A Consumer Action News Alert • November 2020
SCAM GRAM is Consumer Action's monthly e-newsletter alerting you to the dirtiest players in the world of tech fraud, credit card scams, ID theft and general con-artistry. Don't be fooled by liars, cheats and crooks; wise up with SCAM GRAM!
  Race to the con  
  What's your price to sell your body to science? Perhaps nothing--you're a selfless and optimistic person, and you've already signed up to test a COVID vaccine (in which case, humanity thanks you). If you'd charge around $1,000, however, hucksters want to hear from you! They've been sending out spam texts, emails and even social media offerings to "compensate" individuals for being in a COVID clinical trial. The genius behind the grift is a tactic we've been seeing more of lately--the racketeers make you want to work for it! In this case, you've got to "qualify" to be in the trial--by which we mean "fill out an online form with your personal information so scammers can collect it and commit identity theft," or "click on a link to 'apply,' which downloads malware to siphon usernames, passwords and other sensitive info off your computer or phone." Run any suspicious "study" through the National Institutes of Health (NIH) database here--if these guys don't list it, then you need to conduct way more research on the company, educational institution and/or mad scientist soliciting you, or throw the opportunity into the metaphorical medical waste bin.  
  False claims > cocaine  
  Seizing on the zeitgeist of pandemic-related chicanery, amateur rapper Nuke Bizzle outlined for the public (law enforcement included) how to commit amateur-level unemployment insurance fraud. Although Bizzle (em-Bizzle?) failed in his unlawful endeavors, more seasoned and silent criminals have successfully bilked billions from outdated state unemployment insurance systems and consumers since the first stimulus bill passed months and months ago. Unemployment fraud is disturbingly simple, at least in theory. As Bizzle proclaimed in his bafflingly out-front music video, "You gotta sell cocaine, I just file a claim." Filing a claim can be as easy as stealing a victim's identity made public through data breaches, or acquired through phishing emails; using the name and a new address to apply for that victim's unclaimed benefits online; and waiting for a state-issued debit card pre-loaded with funds to arrive in the mailbox. Sometimes, the real beneficiaries get a head's up that the scam is about to occur and a chance to stop it if the state unemployment office sends them notice about a change of address or a claim "they" don't recognize making.

Recently, however, scammers have been able to "somehow...duplicate your [debit] card and your pin and then drain your account in cash, from an ATM miles away from where you live." And cardholders have been outraged over the lack of recourse when this occurs: The "partnership" between California's Employment Development Department (EDD) and Bank of America is a fine example of why. The parties, which failed to provide customers with secure debit cards containing newer chip technology, appear busier blaming one another than helping victims get their money back, which we've deemed "unacceptable." If you've run into unemployment insurance fraud in any state, save yourself some whiplash and take these steps to start resolving it. And if the powers that be still can't--or won't--help, contact your state representatives or (as this woman did) a local investigative news station. Haven't had to file for unemployment? If your fate changes, choose to "direct deposit" unemployment benefits rather than receive them via debit card. And take preventive action: If you can create an online account with your state unemployment office now, it will make it difficult, if not impossible, for a criminal to do it later.
  Santa's workshop  
Stay ho-ho-home for the holidays. Scammers know that, due to social distancing, a record number of consumers will be mailing gifts this year. Because of this, phones across the country have been buzzing with bogus texts from what appear to be major package carriers responsible for getting the gifts to their destinations. The convincing communications are similar to those that FedEx or the USPS might send to customers who signed up for texts to let them know when a package is en route or if there's been a holdup. Clever criminals know that using your first name in their texts will make you more likely to click on the included links--and even better if these web addresses appear to list tracking numbers. Unfortunately, clicking will deliver a heaping pile of malware to your digital doorstep, or deliver you to an imitation website that tricks you into giving up your personal or financial info. Learn how to recognize and report spam/scam text messages (in general), and remember to protect your real deliveries from porch pirates. (One more tip: Masks make great stocking stuffers this season!)

Brick and mortar is so 2019. Various Amazon scams are ramping up as shoppers, concerned about catching COVID, flock to the online retail giant for Black Friday, Cyber Monday, and pretty much the entire holiday season. Much of the criminal contact involves phone calls, with con artists impersonating company reps to trick customers into believing that they are owed a refund. In some cases (like this one, where a woman lost almost $29,000), the criminals claim to have refunded "too much" bad money (i.e., worthless checks) in order to persuade the victim to send their good money back. (Learn more about fake check scams here.) In other instances, the calls instruct recipients to press a menu button to "reinstate" an allegedly cancelled account--for a fee, of course. Sometimes you're told that you've been signed up for an Amazon Prime account that you never signed up for; other times, that there are problems with the delivery of the items you've ordered. Scammers are even claiming to be with Amazon "tech support" to gain control of computers remotely and drain victims' bank accounts. Regardless of the scenario, if you're concerned about your Amazon account, go independently to the real website, log in and give it a gander. Now that you're logged in, click on the link for "customer service" and select the issue you're dealing with, whether it be bothersome billing or a missing Mandalorian. In any case, do not click on any links you receive, call "employees" who've left you voicemails, etc.
The young and the reckless. Can't fall for an Amazon scam because you don't buy from Amazon? Way to go off-grid! But purchasing presents outside of "big box" websites can put you more at risk of entering your credit card number into one of the many imitation sites that criminals create every holiday season. You may have found yourself on such a site after clicking a bogus ad you saw on social media for a "closing" sale on expensive items (e.g., Dolce & Gabbana, Fendi and then Donna). As the BBB points out, taking this route can result in receiving counterfeit goods--or no goods at all. The pitch can sound particularly real now, in the age of COVID, since many businesses are going out of biz. Think you're too clever to get conned this way because you're a "digital native"? Think again: The BBB's 2020 Online Purchase Scams Report reveals that shoppers aged 35-44 are most likely to pull the trigger and hit "purchase," particularly if they believe the item they're looking at is scarce or listed at a great price. The BBB hasn't left you defenseless, however: Check out its excellent tips for smart shopping online.
If you do only one thing...Capital One has created an educational video in multiple languages (EnglishSpanish, MandarinKorean and Vietnamese) titled "Protect Yourself Against Common Financial Scams." The video summarizes major warning signs of fraud, as well as ways to avoid becoming a victim--and it's shareable. (Seriously, if you do only one thing today, share it to keep a friend or family member from financial devastation.) Is someone contacting you "with a sense of urgency" in an "unsolicited way," the video's narrator asks? Is the message "unexpected, scary, urgent"? Is the sender asking you to validate account information, or prompting you to click on a strange hyperlink? Probably a scam. "So, what do you do if you notice these signs?" the narrator queries. And since it created this video, Capital One has the answers: First, resist the pressure to respond quickly. Second, never share financial or personal information. And certainly don't wire money to whoever claims to be contacting you!
Scams that leave you shook. Truly appalling imposter scams are going around and, TBH, while we expect no less for 2020, some of them should come with trigger warnings. Beware: The goriest texts, which attempt to extort money by threatening to kill or dismember a loved one (sometimes including photos of "limbs and bodies"), seem to be coming from sources claiming to represent the international criminal gang MS-13, while others are shocking even without photos, leaving recipients gasping as they read off a list of family members' full names (information that, you should be reminded, can easily be found online nowadays). Some of the scams attempt to extort petrified parents, even using the names of their children, while still others target grandparents. And some try to terrify immigrants, claiming to originate from U.S. Immigration and Customs Enforcement (ICE) agents looking to arrest them or have them deported. Knowledge is power, however, and knowing what to expect will give you the power to fight fraud by sending this frightening filth over to the Federal Trade Commission and its law enforcement partners!
Naughty or nice? Open enrollment runs through early and mid-December for Medicare and Affordable Care Act (ACA) coverage, respectively, which also gives scammers opportunities to contact beneficiaries requesting--or, in some cases, demanding--Medicare ID or Social Security numbers. In more polite instances, the con artists will introduce themselves as being with the government, representing a helpful "health care benefits" advocacy group, or some other nice-sounding nonsense. Or, in Grinch mode, they may threaten you, claiming they'll suspend your benefits if you don't comply with their demands. Whether they play nice or not, they usually have a compelling reason why they're demanding your personal info, such as Medicare "replacing paper cards with plastic ones." For more info on how to spot these scams (and what to do if you're targeted), click here.

Trick or TREAS (IRS). If you get a text claiming you've "received a direct deposit of $1,200 from COVID-19 TREAS FUND" (sic)--we guess that's supposed to mean "U.S. Treasury" fund--and that "further action is required to accept this payment into your account," the only action you should take is reporting the cruel trick to the IRS. Definitely do not click on any links, and certainly don't put your personal or financial information into the linked-to lookalike IRS "Get My Payment" website. It's totally bogus! While there is (sadly) no second stimulus payment, if you haven't applied for the first one yet, you can still do so until Nov. 21.