Tag Archives: phishing scam

An iTunes Scam and Gift Cards Heads Up

Phishing scams are junk e mails that tell you you’ve won something or you need to click on an e mail because your paypal, credit card, or bank account has been frozen. The crooks want you to click through and divulge some personal information and they can then get into your credit card, bank account, or commit identity theft.

A really nasty one started this morning, because I just received it. You need to pass this on: It’s an e mail from the Apple iTunes Store that shows up as a receipt for two purchased movies for $36.98. Just below the receipt it states: If you haven’t authorized this transaction, click below for a full refund. And millions of people will click before thinking.

Stop, count to 10 and look: The e mail comes from store.com and not from Apple. Apple does not send email receipts, and it looks unprofessional, and has spacing errors. That’s four clues right there. All you need to do is go to google and type in the website address it came from. When I typed in “store.com” it forwarded me to mysimon.com – a phony shopping site. Right there you know it’s not from Apple. It’s used by the same scammers to attempt to spoof simons.ca, the Quebec, Canada based department store.

When in doubt – do not click, or you’re in for a world of pain and identity theft if you answer any of the questions in clicking through on it.

Starbucks just released their financial statement, and in 2013 they sold $4 billion in gift cards in North America. I was just stunned when I read that. Want to guess what Starbucks will eventually make on unredeemed cards? The breakage (or non redeemed cards) is around 8% or more. So they’ll end up with around $320 million in profits for NOT selling coffee. If your card is down to a buck or two – just hand it to the person behind you in line – that way you’ll at least make sure they card gets used up.

If you have gift cards you don’t want, there are now a couple of credible sites that buy, sell, or exchange gift cards. One big one is cardpool.com. Large retailers such as Wal Mart or Target will have small discounts to buy and sell – boutique stores with much less volume have a much larger discount. That’s just a supply and demand issue. Right now, a $100 Lowe’s gift cards, as an example, can be bought for $93, or you can sell it to cardpool for $84.

Gift cards lock you into buying at one store – cash is good everywhere. If the chain is big AND financially stable, that’s not a problem. But the smaller the store, the more you’re taking a chance that they’ll still be in business when you or the recipient want to redeem the gift card! Be careful.

Three Money Insights for Wednesday

Another huge wave of phishing scams are showing up in your e-mails. These two are predominantly from E-bay and Amazon. The Amazon one works for the crooks because so many people have dealt with the company. The e-mail will state that your order has been cancelled and to click on the link. Tons of people do and are asked to enter their password. Once that’s entered, the crooks can go into the real Amazon within minutes and place orders for hundreds or thousands of dollars and have them shipped wherever they want. Amazon allows third-party shipping and retains your credit card information on your profile.

Don’t click on an e mail – almost never. Go to the real Amazon or E-bay on your browser. And you can also hover your mouse over the hyperlink the crooks want you to click where the bottom left side of your screen should show you the actual web site it is re-directing you to.

If you want to save some money in the kitchen, stick to a budget, and/or reduce waste, there are two new web sites that are kind of cool. Both are set up for you to enter the ingredients you have in the house and will ‘translate’ them into figuring out what you can make for dinner with what you have! The two sites are www.saymmm.com and www.supercook.com

What would you pay to have lunch with one of the richest and most successful investment people in the world, Warren Buffet? Lunch with Buffet was auction off last Friday at $3.5 million. It’s an annual auction in support of the Glide Foundation helping the homeless in San Francisco. I’m sure it’d be great investment insights but at a big price…

Phishing and Whaling

A few months ago we covered a little about phishing – with a “ph.” It’s the millions of e mails sent blindly hoping to get you to click on the link and supply personal information. They’re often from Paypal, E Bay or the Royal Bank claiming your account has been frozen for irregularities. I received three about the Royal Bank and I sure don’t deal with the mega banks. They’re always, always fraudulent so never ever click on them. Think about it, I’d bet your bank doesn’t even have your e-mail address and they never communicate with you by e-mail.

The newest, and way more sophisticated con is called whaling. Whales are big – that’s the implication here. These are e-mails specifically targeted to executives, business owners and big cheeses. These are researched and written very well.
They are generally claiming to be from the Better Business Bureau, a vendor request for invoice information, from a lawyer with a summons or a recruiting firm.

What the crooks want in this case is to have you click on the attachment. Once that’s done, the spyware installs a key logger program that detects all your key strokes on the computer.

They’re not looking to tap that note to your sister, but the spyware is sophisticated enough that the crooks can detect when you’ve logged onto a bank site, your brokerage account or the likes. It then picks up the log in and passwords you’ve entered and as soon as you’re logged out, the crooks go in and clean out the account.

This is a really, really nasty scam that’s hit hundreds of executives already because it’s well researched, written and targeted.

Just make sure you run your anti-spy software regularly and follow my number one rule for these things and any attachments you don’t recognize: Just don’t click!