Scammers Have a New Way to Phish for Bank Account Information, Banker Says

A new phishing scam is hitting banking customers—and this time, the scammers make it seem like their messages are coming from the real customer service line or fraud prevention hotline.

The scam was revealed by wrestling announcer Lenny Leonard, who says that when he’s not calling body slams and sleeper holds, he’s a “mid-level executive with a very large financial institution.” In a Twitter thread, he details the new scam and how not to fall for it.

Leonard warned on Thursday that he had been called by a scammer who had spoofed the legitimate phone number to his bank. The scammer then sent a fraud alert using this number, asking if he recognized a certain charge.

In Leonard’s case, he says that when he told the scammer that he’d have to call them back, the scammer told him to look at the back of his debit card to confirm that they were calling from the same number. After telling off the scammer, Leonard says he called his bank and, sure enough, no legitimate alert had been sent, nor had any unusual activity been seen on his account.

Leonard told his followers how to not fall for the scam.

“If you EVER have someone CALL YOU and say they are your bank, do NOT provide any information like that over the phone on an INBOUND CALL,” he wrote. “Tell them you need to call them back & make sure you are dialing the number on the back of your card NOT a # they give you”.

“I would just urge everyone to make sure they are sharing this with their less tech savvy friends and family because the text I got looked EXACTLY like a prior text I had gotten from the bank my account is with,” Leonard told Newsweek.

A representative from Chase also confirmed that the company was familiar with the scam.

“Unfortunately, scammers target consumers from many banks. We urge all consumers to never share their banking passwords or send money to someone who tells them that doing so will prevent fraud on their account. Bank employees won’t call, text or email consumers asking for this information, but scammers will,” Amy Bonitatibus, Chase’s chief communications officer, told Newsweek.

While spoofing a phone number is common with scammers, often it’s a fake number as well, though Western Bank warns their customers that fake calls can come from a number they recognize.

The bank also lists a variation on the scam Leonard warns of. In the version Western Bank describes, a scammer spoofs the legitimate customer service number of the bank, like before. But this time, anticipating a response like Leonard’s, the scammer will ask the victim to call them back using the same number that’s on the back of the debit card—which is the same as the one they’re spoofing.

In this variation, though, they’ll leave the phone connection active, fooling the victim with a fake dial tone. Once the victim dials, the scammer “answers,” in hopes that the victim will be fooled into thinking the scammer is indeed a legitimate employee.

One way to thwart this is to remember that a real bank employee will already have your information. Never offer up important information like a bank account number. Instead, ask the bank employee if you can confirm their information by asking them to read off what they have.

In addition, banks will never ask for a PIN, a full Social Security number or a customer’s online banking username and password. Banks already have access to customers’ accounts, and when it comes to Social Security numbers, a legit bank employee will only ask for the last four digits to confirm.

By

Source: Scammers Have a New Way to Phish for Bank Account Information, Banker Says

.

More contents:

Woman With Missing Dog Gets Scam Texts Threats To Expose Affair to Her Wife

Accused Leader of GoFundMe Scam With Homeless Vet Sentenced to 27 Months

How ‘The Tinder Swindler’ Made This Woman Realize She Was Being Scammed

Phishing for phishing awareness”. Behaviour & Information Technology. 32 (6): 584–593. doi:10.1080/0144929X.2011.632650. ISSN 0144-929X. S2CID 5472217.

Phishing attacks and countermeasures”. In Stamp, Mark; Stavroulakis, Peter (eds.). Handbook of Information and Communication Security. Springer. ISBN 978-3-642-04117-4.

Internet Crime Report 2020″ (PDF). FBI Internet Crime Complaint Centre. U.S. Federal Bureau of Investigation. Retrieved 21 March 2021.

The Phishing Guide: Understanding and Preventing Phishing Attacks”. Technical Info. Archived from the original on 2011-01-31. Retrieved 2006-07-10.

The Big Phish: Cyberattacks Against U.S. Healthcare Systems”. Journal of General Internal Medicine. 31 (10): 1115–8. 2005). “A Leet Primer”. TechNewsWorld.

Security Usability Principles for Vulnerability Analysis and Risk Assessment”. Proceedings of the Annual Computer Security Applications Conference 2007 (ACSAC’07). Archived from the original on 2021-03-21. Retrieved 2020-11-11.

Susceptibility to Spear-Phishing Emails: Effects of Internet User Demographics and Email Content”. ACM Transactions on Computer-Human Interaction. 26 (5): 32.

Data Breach Investigations Report” (PDF). PhishingBox. Verizon Communications. Retrieved 21 March 2021.

Fifteen years of phishing: can technology save us?”. Computer Fraud & Security. 2019 (7): 11–16. doi:10.1016/S1361-3723(19)30074-0. S2CID 199578115. Retrieved 21 March 2021.

The Black Market for Netflix Accounts”. The Atlantic. Retrieved 21 March 2021.

Spear Phishing: Who’s Getting Caught?”. Firmex. Archived from the original on 2014-08-11. Retrieved July 27, 2014.

Hacking Gets Personal: Belgian Cryptographer Targeted”. Info Security magazine. 3 February 2018. Retrieved 10 September 2018.

RSA explains how attackers breached its systems”. The Register. Retrieved 10 September 2018.

Epsilon breach used four-month-old attack”. itnews.com.au. Retrieved 10 September 2018.

What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analyzes”. SSRN Electronic Journal. doi:10.2139/ssrn.3427436. ISSN 1556-5068. S2CID 239250225. Archived from the original on 2021-03-21. Retrieved 2020-11-02.

Threat Group-4127 Targets Google Accounts”. secureworks.com. Archived from the original on 2019-08-11. Retrieved 2017-10-12.

How the Russians hacked the DNC and passed its emails to WikiLeaks”

More Remote Working Apps:

https://quintexcapital.com/?ref=arminham     Quintex Capital

https://www.genesis-mining.com/a/2535466   Genesis Mining

 http://www.bevtraders.com/?ref=arminham   BevTraders

https://www.litefinance.com/?uid=929237543  LiteTrading

https://jvz8.com/c/202927/369164  prime stocks

  https://jvz3.com/c/202927/361015  content gorilla

  https://jvz8.com/c/202927/366443  stock rush  

 https://jvz1.com/c/202927/373449  forrk   

https://jvz3.com/c/202927/194909  keysearch  

 https://jvz4.com/c/202927/296191  gluten free   

https://jvz1.com/c/202927/286851  diet fitness diabetes  

https://jvz8.com/c/202927/213027  writing job  

 https://jvz6.com/c/202927/108695  postradamus

https://jvz1.com/c/202927/372094  stoodaio

 https://jvz4.com/c/202927/358049  profile mate  

 https://jvz6.com/c/202927/279944  senuke  

 https://jvz8.com/c/202927/54245   asin   

https://jvz8.com/c/202927/370227  appimize

 https://jvz8.com/c/202927/376524  super backdrop

 https://jvz6.com/c/202927/302715  audiencetoolkit

 https://jvz1.com/c/202927/375487  4brandcommercial

https://jvz2.com/c/202927/375358  talkingfaces

 https://jvz6.com/c/202927/375706  socifeed

 https://jvz2.com/c/202927/184902  gaming jobs

 https://jvz6.com/c/202927/88118   backlink indexer  https://jvz1.com/c/202927/376361  powrsuite  

https://jvz3.com/c/202927/370472  tubeserp  

https://jvz4.com/c/202927/343405  PR Rage  

https://jvz6.com/c/202927/371547  design beast  

https://jvz3.com/c/202927/376879  commission smasher

 https://jvz2.com/c/202927/376925  MT4Code System

https://jvz6.com/c/202927/375959  viral dash

https://jvz1.com/c/202927/376527  coursova

 https://jvz4.com/c/202927/144349  fanpage

https://jvz1.com/c/202927/376877  forex expert  

https://jvz6.com/c/202927/374258  appointomatic

https://jvz2.com/c/202927/377003  woocommerce

https://jvz6.com/c/202927/377005  domainname

 https://jvz8.com/c/202927/376842  maxslides

https://jvz8.com/c/202927/376381  ada leadz

https://jvz2.com/c/202927/333637  eyeslick

https://jvz1.com/c/202927/376986  creaitecontentcreator

https://jvz4.com/c/202927/376095  vidcentric

https://jvz1.com/c/202927/374965  studioninja

https://jvz6.com/c/202927/374934  marketingblocks https://jvz3.com/c/202927/372682  clipsreel  

https://jvz2.com/c/202927/372916  VideoEnginePro

https://jvz1.com/c/202927/144577  BarclaysForexExpert

https://jvz8.com/c/202927/370806  Clientfinda

https://jvz3.com/c/202927/375550  Talkingfaces

https://jvz1.com/c/202927/370769  IMSyndicator

https://jvz6.com/c/202927/283867  SqribbleEbook

https://jvz8.com/c/202927/376524  superbackdrop

https://jvz8.com/c/202927/376849  VirtualReel

https://jvz2.com/c/202927/369837  MarketPresso

https://jvz1.com/c/202927/342854  voiceBuddy

https://jvz6.com/c/202927/377211  tubeTargeter

https://jvz6.com/c/202927/377557  InstantWebsiteBundle

https://jvz6.com/c/202927/368736  soronity

https://jvz2.com/c/202927/337292  DFY Suite 3.0 Agency+ information

https://jvz8.com/c/202927/291061  VideoRobot Enterprise

https://jvz8.com/c/202927/327447  Klippyo Kreators

https://jvz8.com/c/202927/324615  ChatterPal Commercial

https://jvz8.com/c/202927/299907  WP GDPR Fix Elite Unltd Sites

https://jvz8.com/c/202927/328172  EngagerMate

https://jvz3.com/c/202927/342585  VidSnatcher Commercial

https://jvz3.com/c/202927/292919  myMailIt

https://jvz3.com/c/202927/320972  Storymate Luxury Edition

https://jvz2.com/c/202927/320466  iTraffic X – Platinum Edition

https://jvz2.com/c/202927/330783  Content Gorilla One-time

https://jvz2.com/c/202927/301402  Push Button Traffic 3.0 – Brand New

https://jvz2.com/c/202927/321987  SociCake Commercial https://jvz2.com/c/202927/289944  The Internet Marketing

 https://jvz2.com/c/202927/297271  Designa Suite License

https://jvz2.com/c/202927/310335  XFUNNELS FE Commercial 

https://jvz2.com/c/202927/291955  ShopABot

https://jvz2.com/c/202927/312692  Inboxr

https://jvz2.com/c/202927/343635  MediaCloudPro 2.0 – Agency

 https://jvz2.com/c/202927/353558  MyTrafficJacker 2.0 Pro+

https://jvz2.com/c/202927/365061  AIWA Commercial

https://jvz2.com/c/202927/357201  Toon Video Maker Premium

https://jvz2.com/c/202927/351754  Steven Alvey’s Signature Series

https://jvz2.com/c/202927/344541  Fade To Black

https://jvz2.com/c/202927/290487  Adsense Machine

https://jvz2.com/c/202927/315596  Diddly Pay’s DLCM DFY Club

https://jvz2.com/c/202927/355249  CourseReel Professional

https://jvz2.com/c/202927/309649  SociJam System

https://jvz2.com/c/202927/263380  360Apps Certification

 https://jvz2.com/c/202927/359468  LocalAgencyBox

https://jvz2.com/c/202927/377557  Instant Website Bundle

https://jvz2.com/c/202927/377194  GMB Magic Content

https://jvz2.com/c/202927/376962  PlayerNeos VR

Another Top NFT Company Has Been Hit By a Phishing Attack

The official Discord channel of the NFT marketplace OpenSea was recently infiltrated by cybercriminals who used it to distribute a phishing link.

According to The Verge, a bot in the channel made a fake announcement that the NFT marketplace was partnering with YouTube and that users should click on a “YouTube Genesis Mint Pass” in order to get one of 100 free NFTs before they’re gone forever.

Just like cybercriminals often do in phishing emails, this message instilled a sense of urgency to get users to click on a link to a site that that blockchain security company PeckShield has now flagged as a phishing site.

At the same time, as the NFT space tends to move rather quickly, users knew from past experience that they only had a limited time to claim one of the free NFTs and likely didn’t want to miss out.

Stolen NFTs

Although the malicious messages have been removed from OpenSea’s Discord channel and the phishing site has also been taken down, one user said they lost NFTs in the incident and pointed to an address on the blockchain that belonged to the cybercriminals responsible.

Viewing the address on Etherscan.io or on competing NFT marketplace Rarible shows that 13 NFTs were actually transferred to it from five users around the time of the attack and based on their prices when last sold, all five NFTs appear to be worth just over $18k.

While OpenSea hasn’t yet explained how its Discord channel was hacked, one possible explanation is that the cybercriminals leveraged the webhook functionality  that organizations utilize to control bots which make posts on their channels.

In a statement to The Verge, OpenSea spokesperson Allie Mack provided further details on how the company responded to the incident, saying:

“Last night, an attacker was able to post malicious links in several of our Discord channels. We noticed the malicious links soon after they were posted and took immediate steps to remedy the situation, including removing the malicious bots and accounts.

We also alerted our community via our Twitter support channel to not click any links in our Discord. Our preliminary analysis indicates that the attack had limited impact. We are currently aware of fewer than 10 impacted wallets and stolen items amounting to less than 10 ETH.”

Whether you’re on Discord or Telegram, you should avoid clicking on suspicious links especially in messages that try to instill a sense of urgency to prevent falling victim to phishing attacks.

Anthony Spadafora

After getting his start at ITProPortal while living in South Korea, Anthony now writes about cybersecurity, web hosting, cloud services, VPNs and software for TechRadar Pro. In addition to writing the news, he also edits and uploads reviews and features and tests numerous VPNs from his home in Houston, Texas. Recently, Anthony has taken a closer look at standing desks, office chairs and all sorts of other work from home essentials. When not working, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Source: Another top NFT company has been hit by a phishing attack | TechRadar

.

More contents:

5 things you didn’t know Google Maps could do

Bypass VPN blocks and make yourself undetectable online

Sony weighs in on PS Plus subscription stacking – and you’re not going to like it

Meta’s Project Cambria price leaks and, spoiler alert, you’re not going to like it

Xbox Game Pass adds a feast of indie games

Get an alert when your data ends up on the dark web with the best identity theft protection

That NFT job offer is probably malware

More Remote Working Apps:

https://quintexcapital.com/?ref=arminham     Quintex Capital

https://www.genesis-mining.com/a/2535466   Genesis Mining

 http://www.bevtraders.com/?ref=arminham   BevTraders

https://www.litefinance.com/?uid=929237543  LiteTrading

https://jvz8.com/c/202927/369164  prime stocks

  https://jvz3.com/c/202927/361015  content gorilla

  https://jvz8.com/c/202927/366443  stock rush  

 https://jvz1.com/c/202927/373449  forrk   

https://jvz3.com/c/202927/194909  keysearch  

 https://jvz4.com/c/202927/296191  gluten free   

https://jvz1.com/c/202927/286851  diet fitness diabetes  

https://jvz8.com/c/202927/213027  writing job  

 https://jvz6.com/c/202927/108695  postradamus

https://jvz1.com/c/202927/372094  stoodaio

 https://jvz4.com/c/202927/358049  profile mate  

 https://jvz6.com/c/202927/279944  senuke  

 https://jvz8.com/c/202927/54245   asin   

https://jvz8.com/c/202927/370227  appimize

 https://jvz8.com/c/202927/376524  super backdrop

 https://jvz6.com/c/202927/302715  audiencetoolkit

 https://jvz1.com/c/202927/375487  4brandcommercial

https://jvz2.com/c/202927/375358  talkingfaces

 https://jvz6.com/c/202927/375706  socifeed

 https://jvz2.com/c/202927/184902  gaming jobs

 https://jvz6.com/c/202927/88118   backlink indexer  https://jvz1.com/c/202927/376361  powrsuite  

https://jvz3.com/c/202927/370472  tubeserp  

https://jvz4.com/c/202927/343405  PR Rage  

https://jvz6.com/c/202927/371547  design beast  

https://jvz3.com/c/202927/376879  commission smasher

 https://jvz2.com/c/202927/376925  MT4Code System

https://jvz6.com/c/202927/375959  viral dash

https://jvz1.com/c/202927/376527  coursova

 https://jvz4.com/c/202927/144349  fanpage

https://jvz1.com/c/202927/376877  forex expert  

https://jvz6.com/c/202927/374258  appointomatic

https://jvz2.com/c/202927/377003  woocommerce

https://jvz6.com/c/202927/377005  domainname

 https://jvz8.com/c/202927/376842  maxslides

https://jvz8.com/c/202927/376381  ada leadz

https://jvz2.com/c/202927/333637  eyeslick

https://jvz1.com/c/202927/376986  creaitecontentcreator

https://jvz4.com/c/202927/376095  vidcentric

https://jvz1.com/c/202927/374965  studioninja

https://jvz6.com/c/202927/374934  marketingblocks https://jvz3.com/c/202927/372682  clipsreel  

https://jvz2.com/c/202927/372916  VideoEnginePro

https://jvz1.com/c/202927/144577  BarclaysForexExpert

https://jvz8.com/c/202927/370806  Clientfinda

https://jvz3.com/c/202927/375550  Talkingfaces

https://jvz1.com/c/202927/370769  IMSyndicator

https://jvz6.com/c/202927/283867  SqribbleEbook

https://jvz8.com/c/202927/376524  superbackdrop

https://jvz8.com/c/202927/376849  VirtualReel

https://jvz2.com/c/202927/369837  MarketPresso

https://jvz1.com/c/202927/342854  voiceBuddy

https://jvz6.com/c/202927/377211  tubeTargeter

https://jvz6.com/c/202927/377557  InstantWebsiteBundle

https://jvz6.com/c/202927/368736  soronity

https://jvz2.com/c/202927/337292  DFY Suite 3.0 Agency+ information

https://jvz8.com/c/202927/291061  VideoRobot Enterprise

https://jvz8.com/c/202927/327447  Klippyo Kreators

https://jvz8.com/c/202927/324615  ChatterPal Commercial

https://jvz8.com/c/202927/299907  WP GDPR Fix Elite Unltd Sites

https://jvz8.com/c/202927/328172  EngagerMate

https://jvz3.com/c/202927/342585  VidSnatcher Commercial

https://jvz3.com/c/202927/292919  myMailIt

https://jvz3.com/c/202927/320972  Storymate Luxury Edition

https://jvz2.com/c/202927/320466  iTraffic X – Platinum Edition

https://jvz2.com/c/202927/330783  Content Gorilla One-time

https://jvz2.com/c/202927/301402  Push Button Traffic 3.0 – Brand New

https://jvz2.com/c/202927/321987  SociCake Commercial https://jvz2.com/c/202927/289944  The Internet Marketing

 https://jvz2.com/c/202927/297271  Designa Suite License

https://jvz2.com/c/202927/310335  XFUNNELS FE Commercial 

https://jvz2.com/c/202927/291955  ShopABot

https://jvz2.com/c/202927/312692  Inboxr

https://jvz2.com/c/202927/343635  MediaCloudPro 2.0 – Agency

 https://jvz2.com/c/202927/353558  MyTrafficJacker 2.0 Pro+

https://jvz2.com/c/202927/365061  AIWA Commercial

https://jvz2.com/c/202927/357201  Toon Video Maker Premium

https://jvz2.com/c/202927/351754  Steven Alvey’s Signature Series

https://jvz2.com/c/202927/344541  Fade To Black

https://jvz2.com/c/202927/290487  Adsense Machine

https://jvz2.com/c/202927/315596  Diddly Pay’s DLCM DFY Club

https://jvz2.com/c/202927/355249  CourseReel Professional

https://jvz2.com/c/202927/309649  SociJam System

https://jvz2.com/c/202927/263380  360Apps Certification

 https://jvz2.com/c/202927/359468  LocalAgencyBox

https://jvz2.com/c/202927/377557  Instant Website Bundle

https://jvz2.com/c/202927/377194  GMB Magic Content

https://jvz2.com/c/202927/376962  PlayerNeos VR

Americans Lost $1 Billion To Romance Scammers Last Year, FBI Says

About 24,000 Americans lost a reported $1 billion to romance scammers during 2021, the FBI estimated Thursday, marking what the Federal Trade Commission said was the most lucrative year for romance scammers on record—with many scam artists luring their victims into sending cryptocurrency.

The FTC—which only counts scams reported to its Consumer Sentinel Network, a database for scams and crimes like identity theft—said Thursday losses from romance scams rose to $547 million in 2021, up from $307 million in 2020 and $202 million in 2019.

About 25% of losses from scams reported to the FTC last year were paid in cryptocurrency, with the median individual cryptocurrency loss at $9,770, and the agency said a growing number of scammers have tricked victims with fake cryptocurrency investment advice.

Though reports of romance scams increased for every age group, the increase was greatest for people ages 18 to 29, though people in that group reported a median loss of only $750, compared to $9,000 among people age 70 and up, the group for whom losses were greatest.

Though the number of cryptocurrency-related scams grew almost fivefold from 2020 to 2021, gift or reload cards were the most frequent method of payment, used in about 28% of last year’s scams, compared to cryptocurrency at 18%, payment apps or services at 14%, bank transfers or payments at 13% and wire transfers at 12%, according to the FTC.

Many people targeted by romance scammers are initially contacted on dating apps, but more than a third of last year’s victims told the FTC they were first contacted on Facebook or Instagram.

The precipitous increase in online romance scams has coincided with a pandemic-driven increase in social isolation and a reliance on technology to meet social needs. Tinder users sent 19% more messages per day in February 2021 compared to February 2020, and conversation length grew 32% over pre-pandemic levels, the company said.

Romance scammers create fake online profiles using photos swiped from the web, often creating identities with built-in excuses for not being available to meet in person, such as serving in the military overseas. Once a scammer has gained the trust of their victim, they may request money to help resolve a supposed crisis, such as paying for medical treatment for a sick child or resolving “processing fees” to release funds that would otherwise be in jeopardy.

To guard against these scams, the FBI said anyone looking to start a romantic relationship online should “go slowly and ask lots of questions,” consider researching the other person’s photos to see if they have been used elsewhere and avoid sending money, cryptocurrency or gift cards before meeting in-person.“We need to be wary about casting certain groups as the ‘natural’ victims of scams,” Sarah Rutherford, senior director of portfolio marketing, global, fraud and compliance at analytics firm FICO, told Forbes.

“The idea of the lonely, old woman struggling to use a computer to connect with the world can make others feel it would never happen to them and lower their defenses.”

In 2012, pioneering particle physicist Paul Frampton was arrested in Buenos Aires after checking a suitcase with 2 kilograms of cocaine concealed in the lining. Frampton, who was convicted of drug smuggling in Argentina and sentenced to four years and eight months in prison, said he was lured into becoming a drug mule by a romance scammer posing as a professional swimwear model.

Though the FBI on Thursday published an approximate figure of $1 billion in reported losses to romance scammers in 2021, a precise figure will not be available until the Internet Crime Complaint Center’s annual report is finalized. Additionally, many victims of romance scams likely did not report their losses, the FBI said.

Follow me on LinkedIn. Send me a secure tip.

I cover breaking news for Forbes. Previously, I was editor for The Cordova Times newspaper in Cordova, Alaska. In 2018, I obtained a Master of Journalism degree at the University of Melbourne. From 2015-2017, I headed Chess For The Gambia, a youth development project.

Source: Americans Lost $1 Billion To Romance Scammers Last Year, FBI Says

.

Critics:

Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace.

It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.

According to the FBI‘s 2017 Internet Crime Report, the Internet Crime Complaint Center (IC3) received about 300,000 complaints. Victims lost over $1.4 billion in online fraud in 2017. According to a study conducted by the Center for Strategic and International Studies (CSIS) and McAfee, cybercrime costs the global economy as much as $600 billion, which translates into 0.8% of total global GDP.

Online fraud appears in many forms. It ranges from email spam to online scams. Internet fraud can occur even if partly based on the use of Internet services and is mostly or completely based on the use of the Internet.

.

Related contents:

‘Easy money’: How International Scam Artists Pulled Off An Epic Theft of Covid Benefits

Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in pandemic aid, officials say. From a report: In June, the FBI got a warrant to hunt through the Google accounts of Abedemi Rufai, a Nigerian state government official.

What they found, they said in a sworn affidavit, was all the ingredients for a “massive” cyberfraud on U.S. government benefits: stolen bank, credit card and tax information of Americans. Money transfers. And emails showing dozens of false unemployment claims in seven states that paid out $350,000.

Rufai was arrested in May at John F. Kennedy International Airport in New York as he prepared to fly first class back to Nigeria, according to court records. He is being held without bail in Washington state, where he has pleaded not guilty to five counts of wire fraud.

Rufai’s case offers a small window into what law enforcement officials and private experts say is the biggest fraud ever perpetrated against the U.S., a significant part of it carried out by foreigners. Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in Covid benefits, spiriting the money overseas in a massive transfer of wealth from U.S. taxpayers, officials and experts say.

And they say it is still happening. Among the ripest targets for the cybertheft have been jobless programs. The federal government cannot say for sure how much of the more than $900 billion in pandemic-related unemployment relief has been stolen, but credible estimates range from $87 million to $400 billion — at least half of which went to foreign criminals, law enforcement officials say.

Those staggering sums dwarf, even on the low end, what the federal government spends every year on intelligence collection, food stamps or K-12 education.

“This is perhaps the single biggest organized fraud heist we’ve ever seen,” said security researcher Armen Najarian of the firm RSA, who tracked a Nigerian fraud ring as it allegedly siphoned millions of dollars out of more than a dozen states.

Jeremy Sheridan, who directs the office of investigations at the Secret Service, called it “the largest fraud scheme that I’ve ever encountered.”

“Due to the volume and pace at which these funds were made available and a lot of the requirements that were lifted in order to release them, criminals seized on that opportunity and were very, very successful — and continue to be successful,” he said.

While the enormous scope of Covid relief fraud has been clear for some time, scant attention has been paid to the role of organized foreign criminal groups, who move taxpayer money overseas via laundering schemes involving payment apps and “money mules,” law enforcement officials said.

“This is like letting people just walk right into Fort Knox and take the gold, and nobody even asked any questions,” said Blake Hall, the CEO of ID.me, which has contracts with 27 states to verify identities.

Officials and analysts say both domestic and foreign fraudsters took advantage of an already weak system of unemployment verification maintained by the states, which has been flagged for years by federal watchdogs. Adding to the vulnerability, states made it easier to apply for Covid benefits online during the pandemic, and officials felt pressure to expedite processing. The federal government also rolled out new benefits for contractors and gig workers that required no employer verification.

In that environment, crooks were easily able to impersonate jobless Americans using stolen identity information for sale in bulk in the dark corners of the internet. The data — birthdates, Social Security numbers, addresses and other private information — have accumulated online for years through huge data breaches, including hacks of Yahoo, LinkedIn, Facebook, Marriott and Experian.

At home, prison inmates and drug gangs got in on the action. But experts say the best-organized efforts came from abroad, with criminals from nearly every country swooping in to steal on an industrial scale.

“They were literally calling this easy money,” said Ronnie Tokazowski, a senior threat researcher at Agari, a security firm, who has been monitoring dark web communications by West African fraud gangs.

In some cases, overseas organized crime groups flooded state unemployment systems with bogus online claims, overwhelming antiquated computer software benefits in blunt-force attacks that siphoned out millions of dollars. On several occasions, states have had to suspend benefit payments while they tried to figure out what was real and what was not.

“It’s definitely an economic attack on the United States,” said FBI Deputy Assistant Director Jay Greenberg, who is investigating cases as part of the Justice Department’s Covid fraud task force. “Tens of billions of dollars will be missing. … It’s a significant amount of money that’s gone overseas.”

Under the Pandemic Unemployment Assistance program for gig workers and contractors, people could apply for retroactive relief, claiming months of joblessness with no employer verification possible. In some cases, that meant checks or debit cards worth $20,000, Hall said.

“Organized crime has never had an opportunity where any American’s identity could be converted into $20,000, and it became their Super Bowl,” he said. “And these states were not equipped to do identity verification, certainly not remote identity verification. And in the first few months and still today, organized crime has just made these states a target.”

Sheridan, whose purview at the Secret Service includes financial crimes, pointed out that the stolen sums far exceed the annual cost of ransomware, a problem estimated to cost the economy $20 billion a year, which has commanded outsize media attention.

The windfall for criminal groups will fuel other types of crime, including drug and human trafficking, he said.

“These groups that are profiting so greatly from these types of schemes, they engage in a host of other crimes,” he said. “Drug trade, crimes against children, more sophisticated cyber-related fraud. And this money is basically an investment to them to conduct more extensive criminal operations … some of which include crimes that will compromise national security.”

Missed opportunities

By the time states recognized the extent of the criminality, the spigot of cash had been gushing for months.

“Nobody really understood how big the problem was until it was playing out,” said Najarian, the RSA security researcher. “We all accepted that there was fraud taking place, organized fraud and local fraud. But what we didn’t realize … was that the organized fraud was very aggressive and very efficient and moving very, very large sums of money offshore.”

The investigative journalism site ProPublica calculated last month that from March to December 2020, the number of jobless claims added up to about two-thirds of the country’s labor force, when the actual unemployment rate was 23 percent. Although some people lose jobs more than once in a given year, that alone could not account for the vast disparity.

The thievery continues. Maryland, for example, in June detected more than half a million potentially fraudulent unemployment claims in May and June alone. Most of the attempts were blocked, but experts say that nationwide, many are still getting through.

The Biden administration has acknowledged the problem and blamed it on the Trump administration.

“There is perhaps no oversight issue inherited by my Administration that is as serious as the exploitation of relief programs by criminal syndicates using stolen identities to steal government benefits,” Biden said in a statement in May as the government announced a Justice Department Covid fraud task force.

The Biden administration has allocated $2 billion to shore up state unemployment systems. That appears to be badly needed, because states have failed to take basic steps to improve identity verification, according to the Labor Department’s inspector general.

In a memo in February, the inspector general reported that as of December, 22 of 54 state and territorial workforce agencies were still not following its repeated recommendation to join a national data exchange to check Social Security numbers. And in July, the inspector general reported that the national association of state workforce agencies had not been sharing fraud data as required by federal regulations.

Twenty states failed to perform all the required database identity checks, and 44 states did not perform all recommended ones, the inspector general found.

“The states have been chronically underfunded for years — they’re running 1980s technology,” Hall said.

Not a victimless crime

Along with the huge losses inflicted on the U.S. Treasury, the criminals also hurt tens of thousands of people, many of whom suffered delays in getting much-needed benefits.

When Yvonne Matlock lost her job last year as a fundraiser for an Indiana addiction treatment center, she applied for unemployment benefits online, like millions of other Americans.

But she was told she was already getting relief money.

“Somebody had gotten ahold of my Social Security number and set up an account in my name. It seems as though it was really easy for them to do,” she said.

She said it was an ordeal to verify her identity with the state and get her benefits.

“I sent them everything but a blood sample,” she said. “I sent my driver’s license, my Social Security card, my gun permit — which they issued, by the way — my W-2 forms.”

“I sent more than what they asked me for and was still denied,” Matlock added.

She finally got the benefits after three months. And then she was victimized again. Somebody else stole her identity and diverted $1,200. Police are investigating.

The detective “said I’ll do my best, [but] the chances of us finding this person are pretty slim,” she said.

So far, there has been relatively little recovery of the stolen cash — or accountability for the criminals who took it.

The FBI has opened about 2,000 investigations, Greenberg said, but it has recovered just $100 million. The Secret Service, which focuses on cyber and economic crimes, has clawed back $1.3 billion. But the vast majority of the pilfered funds are gone for good, experts say, including tens of billions of dollars sent out of the country through money-moving applications such as Cash.app.

‘Sick to my stomach’

The government does not seem to know how much has been stolen.

Through a public records request, NBC News obtained data from the Labor Department, which funds Covid relief unemployment benefits programs, that are riddled with blank values and underestimates. The data list just over a billion dollars in fraud across the three CARES Act unemployment programs — a figure experts say is off by orders of magnitude.

In fact, state officials have made statements that refute their own reporting into the Labor Department data system. California, for example, appears to have reported only $2 million in fraud across CARES Act programs, despite publicly having acknowledged over $11 billion in unemployment fraud after an audit in January. State officials said early this year that projected losses could reach $31 billion.

More than two-thirds of states, 34, reported no cases of identity theft overpayments in the most vulnerable unemployment benefits program. Experts say that simply is not accurate.

The inspector general pointed out in a recent report that the Labor Department reduced testing and reporting requirements on state unemployment systems during the pandemic.

One result is that the public is in the dark about the scope of the fraud.

“It makes me sick to my stomach, particularly when I see how much is coming out of my taxes each month for unemployment,” said John Wilson, Agari’s field chief technology officer.

The inspector general has projected that there will be $87 billion in misspent unemployment funds, a conservative estimate that assumes no spike in fraud rates. Both the inspector general and the FBI declined to offer an estimate of what the actual value of lost funds might be.

ID.me’s estimate of $400 billion comes from the data the company has seen across the states, Hall said.

ID.me implements extra verification steps beyond paper or digital records, requiring people, for example, to prove through FaceTime that their faces match the ones on the drivers’ license. As a result, fraudsters have used Barbie dolls, silicon masks and deep fake videos in an unsuccessful effort to beat the system, he said.

A Nigerian fraud group strikes

One of the few examples in which analysts have pointed the finger at a specific foreign group involves a Nigerian fraud ring dubbed Scattered Canary by security researchers. The group had been committing cyberfraud for years when the pandemic benefits presented a ripe target, Najarian said.

“The moment the pandemic hit, that was the next big thing that they jumped on, and they did a great job exploiting that opportunity,” he said.

Scattered Canary took advantage of a quirk in Google’s system. Gmail does not recognize dots in email addresses — John.Doe@gmail.com and JohnDoe@gmail.com are routed to the same account. But state unemployment systems treated them as distinct email addresses.

Exploiting that trait, the group was able to create dozens of fraudulent state unemployment accounts that funneled benefits to the same email address, according to research by Najarian and others at Agari.

In April and May of 2020, Scattered Canary filed at least 174 fraudulent claims for unemployment benefits with the state of Washington, Agari found — each claim eligible to receive up to $790 a week, for a total of $20,540 over 26 weeks. With the addition of the $600-per-week Covid supplement, the maximum potential loss was $4.7 million for those claims alone, Agari found.

Scattered Canary and other groups made use of so-called money mules — witting or unwitting third parties who moved the stolen funds through bank accounts so they could be transferred out of the country, Najarian said.

Cash App, which describes itself as “the easiest way to send money, spend money, save money, and buy cryptocurrency,” has been frequently used by fraudsters to move money, law enforcement officials and private consultants said.

“When you use the app, you can quickly and easily convert everything over to Bitcoin,” Tokazowski said. “Within like 10 minutes, you can get that cash converted and sent on its way.”

Cash App said in a statement that it has “enhanced our systems to monitor and act upon deposits that we deem to be risky, despite coming from largely trusted sources like state unemployment agencies. We also partner with law enforcement and government agencies to investigate potential fraud and work collaboratively to return those funds when possible.”

Rufai, the Nigerian official, is accused of having used 100 fraudulent claims to steal $350,000. He is being held without bail after having been transferred from New York to Washington state. He has been placed on leave from his government job, said his attorney, Lance Hester.

Federal officials have not linked the cases to Scattered Canary. But at a detention hearing, prosecutors portrayed Rufai as a significant player in cyberfraud going back to 2017.

“This is a defendant who is charged with participating in a massive fraud on the United States,” said Seth Wilkinson, an assistant U.S. attorney in Seattle, according to a public transcript. “It is someone who exploited our country’s efforts to take care of its own people during the biggest emergency of our lifetime.”

Hester said he could not comment because he had not had a chance to speak with his client in detail.

“I know he stands strongly behind his not guilty plea,” Hester said.

By:

Source: ‘Easy money’: How international scam artists pulled off an epic theft of Covid benefits

.

U.S., EU warn of influx of Eritrean troops in Ethiopia’s Tigray

Seniors Under 80 Getting £10k Life Ins For £4/Mo

U.S. Adds Bahamas and 5 More Destinations to Highest COVID-19 Travel Warning Level

Ex-Trump official seeks to disrupt kidney care market with new startup

Maersk Makes $1.4 Billion Green Bet on Methanol-Fueled Ships

How Much Should Solar Panels Cost In 2021?

T. Rowe Price: Latest Research Highlights How Employers Can Help Close Racial And Ethnic Retirement Savings Gaps With Financial Wellness

TransPerfect Continues Investment in Digital Marketing with Webcertain Acquisition

Wills Written in London From Just £19.99

Aramco Deploys Computer Vision with FogHorn Edge AI to Improve Business Operations

Lloyds Could Owe Customers £1,000’s!

Herbert A. Allen Retires from Board of Directors of The Coca-Cola Company

Despite Pandemic, Study Shows Spending On Software Was Up Among SMBs

Tarsier Pharma Raises Capital to Execute Phase-3 Clinical Trial

Knee Surgeons Losing It Over These Knee Sleeves

Crypto Exchange And XRP Refuge Bitsane Vanishes, Scamming As Many As 246,000 Users

Exchange for Ripple's XRP scam users.

Ireland-based cryptocurrency exchange Bitsane disappeared without a trace last week, likely taking hundreds of thousands of users’ assets with it.

Account holders told Forbes that attempts to withdraw bitcoin, XRP and other cryptocurrencies began failing in May, with Bitsane’s support team writing in emails that withdrawals were “temporarily disabled due to technical reasons.” By June 17, Bitsane’s website was offline and its Twitter and Facebook accounts were deleted. Emails to multiple Bitsane accounts are now returned as undeliverable.

Victims of the scam are comparing notes in a group chat with more than 100 members on the messaging app Telegram and in a similar Facebook group. Most users in the groups claim to have lost up to $5,000, but Forbes spoke with one person in the U.S. who says he had $150,000 worth of XRP and bitcoin stored in Bitsane.

Bitsane’s disappearance is the latest cautionary tale for a cryptocurrency industry trying to shed its reputation as an unsafe asset class. Several exchanges like GateHub and Binance have been breached by hackers this year, but an exchange completely ceasing to exist with no notice or explanation is far more unusual.

Bitsane had 246,000 registered users according to its website as of May 30, the last time its homepage was saved on the Internet Archive’s Wayback Machine. Its daily trading volume was $7 million on March 31, according to CoinMarketCap.

“I was trying to transfer XRP out to bitcoin or cash or anything, and it kept saying ‘temporarily disabled.’ I knew right away there was some kind of problem,” says the user who claims to have lost $150,000 and asked to remain anonymous. “I went back in to try to look at those tickets to see if they were still pending, and you could no longer access Bitsane.”

At the height of the cryptocurrency craze in late 2017 and early 2018, Bitsane attracted casual investors because it allowed them to buy and sell Ripple’s XRP, which at the time was not listed on Coinbase, the most popular U.S. cryptocurrency exchange. CNBC published a story on January 2, 2018 with the headline “How to buy XRP, one of the hottest bitcoin competitors.” It explained how to buy bitcoin or ethereum on Coinbase, transfer it to Bitsane and then exchange it for XRP.

Three of the five Bitsane users Forbes spoke to found out about the exchange through the CNBC article. Ripple also listed Bitsane as an available exchange for XRP on its website until recently. A Ripple spokesperson did not respond to a request for comment.

Bitsane went live in November 2016 according to a press release, registering in Dublin as Bitsane LP under CEO Aidas Rupsys, and its chief technology officer was Dmitry Prudnikov. Prudnikov’s LinkedIn account has been deleted, and neither he nor Rupsys could be reached for comment.

A separate company, Bitsane Limited, was incorporated in England in August 2017 by Maksim Zmitrovich. He wanted to own the intellectual property rights to part of Bitsane’s code and use it for a trading platform his company, Azbit, was building. Zmitrovich says Bitsane’s developers insisted that their exchange’s name be on the new legal entity he was forming. But Azbit never ended up using any of the code since the partnership did not materialize, and Bitsane Limited did not provide any services to Bitsane LP.

On May 16, Bitsane Limited filed for dissolution because Zmitrovich wasn’t doing anything with it and the company’s registration was up for renewal. Some of the Bitsane exchange’s victims have found the public filing and suspected Zmitrovich as part of the scam, but he insists accusations against him are unfounded.

He says he hasn’t spoken to Prudnikov—who was in charge of negotiations with Azbit—in at least five months, and Prudnikov has not returned his calls since account holders searching for answers began contacting him. Azbit wrote a blog post about the Bitsane scam on June 13, explaining Bitsane Limited’s lack of involvement.

“I’m sick and tired of these accusations,” Zmitrovich says. “This company didn’t even have a bank account.”

The location of the money and whereabouts of any of Bitsane LP’s employees remain a mystery to the scam victims, who are unsure about what action to take next. Multiple account holders in the U.S. say they have filed complaints with the FBI, but all of them are concerned that their cash is gone for good.

Follow me on Twitter or LinkedIn. Send me a secure tip.

I’m a reporter on Forbes’ wealth team covering billionaires and their fortunes. I was previously an assistant editor reporting on money and markets for Forbes, and I covered stocks as an intern at Bloomberg. I graduated from Duke University in 2019, where I majored in math and was the sports editor for our student newspaper, The Chronicle. Send news tips to htucker@forbes.com.

Source: Crypto Exchange And XRP Refuge Bitsane Vanishes, Scamming As Many As 246,000 Users

.

Critics:

Cryptocurrency and crime describes attempts to obtain digital currencies by illegal means, for instance through phishing, scamming, a supply chain attack or hacking, or the measures to prevent unauthorized cryptocurrency transactions, and storage technologies. In extreme cases even a computer which is not connected to any network can be hacked.

In 2018, around US$1.7 billion in cryptocurrency was lost due to scams theft and fraud. In the first quarter 2019, the amount of such losses was US$1.2 billion.

Exchanges

Notable cryptrocurrency exchange hacks, resulting in the theft of cryptocurrencies include:

  • Bitstamp In 2015 cryptocurrencies worth $5 million were stolen
  • Mt. Gox Between 2011 and 2014, $350 million worth of bitcoin were stolen
  • Bitfinex In 2016, $72 million were stolen through exploiting the exchange wallet, users were refunded.
  • NiceHash In 2017 more than $60 million worth of cryptocurrency was stolen.
  • Coincheck NEM tokens worth $400 million were stolen in 2018
  • Zaif $60 million in Bitcoin, Bitcoin Cash and Monacoin stolen in September 2018
  • Binance In 2019 cryptocurrencies worth $40 million were stolen.

Josh Garza, who founded the cryptocurrency startups GAW Miners and ZenMiner in 2014, acknowledged in a plea agreement that the companies were part of a pyramid scheme, and pleaded guilty to wire fraud in 2015. The U.S. Securities and Exchange Commission separately brought a civil enforcement action against Garza, who was eventually ordered to pay a judgment of $9.1 million plus $700,000 in interest. The SEC’s complaint stated that Garza, through his companies, had fraudulently sold “investment contracts representing shares in the profits they claimed would be generated” from mining.

Following its shut-down, in 2018 a class action lawsuit for $771,000 was filed against the cryptocurrency platform known as BitConnect, including the platform promoting YouTube channels. Prior fraud warnings in regards to BitConnect, and cease-and-desist orders by the Texas State Securities Board cited the promise of massive monthly returns.

OneCoin was a massive world-wide multi-level marketing Ponzi scheme promoted as (but not involving) a cryptocurrency, causing losses of $4 billion worldwide. Several people behind the scheme were arrested in 2018 and 2019.

See also

%d bloggers like this: