Know who you’re dealing with.
The company may not be offering to employ you directly, only to sell you training and materials and to find customers for your work.
Don’t believe that you can make big profits easily.
Operating a home-based business is just like any other business – it requires hard work, skill, good products or services, and time to make a profit.
Be cautious about emails offering work-at-home opportunities. Many unsolicited emails are fraudulent.
Get all the details before you pay.
A legitimate company will be happy to give you information about exactly what you will be doing and for whom.
Find out if there is really a market for your work.
Claims that there are customers for work such as medical billing and craft making may not be true. If the company says it has customers waiting, ask who they are and contact them to confirm. You can also ask likely customers in your area (such as doctors for medical billing services) if they actually employ people to do that work from home.
Get references for other people who are doing the work. Ask them if the company kept its promises.
Be aware of legal requirements.
To do some types of work, such as medical billing, you may need a license or certificate. Check with your state attorney general’s office. Ask your local zoning board if there are any restrictions on operating a business from your home. Some types of work cannot be done at home under federal law. Look for the nearest U.S. Department of Labor in the government listings of your phone book.
Know the refund policy.
If you have to buy equipment or supplies, ask whether and under what circumstances you can return them for a refund.
Beware of the old “envelope stuffing” scheme.
In this classic scam, instead of getting materials to send out on behalf of a company, you get instructions to place an ad like the one you saw, asking people to send you money for information about working at home. This is an illegal pyramid scheme because there is no real product or service being offered. You won’t get rich, and you could be prosecuted for fraud.
Be wary of offers to send you an “advance” on your “pay.” Some con artists use this ploy to build trust and get money from your bank. They send you a check for part of your first month’s “pay.” You deposit it, and the bank tells you the check has cleared because the normal time has passed to be notified that checks have bounced. Then the crook contacts you to say that you were mistakenly paid the wrong amount or that you need to return a portion of the payment for some other reason. After you send the money back, the check that you deposited finally bounces because it turned out to be an elaborate fake. Now the crooks have your payment, and you’re left owing your bank the amount that you withdrew.
Do your own research about work-at-home opportunities.
The “Work-At-Home Sourcebook” and other resources that may be available in your local library provide good advice and lists of legitimate companies that hire people to work for them at home. You may discover that these companies hire only local people and that there is nothing available in your area.
If you need advice about an Internet or telemarketing solicitation, or you want to report a possible scam, use the Online Reporting Form or call the NFIC hotline at 1-800-876-7060.
Monday, October 08, 2007
Saturday, August 11, 2007
FTC Consumer Alert - Online Auctions
Online Auctions: Bidders Be Wary
Online payment and escrow services have become extremely popular in the Internet auction world - and for good reasons: Online payment services allow buyers to use a credit card or electronic bank transfer to pay sellers who may not be equipped to accept these kinds of transactions. Online escrow services accept and hold a buyer's payment until the merchandise is received and approved; then, they forward the payment to the seller.
But the Federal Trade Commission (FTC) is advising online buyers - and sellers - to be alert to phony online payment and escrow services. The consumer protection agency says that occasionally operators of these sites pose as sellers and buyers to improperly obtain money or goods.
How can you determine whether an online payment or escrow service is legitimate? The FTC offers these tips:
Online payment and escrow services have become extremely popular in the Internet auction world - and for good reasons: Online payment services allow buyers to use a credit card or electronic bank transfer to pay sellers who may not be equipped to accept these kinds of transactions. Online escrow services accept and hold a buyer's payment until the merchandise is received and approved; then, they forward the payment to the seller.
But the Federal Trade Commission (FTC) is advising online buyers - and sellers - to be alert to phony online payment and escrow services. The consumer protection agency says that occasionally operators of these sites pose as sellers and buyers to improperly obtain money or goods.
How can you determine whether an online payment or escrow service is legitimate? The FTC offers these tips:
- Read the service's terms of agreement. If it's an online payment service, find out whether it offers buyers any recourse if sellers don't keep their end of the bargain, whether it prevents sellers from accessing their funds if buyers are not satisfied with the product, and who pays for credit card charge backs or transaction reversal requests.
- Examine the service's privacy policy and security measures. Never disclose financial or personal information unless you know why it's being collected, how it will be used, and how it will be safeguarded.
- Check out the online payment or escrow service's Web site. Sites that are of poor quality, say, with misspelled words, or that claim to be affiliated with the government are suspect.
- Call the customer service line. If there isn't one - or if you call and can't reach someone - don't use the service.
- Be suspicious of online escrow services that can't process their own transactions, but rather require users to set up accounts with online payment services.
- Check with the Better Business Bureau, state attorney general or consumer protection agency where you live and where the online payment or escrow service is based to see whether there are unresolved complaints against the service. Be aware that a lack of complaints doesn't necessarily mean that a service has no problems.
- Read Internet Auctions: A Guide for Buyers and Sellers.
The FTC works for the consumer to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit http://www.ftc.gov/ or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
Wednesday, July 18, 2007
Emergency Information: What to do if you think you have been scammed!
Phishing attacks are becoming more sophisticated every day, so don't blame yourself. It is more important to act quickly to protect your information and identity. If you believe you have been tricked this way, assume that you will become a victim of credit card fraud, bank fraud, or identity theft. Below is some advice on what to do if you are in this situation in the United States:
--------------------------------------------------------------------------------
What to do, if...
If you have given out your credit or debit or ATM card information
Report the theft of this information to the card issuer as quickly as possibleMany companies have toll-free numbers and 24-hour service to deal with such emergencies.Cancel your account and open a new oneReview your billing statements carefully after the lossIf they show any unauthorized charges, it's best to send a letter to the card issuer describing each questionable charge.Credit Card Loss or Fraudulent Charges (FCBA).Your maximum liability under federal law for unauthorized use of your credit card is $50.If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized useATM or Debit Card Loss or Fraudulent Transfers (EFTA).Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.You risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you
--------------------------------------------------------------------------------
If you have given out your bank account information
Report the theft of this information to the bank as quickly as possibleCancel your account and open a new on
--------------------------------------------------------------------------------
If you have downloaded a virus or Trojan
Some phishing attacks use viruses and/or Trojans to install programs called "key loggers" on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, usernames and passwords, Social Security Numbers, etc. In this case, you should:
Install and/or update anti-virus and personal firewall softwareUpdate all virus definitions and run a full scanConfirm every connection your firewall allowsIf your system appears to have been compromised, fix it and then change your password again, since you may well have transmitted the new one to the hackerCheck your other accounts! The hackers may have helped themselves to many different accounts:Check your eBay account, PayPal, your email ISP, online bank accounts, online trading accounts, Amazon.com and other e-commerce accounts, and everything else for which you use online password
--------------------------------------------------------------------------------
If you have given out your personal identification information
Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have given out this kind of information to a phisher, you should do the following:
Report the theft to the three major credit reporting agencies, Experian, Equifax and TransUnion Corporation, and do the following:Request that they place a fraud alert and a victim’s statement in your file.Request a FREE copy of your credit report to check whether any accounts were opened without your consent.Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft.
Major Credit Bureaus
Equifax
To order your report, call: 800-685-1111 or write: P.O. Box 740241, Atlanta, GA 30374-0241To report fraud, call: 800-525-6285 and write: P.O. Box 740241, Atlanta, GA 30374-0241Hearing impaired call 1-800-255-0056 and ask the operator to call the Auto Disclosure Line at 1-800-685-1111 to request a copy of your report.
Experian
To order your report, call: 888-EXPERIAN (397-3742) or write: P.O. Box 2002, Allen TX 75013To report fraud, call: 888-EXPERIAN (397-3742) and write: P.O. Box 9530, Allen TX 75013 TDD: 1-800-972-0322
Trans Union To order your report, call: 800-888-4213 or write: P.O. Box 1000, Chester, PA 19022To report fraud, call: 800-680-7289 and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92634 TDD: 1-877-553-7803
Notify your bank(s) and ask them to flag your account and contact you regarding any unusual activity:
If bank accounts were set up without your consent, close them.
If your ATM card was stolen, get a new card, account number and PIN.
Contact your local police department to file a criminal report.
Contact the Social Security Administration’s Fraud Hotline to report the unauthorized use of your personal identification information.
Notify the Department of Motor Vehicles of your identity theft.
Check to see whether an unauthorized license number has been issued in your name.
Notify the passport office to be watch out for anyone ordering a passport in your name.
File a complaint with the Federal Trade Commission. Ask for a free copy of "ID Theft: When Bad Things Happen in Your Good Name", a guide that will help you guard against and recover from your theft.
File a complaint with the Internet Fraud Complaint Center (IFCC) The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), with a mission to address fraud committed over the Internet.For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
Document the names and phone numbers of everyone you speak to regarding the incident. Follow-up your phone calls with letters.
Keep copies of all correspondence.
--------------------------------------------------------------------------------
What to do, if...
If you have given out your credit or debit or ATM card information
Report the theft of this information to the card issuer as quickly as possibleMany companies have toll-free numbers and 24-hour service to deal with such emergencies.Cancel your account and open a new oneReview your billing statements carefully after the lossIf they show any unauthorized charges, it's best to send a letter to the card issuer describing each questionable charge.Credit Card Loss or Fraudulent Charges (FCBA).Your maximum liability under federal law for unauthorized use of your credit card is $50.If the loss involves your credit card number, but not the card itself, you have no liability for unauthorized useATM or Debit Card Loss or Fraudulent Transfers (EFTA).Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.You risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you
--------------------------------------------------------------------------------
If you have given out your bank account information
Report the theft of this information to the bank as quickly as possibleCancel your account and open a new on
--------------------------------------------------------------------------------
If you have downloaded a virus or Trojan
Some phishing attacks use viruses and/or Trojans to install programs called "key loggers" on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, usernames and passwords, Social Security Numbers, etc. In this case, you should:
Install and/or update anti-virus and personal firewall softwareUpdate all virus definitions and run a full scanConfirm every connection your firewall allowsIf your system appears to have been compromised, fix it and then change your password again, since you may well have transmitted the new one to the hackerCheck your other accounts! The hackers may have helped themselves to many different accounts:Check your eBay account, PayPal, your email ISP, online bank accounts, online trading accounts, Amazon.com and other e-commerce accounts, and everything else for which you use online password
--------------------------------------------------------------------------------
If you have given out your personal identification information
Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes. If you have given out this kind of information to a phisher, you should do the following:
Report the theft to the three major credit reporting agencies, Experian, Equifax and TransUnion Corporation, and do the following:Request that they place a fraud alert and a victim’s statement in your file.Request a FREE copy of your credit report to check whether any accounts were opened without your consent.Request that the agencies remove inquiries and/or fraudulent accounts stemming from the theft.
Major Credit Bureaus
Equifax
To order your report, call: 800-685-1111 or write: P.O. Box 740241, Atlanta, GA 30374-0241To report fraud, call: 800-525-6285 and write: P.O. Box 740241, Atlanta, GA 30374-0241Hearing impaired call 1-800-255-0056 and ask the operator to call the Auto Disclosure Line at 1-800-685-1111 to request a copy of your report.
Experian
To order your report, call: 888-EXPERIAN (397-3742) or write: P.O. Box 2002, Allen TX 75013To report fraud, call: 888-EXPERIAN (397-3742) and write: P.O. Box 9530, Allen TX 75013 TDD: 1-800-972-0322
Trans Union To order your report, call: 800-888-4213 or write: P.O. Box 1000, Chester, PA 19022To report fraud, call: 800-680-7289 and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92634 TDD: 1-877-553-7803
Notify your bank(s) and ask them to flag your account and contact you regarding any unusual activity:
If bank accounts were set up without your consent, close them.
If your ATM card was stolen, get a new card, account number and PIN.
Contact your local police department to file a criminal report.
Contact the Social Security Administration’s Fraud Hotline to report the unauthorized use of your personal identification information.
Notify the Department of Motor Vehicles of your identity theft.
Check to see whether an unauthorized license number has been issued in your name.
Notify the passport office to be watch out for anyone ordering a passport in your name.
File a complaint with the Federal Trade Commission. Ask for a free copy of "ID Theft: When Bad Things Happen in Your Good Name", a guide that will help you guard against and recover from your theft.
File a complaint with the Internet Fraud Complaint Center (IFCC) The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), with a mission to address fraud committed over the Internet.For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
Document the names and phone numbers of everyone you speak to regarding the incident. Follow-up your phone calls with letters.
Keep copies of all correspondence.
Thursday, May 10, 2007
Tips on How to Identify a Scam or Fraud
If the email, phone call, prize or lottery notification has any of the following elements, we strongly suggest it is probably a fraud and you do not respond to it. Below are some general tips to recognize scams. Detailed information can be found from the the website:
The name of the company is listed on this website somewhere.
The email matches one of the definitions or formats on this website.
The organization has no website and can not be located in Google.
The email or requestor asks for bank account information, credit card numbers, driver's license numbers, passport numbers, your mother's maiden name or other personal information.
The email or caller advises that you have won a prize - but you did not enter any competition run by the prize promoters.
The mail may be personally addressed to you but it has been posted using bulk mail - thousands of others around the world may have received the exact same notification. Especially true if you find an exact or similar email posted on this website.
The return address is a yahoo, hotmail, excite.com or other free email accounts. Legitimate companies can afford the roughly $100 per year that it costs to acquire and maintain a domain and related company email account.
The literature contains a lot of hype and exaggerations, but few specific details about costs, your obligations, how it works, etc.
The prize promoters ask for a fee (for administration, "processing", taxes, etc.) to be paid in advance. A legitimate lottery simply deducts that from the winnings!
The scheme offers bait prizes that, if they are real, are often substandard, over-priced, or falsely represented. Or, as part of the prize you can purchase "exclusive items" which may also be over-priced or substandard.
To get your prize might require travel overseas at your own cost (and personal risk) to receive it.
The name of the company is listed on this website somewhere.
The email matches one of the definitions or formats on this website.
The organization has no website and can not be located in Google.
The email or requestor asks for bank account information, credit card numbers, driver's license numbers, passport numbers, your mother's maiden name or other personal information.
The email or caller advises that you have won a prize - but you did not enter any competition run by the prize promoters.
The mail may be personally addressed to you but it has been posted using bulk mail - thousands of others around the world may have received the exact same notification. Especially true if you find an exact or similar email posted on this website.
The return address is a yahoo, hotmail, excite.com or other free email accounts. Legitimate companies can afford the roughly $100 per year that it costs to acquire and maintain a domain and related company email account.
The literature contains a lot of hype and exaggerations, but few specific details about costs, your obligations, how it works, etc.
The prize promoters ask for a fee (for administration, "processing", taxes, etc.) to be paid in advance. A legitimate lottery simply deducts that from the winnings!
The scheme offers bait prizes that, if they are real, are often substandard, over-priced, or falsely represented. Or, as part of the prize you can purchase "exclusive items" which may also be over-priced or substandard.
To get your prize might require travel overseas at your own cost (and personal risk) to receive it.
Wednesday, April 04, 2007
New Tips for Shopping Online
Here are some new tips for buying online.
1. Credit Cards the best way to go.
The safest way to shop on the Internet is with a credit card. In the event something goes wrong, you are protected under the federal Fair Credit Billing Act. You have the right to dispute charges on your credit card, and you can withhold payments during a creditor investigation.
When it has been determined that your credit was used without authorization, you are only responsible for the first $50 in charges. You are rarely asked to pay this charge. We recommend that you obtain one credit card that you use only for online payments to make it easier to detect wrongful credit charges.
Paying with a check leaves you vulnerable to bank fraud and sending a cashier's check or money order doesn't give you any protection if you have problems with the purchase.
Make sure your credit card is a true credit card and not a debit card, a check card, or an ATM card. As with checks, a debit card exposes your bank account to thieves. Your checking account could be wiped out in minutes. Further, debit and ATM cards are not protected by federal law to the extent that credit cards are.
2. Never Give Out Your Social Security Number
Providing your Social Security number is not a requirement for placing an order at an e-commerce web site. There is no need for the merchant to ask for it. Giving out your Social Security number could lead to having your identity stolen.
3. Don't give to much information
When placing an order, certain information must be provided to the seller such as your name and address. Sometimes, a seller will try to obtain more information about you. This information could be used to target you for "spam", direct mail or telephone soliciting.
Don't answer any question you feel is not required to process your order. Most web sites will mark which questions need to be answered with an asterisk (*). If a company require information you are don't want to give, leave the site and find a different company to do business with.
4. Keep Your Password Private
Most reputable web sites require the shopper to log-in before placing or viewing an order. The shopper is usually required to provide a username and a password. Never reveal your password to anyone. The best password has at least eight characters and includes numbers and letters.
5. Check the Web Site Address
Don’t click on any link embedded within an email. Instead, open a new page then type in the link’s URL into the address bar and press “Enter”.
Identity thieves send large amounts of emails to Internet users that ask them to update the account information for their banks, credit cards, online payment service, or popular shopping sites. The email may state that your account information has expired, been compromised or lost and that you need to immediately update your information for the site.
Some emails sent as part of “phishing” attacks often contain links to official-looking web pages. Up to five percent of recipients respond to them and becoming victims of identity theft and other crimes.
Remember, legitimate businesses don’t ask for sensitive information via email. Don’t respond to any request for your personal information that comes to you in an email. And never click on any link embedded within an email.
6. Print Copies of Your Orders
After placing an order online, you should receive an invoice that reviews your entire order. It should include the costs of the order, your information, product information, and the confirmation number.
Print out at least one copy of the page(s) showing the company name, address, phone number. Keep it for your records for at least the period covered by the return/warranty policy.
7. Shop in the Unites States
When you buy from a company in the U.S., you are protected by state and federal consumer laws.
8. Know the Shipping Policy
Under the law, a company must ship your order within the time stated in its ad. If no time frame is stated, the merchant must ship the product in 30 days.
Here are key shipping questions to ask:
Are there choices for shipping?
Who pays the shipping cost?
What does the site say about shipping insurance?
What are the shipping and handling fees, and are they reasonable?
Know the site's Cancellation, Return and Complaint Policies
Even under the best of circumstances, shoppers sometimes need to return merchandise. Make sure site has a reasonable cancellation and return policies.
Who pays for shipping?
Is there a restocking charge if you need to cancel or return the order?
Do you get a store credit, or will the company fully refund your credit card? If the site only offers store credits, find out the time restriction for using this credit.
Don't expect less customer service just because a company operates over the Internet.
Does the site list a phone number and/or e-mail address for complaints?
How long has the company been in business?
Will they still be around when you need them?
Is there a warranty on the product, and who honors that guarantee?
Use Shopper's IntuitionLook at the site with a critical eye. And heed the old adage, "If it looks too good to be true, it probably is."
Are there extraordinary claims that you question?
Do the company's prices seem unusually low?
Does it look like the merchant is an amateur?
Are there a lot of spelling or grammar errors?
Does the company's phone go unanswered?
The use of a post office box should send up a red flag, no physical address is cause for concern.
If any of these questions trigger a warning bell in your head, you will be wise to find another online merchant.
9. Be Wary of Identity Theft
As e-commerce becomes more common so will identity theft committed over the Internet. Scammers can obtain their victims information using low-tech means like dumpster diving, mail theft, or workplace access to SSNs. But they are increasingly using the web to apply for new credit cards and to purchase goods and services in their victims' names.
Check your credit card bills carefully for several months after purchasing on the Internet. Look for purchases you did not make. If you find some, immediately contact the credit card company and file a dispute claim.
Order your credit reports at least once a year and check for accounts that have been opened without your permission.
10. Consider Using Single-use Card Numbers
Consumers using some brands of credit cards can get “virtual credit cards,” or single-use card numbers, that can be used at an online store. The randomly generated substitute 16-digit number can also be used to buy goods and services over the phone and through the mail but can’t be used for in-store purchases that require a traditional plastic card.
With this free service, you never need to give out your real credit card number online. Among the card companies offering it are Citibank and the Discover card.
Additional Resources
Listed below are web sites that provide additional information about shopping online.
www.fda.gov/oc/buyonline Created by the U.S. Food and Drug Administration to provide shopping tips for buying online prescriptions and over-the-counter drugs on the
web.
www.fraud.org The National Fraud Information Center, a program of the National Consumers League, m maintains information about online scams and lets you file complaints online.
www.ftc.gov/bcp/conline/pubs/alerts/glblalrt.htm The Federal Trade Commission's online shopping advice.
www.ftc.gov/bcp/conline/pubs/online/auctions.htm The Federal Trade Commission's tips on Internet auctions.
http://www.ic3.gov/ The FBI's Internet Fraud Complaint Center allows you to report suspected cases of Internet and e-commerce fraud.
http://www.lookstoogoodtobetrue.com/ Federal law enforcement and industry task force helps prevent consumers from becoming victims of an Internet fraud schemes.
www.onguardonline.gov FTC, other federal agencies, and the technology industry offer advice on identity theft, phishing, spyware, spam, online shopping and more.
http://www.safeshopping.org/ Online shopping tips provided by the American Bar Association.
www.wiredsafety.org Provides assistance, information and education to Internet users including identity and credential theft, online fraud and hacking.
1. Credit Cards the best way to go.
The safest way to shop on the Internet is with a credit card. In the event something goes wrong, you are protected under the federal Fair Credit Billing Act. You have the right to dispute charges on your credit card, and you can withhold payments during a creditor investigation.
When it has been determined that your credit was used without authorization, you are only responsible for the first $50 in charges. You are rarely asked to pay this charge. We recommend that you obtain one credit card that you use only for online payments to make it easier to detect wrongful credit charges.
Paying with a check leaves you vulnerable to bank fraud and sending a cashier's check or money order doesn't give you any protection if you have problems with the purchase.
Make sure your credit card is a true credit card and not a debit card, a check card, or an ATM card. As with checks, a debit card exposes your bank account to thieves. Your checking account could be wiped out in minutes. Further, debit and ATM cards are not protected by federal law to the extent that credit cards are.
2. Never Give Out Your Social Security Number
Providing your Social Security number is not a requirement for placing an order at an e-commerce web site. There is no need for the merchant to ask for it. Giving out your Social Security number could lead to having your identity stolen.
3. Don't give to much information
When placing an order, certain information must be provided to the seller such as your name and address. Sometimes, a seller will try to obtain more information about you. This information could be used to target you for "spam", direct mail or telephone soliciting.
Don't answer any question you feel is not required to process your order. Most web sites will mark which questions need to be answered with an asterisk (*). If a company require information you are don't want to give, leave the site and find a different company to do business with.
4. Keep Your Password Private
Most reputable web sites require the shopper to log-in before placing or viewing an order. The shopper is usually required to provide a username and a password. Never reveal your password to anyone. The best password has at least eight characters and includes numbers and letters.
5. Check the Web Site Address
Don’t click on any link embedded within an email. Instead, open a new page then type in the link’s URL into the address bar and press “Enter”.
Identity thieves send large amounts of emails to Internet users that ask them to update the account information for their banks, credit cards, online payment service, or popular shopping sites. The email may state that your account information has expired, been compromised or lost and that you need to immediately update your information for the site.
Some emails sent as part of “phishing” attacks often contain links to official-looking web pages. Up to five percent of recipients respond to them and becoming victims of identity theft and other crimes.
Remember, legitimate businesses don’t ask for sensitive information via email. Don’t respond to any request for your personal information that comes to you in an email. And never click on any link embedded within an email.
6. Print Copies of Your Orders
After placing an order online, you should receive an invoice that reviews your entire order. It should include the costs of the order, your information, product information, and the confirmation number.
Print out at least one copy of the page(s) showing the company name, address, phone number. Keep it for your records for at least the period covered by the return/warranty policy.
7. Shop in the Unites States
When you buy from a company in the U.S., you are protected by state and federal consumer laws.
8. Know the Shipping Policy
Under the law, a company must ship your order within the time stated in its ad. If no time frame is stated, the merchant must ship the product in 30 days.
Here are key shipping questions to ask:
Are there choices for shipping?
Who pays the shipping cost?
What does the site say about shipping insurance?
What are the shipping and handling fees, and are they reasonable?
Know the site's Cancellation, Return and Complaint Policies
Even under the best of circumstances, shoppers sometimes need to return merchandise. Make sure site has a reasonable cancellation and return policies.
Who pays for shipping?
Is there a restocking charge if you need to cancel or return the order?
Do you get a store credit, or will the company fully refund your credit card? If the site only offers store credits, find out the time restriction for using this credit.
Don't expect less customer service just because a company operates over the Internet.
Does the site list a phone number and/or e-mail address for complaints?
How long has the company been in business?
Will they still be around when you need them?
Is there a warranty on the product, and who honors that guarantee?
Use Shopper's IntuitionLook at the site with a critical eye. And heed the old adage, "If it looks too good to be true, it probably is."
Are there extraordinary claims that you question?
Do the company's prices seem unusually low?
Does it look like the merchant is an amateur?
Are there a lot of spelling or grammar errors?
Does the company's phone go unanswered?
The use of a post office box should send up a red flag, no physical address is cause for concern.
If any of these questions trigger a warning bell in your head, you will be wise to find another online merchant.
9. Be Wary of Identity Theft
As e-commerce becomes more common so will identity theft committed over the Internet. Scammers can obtain their victims information using low-tech means like dumpster diving, mail theft, or workplace access to SSNs. But they are increasingly using the web to apply for new credit cards and to purchase goods and services in their victims' names.
Check your credit card bills carefully for several months after purchasing on the Internet. Look for purchases you did not make. If you find some, immediately contact the credit card company and file a dispute claim.
Order your credit reports at least once a year and check for accounts that have been opened without your permission.
10. Consider Using Single-use Card Numbers
Consumers using some brands of credit cards can get “virtual credit cards,” or single-use card numbers, that can be used at an online store. The randomly generated substitute 16-digit number can also be used to buy goods and services over the phone and through the mail but can’t be used for in-store purchases that require a traditional plastic card.
With this free service, you never need to give out your real credit card number online. Among the card companies offering it are Citibank and the Discover card.
Additional Resources
Listed below are web sites that provide additional information about shopping online.
www.fda.gov/oc/buyonline Created by the U.S. Food and Drug Administration to provide shopping tips for buying online prescriptions and over-the-counter drugs on the
web.
www.fraud.org The National Fraud Information Center, a program of the National Consumers League, m maintains information about online scams and lets you file complaints online.
www.ftc.gov/bcp/conline/pubs/alerts/glblalrt.htm The Federal Trade Commission's online shopping advice.
www.ftc.gov/bcp/conline/pubs/online/auctions.htm The Federal Trade Commission's tips on Internet auctions.
http://www.ic3.gov/ The FBI's Internet Fraud Complaint Center allows you to report suspected cases of Internet and e-commerce fraud.
http://www.lookstoogoodtobetrue.com/ Federal law enforcement and industry task force helps prevent consumers from becoming victims of an Internet fraud schemes.
www.onguardonline.gov FTC, other federal agencies, and the technology industry offer advice on identity theft, phishing, spyware, spam, online shopping and more.
http://www.safeshopping.org/ Online shopping tips provided by the American Bar Association.
www.wiredsafety.org Provides assistance, information and education to Internet users including identity and credential theft, online fraud and hacking.
Saturday, March 10, 2007
Internet Auction Fraud
Internet auction fraud
SCD6 Economic and Specialist Crime OCU is issuing warnings, as part of
a crime prevention initiative against on Internet auction fraud and
money transfer fraud. Often people, who become the victims of fraud
through on line auction sites, are often persuaded to send the money
fraudulently obtained from them through money transfer service
providers. This section of the fraud alert website aims to provide
advice that hopefully will prevent you from becoming a victim of such
frauds.
Internet auction - basics
Get to know the parameters set by the site - they are in place to
ensure user safety. Read the safety advice provided by the on line
auction site before trading. Never step outside of these or outside of
the site no matter how enticing the deal. Fraudsters will try to trick
you into doing this. Like any popular activity you must ensure you know
‘the rules of the game’ because ‘A little
knowledge is a dangerous thing’.
When looking at an advertised item compare pricing. Beware of people
offering you a deal below the current bid or reserve price, especially
if they are contacting you direct. Remember ‘If an offer
sounds too good to be true it probably is’.
Get to know the seller by looking at their selling history and the
goods they sale. Be extremely careful around the payment method used
for persons selling with little or no selling history.
Don't get carried away in the excitement of winning an auction.
Fraudsters rely on you being over keen and off your guard. It is never
too late to ask questions of a seller to ensure that you are completely
happy with what you are about to pay for. Do not follow through if you
think it is a fraud, report the seller to the site.
Finally, if your site offers ‘second chance’
bidding on an auction verify that any notification of you qualifying
for this ‘opportunity’ actually comes from the site
and not from a fraudster impersonating them. You can do this by
carefully checking the address from which the e-mail is sent or by
contacting the site via its published website (Beware of using any
hyperlinks or numbers attached to such a
‘notification’ as these may also be false).
"Always ask yourself, have I won the item, or have they won their next
victim?"
Internet auction – payment
Buyer:
Never use money transfers as a payment method whenever someone suggests
this to you, even if it is by the seller after you have
‘won’ the auctioned item or when approached to step
outside the on line auction site. There is little security in this, no
matter what the seller says, and you are effectively sending your hard
earned cash to a stranger ‘on trust’ alone. See our
Money transfer pages for further information.
Being extremely careful around direct banking transactions to pay for
goods. There is still little security in this area also, which
increases if the seller has no or little trading history with the on
line auction site you are using. You are still effectively still
sending your hard earned cash to a stranger ‘on
trust’ alone. There have been instances where people have
sent money to bank accounts and not received the goods. This has been
more prevalent when dealing with people with no or little trading
history on the auction site as a seller.
Use on the online payment options or a reputable ESCROW account to pay
for items. ESCROW is a payment system where both buyer and
seller’s financial details are held separately and in
isolation by a legitimate third party company acting as
‘middleman’. The buyer makes their payment into the
Escrow account. The payment is only made to the seller the goods have
arrived and been deemed satisfactory by the buyer. By doing so your
transactions will be better protected and often insured. Never enter an
Escrow account site through a link in an email sent to you by anyone,
as it has not been unknown for fraudsters to set up fake Escrow
websites. Use a search engine to locate the website or enter your
chosen Escrow site through it’s proper web address. Always
check the url shown in your web browser address bar.
Seller:
When a cheque is accepted for payment, please be aware that although
your bank or building society may after three days state that it has
'cleared', this only means that the money has passed between the banks.
You remain liable if the cheque that you have paid into your account is
forged or stolen, this may not come to light until the cheque is
received by the other bank or the bank account holder queries a
transaction on their account. This may take longer than you anticipate.
The money is then taken back from you account so you lose not only the
items that you have shipped to the 'Buyer' but also the money that the
buyer 'paid' for the goods.
A common trick that fraudsters use is known as 'Criminal Cash Back'
where a seller accepts a cheque for an amount higher than the value of
the transaction, often to pay a 'shipping charge' to the buyers
'shipping agent'. This is actually paid to another fraudster who
receives 'clean' money from you. You then find out at a later stage
that although the cheque paid to you has 'cleared', it is a stolen or
forged cheque, and you must pay the money back to your bank with no
hope of getting the money back from the bogus 'shipping agent'. See out
pages on Criminal Cashback pages for further information.
Internet auction – account security
Protect your on line auction account details as you would your own bank
account, whether it be your actual log in details and password to your
auction account or your payment account. Do not become a victim of
identity theft by revealing your name or account details. By aware of
phishing emails that purport to come from the on line auction or
payment site you are registered with, asking you to update your account
or re-enter your details because your account has be suspended. To see
two examples of a phishing emails purporting to be sent by on line
auction site Ebay, click on the link to example 1 and example 2.
There are a number of factors that will indicate this is a phishing
attack. In example 1 the following:
1. The email address, From: eBay Administration [admin@ebayz.com]
whilst looking like a genuine one from ebay is not correct as it reads
@ebayz.com instead of @ebay.com
2. Often these emails will contain links that sometimes take you to
pages on the genuine website to give it an appearance of being genuine.
But they also can take you to fake pages set up to represent the
genuine website.
3. The link to up date your records
http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?Update, whilst looking
genuine will take you a fake website, in this case
http://johtnanx.com.phtemp.com/eb/. Always check the url shown in your
web browser bar.
Always enter your on line auction or payment site through
it’s proper web address. Save this in your favourites. Never
be tempted to enter it through a link sent to you, especially in an
email, as it might lead you to a fake site and disclosure of your
personal information. If your on line auction or payment site provides
a toolbar down load that will advise you when you are on the genuine
site, consider using this.
Who to contact
If you believe you might be being set up as a target for fraud or have
been a victim of this type of fraud and need advice contact your local
police station. If you are a resident in Greater London area this link
will provide details of your local police station. If you are resident
outside the London area, the following link will provide you with
details of your local force website from which you can obtain details
of your local police station.
If you think you have information that might prevent or provide
intelligence on this type of crime, or you become the potential victim
of another type of fraud that we are not aware please advise the Fraud
Alert team by e-mail. Please note that we will not specifically respond
to emails, unless we have a need to clarify or seek further information
from the sender. This is due to the large number of emails we receive
daily and we hope that you appreciate the demands this places on the
team.
SCD6 Economic and Specialist Crime OCU is issuing warnings, as part of
a crime prevention initiative against on Internet auction fraud and
money transfer fraud. Often people, who become the victims of fraud
through on line auction sites, are often persuaded to send the money
fraudulently obtained from them through money transfer service
providers. This section of the fraud alert website aims to provide
advice that hopefully will prevent you from becoming a victim of such
frauds.
Internet auction - basics
Get to know the parameters set by the site - they are in place to
ensure user safety. Read the safety advice provided by the on line
auction site before trading. Never step outside of these or outside of
the site no matter how enticing the deal. Fraudsters will try to trick
you into doing this. Like any popular activity you must ensure you know
‘the rules of the game’ because ‘A little
knowledge is a dangerous thing’.
When looking at an advertised item compare pricing. Beware of people
offering you a deal below the current bid or reserve price, especially
if they are contacting you direct. Remember ‘If an offer
sounds too good to be true it probably is’.
Get to know the seller by looking at their selling history and the
goods they sale. Be extremely careful around the payment method used
for persons selling with little or no selling history.
Don't get carried away in the excitement of winning an auction.
Fraudsters rely on you being over keen and off your guard. It is never
too late to ask questions of a seller to ensure that you are completely
happy with what you are about to pay for. Do not follow through if you
think it is a fraud, report the seller to the site.
Finally, if your site offers ‘second chance’
bidding on an auction verify that any notification of you qualifying
for this ‘opportunity’ actually comes from the site
and not from a fraudster impersonating them. You can do this by
carefully checking the address from which the e-mail is sent or by
contacting the site via its published website (Beware of using any
hyperlinks or numbers attached to such a
‘notification’ as these may also be false).
"Always ask yourself, have I won the item, or have they won their next
victim?"
Internet auction – payment
Buyer:
Never use money transfers as a payment method whenever someone suggests
this to you, even if it is by the seller after you have
‘won’ the auctioned item or when approached to step
outside the on line auction site. There is little security in this, no
matter what the seller says, and you are effectively sending your hard
earned cash to a stranger ‘on trust’ alone. See our
Money transfer pages for further information.
Being extremely careful around direct banking transactions to pay for
goods. There is still little security in this area also, which
increases if the seller has no or little trading history with the on
line auction site you are using. You are still effectively still
sending your hard earned cash to a stranger ‘on
trust’ alone. There have been instances where people have
sent money to bank accounts and not received the goods. This has been
more prevalent when dealing with people with no or little trading
history on the auction site as a seller.
Use on the online payment options or a reputable ESCROW account to pay
for items. ESCROW is a payment system where both buyer and
seller’s financial details are held separately and in
isolation by a legitimate third party company acting as
‘middleman’. The buyer makes their payment into the
Escrow account. The payment is only made to the seller the goods have
arrived and been deemed satisfactory by the buyer. By doing so your
transactions will be better protected and often insured. Never enter an
Escrow account site through a link in an email sent to you by anyone,
as it has not been unknown for fraudsters to set up fake Escrow
websites. Use a search engine to locate the website or enter your
chosen Escrow site through it’s proper web address. Always
check the url shown in your web browser address bar.
Seller:
When a cheque is accepted for payment, please be aware that although
your bank or building society may after three days state that it has
'cleared', this only means that the money has passed between the banks.
You remain liable if the cheque that you have paid into your account is
forged or stolen, this may not come to light until the cheque is
received by the other bank or the bank account holder queries a
transaction on their account. This may take longer than you anticipate.
The money is then taken back from you account so you lose not only the
items that you have shipped to the 'Buyer' but also the money that the
buyer 'paid' for the goods.
A common trick that fraudsters use is known as 'Criminal Cash Back'
where a seller accepts a cheque for an amount higher than the value of
the transaction, often to pay a 'shipping charge' to the buyers
'shipping agent'. This is actually paid to another fraudster who
receives 'clean' money from you. You then find out at a later stage
that although the cheque paid to you has 'cleared', it is a stolen or
forged cheque, and you must pay the money back to your bank with no
hope of getting the money back from the bogus 'shipping agent'. See out
pages on Criminal Cashback pages for further information.
Internet auction – account security
Protect your on line auction account details as you would your own bank
account, whether it be your actual log in details and password to your
auction account or your payment account. Do not become a victim of
identity theft by revealing your name or account details. By aware of
phishing emails that purport to come from the on line auction or
payment site you are registered with, asking you to update your account
or re-enter your details because your account has be suspended. To see
two examples of a phishing emails purporting to be sent by on line
auction site Ebay, click on the link to example 1 and example 2.
There are a number of factors that will indicate this is a phishing
attack. In example 1 the following:
1. The email address, From: eBay Administration [admin@ebayz.com]
whilst looking like a genuine one from ebay is not correct as it reads
@ebayz.com instead of @ebay.com
2. Often these emails will contain links that sometimes take you to
pages on the genuine website to give it an appearance of being genuine.
But they also can take you to fake pages set up to represent the
genuine website.
3. The link to up date your records
http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?Update, whilst looking
genuine will take you a fake website, in this case
http://johtnanx.com.phtemp.com/eb/. Always check the url shown in your
web browser bar.
Always enter your on line auction or payment site through
it’s proper web address. Save this in your favourites. Never
be tempted to enter it through a link sent to you, especially in an
email, as it might lead you to a fake site and disclosure of your
personal information. If your on line auction or payment site provides
a toolbar down load that will advise you when you are on the genuine
site, consider using this.
Who to contact
If you believe you might be being set up as a target for fraud or have
been a victim of this type of fraud and need advice contact your local
police station. If you are a resident in Greater London area this link
will provide details of your local police station. If you are resident
outside the London area, the following link will provide you with
details of your local force website from which you can obtain details
of your local police station.
If you think you have information that might prevent or provide
intelligence on this type of crime, or you become the potential victim
of another type of fraud that we are not aware please advise the Fraud
Alert team by e-mail. Please note that we will not specifically respond
to emails, unless we have a need to clarify or seek further information
from the sender. This is due to the large number of emails we receive
daily and we hope that you appreciate the demands this places on the
team.
Wednesday, February 07, 2007
Hitman eMail Scam
Yet another email scam, but you could loose some sleep over this one.
From our friends at the FBI, I'm glad they keep us in the Loop.
Fire
Federal Bureau of Investigation
The scam e-mail, which first appeared in December, threatens to kill recipients if they do not pay the sender. It's a scam. FBI officials recommend you don't reply.
A new scam cropping up in e-mail boxes across the country is preying not on recipients’ greed or good intentions, but on their fears. The scam e-mail, which first appeared in December, threatens to kill recipients if they do not pay thousands of dollars to the sender, who purports to be a hired assassin.
About 115 complaints have been filed with the FBI’s Internet Crime Complaint Center (IC3) since the scam emerged, according to special agent John Hambrick, who heads IC3. He said the extortion scam does not appear to target anyone specifically and that IC3 has not received any reports of money loss or threats carried out.
“This is a hoax, so do yourself a favor and don’t respond,” Hambrick said.
Replying to the e-mails just sends a signal to senders that they’ve reached a live account. It also escalates the intimidation, Hambrick said.
In one case, a recipient responded that he wanted to be left alone and threatened to call authorities. The scammer, who was demanding an advance payment of $20,000, e-mailed back and reiterated the threat, this time with some personal details about the recipient—his work address, marital status, and daughter’s full name. Then an ultimatum:
“TELL ME NOW ARE YOU READY TO DO WHAT I SAID OR DO YOU WANT ME TO PROCEED WITH MY JOB? ANSWER YES/NO AND DON’T ASK ANY QUESTIONS!!!”
Bill Shore, a special agent who supervises the computer crime squad in the FBI’s Pittsburgh field office, said recipients should not be overly spooked when scammers incorporate their intended victims’ personal details in their schemes.
“Personal information is widely available,” he said. “Even if a person does not use the Internet or own a computer, they could still be the victim of a computer crime such as identity theft.”
The extortion scam is a less subtle variation of some other e-mail scams designed to trick recipients into turning over money or personal information. Nigerian Letter schemes, in which recipients are offered the "opportunity" to share in a percentage of millions of dollars if they would first front some of their own money, are among the most prolific, along with phishing scams where recipients are asked in unsolicited e-mails to “update” their personal information.
The new extortion e-mails vary in style and content and generally contain misspellings and some broken English. But the underlying message appears to be the same: pay the sender or risk the alternative. A scam e-mail in December said as much:
“I have followed you closely for one week and three days now … Do not contact the police or F.B.I. or try to send a copy of this to them, because if you do I will know, and might be pushed to do what I have being (sic) paid to do.”
IC3 recently noted a new twist in the scam. Now e-mails are surfacing that claim to be from the FBI in London and inform recipients that an arrest was made in the case. The e-mail says the recipient’s information was found on the suspect and that they should reply to help further the investigation. This, too, is a scam.
The scams, agent Shore said, “are an opportunity to raise awareness about Internet fraud.” The best defense is to protect your personal information as best you can and to delete—unopened—unsolicited SPAM e-mail.
For more information on scams, visit our Common Fraud Schemes page. IC3 also has information on Internet crime schemes and prevention tips.
To report Internet crime, contact IC3 or your local FBI field office.
From our friends at the FBI, I'm glad they keep us in the Loop.
Fire
Federal Bureau of Investigation
The scam e-mail, which first appeared in December, threatens to kill recipients if they do not pay the sender. It's a scam. FBI officials recommend you don't reply.
A new scam cropping up in e-mail boxes across the country is preying not on recipients’ greed or good intentions, but on their fears. The scam e-mail, which first appeared in December, threatens to kill recipients if they do not pay thousands of dollars to the sender, who purports to be a hired assassin.
About 115 complaints have been filed with the FBI’s Internet Crime Complaint Center (IC3) since the scam emerged, according to special agent John Hambrick, who heads IC3. He said the extortion scam does not appear to target anyone specifically and that IC3 has not received any reports of money loss or threats carried out.
“This is a hoax, so do yourself a favor and don’t respond,” Hambrick said.
Replying to the e-mails just sends a signal to senders that they’ve reached a live account. It also escalates the intimidation, Hambrick said.
In one case, a recipient responded that he wanted to be left alone and threatened to call authorities. The scammer, who was demanding an advance payment of $20,000, e-mailed back and reiterated the threat, this time with some personal details about the recipient—his work address, marital status, and daughter’s full name. Then an ultimatum:
“TELL ME NOW ARE YOU READY TO DO WHAT I SAID OR DO YOU WANT ME TO PROCEED WITH MY JOB? ANSWER YES/NO AND DON’T ASK ANY QUESTIONS!!!”
Bill Shore, a special agent who supervises the computer crime squad in the FBI’s Pittsburgh field office, said recipients should not be overly spooked when scammers incorporate their intended victims’ personal details in their schemes.
“Personal information is widely available,” he said. “Even if a person does not use the Internet or own a computer, they could still be the victim of a computer crime such as identity theft.”
The extortion scam is a less subtle variation of some other e-mail scams designed to trick recipients into turning over money or personal information. Nigerian Letter schemes, in which recipients are offered the "opportunity" to share in a percentage of millions of dollars if they would first front some of their own money, are among the most prolific, along with phishing scams where recipients are asked in unsolicited e-mails to “update” their personal information.
The new extortion e-mails vary in style and content and generally contain misspellings and some broken English. But the underlying message appears to be the same: pay the sender or risk the alternative. A scam e-mail in December said as much:
“I have followed you closely for one week and three days now … Do not contact the police or F.B.I. or try to send a copy of this to them, because if you do I will know, and might be pushed to do what I have being (sic) paid to do.”
IC3 recently noted a new twist in the scam. Now e-mails are surfacing that claim to be from the FBI in London and inform recipients that an arrest was made in the case. The e-mail says the recipient’s information was found on the suspect and that they should reply to help further the investigation. This, too, is a scam.
The scams, agent Shore said, “are an opportunity to raise awareness about Internet fraud.” The best defense is to protect your personal information as best you can and to delete—unopened—unsolicited SPAM e-mail.
For more information on scams, visit our Common Fraud Schemes page. IC3 also has information on Internet crime schemes and prevention tips.
To report Internet crime, contact IC3 or your local FBI field office.
Subscribe to:
Posts (Atom)