Tag scams

by Billy J Long PSA Articles

Article (PSA-0031)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Amazon Centered Scams?

Amazon is one of the biggest companies in the world, with millions of customers around the world. The shear volume of Amazon customers presents a rich target base for would be scammers. At their Help & Customer Service webpage, Amazon put out a statement warning their millions of customers about new scams designed to steal their hard earned money. They warned their customers that: “Amazon will never ask you to provide payment information for products or services over the phone … [We will] never ask you to disclose your password or verify sensitive personal information over the phone”

The FTC (Federal Trade Commission) says that between July 2020 and June 2021 around 96,000 people were targeted by some type of Amazon related scam resulting in the loss of at least 27,000,000 dollars.

Here is an example of a well known scam:

A scammer pretends to inform you of a problem with your Amazon Prime account. Some include text messages, emails and even phone calls saying that your Amazon account or Prime membership was deleted or suspended. It also includes a fraudulent link to a fraudulent webpage or tries to get members to provide information verbally to “verify” their account. Customers who land on these pages or receive these phone calls are then lured into providing account information such as payment information or account login credentials. You have officially been scammed!

Legitimate Amazon pages contain “amazon.com” or “amazon.com/support”. You need to take a close look at and verify all links first before handing over any information, because what you see may not be the actual destination address. These scammers push a sense of urgency to short circuit any sound reasoning of the victim. Amazon mentions this technique in the following statement, “… scammers will try to create a sense of urgency in a bid to get victims to click a fake link or provide them with information. Be wary any time someone tries to convince you that you must act now.”

The FTC points out that these particular scams are particularly effective against older people, especially those over the age of 60 since they generally did not grow up in the “computer culture”. The FTC stated, “People aged 60 and older were particularly at risk of such scams, while younger people were not.” However, there are many reports indicating 82.9% of young adults have been tricked by suspicious links. As a local IT service provider, I can personally attest that scammers are successfully stealing money from all age groups.

In 2023 there were at-least 202 different “Amazon Prime” related scams reported and another 186 “Amazon” related scams reported.

Here are a couple of the most successful scams to be wary of:

1. “Off-Platform Payments”: As the name states, the customer is encouraged to pay for a product using a payment platform, other than Amazon. This works by an Amazon seller creating an Amazon listing for what appears to be a genuine product, which may even include some faked reviews to legitimize the product. When you try to buy the product the seller will contact you directly with a link to another payment platform in an effort to trick you into making payments using other apps, such as CashApp, Venmo, Zell or through wire transfer services. By using these alternative services to pay, you are forfeiting any “buyer protection” that you would have had by using the Amazon payment platform and you are most likely sending your personal information and credit card information directly to the scammer. If you get scammed this way, there is very little chance of getting your money back and you will have to go through the arduous task of cleaning up the compromised account(s). The best way to prevent getting scammed this way, is to never pay for Amazon products with anything other than the Amazon payment platform … it’s just not worth it!

2. “Phishing Phone Calls”: Variations of this scam are used in the example scam mentioned at the beginning of this article. In this scam a person calls you pretending to be a representative of Amazon and requests personal information from you so you can verify your identity. This is a numbers game. If the scammers call 1,000 people a day, there is a high probability they will reach someone who is waiting on a call back from Amazon support, seeing Amazon Prime has around 220 million members. Once they have your account information, they can sell your information to other scammers or simply use your account to purchase products from Amazon … with your money or Amazon rewards points! The best way to protect yourself from these types of scams, is to develop a personal policy of never giving out personal information over the phone, especially if they are calling you and then requesting personal information.

The internet and services offered through the internet can be very convenient, but they have also become a breading ground for thieves and liars. People sitting behind screens can do things that they may never have considered doing if they had to face the people they are harming. Because of this, we all need to exercise great constraint and common-sense when giving out our personal information and accounts information. If you are not comfortable with what someone is asking you for, end the conversation.

Scams and Scammers – Email

by Billy J Long PSA Articles

Article (PSA-0026)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Scams and Scammers – Part 3 (Email)

There are many types of scams and scammers you may encounter throughout your life. In the last article we talked a little bit about “Phone Scams” and what you can do when it happens to you. In this article we will address “Email Scams”.

Like the other scams, the purpose of an email scam is to trick you into giving the scammer your personal information or allowing them to install malicious software on your device. The personal information they want will be important things, such as login passwords, user names, account numbers or your social security number. The malware they install will be used to gather information from your device and/or hijack your device in what is called a ransomware attack. Ransomware attacks render your device unuseable until you pay the fee required by the attackers. Even then it is highly unlikely they will actually remove the ransomware after you pay. Knowledge and a healthy dose of common sense will prevent them from accomplishing their goal.

Scammers attempt to get information from you by crafting clever emails that may make emotional plees for help, or emails which look like password reset notifications, or emails that appear to be from institutions you may be familiar with, such as the Government, IRS or banks.

For businesses it can get even more complicated as the scammers can get a lot of information about your business from publically accessible resources which enables them to craft very specific emails which can add to the “believability” of these messages. So what can you do to protect yourself and your business?

First, you must develop a distrust of all email. According to research conducted by Symantec, nearly 85% of all emails are spam or malicious. Their research indicates that almost 9 out of 10 emails were not considered legitimate messages and most of these emails contained malicious links or attachments designed to infect your computer.

Next, make sure you have all the basics covered. Keep your devices updated with security updates, make sure you have working antivirus and firewall software and ensure spam prevention settings have been configured for your email address.

Finally, be prepared to examine any email requesting information. If you’re to busy at the moment, do nothing with the email until you have time to examine it. What are you looking for in the email? Ask yourself, does this email make sense, do I have this service, this account, or this software? If not mark it as spam (or junk). Take a look at the From email address, does it make sense? Let’s say this is an email claiming to be from Netflix, and you have a Netflix account. As you examine the From address you notice its admin@netflix.ru. What would you do with this email? You should mark it as spam and delete it immediately. Look at the address closely: notice the address after the @ symbol … netflix.ru, that’s not right. We would expect something like admin@netflix.com. How about this From address – admin@netflex.com, how’s that look to you? Look closely at the domain portion of the email (everything after the @ symbol). It says netflex.com which is not netflix.com. Again mark as spam and delete.

It can take some time and practice, but be patient and thorough and you will be better protected from email scams.

If you have questions about email give PSA Computer Services a call at (707) 506-6802 or check us out on the web at https://psa-2.com/