Archive for the ‘Other News Articles’ Category

7 Common Travel Scams and How to Avoid Them

Wednesday, January 15th, 2020

When you’re in a new, unfamiliar place, it’s easy to fall for a scam

HARRY GUINNESS
other

When you’re in a new, unfamiliar place, it’s easy to fall for a scam you’d never even consider at home. Here are some of the most common travel scams—and how to avoid them.

Whether it’s your first visit to a city, or you’re in a different country that uses a different currency, the disruption of your regular routines and expectations make you an easy target when you travel. Let’s look at the most common scams unscrupulous locals use on tourists.

Taxi Scams

Taxi scams have a long (and lucrative) tradition. They’re one of the most common scams going, and you can fall for them as soon as you arrive. There are a few different categories.

The simplest is your taxi driver ridiculously overcharges you. He might quote you a flat fee that’s significantly more than the going rate, use a sketchy meter that goes up too fast, or take a roundabout route.

Another way taxis overcharge is by including extras, like toll bridge charges or airport pickup fees. And they’ll charge them twice: once automatically on the meter and again at the end of your ride.

Particularly in Asia, taxi drivers might tell you that your hotel, a tourist attraction, shop, or restaurant is closed, either permanently or for lunch/siesta/Wednesdays. But the good news is, he’s got a friend who rents rooms/knows an alternative, and he’ll happily take you there.

Of course, your hotel isn’t really closed—he’s just going to overcharge you, take you on a tour of the city during which you’ll be pressured into buying stuff, and then take a kickback from whichever businesses you visit.

How to Avoid Taxi Scams

Taxi scams are easy to avoid with two simple rules:

  • Only use licensed taxis hailed from an official taxi point or by someone you trust. Don’t hail taxis from the street or, even worse, get in an unlicensed taxi. When you do, you’re putting yourself at risk of being scammed. Instead, get a taxi from an official taxi rank or ask the concierge/your waiter to call one for you.
  • Know how much the trip you’re taking should cost. Ask your concierge or waiter roughly what the fee for your trip should be or check online. This way, if the driver tries to charge you more or the meter goes up suspiciously fast, you can demand to be let out. You can also use Google Maps to make sure you’re being taken the most direct route to your destination.
  • Avoid taxis entirely. Services like Uber, Lyft, and Grab are available in much of the world, and because you pay with a credit card, it’s more difficult to be scammed.

Fake Tickets and Sketchy Listings

That guy selling you cheap Hamilton tickets on Craigslist because he can’t go on short notice? He’s lying. That super-cheap apartment in a great location? Also a lie.

Fake tickets for events and attractions (or real tickets sold for double the price) are another common scam travelers fall victim too. If you’re planning to visit the Louvre and someone offers you discount tickets for €10 on the street, it’s tempting to buy them. However, when you get to the Louvre, you’ll discover the tickets are fake, and you’re out €10—plus the cost of the real tickets. Or, someone might offer you £10 discount tickets to the British Museum but, when you get there, you find out it’s free.

Airbnb has also conditioned people to the idea of renting accommodations other than hotel rooms. Two apartment listing scams I’ve personally encountered are:

  • Listings on Craigslist that don’t exist. The scammer asks for a deposit by wire transfer or Western Union, and then never responds. When you arrive at the building, everyone is perplexed. This happened to my stepmother in New York.
  • The property owner wants to “cut out” Airbnb. Once you book, the “owner” contacts you by direct message and says that she’s having a dispute with Airbnb and wants to “cut them out.” She asks you to pay a deposit through a different site and vanishes.

How to Avoid Fake Tickets and Sketchy Listings

Only buy tickets for events through official sources, like the website, at the ticket desk, or from your hotel’s concierge. Never buy “discount” tickets from people on the street.

Only book your accommodations through trusted sources with some protection, like the hotel’s website, Airbnb, or Hotels.com.

Currency Traps

Scammers want your money. If they can trick you into giving it to them directly, they will. And, when you’re not familiar with the currency you’re using, it’s even easier to be fooled.

Fake bank notes are a problem everywhere, so watch the change you receive, especially if you pay with a large bill. If you’re unfamiliar with the currency, you probably won’t notice you’ve been given fake cash until you try to spend it.

The inverse of this is when you pay with a large note and are then accused of using fake money. They might even switch it out for a fake note when you’re not looking. In this case, they’ll insist they legally have to confiscate the fake note—and you still owe them money.

Also, if you use a street-side currency exchange, they could just exchange your genuine dollars for fake ones.

You especially need to be careful when you use a card abroad. Tourists are easy targets for card skimmers because they tend to have money and, if the skimmer waits a few days before trying your card, you’ll most likely have left the country and won’t be able to take legal action. My brother (he’s Irish but lives in Alabama) was skimmed at a bar in JFK airport when he was flying home for Christmas.

How to Avoid Currency Traps

Familiarize yourself with the local currency when you arrive. Get a feel for what it looks like, what the different denominations are, and so on. You’ll never be as comfortable with it as a local, but at least know what the person on the front of each bill looks like.

Check your change carefully. Make sure it’s the correct amount, and the notes are real.

When you hand over money or your bank card, pay attention. This won’t necessarily stop a skilled scammer but, if they see you’re watching them closely, they’re much less likely to try something. There’ll be another mark along shortly.

When you’re withdrawing money or exchanging currency, only do it at a bank or other official currency exchange. A bank’s ATM is much less likely to be sketchy than one at a local bar.

Guilt Trips

Guilt trips aren’t technically a scam, but rather, an awkward situation. Someone will approach you on the street and try to give you something, like a friendship bracelet, rosary beads, or Buddhist charms—and they can be quite forceful. After you accept, they’ll insist on payment. If you refuse, they get loud, aggressive, or insistent hoping you’ll pay them off to prevent a scene. Whatever you pay will be far more than the tack was worth.

This has happened to me a few times. Once, a monk (or rather, a scammer dressed as a monk) put a charm around my neck and insisted I pay him for it. On another occasion, I was on a train and on every seat was a small packet of disposable tissues. I assumed it was an advertising campaign but, a few minutes into the journey, a woman demanded that anyone who’d taken the tissues pay her for them.

A similar scam is run in some shops. The staff offers you a cup of tea or a drink while you browse. If you try to leave without buying something, they accuse you of abusing their hospitality and try to guilt you into making a purchase.

How to Avoid Guilt Trips

Don’t accept anything free from anyone, especially on the street.

If someone seemingly gives you something for free but then insists you pay for it, politely give it back. If they start making a scene, ignore them. Most locals will be familiar with the scam and assume you’re in the right.

Damaged Rentals

When you rent a car, motorcycle, Jet Ski, or anything else abroad, imaginary damage is a scam you need to watch out for. Here’s what happens.

You rent the vehicle and head off on your merry way. When you return it, the person at the rental company points out some scratch, ding, dent, or imaginary damage, and insists you caused it. Of course, the cost of repair is exorbitant.

How to Avoid Damaged Rentals

To avoid this scam, film a video of any vehicle you’re renting from every side. If there are any scratches, dents, or dings, call them out in the video. If you can, have the rental agent with you while you do this. This way, when you return the vehicle, you can prove the damage was there when you rented it.

Also, when you’re renting a vehicle, never leave your passport or ID as collateral. They’re perfectly entitled to ask for that information and photocopy it, but if the option is to either pay a large deposit or leave your passport, pay the deposit. If they have your passport, they can hold your ability to leave the country hostage until you pay up.

Jacob Lund/Shutterstock

While pickpockets are straight-up thieves rather than scam artists, the two overlap when a scam is used to distract you so someone can pick your pocket. For example:

  • Someone plays three-card monte or the shell game while a pickpocket works the crowd.
  • A street performer or busker plays while a pickpocket (possibly independent) works the crowd.
  • Someone spills her drink on you. While she pats you down, apologizing profusely, she also picks your pocket.
  • A well-dressed tourist asks you for directions. While you help, he picks your pocket.
  • Someone asks you to sign a petition. As you do, your wallet is stolen.
  • You’re using an ATM, and a local offers to help. She vanishes, along with your cash.

How to Avoid Pickpockets

Pickpockets are tricky to avoid as they walk right up to you. Be extra careful when someone invades your personal space. The man asking you for directions might be genuine, or he might also be taking your wallet. Similarly, if someone spills something on you, step back, and don’t let them pat you down. Maybe they’re just clumsy, and you can clean it up yourself—or it was a distraction so that they can swipe your pocketbook.

Be careful how much cash you keep in your wallet and where you keep it. It’s better to use a money belt. Also, make sure you leave a backup bank card in your hotel room. This way, if your wallet is stolen, you still have access to cash.

Fake Goods

This might surprise you, but stalls in street markets are not official Nike retailers. Nor is that kindly gentleman selling genuine Ray-Bans (75% off) from a rug by the side of the road. Almost all (let’s be honest—it’s all) the name-brand goods for sale in street markets are knockoffs. If they’re real, they’re stolen.

Another market scam draws you in with things like handcrafted rugs, high-quality silks, local goods, and so on. You inspect them and find they’re actually well made. You purchase one, and it’s taken out back to be wrapped up for your flight home. After you get home, you find you’ve bought a cheap polyester rug or an otherwise fake product. The genuine article was switched when it was sent to be packed.

How to Avoid Fake Goods

Don’t buy name-brand products at a street market. No, that’s not a cheap Rolex for sale. No, those aren’t Nikes—the logo’s facing the wrong way. If a deal looks too good to be true, it probably is.

When you’re buying something genuine, handcrafted, or local, don’t let them package it in such a way that you can’t inspect it. Insist you can do it yourself; this way, they can’t switch out the product for a fake. If you can’t package it yourself, don’t buy it.

Dealing with scams is an unfortunate part of traveling. In Europe or Asia, you’ll almost certainly run into someone who’ll try to take advantage of you. With a bit of foreknowledge and common sense, however, you’ll be fine. Make it clear you know what they’re up to, and they’ll look for an easier mark.

© 2020 LifeSavvy Media

Phishing, Doxxing, Botnets, and Other Email Scams: What You Need to Know

Wednesday, January 15th, 2020

Email has proven susceptible to a wide range of attacks

other

SendGrid sends over 60 billion a day on behalf of over 80,000 paying customers around the planet. As the sender of so much of the world’s legitimate email we have to be aware of and protect our customers’ customers from a wide range of malicious messaging attacks.

Email is arguably the most widely used digital communication mechanism in use today—it is also the most abused channel because of its popularity and open nature.

When email was created in the 1970s, no one could’ve imagined the reach it has today. During the Internet’s infancy, email was a simple communication tool between academics and the inventors of ARPANET. Today, email is a driver of commerce, human interaction, and unfortunately high-profile compromises of data and systems.

Email has proven susceptible to a wide range of attacks and leveraged in more complicated fraud and other malicious campaigns. As a major driver of email traffic on the Internet, we must stay abreast of the different forms of messaging abuse and Internet fraud so that we can, from an information security standpoint, deploy appropriate counter-measures to keep bad actors off our network.

Senders of legitimate email should know and understand the kind of compromises that exist and how they can avoid behaving like spammers. This will help improve their brand’s engagement while decreasing their exploitable footprint through the application of appropriate authentication technologies.

Starting with a common lexicon and with an understanding of the perils and how to fend them off is the first step in creating a safer inbox for our customers and for email users all over the world.

419 Scam

You’ve probably received one of these—the email claims to be from a high ranking official overseas that has millions of dollars they wish to transfer to you but, they need your personal information and a small fee to facilitate the transfer. Sound too good to be true? Well it is.

The 419 scam or Advance Fee Fraud, derives its name from the section of the Nigerian penal code dealing with fraud, 419. The scam rose to prominence in Nigeria as a kind of cottage industry. Unfortunately, these kinds of scams are impossible to combat using email authentication as they are often sent person to person, from a webmail account, and using dictionary attacks to generate random lists of recipients or by obtaining the contact/address book of someone’s compromised email account.

The advance fee fraud has been around for over a decade. It isn’t a sophisticated attack, it preys on personal motivation and greed. In 2006, The New Yorker wrote an article about a psychotherapist who fell prey to one of these scams in what was then an early expose. More recently, advance fee scammers have been targeting professional conferences to obtain overseas visas by registering for events that issue invitations to participate, and help facilitate international travel.

Botnet

Botnets have become ubiquitous in today’s contemporary anti-abuse and digital messaging landscape. In their simplest form, botnets are individual PCs that have been infected with some form of malware and controlled by an individual. The individual who owns the PC may not realize that their machine is infected. The infection could be completely transparent to the user, or it could be debilitating as more of the computer’s resources are directed toward unseen background functions.

The operator of a botnet will often use the collective computing power of a botnet to launch things like a denial of service attack (DDoS) or turn each of the individual machines into a mini email server to send small amounts of spam. Since the volumes are small, they can fly under the radar, but thousands of machines together represent a sizable attack vector to an ISP/domain. Since each machine may have a different IP, the domain that the botnet operator uses, and the content of the messages, becomes the only method by which these pieces of spam can be identified and blocked—hence the importance of domain-based reputation.

Legitimate mailers need to be aware of botnets and their attack signatures—using multiple ESPs, or spreading email across too many IPs can manifest as a quasi-botnet attack, more probably like a snowshoe attack (discussed below). Marketers may employ multiple IPs to ensure throughput and the spreading of complaints, in addition to the separation of brand-based reputations and other logical segmentation criteria. But keeping the IPs contiguous (all the IPs in a single netblock and in sequence) can help to differentiate the traffic from that of a botnet and ensure an ongoing healthy reputation.

Botnets are hard to identify—to dismantle a botnet, authorities need to locate the command and control server used to direct the actions of the bots (PCs), which may or may not lead to the botnet operator. Generally there are layers of obfuscation and misdirection between the bots, the command and control server, and the operator to make the dismantling and mitigation efforts of anti-spammers and law enforcement infinitely more difficult.

Doxxing and Swatting

Doxxing

Doxxing isn’t necessarily a messaging abuse strategy or specific attack, it is however related to subscription bombing because it’s the act of outing someone’s personal information (addresses both physical and Internet) so that like-minded actors can abuse the individual. When you stop and consider the 2016 subscription bombing attacks, these were targeting specific, individual email addresses that were enrolled in hundreds of different lists. A person’s private email was effectively “outed” and subjected to abuse.

Swatting

Swatting is the act of making a hoax call to authorities to get them to show up at someone’s house. This was most famously done by a spammer who tried to retaliate against Brian Krebs, an infosec investigative journalist. The spammer sent pure heroine to Krebs’ house and then spoofed a call from a neighbor to local PD.

These two attacks are both forms of Internet abuse that have found their way into wider and more pervasive forms of malicious digital activity. Oftentimes they have some kind of messaging vector associated with them, but are not pure email attacks by any stretch.

Joe Job

According to Wikipedia, a Joe Job originated in 1997, when a user under the joes.com domain was cut off for abusive practices. In retaliation, the user spoofed joes.com and sent a massive spam run where the reply-to was joes.com. Typically a joe job spoofs someone’s domain and redirects the abuse back at the spoofed domain. The resulting flood of bounces, blocks, and other feedback signals can act like a denial of service attack or massive nuisance as the recipient servers do what they’re trained to do: prevent abuse from reaching their end uses and redirecting notifications of the block to the purported originator.

DMARC is a good way of mitigating these kinds of attacks because it instructs a connecting domain what to do with email that fails an SPF/DKIM check (which most likely will fail if it’s set up correctly). The owner of the DMARC record could simply tell the receiving domain, if SPF and DKIM fail, then please drop the mail, discard it, it’s fake, and sending me bounces is not necessary. Instead, the owner of the DMARC record could request forensic information to alert them of the attempted fraud and do his or her own analysis on the abuse.

Phishing, Spear Phishing, and Cousin Domains

Phishing

Phishing might be one of the most common and widely known forms of messaging abuse on the Internet today. In the most simple terms, phishing is the act of trying to fool someone into revealing their password or other sensitive information so that a hacker or spammer can take over their accounts, make purchases using their financial information, etc. The typical way an attack like this occurs is that a known brand or website is spoofed and messages that look like they came from a known entity are sent.

The messages are spoofing the brand’s domain and the content has been engineered in such a manner that its goal is to fool the recipient to believe they are legitimate. The typical language goes something like this: “Dear User, your account has been limited! Please log in to re-enable your account.” Numerous companies employ first and last name personalization to help differentiate their legitimate messages from fraudulent ones.

Your bank will never ask you to log in or provide your log-in information electronically.

Technologies such as two-factor authentication have also been helping curb the tide of attacks such as this by creating a close loop system to establish identity and authenticity.

Technologies such as SPF, DKIM and DMARC help a company protect their brand (and specifically messaging domains) from abuse and implication in phishing attacks by linking the domain to its specific sending IP through SPF. DKIM ensures that the content is intact through cryptographic keys while DMARC provides a set of instructions to the receiver on what to do if the message fails authentication (e.g. discard it because it is spam or phish).

Spear Phishing

What differentiates spear phishing from phishing is the targeted nature of the attack. Spear phishing is usually associated with the CEOs and other high ranking corporate officers at a company. Spear phishing is the unique and targeted application of social engineering to obtain passwords and other sensitive information that could lead to the compromise of large volumes of customer data and/or millions of dollars in company funds and revenue as revealed last fall in the spear phishing hack of Matel.

Cousin Domains

If a company successfully locks down its messaging domains and provides a reject flag in their DMARC records so that fraudulent messages attempting to spoof their brand are dropped by a receiver, they can still be the target of a cousin domain attack. Cousin domains or look-alike domains are exactly what they sound like: domains registered by spammers that look like a legitimate domain, e.g. g00g1e.com, amazoin.com, bannnanarepublic.com, cc-info-security-paypal.com.

These domains are hard to detect because they are not trying to send messages as the legitimate domain. Instead, attacks using cousin domains are leveraging the brand’s look and feel and hoping to dupe someone into disclosing a password or other information. When a cousin domain is detected, the registrar of the domain is often contacted informing them that such a domain exists and asking them to take it down so no more messages can be sent purporting to be from that domain.

Ransomware

In its simplest form, ransomware is a form of malware that is downloaded to a local computer from a virus-laden email or through a compromised web page that could be linked from an email. Once a ransomware package infects a computer it has one of two basic purposes:

  1. Encrypt and hold the contents of the computer hostage (rendering it useless and inaccessible) until such time as the owner of the computer pays the operator of the ransomware through some electronic means.
  2. Threaten to publish the contents publicly thereby “doxxing” the owner and their computer’s contents.

Ransomware attacks have increased in frequency—they are particularly damaging in a day and age where so much of our professional and personal lives are online or contained in an electronic format. Oftentimes link shorteners are employed to obfuscate the redirect or underlying link that leads to the download of ransomware onto a machine.

A cross industry/law enforcement effort called NoMoreRansom.org has been providing solutions for victims of ransomware, fingerprinting, and creating unlocking mechanisms. NoMoreRansom is the brainchild of Europol, the European Cyber Crimes Division of Interpol.

Slow Loris

The slow loris might be one of the cutest creatures on the planet, however, this article is not celebrating the animal kingdom, otherwise I’d wax poetic about loris’, sloths, and koala bears. The “Slow Loris” attack refers to a method of ramping up connection and throughput by sending small quantities of email, similarly to how a legitimate ESP builds reputation on a new IP (otherwise known as IP warmup) until such time that the spammer can cram a ton of email through the connection until it is shut off entirely. Once that happens, the spammer will switch to a new IP/domain combo, perhaps slightly tweak the content to try and circumvent content filters that are now looking for his email’s fingerprint, and repeat the attack.

ISPs publish their connection rates and throughput limits as a means of helping mitigate the flow of inbound email. Every ESP in the world knows what these connection rates and throughput limits are and complies with this technical standard. If an ESP is not respecting their connection limits, then their traffic begins to resemble that of a spammer and an ISP is more likely to route mail to the spam folder or block it outright.

Snowshoeing

Spamhaus has a very succinct definition of snowshoeing on their site. The idea of a snowshoe attack is spreading complaints and volumes across a broad range of IPs and domains. You may be thinking to yourself, “I’m a legitimate marketer and I use multiple IPs for sending my email. Am I a snowshoer?” No, you’re not. If you’re following all applicable best practices, then using multiple IPs is a standard way of achieving the necessary throughput you need to deliver email in a timely fashion. Oftentimes, ISPs have connection and throughput limits per IP and an ESP may also have their own limitations.

Adding IPs to scale outbound traffic has been a feature of ESPs for a long time. What differentiates how ESPs spread traffic vs. how a snowshoer spreads their traffic has to do with the use of domains. A spammer will want to obfuscate as much of the traffic as possible to make it more difficult for an ISP or receiver to block them. Legitimate mailers use consistent domains with published email authentication records to establish their brand’s reputation and to protect it from spoofing and abuse.

As you can see, it’s fairly easy to go from a good legitimate sender to a spammer if you don’t apply all the necessary forms of email authentication to your outbound email.

Subscription Bombing

Subscription bombing is a relatively new phenomenon, or one that came to prominence recently. Spammers have realized that they can render a person’s email account null and void by leveraging the subscription forms hosted by ESPs. The typical way they do this is to subscribe a single account hundreds of times across ESPs so that it begins to receive massive quantities of email. The end result is that the individual owner of the account finds him or herself drowning in email they never signed up for.

One of the more high profile targets of this spate of recent attacks that began in the summer of 2016 was Brian Krebs, a technology journalist who has devoted a massive amount of time and resources to hunting down spammers and other digital miscreants.

Essentially, subscription bombing was a kind of doxxing attack—it targeted specific accounts and used bots to sign up en masse through insecure, non-CAPTCHA protected subscription forms. Not only were individuals abused by this attack vector, but ESPs that didn’t employ a CAPTCHA became unwitting tools in this specific form of abuse. The recommendation since this transpired was to use a form of CAPTCHA in protecting a signup form from automated signups by bots and other ne’er do wells.

Additional countermeasures include using a confirmed opt-in strategy. In this case, even if the bot were able to subscribe someone, the volume of email would stop at 1, until the individual completed the opt-in process manually. Or give the user an easy method to opt out, without suddenly unloading a massive amount of email into their account.

Waterfalling

Waterfalling describes the practice of moving their traffic from one ESP to another in order to achieve maximum effect. A spammer will take a stolen list and then “wash” it by sending it through a smaller ESP that may not have the tools and technology to assess the risk of a particular client through proper vetting. The same list will then be sent through another ESP and then another ESP, improving its value and efficacy with each pass until it is either sold or completely burned out.

Typically, the IPs that the spammer uses at each ISP will become blacklisted and most likely unusable. Usually a spammer will focus their efforts on smaller, mid-tier ESPs, avoiding large ones due to the upfront costs to deploy. However, it is not uncommon for a legitimate, or what is sometimes referred to as a graymail sender (a sender that barely toes the line of legitimate email) to employ multiple ESPs to spread their traffic as widely as possible thereby appearing to snowshoe (in the case that they use similar domains).

It might sound like employing multiple ESPs is always a bad thing—it isn’t necessarily. Sometimes the fact that a large company uses multiple ESPs is a byproduct of acquisitions and large organizations that results in messaging sprawl. Different stakeholders within an organization may choose to use different messaging platforms to deliver email thereby creating a large messaging footprint. As long as each stream employs best common practices, the overall reputation of the sender should remain high and positive.

Appointing someone to have central and critical oversight across all the various messaging streams will create the kind of continuity that leads to improved reputation and increased inbox performance, not to mention the ability to more quickly react to delivery issues.

Conclusion

The universality of email has connected the world in unimaginable ways. Similarly, it has created unforeseen vulnerabilities across a broad spectrum of systems and businesses. According to studies by the Messaging, Malware, Mobile Anti-Abuse Working Group (M3AAWG), over 90% of all email traffic directed at an ISP or mailbox provider is spam. Legitimate email makes up a fraction of the total global volume of email. So the lopsided relationship between legitimate email and spam puts the onus on the world’s biggest brands and senders to ensure that their strategy and systems are differentiated from spammers every step of the way.

This guide is meant to provide context on how certain legitimate marketing tactics can appear to be similar to the approach taken by spammers when viewed from the perspective of an ISP or mailbox provider. This guide is in no way a handbook for fending off deceptive practices—today’s digital marketers are wearing both creative and technical hats. The marketplace is fractured and complicated so it behooves us all to know and understand the kinds of perils we face in our daily jobs.

Copyright 2020 SendGrid

Online Scams Targeting Teens and Young Adults

Wednesday, January 15th, 2020

Here are some common scams

other

While Teens and Young Adults may be digital natives, their inexperience makes them susceptible to online scammers. In fact, according to a new report from the Federal Trade Commission, 40% of people age 20 to 29 indicated they lost money in fraud schemes in 2017 compared to 18% of people age 70 and older. While the results of the survey contradict the stereotype of tech-savvy young people, experts say younger consumers are far more open to sharing personal information online.

Here are some common scams targeting Teens and Young Adults to be on the lookout for to avoid becoming a victim.

Knock-offs

Scammers create online ads and online stores supposedly selling cheap designer goods, electronic gadgets and other luxury items. However, these companies are not licensed to sell those goods or the products are imitations.

Fake Scholarship Offers

With the rising cost of college to pay for, scammers use fake scholarship and financial aid offers to steal personal information from students.

Make Money Fast

Who wouldn’t want to make money easy and fast on the internet? So, cyber criminals promise non-existent jobs and get rich quick schemes. Victims are lured into giving away personal information or financial data with the promise of a well-paid job that will bring in lots of money in a short period of time or receive an offer to invest in a great opportunity with a huge payout. Although these scams may not target Teens and Young Adults, they may fall victim to them.

Contests

Aspiring young artists and writers are lured to arts and literature contests. The creative young people submit their works for a fee only to find out they need to send more money to see their writing published or to win an even bigger prize.

Acting & Modeling Scams

“A Talent Scout” is looking for America’s Next…fill-in-the blank. All that is required is paying for head shots or acting lessons upfront. And after handing over hundreds or thousands of dollars, no auditions or bookings occur. The acting and modeling industries are rife with these scams.

Employment & Training Scams

Enterprising Teens and Young Adults can find it difficult to find seasonal work, so online scammers offer jobs where they can work from home online. The only hook is they need to buy a bunch of products or pay for training up-front. Then, these unethical companies don’t deliver jobs or training as promised.

Online Auctions

There are at least two versions. First, after bidding on and winning an online auction, you find out the item doesn’t exist or never arrives. Or, the unsuspecting Teen or Young Adult sells their items online. The buyer says the payment is on the way and urges them to ship the item right away, but the payment never arrives.

To Good To Be True

While Teens and Young Adults maybe tech-savvy, their inexperience and online habits makes them highly susceptible to online and social media scams. Here are some tips to avoid becoming a victim:

  • If it looks to good to be true, it likely is. Stay away.
  • Look for online stores and auction sites with good reviews and ratings from real people
  • Walk away from a contest, job or scholarship offers that require you to pay upfront
  • Never give out your personal information unless you are confident you can trust the person or company you are interacting with

  © EECU

How to Avoid these 6 Common Senior Scams

Wednesday, January 15th, 2020

Senior Fraud Alerts

Celeste Tholen
other

Imagine going to the grocery store and having your card declined. You call the bank only to find out that there have been thousands of dollars in transactions made to your account and now you have no money. Now imagine this has happened to your parent or grandparent.

Financial scams are crimes that often go unreported because they can be difficult to prosecute. However, that doesn’t make them any less devastating. Falling victim to a financial scam can leave you, a parent, or grandparent in a vulnerable place. What’s arguably even scarier is that it’s not always a stranger

 

who commits these crimes. According to a MetLife study, 34 percent of elder financial abuse is perpetrated by family, friends, and neighbors. In this article we’ll talk about common senior scams and how you can help your loved one avoid

them.

 

Why are seniors the target of scams?

Growing up, we may have gotten annoyed by our parents. Perhaps they were embarrassing to us or something. Now that we’re grownups, we want nothing more than to be with our parents and for them to be safe. Why are our parents and grandparents the target of scams? According to the FBI, seniors are the perfect victims for con artists because of the following:

  • They are likely to have a “nest egg,” own their home, and have good credit-making them attractive to
  • People born from 1930 to 1959 were generally raised to be polite and trusting so it’s difficult for them to say no or hang up the
  • Seniors are less likely to report a fraud because they don’t know how to report it, are ashamed, or they don’t know they’ve been
  • Schemers count on elderly victims having poor Since it may take weeks or even months until the victim realizes they’ve been scammed, it may be even more difficult for the victim to remember the event’s details.
  • Seniors are interested in better health, which means con artists sell products that claim to promote

 

Common scams that target seniors

We all want to keep our parents and grandparents out of harm’s way, physically, mentally, and emotionally. Unfortunately, scams are the trifecta for this: they affect our physical bank accounts, they tax our mental ability to distinguish between trust and doubt, and they take an emotional toll on us. Below is a list of six common scams that are targeted toward seniors. We’ll explain each scam and how to help the seniors in your life avoid falling victim to them.

1.   The grandchild scam

This scam is possibly the most evil because it tugs on the grandparent’s heart. Con artists will call an older person and when they pick up, they say, “Hi Grandpa, do you know who this is?” The grandpa then guesses the name of the grandchild and the scammer has suddenly developed a fake ID without having to do any work. Once they have an ID established, the “grandchild” asks for money to help with a financial problem (rent, bills, car problems, etc.) paid via MoneyGram or Western Union, which don’t always require ID to collect. The con artist will also say something like, “Please don’t tell Mom and Dad, they’d be so mad at me,” keeping the grandparent quiet about it.

 

Child or grandchild needs money ASAP

This is one of the most common phone scams. Con artists will call a grandparent and mention their child or grandchild by name saying they have been in an accident or are stranded somewhere and need money wired to them immediately. The victim wires the money to the person and there are no traces.

In fact, my brother-in-law’s grandmother was a victim of this. Fortunately, she called her daughter to see if everything was okay with her grandson and realized it was a scam before transferring the money.

How to help your loved one avoid this scam

  • Contact the child or grandchild directly and see if it was truly them who
  • Resist the pressure to act quickly and send the money
  • Never wire money based on contact over the phone or email, especially Wiring money to someone is like giving cash—once you send it, you cannot get it back.

 

2.   Funeral scams

There’s never a good time to fall victim of a scam but if there is a worst time, it’s during a grieving period when the senior is emotional and vulnerable after losing their loved one. There are a couple scenarios where you can be a victim of a scam during a funeral.

The first situation to be cautious about is scammers attending funerals for complete strangers and then taking advantage of the grieving widow or widower. The perpetrator makes claims that the deceased had debt with them and will try to extort money from the relatives to settle these fake debts.

The other situation is in regard to funeral homes. Funeral directors may add unnecessary charges to the bill and family members may not realize it because they are unfamiliar with the cost of funeral services. One example is when funeral directors insist that a casket must be purchased even for direct cremation. In these cases, a cardboard casket can be used instead of an expensive burial casket.

How to help your loved one avoid this scam

  • Tell them not to purchase the first thing they see; do some research and shop Have them take you or someone else who can offer some perspective. Funeral homes are required to provide a detailed list of prices over the phone or in writing.
  • Learn about caskets before one needs to be purchased—remember that caskets are not required for direct cremations.
  • Know the difference between funeral homes’ basic fees for professional services and additional service
  • Remember that embalming is not legally required for direct cremations in all
  • Read all contracts and purchasing agreements carefully before they sign—make sure all of the requirements are in
  • Understand all cancellation and refund terms including portability options for transferring the contract to another funeral
  • Before prepaying, be well After a plan has been chosen, ask them to share the details with you so you can carry them out accordingly and are getting everything they paid for.
  • Don’t be pressured into making any purchases or signing any They must be their own advocate.

 

3.   Health insurance scams

U.S. citizens over the age of 65 qualify for Medicare, so scam artists don’t have to research what health insurance company senior citizens are using. These criminals often pose as a Medicare rep to get senior citizens to give them personal information. Then the perpetrators use the victim’s information to bill Medicare and pocket the money.

How to help your loved one avoid this scam

  • Never sign blank insurance claim
  • Do not give blanket authorization to health care providers to bill for services
  • Tell them to ask their physician what they will need to pay so they know what to
  • Review their insurance benefits so they have a full understanding of Call their provider if they (or you) have questions.
  • Do not do business with telephone or door-to-door
  • Tell them to give their insurance information only to those who have rendered medical
  • Keep records of all medical
  • Know whether their physician ordered equipment for them, consider writing it down somewhere

4.   IRS scams

Perpetrators call elderly taxpayers saying they owe money and they demand it immediately. They threaten them with arrest, deportation, or losing their driver’s license. If your parent or grandparent has caller ID, it may show up as the IRS. Anytime someone calls saying they are with the IRS and you owe them money, it is a scam. The IRS doesn’t call people; the IRS sends letters in the mail.

How to help your loved one avoid this scam

  • The IRS never calls, emails, texts, or contacts people through social media, so it is important that you and your loved one do not give out any information to someone stating they’re with the IRS in these forms of communication.
  • The IRS will not call about taxes owed without mailing a bill
  • The IRS will not require payment for your taxes a certain way (e.g., with a prepaid debit card).

5.   Telemarketing and phone scams

This is a scheme you’re probably well aware of because it’s one of the most common. Elderly people make twice as many purchases over the phone than the rest of the population, making them great prey for fake calls. Senior citizens are commonly more comfortable with shopping over the phone than they are with shopping online, even though there is risk to both.

The dangerous thing about over-the-phone scams is that there is no paper trail and no in-person interaction, making these scams difficult to trace. Another terrible thing is that if the person falls for it once and makes a purchase, the con artist will most likely share the person’s name with other scammers, increasing their chances of making a deal. This results in the person being scammed over and over.

How to help your loved one avoid this scam

  • A legitimate business has no problem sharing more information about their company, so ask questions about companies you and your loved one are not familiar
  • Search online for unfamiliar companies through the Better Business Bureau, National Fraud Information Center, or other watchdog

 

  • Ask the salesperson for their name, business identity, phone number, mailing address, and business license number before conducting business. Check the accuracy of these items since con artists give out false information.
  • Before making a donation, find out what percentage of the money goes toward the charity or investment and what goes toward
  • Do not pay for services ahead of time—pay after they are
  • Beware of companies who send messengers to collect money, claiming it’s a service to your loved What they’re really doing is taking your loved one’s money and leaving no trace of who they are.
  • Tell your parent or grandparent to take their time when they’re making a decision, you’re not obligated to act quickly. The typical “limited time offers” are just sales
  • Do not pay for a “free prize.” If they say it’s to pay for taxes they are violating federal
  • Do not send money or give out personal information to unfamiliar

6.   Email and phishing scams

These are common scams for anyone but seniors fall victim to them more often due to their unfamiliarity with the internet and all its features. Emails are sent to elderly asking them to update their profile information for online accounts, this includes bank profiles, online shopping accounts, social media accounts, and more. They verify their information and the scammer gets to do whatever they want with it.

How to help your loved one avoid this scam

  • Be cautious of emails from unrecognized
  • Be cautious when confirming personal or financial information over the
  • Do not respond to emails that are not personalized and ask for personal
  • Look for a lock icon on the browser’s URL bar or “https:” URL (s stands for “secure”) on
  • Do not download files, click on links, or open attachments in emails from unfamiliar
  • Make sure your parent/grandparent knows to never email personal or financial information to anyone even if they’re close to Their email could be compromised and someone could hack it and get the information.
  • Do not click on pop-ups.
  • Protect your loved one’s computer with a firewall, anti-virus, spam filters, or anti-spyware (Note: Not all are necessary at the same time.)
  • Check online accounts (including financial account) regularly for any unfamiliar

What to do if you’ve been the victim of a scam

Don’t be ashamed if you’ve been a victim of a scam. Con artists are coming out with new ways to trick people into falling for their schemes every day. It’s important that you know you are not alone. Speak with someone you trust about it and know that doing nothing could make it worse. Have the phone numbers to the police, your bank, and Adult Protective Services to get help. Contact a loved one for help. Cancel your credit/debit card and have your financial institution send you a new one. Call the police to report it. And remember, you are not alone in this.

B.C. Liquor Store selling a $78,000 bottle of Scotch

Thursday, October 24th, 2019

B.C. Liquor Distribution Branch will be selling a $78,000 decanter of Macallan Genesis 72 Year Old

Scott Brown
The Vancouver Sun

Do you have $80,000 burning a hole in your pocket?

Do you like fine single-malt whiskey?

Well, belly up to the bar big spender because I have found the Scotch for you.

As part of its annual premium spirits release, the B.C. Liquor Distribution Branch will be selling a $78,000 decanter of Macallan Genesis 72 Year Old. It’s the oldest whiskey ever released by the Macallan distillery, and it’s one of only 600 decanters of stuff released worldwide.

That $78,000 not only gets you nearly 24 ounces of that delicious and not-at-all obscenely overpriced Scotch, you also get to keep the gorgeous Lalique crystal decanter and the handsome wooden box that it came in.

The bottle will go sale Oct. 31, 8 p.m., at the B.C. Liquor Store at 39th Avenue and Cambie. Two other Macallan products, the $4,350 Macallan 30-year-old Sherry Oak and $600 Macallan Exceptional Single Cask, will also be on sale.

The BCLDB hosts a second ultra rare sale on Nov. 1 at its Park Royal location where a Bowmore 50-Year-Old Release can be purchased for $45,000.

Prospective buyers, or one of their servants, will have to enter a draw for the right to purchase the ultra rare Macallan and Bowmore products.

The BCLDB’s wider premium spirits release will take place on Nov. 2 at participating stores across the province and will feature more than 140 selections of whisky, scotch, bourbon, rum and other rare products from around the world.

© 2019 Postmedia Network Inc.

Access to data needed for seamless mobility in Metro Vancouver

Friday, October 18th, 2019

With ride-hailing on the horizon, now is the time to plan for moving people using mobility as a service.

Jennifer Saltman
The Vancouver Sun

Imagine being able to plan and pay for a trip from the suburbs of Metro Vancouver to Downtown Vancouver using multiple services like bike share, ride-hailing and transit, all from a single app on your mobile phone.

Open data sharing will be key to allowing the region’s residents to take advantage of such technology, known as mobility as a service, or MaaS, according to experts.

“With MaaS, the idea, literally, is knitting together the various modes collectively so you as a commuter can have a seamless, easy experience going between modes or choosing which modes to use as you take an individual trip or go about your whole day,” said David Zipper, an urban mobility consultant who is based in Washington, D.C.

Zipper said that from what he’s seen and experienced, Metro has a lot going for it when it it comes to MaaS and integrated mobility, in that it’s relatively easy to navigate large parts of the region without using a personal vehicle, but instead relying on bikes, car shares and transit.

“I think lots of people in Vancouver have decided not to own a personal vehicle or decided they don’t need a second one,” he said.

With ride-hailing companies likely to enter the market later this year — they will be allowed to apply to the Passenger Transportation Board to operate this fall — it will become even easier to get around without owning a vehicle.

Getting all of those options into one app isn’t something that will happen quickly or easily.

Companies like Uber and Lyft are reluctant to share data — unless compelled by governments — and prefer to use their own platforms to link transportation options, a practice Zipper said can be dangerous.

If MaaS is provided by large private entities, they can have a virtual monopoly over a city’s transportation information and can decide what services are shown and to what extent they’re included in search results and dominate price strategy. It’s known as a digital “walled garden.”

“From an economics perspective, the challenge once a city is dominated by one or two providers is the city is basically hijacked — all public and private transportation is in the hands of one international organization,” said Hendrik Wolff, Simon Fraser University associate economics professor. “How to get around it it would be to have another model, but you have more competition and free entry.”

Wolff said this could be mitigated by government requiring all companies in the market to have open-data policies that share information like vehicle locations, pricing and more, so aggregator apps can feature a variety of mobility services and make bookings for users.

“Right now that’s not possible because some companies don’t share data,” Wolff said. “They all want to be their own aggregator, they all want to be the one-stop platform.”

The head of TransLink said there is a role for Metro’s transit agency to play in MaaS, somewhere between standing on the sidelines and simply sharing data, which TransLink has been doing for years, and creating its own platform.

“We are thinking about the continuum, absolutely,” said CEO Kevin Desmond. “I would expect we’ll be somewhere in the middle, where we’re helping to facilitate the creation of really good applications.”

In addition to having open access to data, Zipper said it will also be important to talk to people and ask them why they use the transportation methods they do and what could make their travels easier.

“I think it’s really important that TransLink at least elevate these questions for local residents now, because you don’t yet have ride-hailing and scooters like so many of your peer cities across North America, so ask now so you can try to avoid some of the mistakes that other cities have made and have your strategy be presented upfront,” Zipper said.

© 2019 Postmedia Network Inc.

Kelowna motorist fined for driving while holding bowl and chopsticks

Friday, September 13th, 2019

Motorist fined $2,000 for eating while driving

The Province

A provincial court judge has served up a searing decision to a driver in Kelowna who was spotted eating with chopsticks in one hand and a bowl of spinach in the other.

Judge Brian Burgess made the ruling in Kelowna traffic court in August, finding the “egregious” offence took place in the city last November as Corinne Jackson drove past a roadside vehicle enforcement operation.

The RCMP officer who flagged Jackson’s vehicle testified she was travelling at an estimated 60 km/h while “shovelling” food into her mouth with the chopsticks and not once did she place a hand on the wheel during the entire five to six seconds he watched her.

Jackson testified she gave due care and attention to her driving because she was going “no more than 10 km/h over” and had three fingers of her left hand on the steering wheel while holding the bowl with her thumb and index finger.

Burgess rejected Jackson’s testimony as contradictory and criticizes her for the common misconception that 10 km/h over the limit is not speeding, noting the law says even one kilometre an hour over the limit is considered speeding.

Jackson was found guilty of driving without due care and attention and the judge declined to reduce her fine of $2,000 and six penalty points, although the average ticket for the offence is $368.

“Holding a bowl in one hand and using chopsticks in the other hand to eat while driving, even if three fingers of the hand holding the bowl were in contact with the steering wheel, is not giving one’s full attention to driving,” Burgess says in the ruling posted online.

His ruling says he didn’t find that all those who eat while operating a vehicle are operating without due care and attention.

“The minimum standard of a reasonable and prudent person, as implied by the Crown, would be to have at least one full hand on the steering wheel while the vehicle being driven is in motion. The hand that is on the steering wheel should not also be holding some other object.”

Jackson assumed a risk by actively eating while speeding, Burgess says.

“The risk was that Ms. Jackson was betting with her own safety and life and the safety and lives of other users or potential users of the road as she drove her vehicle while both of her hands were holding foreign objects not related to diving and eating at the same time.”

Jackson has been given until the end of October to pay the ticket.

© 2019 REM Real Estate Magazine

Chinede business Magnate Slaughtrs Donald Trump

Monday, August 5th, 2019

Jack Ma
other

Chinese Business Magnate Jack Ma-s Brilliant Lecture To Donald Trump.

But offers a lessons for the UK economy on investment and infustructer.

View Video

Three groups to submit proposals for Vancouver’s Broadway subway project

Tuesday, June 25th, 2019

The groups are Acciona-Ghella Joint Venture, Broadway Connect and West 9th Partners. A proponent will be chosen by mid-2020.

Jennifer Saltman
The Vancouver Sun

The province has chosen three teams to bid on a chance to design, build and finance the Broadway subway in Vancouver.

A request for qualifications closed on April 17.

The $2.83-billion, 5.7-kilometre extension of the Millennium SkyTrain line will run from VCC-Clark Station to the intersection of Broadway and Arbutus and have six stops. Because the project is using SkyTrain technology, it will be built by the provincial government instead of TransLink.

The three teams are: Acciona-Ghella Joint Venture, Broadway Connect and West 9th Partners. It is expected that the province will select a proponent by mid-2020.

Acciona-Ghella Joint Venture includes Acciona Infrastructure Canada Inc., Ghella Canada Inc., IBI Professional Services (Canada) Inc., DIALOG BC Architecture Engineering Interior Design Planning Inc., Mott MacDonald Canada Ltd., Ingenieria Especializada de Obra Civil e Industrial, S.A., Parsons Inc. and Corporacion Acciona Infraestructuras, S.L.

Broadway Connect’s team is made up of Dragados Canada, Inc., Aecon Infrastructure Management Inc., ACS Infrastructure Canada, Inc., Aecon Concessions, a division of Aecon Construction Group Inc., Dragados, S.A., Aecon Group Inc., Hatch Ltd., WSP Canada Inc., Dr. G. Sauer & Partners, VIA Architecture, Wood Environment & Infrastructure Solutions, a Division of Wood Canada Ltd. and SENER.

West 9th Partners is four divisions of SNC-Lavalin.

The project will be covered by the province’s community benefits agreement, which sets out wages and hiring procedures, requires a percentage of workers to be apprentices, and gives hiring priority to women and Aboriginals.

Early works have already started for the project, including installing new poles and wires to allow for temporary detours for three trolley bus routes during the construction.

Construction is scheduled to start in 2020 and be completed in 2025.

The 5.7-kilometre Broadway subway will run between VCC-Clark and Arbutus in Vancouver, and is budgeted for $2.83 billion. TransLink/File / PNG

© 2019 Postmedia Network Inc.

How companies are de-stressing work forces

Monday, June 24th, 2019

Burnout Nation: How companies are de-stressing workforces

Chris Taylor
The Vancouver Sun

NEW YORK (Reuters) – No matter who you are or what you do, let me take a wild guess: You feel a little burned out right now.

Was I right? If so, you are one of the two-thirds of Americans who report feeling burned out on the job, according to a recent Gallup poll.

That breaks down into 23 percent who are burned out very often or always, and another 44 percent who feel that way sometimes. Those numbers are epidemic.

But they do not surprise Cleveland Clinic’s Dr. Adrienne Boissy. When the famed clinic asked its own physicians about burnout, surveying over 1,500 of them, 35 percent reported at least one symptom. Across the nation for physicians it is even worse: a whopping 54 percent, according to Mayo Clinic researchers.

“People are feeling like their bucket is empty at the end of the day,” says Boissy, who as the clinic’s chief experience officer is leading the charge to combat employee burnout. “There is an ocean of distress and suffering out there.”

Burnout does not just happen in healthcare, though, with its particularly intense life-or-death environment. It takes place across industries and across regions. Popular YouTuber Lilly Singh even made headlines when she announced she was taking a break to recharge her batteries.

So what exactly is going on, to make everyone feel so depleted? There is no one answer. Rather, a host of factors conspire to make modern workers feel tapped out.

Technology is one. Smartphones now make people accessible 24/7, leading to the expectation that they will be responsive outside of normal office hours. It can develop into a two-shift day: one at the office, one at home.

“All the ways we can get in touch with people these days, puts stress on people about how to balance it all,” says Julie Coffman, a Chicago-based partner with consultants Bain & Co and global head of its organization practice. “It’s exhausting to navigate.”

To their credit, organizations are starting to realize that burnout is in no one’s interest. At the Cleveland Clinic, Boissy and her team have rolled out a number of fixes to help reduce physician burnout. Since much of the problem stems from overwhelming documentation, assistants are now handling more paperwork or refilling prescriptions, so doctors can interact more with patients.

Cleveland Clinic is using innovative solutions like “Code Lavenders,” where dedicated teams help during the painful or traumatic moments that happen every day in a hospital.

TIPS TO PREVENT BURNOUT

Some burnout prevention tips from Bain & Co’s Coffman: Try no-meeting or no-email days to give staffers a break from overscheduling.

Another suggestion is to analyze your employee networks. If everyone wants access to a particular manager, you need to help that manager out with his or her workload.

And remember that it is okay to say no. If you have five project groups demanding your time, go to your supervisor and figure out which are priorities, and which you can pass on.

Changing jobs can also relieve some pressure. Just ask Jane Barratt, who has plenty of experience working in the digital space, where “all anyone could ever talk about was how tired they were.”

When she signed on with financial-data firm MX as its chief advocacy officer, it was like a different world. Dedicated areas for spouses and kids, nap rooms, massage time, big family events like booking movie theaters or taking over theme parks – the list goes on.

As a result, her new venture “does not have the level of exhaustion of other tech companies,” she says. “It’s something I haven’t really seen before.”

All rights reserved SaltWire Network © 2019