Subscribe
Printer Friendly
Share this PageScam
Medicare receives 4.4 million claims a day and approximately 1 out of 10 of those are fraudulent. All of the fraudulent claims add up to a large sum of wasted time and money and the government is trying to put a stop to it. The Department of Justice (DOJ) and the Health and Human Services (HHS) Office of the Inspector General have been working together to reduce fraudulent activity.
In 2008, the DOJ and HHS and the Centers for Medicare and Medicaid Services worked together through the criminal and civil systems to secure 588 criminal convictions, obtain 337 civil administrative actions against individuals and organizations who were committing Medicare Fraud, and recovered more than a billion dollars in health care fraud monies . . . To date in fiscal year 2009, the Department of Justice has already recovered nearly a billion dollars in health care fraud monies and recorded 300 convictions.
In addition to catching Medicare thieves the DOJ and HHS want to enable seniors to participate in the fight. They want to raise awareness about the kinds of fraud that are happening and give seniors the tools they need to deter, detect and defend!
Medicare Fraud Examples
Here are a few examples of how Medicare is scammed out of billions of dollars a year.
- Medicare is billed for services or equipment not received
- An unathorized person uses a Medicare card to receive treatment, supplies or equipment
- Medicare is billed for equipment after it has been returned
- A company offers an unapproved Medicare drug plan
- A company leads you to join a Medicare plan using false information
Deter
Medicare recipients need to keep themselves safe.
- Treat your Medicare number and Social Security number like gold. Avoid carrying them in your wallet or purse.
- Your Medicare number is not needed to get free equipment. If someone offers you free equipment and then asks for your Medicare number, run away or hang up the phone.
- Your number is for your use only. It is illegal for others to file claims with your Medicare number.
Detect
Learn to recognize common schemes. A few common fraud schemes are:
- Being approached in grocery stores, parking lots, on the street, etc. and being offered goods, services or help in exchange for your Medicare number. Just run away!
- Receiving a call from a phone solicitor doing a health survey and asking for your Medicare number. Just hang up! They don't need your number to conduct a survey.
- Receiving a call from a telemarketer claiming to be with Medicare or Social Security asking for you to pay for equipment over the phone or the internet. Again, hang up!
Defend
It's critical that Medicare recipients check their statement summary sheets and look for:
- Were you charged for the same thing more than once?
- Are there doctor visit dates look unfamiliar?
- Were you over charged for a service?
- Were you charged for equipment or services that you didn't receive?
If you see any of these problems make a phone call to your provider or Medicare to get it resolved. It could just be a clerical error or it could be a fraudulent act that needs to be reported.
Help is Available
To some the task above may seem very overwhelming. The DOJ and HHS understand that seniors want to protect themselves but may not have the knowledge to do so. For this reason Senior Medicare Patrols (SMP's) were created. SMP's are groups or seniors, formed in communities, that help other senior citizens learn how to combat Medicare Fraud. They bring awareness to seniors in the community, teach seniors how to read and understand their Medicare summary statements and offer support.
- Use the www.smpresource.org web site to find a group in your area.
Medical identity theft and Medicare fraud are a huge problem that the government cannot tackle on its own. While they do their part it's important for senior citizens to do their part to protect themselves from medical identity theft and be on the watch for Medicare fraud.
Fight Back! Brochure
More detailed information is available in the Fight Back! Medical Identity Theft and Medicare Fraud brochure put out by the HHS.
HHS Even Webcast on Preventing Medial Identity Theft and Medicare Fraud
Video Points of Interest
- Time 7:11 Assistant Attorney General of Civil Division of DOJ, Tony West, discusses the consequences of Medicare fraud and the work of the DOJ and HHS partnership.
- Time 14:38 Inspector General, Dan Levinson, discusses new fraud education materials.
- Time 23:08 SMP volunteer, Joanne, discusses her experiences with Medicare fraud and her roll as part of the SMP in her community.
More information is available at Stop Medicare Fraud's website.
Facebook won a huge judgment from the spammer who already owes MySpace $234 million from an earlier suit.
Sanford Wallace has been a known spammer since the 1990's and is one of the first to be crowned "Spam King". His most recent spamming scheme was sending phishing messages to Facebook users that contained links to phishing websites asking for login information. The information submitted was used by Wallace to spam the phishing victims' friends with the aim to pull in even more potential phishing victims. It's also believed that Wallace was paid to redirect Facebook users to money generating web sites.
"The record demonstrates that Wallace willfully violated the statutes in question with blatant disregard for the rights of Facebook and the thousands of Facebook users whose accounts were compromised by his conduct," Fogel said in his ruling.
Facebook sought $7 billion in damages, as allowed by the CAN-SPAM act and California business code. However, California federal judge Jeremy Fogel felt that was disproportionate to the actual damage caused by Wallace and awarded Facebook only $710,737,650 instead. Judge Fogel also turned Wallace over to the U.S. Attorney's Office to be prosecuted for criminal contempt and for willful violation of a temporary restraining order and injunction.
With Wallace possibly facing jail time and owing MySpace $234, it won't be easy for Facebook to collect its money. But at least the "Spam King" as been caught and may be taken off the grid for a time.
More information on Information Week. Photo courtesy of Canadian Broadcasting Centre.
Halloween is all about tricks, treats and pretending to be something your not. Scareware must think every day is Halloween.
Computer experts are reporting that scareware is on the rise. Scareware - a sneaky hacker technique used to steal personal information and spread viruses - is being found in more and more places online and even on trusted sites, like the New York Times.
"The recent scareware attacks are cropping up everywhere and can be found on even the most trusted Web sites online," said Alison Southwick, BBB spokesperson. "The threat of scareware undermines consumer trust in compromised Web sites, and on the Internet in general, but there are steps computer users can take to protect themselves."
How Scareware Tricks and Treats
Scareware usually presents itself as a pop up window on your computer that looks like it is from your computer. It gives some message that your computer has been infected with a virus that needs to be removed. Often the message tells you to go to the link provided to purchase and download anti-virus software. Once the software is purchased the download begins. Unfortunately, it is not anti-virus software that is being downloaded, but more viruses and malware.
If that weren't bad enough, now the hackers have your credit card information too.
This senario is playing out all over the internet. It was in mid-September that visitors to the New York Times web site started getting the infected pop up window. The New York Times traced the infected window back to an unauthorized ad. They later found out that the ad space was sold to hackers posing as Vonage.
But The New York Times is not the only site being affected and pop up windows are only half the story with scareware. According to Computer World Magazine, hackers are also "poisoning Google search results." Hackers monitor popular search topics and then create infected web pages with related content. They work to get those to the top of Google search results and when someone clicks a link in the search results - the infamous pop up window appears.
How to Protect Your Computer
Fortunately there are steps that you can take to protect your computer from scareware:
- Never let your guard down. It is a fact that scareware can show up on even the most trusted sites, Google, Twitter, The New York Times, etc.
- Protect your computer. Keep your operating system updated and install a good quality anti-virus program. We recommend the following packages: Norton 360
(includes backup and other features), Norton Internet Security 2010 (good all around option),
or avast! (free and good), and keep it up to date. Also make sure that all security patches and updates are installed for your webrowser and programs like Adobe Flash Player.
- Take immediate action during an attack. If a scareware window opens up, force close it using the task manager and then run your trusted anti-virus software.
If you clicked on the link and have downloaded the software all is not lost, but things aren't good. The Washington Post offers advice on their Security Fix blog of how to rid your computer of the viruses and malware. But if you aren't computer savvy, you may think about calling a professional to clean up the mess.
UPDATE: An article from Wired magazine's Threat Level blog sheds more light on how web sites are being targeted for malware distribution:
Web ads have become much more advanced over the years and many now include scripts that provide data tracking and other functions. Because of this, crooks are working to have their "ads" run on popular websites. Their ads also contain scripts, but the code displays scareware instead of tracking clicks or views.
In the article, Gawker Media - a major blog network of sites like Gizmodo, LifeHacker, Jalopnik and others - was targeted for ad placement, but fortunately Gawker has a team of geeks that digs into the code of any ad and confirms that it contains no malicious code. I'm guessing the NY Times now is enforcing a similar policy (yep, it is now).
Heaven help us when we visit sites that have no such team of geeks to protect us from malicious ads...
Consumers’ obsession with celebrity news and culture is harmless in theory, but one bad download can cause a lot of damage to a computer.
—Jeff Green, McAfee, Inc.
Jessica Biel Sites Are #1 for Malware
Internet security company, McAfee, Inc. has just released its yearly update of most dangerous celebrity web sites for online threats such as spyware, adware, spam, phishing, and viruses. In the survey, web searches for actress, Jessica Biel, had a one-in-five chance of ending up on a website that has tested postive for malware—putting Biel’s name at the top of the danger list and beating out last year’s most dangerous name, Brad Pitt. Biel became popular on TV’s “Seventh Heaven” and recently starred in “Easy Virtue”.
Pop star, Beyonce, placed second on the list. Web searches on “Beyonce ringtones” led to a dangerous website linking to a distributor of adware and spyware. Over 40 percent of the survey searches for “Jennifer Aniston screensavers” contained computer viruses. Other celebrities on this year’s list included Miley Cyrus, Ashley Tisdale, Lindsay Lohan, Megan Fox, Angelina Jolie and newlyweds, Tom Brady and Gisele Bundchen.
Every day, cybercriminals use celebrities’ names and images, like Kim Kardashian and Rihanna, to lure surfers searching for the latest stories, screen savers and ringtones to sites offering free downloads laden with malware.
What You Can Do
- Be aware of the connection between celebrity websites and malware. You may not visit those sites but your kids might.
- Be aware that malware-connected celebrity web sites change with the tide of popularity of the celebrities.
- Make sure you’re using anti-malware software on your computer and it is current.
More info from Reuters - http://www.reuters.com/article/internetNews/idUSTRE57O2P520090825
Ben Bernanke is a victim of identity theft. This is proof positive that it can happen to anyone.
Ben Bernanke - the Federal Reserve Board chairman - was one of hundreds of victims of an elaborate identity-fraud ring, headed by a convicted scam artist known as "Big Head," that stole more than $2.1 million from unsuspecting consumers and at least 10 financial institutions around the country.
How Did It Happen?
On August 7, 2008, Anna Bernanke - Ben Bernanke's wife - was at a Starbucks when her purse was stolen off the back of her chair.
What Was in Her Purse?
It's not good...
- Driver's License (no problem)
- Four credit cards (not so great - the fewer the better)
- Checkbook (no problem)
- Social Security card (OUCH!!!)
So the thieves had Mrs. Bernanke's SSN, Date of Birth (from the Driver's License), home address, and home phone (from the checks). This is the perfect combination of personal data.
It goes without saying that you should never carry your Social Security card in your purse or wallet. It should be tucked away in a very safe place at home or in a bank lock box. You should also limit the number of credit cards you carry. Just think of how many banks you'd like to call and/or fraudulent transactions you want to deal with and limit your cards accordingly.
Who Were the Thieves?
The thieves were part of a crime ring called "The Cannon to the Wiz." Here is the entry from the Urban Dictionary for "cannon":
Cannon - Old school term for a skilled pickpocket. "
These thieves were after personal information as well as checks and credit cards. They worked in government or medical offices or were simple pickpockets or mail thieves. They attended major sporting events in order to target victims with wallets and purses full of loot. One such victim was Donna Pendergast - an assistant Michigan Attorney General. Her experience went like this:
The robber was so adroit he managed to lift the wallet from her purse without her even knowing it. "They took it right out of my purse while it was on my shoulder," she said. "I didn't feel a thing."
Have They Been Caught?
Yes and no.
Federal agents busted the identity theft ring this summer, but George Lee Reid - the one who fraudulently used the Bernanke's checks to steal $9,000 - had the charges dropped against him, but the Feds are now searching for him again on related charges.
More information on this story from Newsweek.
Lately I've received several "smishing" text messages on my phone and I finally captured the audio of a full phone interaction with their voice response system.
Audio of Smishing Call
Here is the audio from a smishing phone call I recorded. Listen closely to see how they use fear to manipulate the victim into providing information.
What is Smishing?
Well, someone somewhere comes up with these cute names for things and "smishing" is no different. It's a play on the term "phishing", and the "Sm" part comes from SMS, which is the technical name for text messages on cell phones (Short Message Service). Did that make sense? If not, here's a description from the fount of all knowledge - Wikipedia:
Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.
Scam Tactics 101
As you listened to the call, you should have noticed a few tactics scammers use to get your information:
- Sound Official - The call starts with "You have reached Credit Union's National Association online banking center." That doesn't even make sense, but it sounds good. Scammers will imitate real brands or sometimes use something pretty generic like this, but they're always going to try to look and sound official.
- Create Fear and a Sense of Urgency - It doesn't take long before they start to scare you with "Compromised accounts may ruin your credit, place you in debt with us or other financial institutions." They add "Failure to run this process will result in account suspension or financial penalties." My favorite attempt to scare you is when they threaten you with prosecution if you give inaccurate information - unbelievable.
What Do They Ask For?
In this call, they are trying to capture a credit card number, expiration date, PIN, and card security code. With this information they will attempt to make purchases online with your card, pull money from your account with an ATM, or possibly create a fake card containing your information.
How to Protect Yourself
It should be obvious to most people that these messages are scams. Unfortunately, the scammers just have to get a small percentage of people to fall for these messages to make it worth their time. Just like spam email, if a few people respond it will continue to be financially viable.
What complicates things a bit is some banks are now using text messages as a communication method for alerts or other information. In these alerts they'll often ask you to phone in to confirm a transaction or to alert you to a problem with your account.
If you're concerned at all about the origin of an alert, always call your bank directly using the phone number from a bank statement or official web site. Never call using the number provided in a text message.
Read more about about smishing tactics in this recent Yahoo article.
It May Be "Salami Slicing." It May Be Petty Theft.
The latest identity theft scheme doesn't aim to empty your debit account or charge you to the credit limit—not yet anyway. According to The Boston Globe, at least 800 credit and debit cardholders have reported finding tiny fraudulent charges on their statements in recent weeks.
The charges range from 21 to 48 cents, and are billed under at two phony business names: "Adele Services" and "GFDL."
The mysterious charges have lead to a range of speculation over the nature of the scam. Some think that the small charges are meant to test the validity of a registry of stolen credit card numbers which may have been resold by the original thieves. If the theory is correct, those whose cards have already been charged can probably expect to be targeted for much larger amounts down the line.
A Slice of Salami
A less likely theory parallels the scam attempted by the main characters in the movie "Office Space," which featured three disgruntled computer programmers who attempt to slowly embezzle money from their company, pennies at a time. The scheme is sometimes referred to as "salami slicing", but usually targets businesses or customers rather than an unconnected group of individuals.
If this theory holds, those who fail to notice that their accounts have been compromised will continue to be targeted for small amounts of money indefinitely. Most likely, the thieves would have to create new false companies with each wave of thefts.
Plan of Action
Regardless of the intent of the perpetrators, the course of action for those who notice small, unexpected charges on their debit and credit card statements is the same:
- Report the charges to your bank or other financial institution.
- Report your card stolen so that you can be issued a new credit card and credit card number.
As always, it's important for everyone to pick carefully through their statements each month (if not more frequently,) looking for charges they don't recognize. Whether a questionable charge is 1 cent, $1, or $100, it should always be treated as a potentially serious problem.
The British newspaper Mail Online reports that a local postman was scammed out of his life savings by an an attractive female "friend" he met on the popular online community site MySpace.
Saving the Damsel in Distress
The postman, Shane Symington, seems like a nice fellow who was simply trying to help a fellow human being. He befriended an American woman named 'Angela Gates' on MySpace in 2007. After a few weeks of friendly banter, the woman began asking for money to pay for her mother's funeral and for medical expenses.
What could Shane do but rush in and save her from her predicament? She needed him!
In order to hit every soft spot Shane had, 'Angela' also told him she needed more money to pay for legal fees that would allow her to inherit a $2 million piece of property. Anyone who's studied Advanced Fee Fraud scams will recognize this kind of story.
Damsel Turns Out to Be a Dude
Unfortunately, it appears Shane hadn't studied much about scams. It turns out this attractive, bikini-clad and potentially rich American woman was really a Nigerian man. Surprised? I doubt it.
After emptying Shane's bank account the Nigerian man even contacted Shane and admitted his fraud, but the story doesn't end there.
From the Mail Online:
He was then contacted by another woman, again from America, claiming she had also been caught in the scam.
He said that he then helped pay her legal expenses and the cost of hiring two ex-FBI agents in an attempt to regain the lost money for both of them.
Mr. Symington said that he now believes that these people are also involved in the scam. He said that he had paid out more than £30,000 to them, bringing his total losses to more than £130,000.
Ouch!
The lesson to learn here is that when this scammers find a victim, they hit them with multiple scams from multiple people until they have milked their target completely dry.
What does Shane have to say about all of this:
I feel sick from it all, I feel disillusioned, they have just played on my good nature. I've lost my life-savings, I have two loans and credit card debts, I'm in huge debts because of all of this.
You just can't trust anyone on the internet. I want to warn people but I know I won't be the last to fall for something like this.
The police in Hampshire working the case said that there's little they can do to recover the money because of the current political situation in Nigeria.
What Can We Do?
These stories are hard to read. We can't believe someone can be so easily manipulated. So what can we do? I suggest you help your friends, relatives, and neighbors by educating them about these kinds of scams. Shane said it best - "I won't be the last to fall for something like this."
Don't let it happen to someone you know.
Read the whole story (w/ pics of the lovey 'Ms. Gates' on the Mail Online web site.
It's a new year and — what do you know — there's a new tactic in the endless quest for new and improved phishing schemes from scammers.
Here's How It Works
Researchers at Trusteer recently released a security advisory detailing this new phishing technique. Rather than using email to lure unsuspecting victims into clicking over to a fake web site, this technique uses what Trusteer is calling "in-session" attacks. Here's a typical scenario:
- A user opens a browser and logs into their banking web site
- Leaving that browser session open, they open another browser window to check on their Webkinz or some other web pursuit.
- After a time, a pop-up window opens — supposedly from their bank web site — asking for them to re-enter their username and password.
- Since the user has recently logged in to the targeted web site, they are more likely to enter their info.
That's it! Their login credentials are now in the hands of the scammers.
What Makes It Possible?
A few things have to be in place for this to work. First, the scammers need a compromised web server in order to install the malware. Fortunately, there are lots of those around. Second, the malware has to be able to determine which other sites the user has visited. This is possible based on a vulnerability in the JavaScript engine used by Internet Explorer, Firefox, Safari, and Chrome.
From Trusteer:
The source of the vulnerability is a specific JavaScript function. When this function is called it leaves a temporary footprint on the computer and any other website can identify this footprint. Websites that use this function in a certain way are traceable. Many websites, including financial institutions, online retailers, social networking websites, gaming, and gambling websites use this function and can be traced.
How Can You Protect Yourself?
Well, the planets have to align a bit to pull this scam off and it's likely the JavaScript vulnerability will be patched in the near (hopefully) future.
Until then, Trusteer recommends the following preventative measures:
- Have an up-to-date anti-virus installed
- Be suspicious of any pop-ups asking you to login
- Log out of banking or other sensitive sites before heading over to Pogo.com for your bingo fix.
and most of all...
Learn more about this attack by downloading Trusteer's security advisory.
WEBex INCORPORATION LOTTERY(AUSTRALIA).
678 NIN NAMARAL STRAATWEG 5009GL.MELBOURNE AUSTRALIA.
WINNER NO: 5
ELECTRONIC MAIL AWARD WINNING NOTIFICATION AWARD PRESENTATION CENTER
DATE:5/12/2008.
Ref:4758961725
Batch No:70564943902/188
Winning no:FGNGB2701/LPRC
CONGRATULATIONS
Hello Lucky Winner,
We are delighted to inform you of your prize release on the 5th of DECEMBER, 2008 from the WEBex INCORPORATION LOTTERY program.
Which is fully based on an electronic selection of winners using their e-mail addresses, your name was attached to ticket number 47061725 serial number 07056490902 batch number 7741137002.
This batch draws the lucky numbers as follows 5-13-33-37-42 bonus number 17, which consequently won the lottery in the second category. You here by have been approved a lump sum of $500,000.00(US DOLLARS) in cash credit fileref ILP/HW 47509/02 from the total cash prize of $2,000,000.00(US DOLLARS) shared among lucky winners in this category.
All participant were selected through a computer balloting system drawn from Nine hundred thousand E-mail addresses from Canada,Australia,United state,Asia,Europe,Middle East, Africa and Oceaniaas part of our international promotions program which is conducted annually.This Lottery was promoted and sponsored by conglomerate of some multinational companies as part of their social responsibility to the citizens in the communities where they have operational base.We hope with part of your prize, you will participate in our end of year high stakes for $1.3Billion(US DOLLARS) international draw.
HOW TO CLAIM YOUR PRIZE: Simply contact our fiducial agent,
Name:Dr Lati Umar
Email:dr.latiumar@webportal.com.my
Please quote your reference,batch and winning number which can be found on the top left corner of
this notification as well as your full name,address and telephone number as to help us locate your fileeasily.
For security reasons, we advice all winners to keep this information confidential from the public until your claim is processed and your prize released to you.This is part of our security protocol to avoid double claiming and unwarranted taking advantage of this program by non-participants or unofficial personnel.
Note: All winnings MUST be claimed on or before the One month. Other wise all funds will be returned as unclaimed and eventually donated to charity .
Congratulations, once more from the entire Management and Staff of Webex LOTTERY Co-operation to all our lucky winners this year.
Thank you for being a part of this promotional lottery program.
Yours Faithfully,
co-ordinator.
Special Offers
Connect With Us
We invite you to become a fan of Fight Identity Theft or just join in the discussion.
Subscribe to Breaking News
Subscribe to Fight Identity Theft and receive top stories and breaking news via email.
Recent Blog Entries
Blog Archives
- November, 2009 (1)
- October, 2009 (6)
- September, 2009 (2)
- August, 2009 (3)
- April, 2009 (2)
- February, 2009 (3)
- January, 2009 (8)
- December, 2008 (8)
- March, 2008 (1)
- January, 2008 (1)
- December, 2007 (3)
- November, 2007 (2)
- October, 2007 (3)
- May, 2006 (1)
- March, 2006 (4)
- February, 2006 (4)
- January, 2006 (10)
- December, 2005 (7)
- July, 2005 (3)
- June, 2005 (4)
- May, 2005 (5)
- March, 2005 (1)
- Credit (12)
- Fraud (36)
- Government (20)
- Identity Theft (36)
- Junk Mail (5)
- Phishing (10)
- Privacy (18)
- Scam (29)
- Technology (47)
- Telemarketing (2)
- Viruses (10)
- Visitor Stories (1)
- Worms (10)
