Until you can be certain of the ad’s safety, it is best to ignore the ad and search for the product name and website on your own. If you do recognize the ad’s platform (like Amazon or Walmart, with no other names listed in the address) then it is probably safe to click.

What you can do about it:

  • Beware the “too good to be true” ads that offer innovative products for pennies on the dollar
  • Watch out for “snake oil” health remedies and weight loss solutions
  • Be mindful that these bogus ads can target children, too. Talk to your family about safe clicking and avoiding spam and viruses

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next…

Facebook Pyramid Scheme Leaves You at Risk

New Venmo Scam Targets Payment App Users

SCAM: Your Social Security Number Has Been Suspended

 

What is it:

“Flipping” scam that promises you big money on social media

Who is it targeting:

Social media users on Instagram, Facebook, Snapchat and more

How does it work:

A flipping scam looks a lot like a pile of cash, at least in the picture accompanying the post. A user on the same platform shows the image and promises that you, too, can earn this kind of money for sending in only a little bit of upfront payment. Their post may even have a lot of comments from people who claim to have already benefitted, thanking the person for bringing them into this kind of wealth. Be warned: those people are not real and neither is the money.

A flipping scam plays off the old concept of an illegal pyramid scheme, in which you send in $100 and get ten people to send you their $100, and so on. However, this one does not even bother going that far. You send your money to the scammer, and that is the end of it.

What you can do about it:

  • Remember that things, and people, are not always what they seem on the internet
  • It is very easy to create fake accounts, fake posts and fake followers
  • Some of these scams want prepaid debit cards or gift cards, but remember that those are just as insecure as cash

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next…

Facebook Pyramid Scheme Leaves You at Risk

New Venmo Scam Targets Payment App Users

SCAM: Your Social Security Number Has Been Suspended

 

A new American Express phishing attack that specifically targeted American Express cardholders is unlike other attacks, according to security researchers. It contains a sophisticated method of harming the recipient that experts are not as familiar with.

Phishing attacks are nothing new. They arrive as emails, texts, social media messages or phone calls that appear to come from someone you know. It might look like your boss or co-worker, someone in your email contact list, your bank or your favorite retailer.

Each new phishing attack email has different goals, depending on what kind of ruse they are using. A fake email from your boss might tell you to change a password or send funds to a different account number, but an email from your bank might try to get you to hand over your username and password. Many phishing attacks only want the user to click a link in the email so they can be taken to a fake website where the thief steals their information. Or even worse, a link that downloads a virus to their computer.

In the case of the American Express phishing attack, the link embedded in the American Express phishing emails is two different parts. This way, the hacker can insert malicious code into the link while also confusing your antivirus software. Instead of warning you about a harmful link, your software does not recognize it as malicious.

The email itself was very typical of these kinds of attacks, namely in that it was filled with grammatical errors. Some reports have shown that the spelling and punctuation mistakes, like the ones seen in the American Express phishing attack, are intentional so that only more gullible recipients will interact with it.

Fortunately, the age-old advice about avoiding a phishing attack still holds true. These are some things to keep in mind.

Never click a link or download an attachment that you are not expecting

If the email came from your boss, pick up the phone and verify it. If it appears to come from a company you do business with, ignore the email and go directly to their website. From there, you can see if there is an issue with your account.

Spelling matters

Companies do not send out emails or other messages with multiple errors. If you see any strange mistakes, that is probably a sign it is a fake.

Check the email address and URL

If you look very carefully at the sender’s address or the website address they have included in the message, you might notice something strange. If it says “Amaz0n.com,” for example, it is fake. If the website is Citibank.card.shop.com, instead of the company’s actual web address, again, it is a fake.

Do not trust the caller ID

If the phishing attempt comes by phone, like the American Express phishing attack, do not go by what you saw on the caller ID. It is easy to change the phone number or screen name to say anything the scammer wants, such as “IRS” or “County Sheriff’s Dept.” If you receive a phoned attempt at getting you to verify your identity or make some kind of payment, hang up and contact the company directly using a phone number you have located yourself.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


Read next…

How to File an Equifax Claim for Data Breach Settlement

SCAM: Your Social Security Number Has Been Suspended

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches

 

What It Is

Scammers are looking to cash in on the buzz surrounding the Equifax data breach, specifically the ability for consumers to check their data and file a claim if they were affected.

Who It Is Targeting

Any consumers who may have had their information stolen in the Equifax breach could be at risk of an Equifax settlement scam, but scammers may also seek out people who were not affected in order to sell them protection products.

What You Need To Know

Equifax is one of the three major credit reporting agencies, and they were breached in 2018. More than 147 million consumers had their complete identities stolen by hackers. Now, Equifax has launched its settlement website where you can find out if your information was stolen, file a claim for compensation and apply for credit monitoring. Equifax settlement scammers are capitalizing on the buzz surrounding this new website and have already targeted victims.

What You Should Do About It

  • Make sure you are only using legitimate websites for this process, namely the FTC’s site and EquifaxBreachSettlement.com.
  • You do not have to pay anything to file a claim, look into your data, receive credit monitoring services or otherwise participate in this settlement.
  • Never verify your information for someone who contacts you and offers to find out if you have been affected.
  • Never hand over your Social Security number to someone who contacts you in any way.

Read next…

How to File an Equifax Claim for Data Breach Settlement

SCAM: Your Social Security Number Has Been Suspended

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches

 

Christmas shopping is better when you save a bundle, but this fake Costco coupon is definitely a scam.

Who Is It Targeting: Costco shoppers

What Is It: Coupon scam

What Are They After: There are several different ways scammers can benefit from a coupon scam. They may be gathering your email address and access to your social media friends list in order to sell the information to spammers. They may also be generating revenue from click advertising by getting you to answer screen after screen of survey questions. More harmful cases may actually install malicious software on your computer by getting you to first download a bogus “coupon installer” to print your coupon. Costco is the latest company to issue a warning to social media users: they are not giving away a $75 coupon online.

How Can You Avoid It:

  • Never click a link that someone shares with you unless you were specifically expecting it.
  • Generate a free “throwaway” email address for online offers so you aren’t sharing your real email address with spammers.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here. For full details of this scam check out this article from IDTheftCenter.org


Read next: “Secret Sisterhood” Online Gift Exchange Scam Alert

Tech support scams have infiltrated Apple mobile devices.

Who Is It Targeting: Apple device users

What Is It: Phishing email that lures you into calling “Apple Care” for phony tech support

What Are They After: Tech support scams certainly aren’t new, but the way they manifest has been evolving to keep up with the latest consumer products. A new scam tries to convince you that your Apple ID has been compromised; when you click the link in the email from your phone, it even tells you that your Apple account has been locked due to fraudulent activity. When you call the phone number—which pops up in a very Apple-looking “call or cancel” box—you’re directed to give the tech support person access to the mobile device. From there, the individual installs malware that steals money from your associated accounts or online bill pay.

How Can You Avoid It:

  • If you receive a warning message, don’t click or call!
  • Instead, exit out of the message and go directly to that account yourself.
  • Look around, and contact support if you still think there might be something wrong.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here.

Read next: Top Scams of the Year


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

In the “gig economy,” there are lots of legitimate ways to make extra money but this scam is targeting ride-share drivers.

Who Is It Targeting: Freelancers, gig economy workers

What Is It: Phishing email

What Are They After: This scam appeared as an email in an ITRC staffer’s inbox. It offers the recipient the chance to earn mega-bucks on the side as an Uber driver, but the email is so ridiculously bad. It’s literally a photo of an actual email from ride-hailing service Uber, pasted into another email that definitely doesn’t come from Uber. Clicking any of the associated links could install harmful software on your computer, and at the very least, interacting with the sender could lead to identity theft.

How Can You Avoid It:

  • If you’re looking for a job, avoid the scammers and go directly to the source.
  • Gig economy and freelance work is definitely available, but you have to play it safe.
  • Avoid scams by thoroughly investigating any opportunity before sharing sensitive information or financial data.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here.

Read next: Top Scams of the Year


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

The internet is a great resource for the online job hunt, but it’s also riddled with scams.

Who Is It Targeting: Online job seekers

What Is It: Bait-and-Switch check-cashing scam targeted at job seekers

What Are They After: The internet is a great resource for finding new job opportunities, but you have to play it safe. One woman posted her resume online at a well-known employment site and was contacted immediately with an offer. Unfortunately, scammers patrol these online job sites (Indeed, Glassdoor, LinkedIn) and other sites, looking for their next victim. She lost several thousand dollars to a check scam in which she was told to cash a check and use it to buy iTunes gift cards for the “employer.”

How Can You Avoid It:

  • When looking for a job online, be very careful about vetting the source.
  • Never submit your highly sensitive information during the application process.
  • Never accept a check that you must cash before returning some money or buying an item; let the check clear before you take any action.

Remember, a common form of identity theft involves employment. It happens when someone accesses your personally identifiable information and uses it to get their own job but under your name. Are you working two jobs but don’t know it?

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here. For full details of this scam check out this article from WKRN.com.

Read next: Top Scams of the Year


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Be careful of the “good deals” you can find on social media marketplaces. Individuals are falling for Facebook ad scams.

Who Is It Targeting: Social Media users

What Is It:  Phishing emails that offer items for low prices

What Are They After: One woman learned the hard way that Facebook ads for incredible deals are easy to fake. After she found a massage chair for a very low price, she was redirected to a different web page where she inputted her personal details and credit card information. Fortunately, her bank reached out to her shortly after: her credit card information had been used in another country to make a purchase worth several thousand dollars. When she confirmed that she had not made that purchase, the transactions were canceled.

How Can You Avoid It:

  • Make sure all of your online shopping is only with reputable retailers.
  • Monitor all of your accounts very careful to watch for fraud.
  • Of course, always be mindful of the information you put out about yourself on social media.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here. For full details of this scam check out this article from CBS12.com.

Read next: Top Scams of the Year


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Individuals have recently reported to the Identity Theft Resource Center that scammers are requesting a new payment method through AmEx prepaid card when targeting victims.

Who Is It Targeting: Social Media users

What Is It:  Phishing scams that demand untraceable payment methods

What Are They After: Now that word has gotten out about not paying your “taxes” with iTunes gift cards or wiring money to an alleged kidnapper via Western Union, scammers have started demanding payment via prepaid cards from recognizable financial institutions like American Express. They insist on a prepaid card because your bank cannot cancel the transaction if it turns out to be fraud. One victim who contacted the ITRC was instructed to put the fee on a prepaid AmEx card in order to apply for a “government grant;” the fraud came to her through a Facebook friend’s account.

How Can You Avoid It:

  • There is no legitimate reason that you will be required to make a payment via an untraceable method.
  • If the company is able to accept a prepaid Visa, Mastercard or AmEx card, they will be able to accept your credit card.
  • Never agree to make a payment through an untraceable method without checking out the situation completely.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. Find more information about current scams and alerts here. 

Read next: Top Scams of the Year


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.