A Consumer Action News Alert • Aug. 15, 2023
www.consumer-action.org
We always warn consumers to be careful about the links in emails they receive. We want you to know that all links (URLs) in this newsletter are sent via VoterVoice, our content management services provider, in order to determine which stories are most interesting to our readers. No personal data about you is saved.

Click here to view this newsletter in a browser.
Facebook Twitter LinkedIn
  Smooth operator  
 

Our friends at ABC7 News in San Francisco reported earlier this month about a Zelle scam revival. Despite years of warnings about scammers tricking consumers into sending them person-to-person Zelle payments, this scam is alive, well and renewed, says ABC. Consumer reporter Michael Finney recounted the story of a Bank of America customer who recently received a text message, purportedly from the bank, asking if she had attempted to make a purchase of $432 at a Texas Walmart. When the consumer responded "No," the crooks immediately phoned her. The caller told the consumer that he was with Bank of America's fraud department and explained that someone had made two Zelle payments from her account totaling $3,500. The consumer denied making the transfers. The scammer then gave her instructions on how to "send the money back to herself" using Zelle. She followed the instructions and ended up losing $5,500. The extra-sneaky new twist was that the consumer was told to ignore any additional fraud alerts about suspicious activity from the bank, since that's what they supposedly were already taking care of while on the phone. In the video interview, the consumer also describes how the perpetrator sounded "friendly, calm, kind, clearly educated," making her believe he really was from Bank of America. We should take note, since we're often warned about scammers with poor grammar skills. Clearly, even an "educated" smooth-talker can defraud us if we let our guard down.

 
  Now deboarding  
 

After the cancellation of a fully boarded Delta flight last month (ah, the joys of air travel), a traveler searched Google for the airline's customer service number while still at JFK airport. You probably guessed correctly, as this is a newsletter about scams, that the traveler dialed the very first number listed in the search results. Instead of reaching Delta, the Washington Post reports, the consumer connected with a scammer who offered to sell him a ticket at five times the cost for a flight from a nearby airport. It turns out the search result was a type of "malvertising"—it had been manipulated to show a number that did not belong to Delta. The consumer, fortunately, did not fall for the scammer's pitch and revealed no payment information. The Post explained that fake business numbers, like the one dialed by the traveler, can end up in search results when someone replaces an official business phone number with a false one on a Google business page. Until someone realizes that the phone number is incorrect, the false number remains on the page. Citing an AARP representative, the Post explains that potential scammers can place false contact information in other ways, too. These include impersonating an official company account on social media or replying to posts on internet complaint boards. For its part, in response to the Post's inquiry about the matter, Google explained that they are constantly monitoring and evolving their platforms to combat fraud, and taking steps to correct inaccuracies in ads and suspend malicious accounts. A recent post by the Search Engine Journal also discusses how Google is using new machine learning models to catch and remove fake and fraudulent content, including inaccurate phone numbers that may have been overlaid on contributed photos "to trick unsuspecting victims into calling the fraudster instead of the actual business." The Post offers tips for spotting red flags and filing complaints, and includes a tip from AARP we wholeheartedly agree with: Since these particular scams exploit the sense of urgency following a flight cancellation, you'll want to take a deep breath and trust your gut before contacting customer service. This is great advice for any traveler with cancelled plans, and certainly for the passengers in this case, who'd already been in their seats and ready for takeoff before they learned the plane would not be leaving the tarmac—the ultimate staycation. 

 
  Scammers' playtime  
 

Barbie goes phishing. While you decide whether you love, hate, or even want to see the new Barbie movie, internet security company McAfee has reported that scammers love Barbie! According to a McAfee blog post published during the movie's opening weekend, scammers are aiming to cash in on the summer blockbuster through a rash of online scams, including bogus downloads of the film that install malware, Barbie-related viruses, and videos that point people to "free tickets" but instead lead to spyware. In the three weeks preceding the blog post, McAfee's researchers saw 100 new instances of malware with Barbie-related filenames. They found videos that direct potential victims to a Discord server or a website where attackers prompt visitors to download a large .exe file, which is, of course, loaded with malware, including the “Redline Stealer” variety that siphons personal info, login credentials and more from devices. Sharing personal and financial information with these scam sites, McAfee warns, leads to identity theft and fraud, which can be carried out by the scammers themselves or by those who purchase the stolen data when it is posted for sale on dark web marketplaces. Don't let your interest in the Barbie movie turn into your own personal horror flick; follow these tips from McAfee to steer clear of scams.
 
Toy story. Maybe watching the Barbie movie isn’t at the top of your list, but a Barbie doll and playset may be at the top of that special kid in your life's birthday wish list. As you set out to look for a good deal on these toys, heed Forbes's recent warning about counterfeit Barbie products. In fact, keep their tips in mind when shopping for any popular gift. Citing James Zahn, editor in chief of toy industry trade publication Toy Book, Forbes explained that counterfeit toys continue to be a massive problem on a global scale. According to LatentView Analytics, Forbes continued, since the advent of online marketplaces, 52% of toy brands have seen an increase in fake toys sold. Although Barbie fraud specifically is probably lower than for other toy brands, the article explained, the number of fake Barbie websites being registered every day has ranged from 150 to 200 since the first Barbie movie trailer was released seven months ago. Forbes offers a few consumer protection tips courtesy of BrandShield's CEO, Yoav Keren. These include ensuring that the URL of the website you’re visiting is the real brand domain, without added letters, words or phrases, and being wary of spelling mistakes (though AI tools are making these less common) and attempts to move a conversation from social media to WhatsApp or another messenger app—advice that helps make fake gifts an avoidable faux pas.

 
  Tips  
 

Fraud economy. In a consumer alert, the FTC warned last month that it is hearing about a new scam that targets both restaurants and the drivers who work for food delivery services like DoorDash and Uber Eats. Scammers posing as “support” from food delivery services are contacting drivers and restaurants and trying to steal their personal and financial information. In one scenario, the FTC explained, the scammer tells drivers and restaurants they’ll be receiving a free tablet or printer to handle food delivery orders if they can verify their phone number, email and login, Social Security number and bank account. (Yeah, right!) In another scenario, the scammer says they need the driver’s email address or bank account number because there’s a problem with an order, or so that they can issue a refund on a canceled order. Regardless of where you work, the FTC has a simple, one-word tip if you get requests like this: STOP. Then, follow their recommendations for avoiding the scam: Don’t give your personal or financial information to someone who unexpectedly calls, texts or emails you; if you think the request is legitimate, contact the business directly using a phone number you know is real or a website or app you found yourself; and never share an email verification code with someone if you didn’t contact them first. Sharing verification codes makes it easier for scammers to pretend to be you and gain access to your accounts and money, the FTC warns. It's hard to believe that after years of pandemic-era hurdles, restaurants and gig drivers have a new challenge on their plates—a good reason to show these folks some extra appreciation right about now.

Don't brush this off. The Better Business Bureau (BBB) recently warned that the "brushing” scam—unsolicited packages sent to you via Amazon or other online sellers—indicates a serious problem for victims. The companies that send these items, the BBB explains, are usually foreign, third-party sellers that intend to boost their sales by writing positive online reviews of their own merchandise using your name as a "verified buyer." In early August, CBS News Minnesota reported the case of a St. Paul woman who received random items that included baby gender reveal balloons and cupcake stands. After confirming that her neighbors weren't missing any deliveries, she learned that she might be a victim of the brushing scam. Getting unsolicited packages spells bad news, says the BBB, because it indicates that senders have personal information, such as your name, address, and, possibly, phone number. Once the information is online, the BBB warns, it can be used for many crooked enterprises (even by "porch pirates," who order items using your account and steal them before you get home). If you're the victim of a brushing scam, follow these BBB tips: Notify the retailer (whether Amazon or another established business); if you can identify the sender and you find false reviews in your name, ask for them to be removed; if your recent order history shows orders you didn't make, consider refusing package delivery at your home address and temporarily directing items you did order to a package acceptance service; and, because the scam can be a sign that your personal information has been compromised, change account passwords and monitor credit reports and credit card bills. Although this might not qualify as good news, the FTC says you’re legally entitled to keep unordered merchandise as a free gift.

Can you 'sea' the red flags? Late last month, the Securities and Exchange Commission (SEC) charged Brent Seaman of Naples, Florida, and various entities he managed with fraudulently raising approximately $35 million from at least 60 investors through an unregistered securities offering. Many of these investors were elderly, retired, and connected to a Naples church where Seaman was an active member. The SEC's complaint alleges that, from June 2019 until September 2022, Seaman told investors he would use their money to invest in technology companies and to trade currencies and commodities. Seaman falsely promised annual returns ranging between 18 and 48 percent and described the investments as "safe" and the returns as "guaranteed." (Assure us you will run far and fast if anyone ever makes these types of investment promises to you.) The SEC also alleged that Seaman solicited investors by touting his proven success investing in currencies when, in reality, he was losing millions of dollars of investors' money and his currency trading was always unprofitable. Seaman also allegedly misappropriated millions of dollars for himself, in part to purchase luxury automobiles and to pay for trips on private planes. Finally, Seaman allegedly made Ponzi-like payments to investors because he did not generate profits in connection with his trading sufficient to pay investors their required monthly distributions. The SEC asked the federal court for relief that includes repayment of all ill-gotten gains, with interest; the imposition of civil penalties; and the permanent barring of Seaman from serving as an officer or director of any SEC-reporting company. Looks like the tide has turned for Seaman.

Protecting veterans and troops. Last month was Military Consumer Protection month. Federal government and attorney general (AG) offices across the country, from Connecticut to Georgia to California, recognized the annual month-long event by offering veterans and servicemembers a wealth of information and resources to help them and their loved ones avoid common scams. A Federal Trade Commission (FTC) blog post explained that, whether it’s because of the steady paycheck, frequent relocations or other aspects of military life, scammers target servicemembers and their families. In 2022, military consumers reported over $414 million in losses to fraud, the blog post stated. The California AG's office explained that the camaraderie that unites the military community is often exploited by impostors who claim to be veterans in an attempt to access personal information for fraudulent purposes. Among the scams warned about by state AG's offices were fake charities, car sales and financing scams, job scams, identity theft, debt collection scams, and credit monitoring scams. Military Consumer, a joint initiative comprising several partners that include federal agencies, attorneys general and nonprofits (including yours truly), offers a lot of articles for learning about military scams. To get to them easily, try searching "consumer protection month," or simply "scams," when visiting the site

Hook, line and sinker. You may have heard this sage consumer advice a time or two: Don't engage with scammers. If you haven't, a Minnesota-based tech support company reminds us here of the sound reasons why nothing good can come from communicating with con artists. But, as the article acknowledges, there are plenty of online vigilantes who have fun tricking, or "scambaiting," scammers and then post humorous articles and videos about it online. As this Vice article explains, the most important element of baiting scammers is to preoccupy them, to waste as much of their time as possible so they have less time to spend conning genuine potential victims. If you've always wished you, too, could bait a scammer but decided (probably very wisely) not to risk the consequences (the least of which might be a litany of four-letter words hurled at you), there's a new option for you: Hire one of the Jolly Roger Telephone Company's artificially intelligent robots to do the scambaiting for you. Or, do what we did and just listen to some amusing recordings of robots chatting away with clueless scammers. The Jolly Roger Telephone Company is making available recently ChatGPT-enabled robots that can answer scam phone calls for you, keep callers engaged with amusing chit-chat and unique personalities (or should we say robot-alities?), and keep your personal information under wraps—with the added bonus of recordings of the exchanges saved for later listening. In one recent video, a "valley girl/Instagram model" robot chats with a scammer from the "cable company" about her favorite show, Stranger Things, and asks for help understanding how the internet works. Another video features Whitey Whitebeard, a bumbling but endearing robot who can't find the Medicare card requested by the scammer—or even his favorite pair of socks—but who, aside from the troubles with his 1972 Ford Pinto, is doing very well and is quite adept at fending off fraudsters. If you've grown weary of the warnings about the threat that AI poses in the hands of scammers, these recordings, where the tables are turned, may offer some comic relief.

 
  Tell us how we’re doing!  
 

We’d love your feedback on how we’ve been doing and which of our services have been most important to you. Please fill out our (very) brief three-question survey here!