Steven J.J. Weisman, JD
Steven J.J. Weisman, JD, attorney in private practice and senior lecturer at Bentley University in Waltham, Massachusetts. He is author of Identity Theft Alert and founder of the scam-information website Scamicide.com.
Scammers are always latching on to slimy new strategies to steal your hard-earned money—even simple everyday events such as streaming your grandkids’ high school sporting events and newsworthy things like the upcoming Presidential election. But Bottom Line is on the case!
Here are the latest scams—and a few well-established ones that are on the rise again—from our ever-vigilant expert, Steven J.J. Weisman, Esq.
High school sports streaming scam. You receive a message via social media, e-mail or text that you can stream your teenage grandson’s high school sporting event online. The message contains a link to sign up. Warning: Those who click the link might have their identities or money stolen.
In one version, people who click the link are told that there’s a small fee to stream the event and are asked for a credit card number. In another, they’re asked to provide a Social Security number to confirm their identity and ensure that only approved family members are able to watch online. And in a third version, just clicking the link might download malware onto your computer.
How to protect yourself: Don’t trust the links and sign-up instructions in messages like these. Instead: Call the high school’s athletics department…ask if its games are streamed…and, if so, how you can access them. Many schools do stream sporting events these days—but the legitimate streams rarely require payment and certainly won’t ask for Social Security numbers.
Fake PAC scam. You receive a call from someone claiming to be raising money for a Political Action Committee (PAC). Reality: He is a scammer, just raising money for himself. Legitimate PAC fundraising calls are common during Presidential election years. Even people who have added their phone numbers to the National Do Not Call Registry receive them because PACs, like charities, are allowed to call these numbers. The scammer also knows how to make a victim’s caller-ID look like the call is from a PAC.
How to protect yourself: Never provide credit or debit card info to anyone who claims to represent a PAC. If you wish to donate, look up the PAC on the website of the Federal Election Commission (FEC.gov)—all real PACs must register with the FEC. You can find the PAC’s legitimate contact info on this government site. In the search bar, type the PAC you have in mind…click “About this Committee”…then click the “Current Version” of its “Statement of Organization,” which should include the PAC’s legitimate web address and contact e-mail. Best: Stick with large well-established PACs—some fake PACs have filed forms with the FEC to make them seem legit.
Helpful: It’s a good sign if the PAC asks your citizenship status and who you work for before accepting your donation. These are legitimate questions that PACs must ask to ensure they’re allowed to accept your money. Scammers don’t care whose money they take, so they typically don’t bother to ask about such things.
SIM-swap scam. A scammer contacts your cellular provider, claiming to be you, says that you have a new phone and asks the provider to transfer the information on the old phone’s SIM card to the SIM card on the new phone. A SIM card authenticates a cellular subscriber’s phone—if the scammer succeeds in having your SIM swapped to a phone that he/she controls, he will be able to defeat “two-factor authentication,” the key security safeguard that protects financial accounts accessed online. With two-factor authentication, the account holder receives a text or call to confirm that it’s him logging into his account…but if a scammer has had your SIM swapped, the scammer will receive this confirmation text or call. A scammer does not need physical access to your phone or SIM card to arrange a SIM swap—all he needs is the answer to a security question, such as “What’s your mother’s maiden name?” A determined scammer often can track down the answer to such questions.
How to protect yourself: Ask your cellular provider to add a PIN or password to your account. Also, ask if you can place a notice on your account that SIM-card swaps are allowed only in person at the providers’ brick-and-mortar locations.
Wrong-number text scam. You receive a text that seems intended for a friend or relative of the sender. Reality: A scammer has sent that. The scammer knows that some of the strangers who receive it will reply to warn him that he has sent his message to the wrong number. The scammer will thank anyone who responds, then start a pleasant text conversation that might continue for weeks as the scammer builds trust—he even might use digital chatbot tools that respond automatically so he doesn’t have to type out every message to every victim. Once he has built a rapport, he might share a file or link that loads malware onto your phone…or encourage you to put money into a scam investment…or claim to have an emergency and need a loan.
How to protect yourself: Never respond to “wrong number” text messages from unknown senders.
Trojan banking app scam. You download an app through an app store. But this app contains a hidden program that installs itself on your phone or tablet and waits for you to log in to your regular banking app. When you do, that hidden program launches a fake version of the banking app’s log-in screen. When you enter your username and password, you unintentionally provide this sensitive information to the scammer. The malicious program then forwards you to your real bank account so it’s not obvious that anything is amiss, giving the scammer time to loot the account. Variation of this scam: The scammer posts a fake version of a real bank’s banking app in app stores.
How to protect yourself: Download your bank’s app from its website, not an app store. Set up two-factor authorization with your banking apps to prevent a scammer from gaining access to a bank account. Also load a security app, such as Malwarebytes, onto your phone to detect nefarious apps.