Page 2 of 2 FirstFirst 12
Results 21 to 34 of 34

Thread: Advice on Scams

  1. #21
    Quote Originally Posted by snowdenscold View Post
    You'll see it rebranded as Umbrella since being acquired by Cisco some years back, but the free/home versions still have a lot of reference to the old name.
    Thanks again. I changed the 2 DNS entries in my router to OpenDNS... I did not set up an account. Works fine... in fact, seems a bit faster than Cloudflare that I was using. And from what I can tell, Umbrella/Cisco is more for businesses and enterprises.

  2. #22
    I don't want to turn this into a thread full of perpetrated scams but this example exposes the mentality of someone that falls for them. Even with all the red flags and people telling her it was a scam, an educated, long time principle continued to believe it was real. Social engineering is as dangerous as clicking a malicious file/link. There's always going to be a part of a person that wants to believe. I've not sure how to control that impulse.

    Florida Principal Scammed Into Sending $100k Check to Elon Musk Impersonator

    A Florida principal resigned on Tuesday after sending a $100,000 check to an internet scammer posing as Elon Musk. Jan McGee was the principal at the Burns Science and Technology charter school in Oak Hill since the school opened in 2011 and reportedly communicated with the scammer for months before sending the check from the school’s account.

    McGee said she believed the $100,000 would act as a down payment and in return, the billionaire reportedly promised he would invest millions of dollars in the school, NBC affiliate WESH first reported.

    The school’s business administrator, Brent Appy, noticed the payment and was able to cancel the check before it could be cashed. McGee announced she was resigning after a school board meeting when her fellow administrators said they refused to work under her.
    Burns Sci-Tech is a highly ranked school with roughly 1,000 students who attend and has a lengthy years-long waiting list.

  3. #23
    Join Date
    Feb 2007
    Location
    Chesapeake, VA.
    One day in December a few years ago I got a text from the CEO of the health system where I work. The text was asking me to run an errand for him; he was reportedly stuck in a meeting so he couldn't do it himself. He wanted me to buy some gift cards to be given to high-level management as Christmas presents/bonuses. Initially he didn't say exactly how many or for how much money each, but responded to my text questions.

    When I first got the text, my first thought was "I wonder why he would choose me, of all the people who could potentially do this for him?" He has administrative assistants. I have to admit there was a brief moment of mild pride that he would choose me; I was thinking "he chose me because I'm so trustworthy."

    I didn't want to immediately dismiss this as a scam in case it really was my boss's boss! But at the same time I maintained a healthy skepticism as I asked him to further clarify his request. The total came out to around $2000. By then I was pretty sure it was bogus. I texted him that he should give me a call so we could further discuss the situation. After that it was radio silence, which confirmed my suspicion. The next day I sent him an email letting him know that some scammer was using his name. He was unaware of the scam.

    So, crisis avoided.


    HOWEVER, I literally just saw on the news LAST NIGHT that scammers are now able to clone voices and carry on phone conversations that are very difficult to discern from the real deal. Therefore, my idea of having him call me, which worked back then (3 or 4 years ago) might not work in the future. In other words, the scammers might be able to call me and talk with me in my boss's voice! That, to me, is scary.
    "We are not provided with wisdom, we must discover it for ourselves, after a journey through the wilderness which no one else can take for us, an effort which no one can spare us, for our wisdom is the point of view from which we come at last to regard the world." --M. Proust

  4. #24
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Rsvman, you're describing a variation of what's called "Business Email Compromise" (BEC) which usually involves impersonating a person in authority's email and using that to direct payments by various others in the company. It can also be done with texting, and now live phone as well with some voice technology. But email is still the most common.

    Sometimes the attackers will inject themselves into the middle of an existing conversation, replying to a thread. This is even more believable than a new notice out of the blue.

    But they all involve directing an employee to do something financial in nature - purchase something (gift cards are very common), wire funds, etc.

    A sense of urgency is quite common as well, and always something to be suspicious of.

    Cisco Talos has a nice blog write-up on this, with some notable sections:
    https://blog.talosintelligence.com/b...il-compromise/
    The emails themselves are usually constructed in a very simple manner, with subjects requesting help. Common examples include things like "Task," "Quick Favor" and "Hi," among many others. The subject and content are typically kept short and to the point, even including indicators the email was sent from a mobile device like a tablet or smartphone. This is done purposefully, as most individuals asking for this type of help aren't going to write several paragraphs explaining their intentions and can be used as an explanation of why they aren't using their corporate email.

    The biggest difference between these types of emails and something like 419 scams — the classic "Nigerian prince asking for money" scam — is that they are at least somewhat targeted. The type and amount of targeting varies depending on the scenario. The most common examples we see are directed at email addresses that are publicly available, typically from a company webpage or directory, and they appear to originate from someone else who also works at that company. The type of person can change from owners, to executives, to directors. Regardless, it's someone with a management or ownership stake in the company.

    ...

    This post contains basic and sophisticated examples of BEC and shows that they can be extremely effective. Most estimates have the revenue generated from BEC in the billions, and although a lot of attention gets paid to more destructive and aggressive threats like big game hunting, it's BEC that generates astronomical revenue without much of the law enforcement attention these other groups have to contend with. If anything, the likelihood of this has only increased in the pandemic, with people relying more and more on digital communication. The reality is these types of emails and requests happen legitimately all over the world everyday, which is what makes this such a challenge to stop.
    A text without a context is a pretext.

  5. #25
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Quote Originally Posted by gep View Post
    Thanks again. I changed the 2 DNS entries in my router to OpenDNS... I did not set up an account. Works fine... in fact, seems a bit faster than Cloudflare that I was using. And from what I can tell, Umbrella/Cisco is more for businesses and enterprises.
    Cool! If your ISP is bringing in IPv6, make sure you update the DNS servers for both IPv4 AND IPv6 or you can get some unexpected behavior.
    A text without a context is a pretext.

  6. #26
    Join Date
    Feb 2007
    Location
    New Jersey

    Gift Card Scams

    https://consumer.ftc.gov/articles/gift-card-scams

    This scam happened to my teenage son a few years ago after being contacted by "eBay Customer Support." Luckily, he was skeptical and conferenced me into the call and I quickly realized it was BS when they asked him to run to Walgreens to pick up a gift card in order for them to address the issue. We immediately hung up, but they were pretty convincing at first.
    Rich
    "Failure is Not a Destination"
    Coach K on the Dan Patrick Show, December 22, 2016

  7. #27
    Quote Originally Posted by rsvman View Post
    One day in December a few years ago I got a text from the CEO of the health system where I work. The text was asking me to run an errand for him; he was reportedly stuck in a meeting so he couldn't do it himself. He wanted me to buy some gift cards to be given to high-level management as Christmas presents/bonuses. Initially he didn't say exactly how many or for how much money each, but responded to my text questions.
    .
    I fell for this exact same scam a few years back. It looked authentic. Mine was by email and involved google play cards for kids.

  8. #28
    Join Date
    Feb 2008
    Location
    New Bern, NC unless it's a home football game then I'm grilling on Devil's Alley
    Now you can get scammed through your TV. With the rising popularity of Smart Home setups, before long you're gonna have to pay a scammer to unlock your front door and let you in.

    The scammer typically prevents the user from logging into their streaming service through a pop-up, which states there is a problem with either the streaming device or subscription.

    In order to rectify the supposed issue, the pop-up provides the user with a phone number to call or a website to visit.
    ...
    The scammers can also gain access to smart TVs when users click on the links provided in the pop-ups. Once in control, scammers can install malware on the device and collect sensitive personal information.

    The BBB said in one instance, scammers convinced a user to pay them in gift cards to add “anti-hacking protection” to their account.
    https://www.yahoo.com/entertainment/...101838382.html
    Q "Why do you like Duke, you didn't even go there." A "Because my art school didn't have a basketball team."

  9. #29
    Quote Originally Posted by rsvman View Post
    One day in December a few years ago I got a text from the CEO of the health system where I work. The text was asking me to run an errand for him; he was reportedly stuck in a meeting so he couldn't do it himself. He wanted me to buy some gift cards to be given to high-level management as Christmas presents/bonuses. Initially he didn't say exactly how many or for how much money each, but responded to my text questions.
    WTH is it with CEOs these days? Airways wanting gift cards. The last two places I worked, the CEOs have tried the fans trick. Ridiculous.

  10. #30
    I ran into a new twist on an old phone scam yesterday: AI voice modification.

    Because of work, I always pickup calls from three local area codes. It could be an employee, their family, a vender, a contractor, etc... It's just not an option for me not to pickup even knowing that it's more likely a spoofed number. Well yesterday I get a call from my home area code. I pickup and after a couple of seconds the voice of a young man says "Hello grandma. How you doing?" I recognize the scam and well I'm not a grandmother. I tell him that I hope he is calling from jail because that's where he deserves to be. A second later the caller starts to repeat the greeting but breaks midway into a guy with an Indian ascent. At first I though he was using prerecorded clips but no it was real time voice modification. The new voice was exceedingly good. It was only a short sample but it had none of the artifacts of a fake voice. People beware.

  11. #31
    Join Date
    Feb 2008
    Location
    New Bern, NC unless it's a home football game then I'm grilling on Devil's Alley
    Quote Originally Posted by Kdogg View Post
    I ran into a new twist on an old phone scam yesterday: AI voice modification.

    Because of work, I always pickup calls from three local area codes. It could be an employee, their family, a vender, a contractor, etc... It's just not an option for me not to pickup even knowing that it's more likely a spoofed number. Well yesterday I get a call from my home area code. I pickup and after a couple of seconds the voice of a young man says "Hello grandma. How you doing?" I recognize the scam and well I'm not a grandmother. I tell him that I hope he is calling from jail because that's where he deserves to be. A second later the caller starts to repeat the greeting but breaks midway into a guy with an Indian ascent. At first I though he was using prerecorded clips but no it was real time voice modification. The new voice was exceedingly good. It was only a short sample but it had none of the artifacts of a fake voice. People beware.
    Here's a terrifying twist. A mother received a call from her "daughter", who was on a ski trip, saying she'd been kidnapped.
    “The voice sounded just like Brie’s, the inflection, everything,” she told CNN recently. “Then, all of a sudden, I heard a man say, ‘Lay down, put your head back.’ I’m thinking she’s being gurnied off the mountain, which is common in skiing. So I started to panic.”
    DeStefano, who lives in Arizona, will never forget those four minutes of terror and confusion – and the eerie sound of that familiar voice.

    “A mother knows her child,” she said later. “You can hear your child cry across the building, and you know it’s yours.”
    https://www.cnn.com/2023/04/29/us/ai...cec/index.html
    Q "Why do you like Duke, you didn't even go there." A "Because my art school didn't have a basketball team."

  12. #32
    Quote Originally Posted by rsvman View Post
    One day in December a few years ago I got a text from the CEO of the health system where I work. The text was asking me to run an errand for him; he was reportedly stuck in a meeting so he couldn't do it himself. He wanted me to buy some gift cards to be given to high-level management as Christmas presents/bonuses. Initially he didn't say exactly how many or for how much money each, but responded to my text questions.
    Quote Originally Posted by Matches View Post
    I fell for this exact same scam a few years back. It looked authentic. Mine was by email and involved google play cards for kids.
    I ran into this a couple months ago. I was recently appointed to the board for a small subsidiary of an insurer(one of the qualifications is that you also had to be a customer). The sub had been acquired about 12 months earlier and I had been part of the due diligence process/team so had met the CEO a few times. Well, I added the board position to my LinkedIn profile. About a week later I got a text from the CEO presenting the exact scenario above. I immediately texted back hello and exchanged a few texts. I realized it was a scam when the texter asked me to buy gift cards.

    What surprised me was:

    1) connecting me to the CEO (now former CEO) from that small company. He left about 9 months before I left my job at the parent/purchaser.
    2) connecting my phone # to my LinkedIn profile

  13. #33
    Join Date
    Mar 2008
    Location
    raleigh
    be on the lookout for someone to call a few weeks after you get a JURY DUTY notice and tell you that there's a warrant out for you arrest for FAILING TO SHOW UP FOR JURY DUTY....it sounded just barely legit enough until they directed me to go to Office Depot and pay...
    "One POSSIBLE future. From your point of view... I don't know tech stuff.".... Kyle Reese

  14. #34
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Quote Originally Posted by moonpie23 View Post
    be on the lookout for someone to call a few weeks after you get a JURY DUTY notice and tell you that there's a warrant out for you arrest for FAILING TO SHOW UP FOR JURY DUTY...it sounded just barely legit enough until they directed me to go to Office Depot and pay...
    Yeah, a scammer might construct the most plausible scenario in the world, but the resolution/payment should always be a giveaway.

    "Oh, the [government entity] needs me to go get a Green Dot card? Yeah, that makes sense."
    A text without a context is a pretext.

Similar Threads

  1. Car Advice
    By Highlander in forum Off Topic
    Replies: 166
    Last Post: 04-05-2023, 07:59 AM
  2. Mac/PC Advice
    By JBDuke in forum Off Topic
    Replies: 30
    Last Post: 02-08-2013, 05:16 PM
  3. advice on a new car...
    By bjornolf in forum Off Topic
    Replies: 23
    Last Post: 05-27-2008, 11:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •