Text Message Gift Card Scam is Back for the Holidays

The gift card text message scam is back with a vengeance this holiday shopping season. Shoppers across the country are reporting receiving spam text messages, called smishing, saying they won pricey gift card. 

 

How the Scam Works:

You receive a text message. When you open it, you are surprised by a message informing you that you've won a Best Buy gift card (or Target, Wal-Mart or other major retailer). You just need to go to a website and enter a PIN, and the card is yours. 

  

The text's URL leads to a website that has the company's colors and logo. It looks authentic with the company's name as the site's sub-domain (example: www.bestbuy.scamwebsite.com). 

  

You are asked to enter the PIN and an email address. Then, you are taken to a form and instructed to fill out your name, cell number, mailing address and answer unrelated personal questions, such as "Are you interested in going back to school?" and "Are you diabetic?" When you reach the page to "claim your gift card," you instead find yourself directed to another site to apply for a credit card. 

  

The texts are just a way to collect personal information for shady advertisers. Scammers often change the store names and cash amounts of the gift cards. A typical text message is below: 

  

"Black Friday Winner #88323! You have WON the Best Buy Gift Card for $1000! Get your prize at WEBSITE now! Use the code 5417." 

  

What Can I Do About Scam Text Messages:     

• Ignore instructions to text "STOP" or "NO" to prevent future texts. This is a common ploy by scammers to confirm they have a real, active phone number. 
• Forward the texts to 7726 (SPAM on most keypads). This will alert your cellphone carrier to block future texts from those numbers. 
• If you think your text message is real, be sure it's directing to a web address like Bestbuy.com or Target.com, not www.bestbuy.otherwebsite.com.   
• And as always, if you think getting a free $1,000 gift card seems too good to be true, it probably is. 

For More Information

  

Learn what your cellphone carrier has to say about stopping spam. Click here for advice from ATT, Verizon, T-Mobile and Sprint.

FBI issues warning of real estate scam in SC

The FBI is warning homeowners and prospective renters in South Carolina of a new scam.

Special Agent David Thomas said “Potential victims are contacted by an individual in a foreign country by either email or phone then asked to wire money to a third person in an overseas location.”
Thomas said, perpetrators are searching for homes listed for sale on public search sites on the Internet. They copy the pictures and descriptions of the homes and then post the information on Craigslist under available housing rentals, without the consent or knowledge of Craigslist and the true owner.
The FBI warns renters to never wire funds to any unknown person and should only conduct business with individuals they can meet in person. In addition, renters should request to see the property in person and preferably be shown the interior of a property prior to signing a contract and transmitting any payments.
The FBI is requesting people who have similar complaints to file an Internet crime complaint on www.ic3.gov.


FBI issues warning of real estate scam in SC - Local News - Greenville, SC | NBC News

Scam Alert -- Websites Selling Fake Goods Lure Cyber Monday Shoppers

This Cyber Monday, be extra careful when buying online. Even the most savvy online shoppers are finding themselves stumbling onto websites selling counterfeit goods. A recent study conducted by Nielsen discovered one in five online bargain hunters browsed sites selling counterfeit products.

How the Scam Works:

Your holiday shopping list is long, but money is short. So instead of hitting the mall, you pull up Google. You type in terms like "cheap," "discount" and "outlet" followed by the name of a product. Hit the search button, and there's a one in five chance you'll end up at a website selling counterfeit goods. Make a purchase from such a site, and you end up with a fake rather than a great deal.

Many of these counterfeit sites are hard to distinguish from legitimate online retailers that sell overstocks and end-of-season clearance. Like those sites, the discount is usually 25 to 50 percent below regular price, and they use real photos of the items. Below are tips for spotting a fake... before you make a purchase.      

I'm Not Sure This Website is Legit. What Should I Do?    

• Look for the BBB seal on the website and check out the business' review on BBB.org.  
• Make sure the site has a contact page with a physical address and phone number. You can also check whois.net to see who owns the website. Be very wary of web registrations that are private.    
• To ensure your payment info is secure, look in the address box for the "s" in https:// and in the lower-right corner for the "lock" symbol. 
• When shopping online, pay with a credit card. Under federal law, you can dispute the charges if you do not receive the item and contest unauthorized charges. Many card issuers have "zero liability" policies which will protect you if your credit card number is stolen.    

For More Information

  

For the details, read Nielsen's blog post on the study or download a PDF of entire research paper.  

XMAS SHOPPING ONLINE? Don’t get sucked in by online scams

Have you ever gone shopping online and got sucked in by a scam and lost money? A scam that you should have seen coming a mile away while you were blindfolded?

It’s frustrating as all get out and can make you see red pretty quick as we all like to think we’re too smart to get sucked into these deals. But the fact is, millions of smart online shoppers get hammed with these cons every year.

Below are some of the dirty dozen online scams you should be aware of this Christmas shopping season.

Holiday Screen Savers: You’re about to download that free, lovely holiday Normal Rockwell like screen saver that features a happy family in a warm cozy house with a fire in the fireplace and all the kids next to a gorgeous Xmas tree unwrapping presents. Don’t do it. Some of them loaded with viruses and other malware, including one found by McAfee that promises to let you “fly with Santa in 3-D." Some free holiday-themed ringtones and e-cards have been known to contain malware as well.

The hotel wrong transaction scam: This is another slick piece of work. In one case a scammer sent out emails that appeared to be from a hotel, claiming that a 'wrong transaction' had been discovered on the recipient’s credit card. It then asked them to fill out an attached refund form. Oops. Don't do it.

Mobile device malware: A lot of people use their phones for shopping and research this time of year. Beware. The McAffee antivirus folks say Android phones are "most at risk," of getting a virus or some other piece of malware that will cost you headaches and maybe money. The Android (operating system) based devices are reportedly the most targeted smartphone platform for viruses and malware.

McAfee also says recent malware has been discovered that targets “QR codes,” a digital barcode that consumers might scan with their smartphone to find good deals online or just to learn about products they want to buy.

Malicious mobile apps: In addition there are mobile apps designed by scammers to steal information from your smartphone, or send out expensive text messages without your consent and to add insult to injury some dangerous apps to download are usually offered for free, and masquerade as “fun” applications, such as games. Last year some 4.6 million Android smartphone users downloaded a suspicious wallpaper app that collected and transmitted user data to a site in China. Cute, yes?

The famous phony Facebook promotions and contests: These scams feed off of our collective need to want to get something of value for nothing, forgetting that there is no free lunch – one way or another we pay for something that is "free."

But the scammers know many of us cannot resist the lure of winning some free prize or getting some great deal on a product or travel during the holidays so they sprinkle Facebook and other social media sites with these attractive lures which turnout to be connected to their scam, whatever that happens to be.

Sometimes the scam is just aimed at getting your personal information. There was one scam offering to free airline tickets but required you to fill out multiple surveys requesting personal information."

Holiday phishing scams: One common holiday phishing scam is a phony notice from UPS, saying you have a package and need to fill out an attached form to get it delivered. The form will most likely ask for personal or financial details that will go straight into the hands of the cyber scammer.

Bank phishing scams are always hot during the holiday season because consumers are spending more money and checking bank balances online more often.

Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients.

Typically, the messages appear to come from well-known and trustworthy Web sites…like your bank.

Other web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is where the scammer puts out some bait (or a lure, as they say in fishing) hoping to fool at least a few people that take the bait.

Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick you. In one typical case that went before the Federal Trade Commission (FTC), a 17-year-old boy sent out messages purporting to be from America Online that said there had been a billing problem with recipients' AOL accounts.

The perpetrator's e-mail used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers (PINs), social security numbers, banking numbers, and passwords.

This information was used for identity theft.

The FTC warns us to be very suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization's Web site to find out whether the request is legitimate.

If you suspect you have been phished, forward the e-mail to spam@uce.gov or call the FTC help line, 1-877-FTC-HELP.

And then there are numerous online gift card scams. You can protect yourself by following a few simple precautions:

~ Examine cards and packaging for signs of tampering. Don't buy a card where the coating covering the PIN number has been scratched away or the activation sticker isn't firmly affixed.

~ Spend the gift card as soon as possible. Don't put the card in a drawer for months. The longer consumers take to spend their gift cards, the more time thieves have to do it for them.

~ Beware of online exchanges and auction sites. The FTC advises against buying cards from online exchanges or auction sites because of the possibility of buying stolen cards. Instead, buy cards directly from retailers.

Find out more about online scams and how not to be taken in by them here , here , here , and here 

XMAS SHOPPING ONLINE?<BR>Don’t get sucked in by online scams | FEATURE NEWS | Sky Valley Chronicle Washington State News

Scams To Watch Out For During The Holidays

 The holiday shopping season is here, and shoppers are expected to dig deeper into their pockets.
A new survey by Accenture shows consumers will spend about $582 on average just for holiday shopping this year.
Moreover, an incredible 23% of consumers are expected to spend more than $750 on holiday gifts, increasing holiday spending from previous years.
However, this year more than 50% of consumers are switching to shop online to find discounts for holiday gifts and to avoid the madness of Black Friday bargain hunters.
But as more people shop online for discounts, cyber criminals are waiting to take advantage. Therefore, NerdWallet has listed the latest online scams for this holiday season.
1. Smartphone Scams
Because smartphones are so portable and convenient, more and more people are using their smartphones for online shopping. Lawyer, Professor at Bentley University, and Scam Expert, Steven J.J. Weisman, Esq., cautions online shoppers when using smartphones and mobile devices:
“The biggest scams that online shoppers are not aware of is the great risk presented by shopping with their mobile devices and smart phones. Tainted phony apps can be downloaded on to your mobile device or cell phone that will install keystroke logging malware programs on your devices that will steal all of the information from your smartphone including your Social Security number, your credit card number and your passwords. The combination of people often not even thinking to password protect their phones and mobile devices as well as failing to utilize security software for their phones and mobile devices puts them in great damage of identity theft.”
Many people aren’t aware of the dangers of shopping on their smartphones because we rarely hear of people’s phones being hacked, but in fact, personal and financial information is downloaded from mobile devices every day without the user’s awareness. Weisman suggests some ways to protect yourself when using your smartphones for online shopping: “Don’t download apps except from legitimate sources such as Apple’s App Store. Your smart phone and other mobile devices should be password protected with a hard to break password.  These devices should also have security software installed to protect you from viruses and malware.  This software should be constantly updated.”
2. Aid to Hurricane Sandy Victims
In the wake of Hurricane Sandy, there are now scams out there that target and take advantage of natural disasters and anything tragic in the news. If you plan to donate funds or material goods to aid Hurricane Sandy victims and rebuilding efforts, make sure you are donating to a credible charity organization. Do not click on links from unsolicited spam emails and beware of organizations with names that sound similar to reputable charities. Here are some more Hurricane Sandy scam tips from the Herald-Dispatch.
3. Unsolicited Emails
Don’t click on links or open attachments in emails from people that you don’t recognize. Scammers often send phishing emails to steal your personal information or hack into your computer especially during the holidays when people are looking for shopping deals. According to Derek Manky, Senior Security Strategist at Fortinet, “Spammers and scammers love the holidays, because they know a large number of people on the Web during that time have their wallet open and are looking for bargains. And while it may be really tempting to click on an email link that says, ‘Great Deal on iPads… 50% off!’ be careful! By clicking on that link, you could be taken to a compromised Website that downloads malware onto your computer.”
There are all kinds of different malware attacks that can result from unsolicited phishing emails. “That malware can then be used to capture your computer key strokes, download additional malware, such as fake antivirus applications, or simply turn your computer into a spam generator,” says Manky. The Security Strategist also offers suggestions on what to do if you see unsolicited emails in your mailbox: “If the deal looks too good to be true, it probably is. But if you’re still tempted to click on that link, place your cursor over the link (without clicking on it) and check the URL where you would be directed had you clicked on it. If you don’t recognize the URL, stay far away.” Also, avoid emails with suspicious attachments or emails that ask you to update your account information or change your password because your personal information may get compromised.
4. Social Media Scams
Droves of people are now connected via social media and constantly sharing daily life updates and popular links on Facebook and Twitter and more. Scammers exploit social media to spread bogus promotions that often require clickers to fill out online surveys to steal their personal information. Executive Director of the Identity Theft Council and CEO of My Security Plan, Neal O’Farrell discusses how scammers use social media to their advantage. “Facebook is very popular with scammers, and the scams range from infected links to click and like-jacking (where the thieves generate advertising revenue from “likes” of bogus pages), to fake coupons, competitions, and sweepstakes. If you’re surfing for deals, consider using one of the many free safe surfing tools, like McAfee Site Advisor, that will tell you if a site is suspicious before you click on it.”
Andrew Schrage, co-owner of Money Crashers Personal Finance, emphasizes how common social media scams can be. “One of the latest scams involves social media. Be wary of any suspicious links you see on your Facebook feed or Twitter account, even if they have been posted by one of your friends. You could end up at a website that downloads spyware onto your computer to steal your personal information.”
If you see your friends sharing suspicious spam links, don’t click on the links but tell your friends that their social media account has been hacked so that they can take action to fix their account.
5. Craigslist Scams
Craigslist continues to be a popular online venue for finding unexpected deals on anything from appliances and furniture to cars and concert tickets. But Schrage from Money Crashers warns that Craigslist scams are abundant. “If you agree to buy something from a Craigslist seller, only pick it up in person – do not pay to have it shipped. Be sure to meet in a brightly lit public place, and take a friend along if possible. People have been robbed and even physically injured during Craigslist transactions that go bad.” Also, if you conduct your transaction in person, bring a strong friend so you don’t meet the seller alone and don’t even buy the item if the deal sounds like too good of a bargain.
There are many more nefarious scams out there that target people online during the holiday season but just remember to always be cautious of what you’re doing online can save your personal information and your money from falling into the wrong hands.
6. Unsecure Wi-Fi Hotspots
Scammers know that tablet and smartphone shopping is on the rise and, in turn, take advantage of gadget users. Manky from Fortinet underscores the consequences of using unsecured Wi-Fi hotpots in a jam: “If you’re a holiday shopper who likes to augment online shopping with actual store browsing and like toting your notebook along for the ride so you can do quick price comparisons, do not connect to an unknown unsecure hotspot. An unsecure hotspot allows hackers to capture any and all data that’s flowing to and from the hotspot, enabling them to intercept logins and passwords, email messages, attached documents and other personal and confidential information.” If you can’t help but jump online while shopping, go to familiar places that offer secure Wi-Fi connections. When you’re connected to a public unsecured Wi-Fi connection, never log into email or social networks or any personal accounts because any of your private data, passwords, or account information could be saved and accessed by any hacker who knows how to take advantage of it.
7. Untrustworthy Search Engine Results
Hackers know that the search terms “black friday” and “black friday deals” get millions of searches during the weeks prior to Black Friday. Search Engine Optimization (SEO) attacks will be common especially during the holidays when cybercriminals game the ranking algorithm of search engines like Bing or Google to drive their virus-ridden websites to the front page of key word search lists for popular holiday search terms. Clicking on these links could take unsuspecting deal-seeking shoppers to malicious websites that immediately compromise your computer and steal personal information. When you’re looking for Black Friday deals, be incredibly cautious and don’t click on suspicious URLs even if top search engines display them as the top results. Hover over hyperlinks with your cursor to see if the link directs you to a website that is not what you searched for. Also, if the text preview of the search result is just a list of keywords and not full sentences, the search result will probably lead you to a malware site that you should definitely avoid.
8. Unknown Coupon Websites
Lots of scams target Black Friday and Cyber Monday shoppers who get lured in by phony coupons that don’t work or lead you to fake websites that just steal your credit card and personal information. These coupon websites that provide these fake coupons only want to steal your identity or surreptitiously install malware on your computer. To avoid unknown coupon websites, don’t fall for unbelievable coupons for hot holiday products like iPad’s and Wii U’s. Do some research to make sure the coupon website is credible, legitimate and not compromised by server attacks. Always maintain up-to-date Anti-Virus protection on all your computers to block any viruses or malware from attacking your computer and compromising your personal information. The FBI provides valuable tips to protect your computer, which includes installing a firewall, turning your computer off when not in use, and frequently updating your Antivirus and Antispyware software.
9. Bogus Email Receipts
When you shop online, every online store big and small sends customers receipts via email soon after your purchase, but beware of fake email receipts for things you never ordered. O’Farrell, Executive Director of the Identity Theft Council, warns “this is the easiest scam of all. The scammers send you a bogus receipt by email, maybe waiting for the busiest shopping days, for some large purchase you never made. In panic, you open the attached receipt only to find the gift in question is either a piece of malware that takes over your computer, or a link to a phishing web site that tries to steal your personal information.” Make sure you keep track of your purchases so you can immediately delete the bogus email receipts.
10. Gift Card Scams
Giving gift cards as holiday presents is growing in popularity to give to people who are hard to shop for so they can choose something they want. However, gift cards are extremely easy to tamper with since they are just a string of numbers with no identifying name attached to them. In stores, scammers take gift cards off the racks, copy down the gift card numbers and PIN numbers, then replace the gift cards back on the racks. Once they have stolen all the gift card data, the thieves check the gift card balances online or by phone. Once they discover that the gift card was activated, they spend the balance online and steal your money that you intended to gift to someone. When buying a gift card, always check that the gift card was not tampered with and that the protection coating over the PIN number is not scratched off. Also, avoid buying discounted gift cards at online auction sites since those gift cards are probably stolen or fraudulent.
Also, beware of smishing where scammers send you fake SMS texts to try to trick you to claim a desirable prize. Don’t be fooled by texts, emails, or phone calls that you’ve won a gift card in a high dollar amount from a big name store like Best Buy or Walmart. Often, these scams are after your personal information and require you to send money to claim your prize or to divulge your credit card number to remove you from their contact list.
Whether you are shopping for that perfect gift for your beloved or selling products to holiday shoppers, stay vigilant about scammers and never let your guard down online when it comes down to where your money and personal information goes. Be skeptical of everything that sounds too good to be true like free iPad deals or 80% off your entire order. It’s your money and your identity so be especially paranoid about cyber security while shopping online, especially during the holiday shopping season.

Watch Out For Scams During The Holidays - Business Insider

Real estate scams and scallywags

I’ve been “working” with an “all-cash,” “foreign buyer” who plans to buy a home sight-unseen and close in a month. He’s provided a Bank of China statement in “U.S. dollars” showing a balance of $1,154,051.
By coincidence, a month prior I’d closed a home for an “all-cash,” “Chinese buyer.” They were totally unconnected – but with small excuse, I was ripe to buy into this email for a few days.
After a few exchanges, instinct said something’s amiss, but I had no idea. Then I simply typed into the Google search line: “Han Hung Beijing China.” *
The first –very first – result at the top of the Google page? “Real Estate Scam Warning,” a blog on Homestead Title Company’s website out of Madison, Wis.
As I read through many stories from contributors across the country, several quoted the exact words of “Mr. H’s” email to me.
But the most poignant stories were homeowners’ heartbreaking stories of packing up and waiting to move. “It took a great deal of joy from our lives,” wrote one.
And I had just sent off an “Offer to Purchase” for Mr. H. to sign! Fortunately, I’d not made any contact with the listing broker.
(It’s barely OK to embarrass oneself to Beacon readers for the sake of educating, but had I encouraged sellers that they might after two years be getting an offer? – that would have been an unforgivable judgment lapse.)
Here’s how this scam potentially works, but it’s so dumb that the number of successful rip-offs must be few, but lucrative:
A crime partner in the United States sends a cashiers check to “an attorney you set up for escrow.” (Bogus, but apparently an excellent forgery.) Then, “Oops! Sent too much. Please wire $10,000 back to foreign account.”
(This is not the quality of attorney I employ, so the financial part of the rip-off is loss from an attorney, not the homeowner.)
I had already told Mr. H that if we got to mutual agreement, then he’d need to wire his Earnest Money to escrow – standard procedure.
Now I was sure I wouldn’t hear from him again for I was clearly no idiot; certainly he’d recognize that.
Undaunted, Mr. H sent back the signed offer. “Please retain a lawyer for me so that my stock broker can send the funds directly to him to keep in a trust account until I arrive in USA with my wife.
“Kindly get back to me with a candid response, as I plan to be in USA soon.” This is the stage I’m at, ball in my court. I want to play along. I want to get his phony check. I want to report him to the FBI., FTC, and the JERK commission.
But this is an untraceable crime/hook. Other than to alert readers here, any action would be ineffective. The biggest lesson to underscore here:
This age of Endlessly Creative Internet Scams is only mirrored by Endlessly Instant Internet Answers! Webster’s online dictionary defines this generation’s newly coined word, “google” – as a verb.
So google it!
*The criminals initiating these emails could well be “Schmedley Jones” of Scranton, Penn. In this ongoing scam (since 2010) the authors purport to be Canadian, Japanese – any foreigner. “Mr. Hung” was the name used by this scammer; the Chinese are probably getting scammed by the American guy, Schmedley.
Note: Part 2 on HOAs will be in December’s Beacon.
Elizabeth Erickson is owner and designated broker of Gallery Homes Real Estate. Contact her at erickson@galleryhomesre.com or at the office: 425-212-4300 or direct: 425-508-1405, or go to www.galleryhomesre.com.

Real estate scams and scallywags - By Elizabeth Erickson - Mukilteo, WA - MukilteoBeacon.com

Scam Alert -- Job Hunting? Hit Delete on This Fake Job Offer

Secret Shopper Job Offer Promises Easy Cash ... But Delivers a Scam November 8, 2012

Love to shop? Need extra money? Securing a part time job as a secret shopper may sound like an ideal way to supplement your income. But watch out for a detailed scam job offer that lures victims into parting with thousands of dollars. How the Scam Works: You receive a blast email informing you that you've been offered a job as a secret shopper. The email provides detailed, realistic instructions on how to conduct your secret evaluations. It even provides your first assignments: reporting on your neighborhood's Wal-Mart and Western Union. Sounds easy enough!   To get started, the email urges you to reply and confirm your mailing address. After doing this, you will receive in the mail an informational packet, which contains a fake check. This check supposedly covers your $300 payment and contains money to spend on your investigations.   The instructions tell you to deposit the check and subtract your fee. Then, use the rest to "evaluate" Western Union by sending three $950 money orders. Of course, a few days later, the bank will reject the check and delete the advanced funds from your account. You'll be out the more than $2,500 that you wired to the scammers.    As this scam gains more publicity, scammers will likely alter the exact stores and amounts featured. However, the central scam (depositing a fake check and wiring money before it clears) will remain the same.   I Was the Target of This Scam. What Should I Do?     Help law enforcement track the scammers by reporting it to the following agencies: The Federal Trade Commission. Visit ftc.gov or call 1-877-FTC-HELP (1-877-382-4357). The U.S. Postal Inspection Service. Visit www.usps.gov/websites/depart/inspect or call your local post office.  Your state or local consumer protection agencies. Visit www.naag.org For More Information    For tips on avoiding the secret shopper scam and other fake check scams, check out this information on the FTC's website. The FTC provides detailed information about who's responsible for what in a check fraud case. To find out more about scams, check out the new BBB Scam Stopper.

Protect yourself from 'smishing' scams

"We've cautioned against phishing emails that trick you to reveal your personal information. But now scammers have figured out how to lure you on your cellphone,” said Kim Kleman, editor and chief of Consumer Reports.

It's called smishing, and it involves a fake text from a major retailer offering gift cards or other items in exchange for registering.
The goal is to grab your information.

Protect yourself from 'smishing' scams :: WRAL.com

Hackers Already Blasting Windows 8 With Phishing, Fake AV Scams

Less than one week after the official rollout of Microsoft (NSDQ:MSFT)'s new Windows 8 operating system, the attempted exploits by hackers have already begun.
According to a blog post from Trend Micro, at least two separate exploits are already in operation. One involves fake antivirus while the other is a phishing attempt that offers users a free Windows 8 upgrade after filling in all the required fields that provide exploitable details.
"It just confirms that the bad guys will use the news to effectively perpetrate a crime," said Jon Clay, security technologist at Trend Micro, in an interview with CRN. "They've turned around the fake AV presence very quickly. Their use of Windows 8 security pop-ups in their fake AV scams shows how quickly they can utilize the latest news in perpetrating crime."

As is the case with most fake AV exploit attempts, a pop-up window warns about infections while stressing the dangers associated with the malware that the machine has allegedly downloaded. The look and feel of the interface is highly consistent with Windows 8, thereby further contributing to its credibility. The purported virus removal requires a software purchase via credit card, at which point the thieves install additional malware and also have the user's credit card number for criminal use.
"The fake AV connects to a C&C server, which we are blocking," Clay said. "If that occurs, they are likely to get infected with other code and their machine could be turned into a bot. So they're going to want to clean up that infection, if they have it, as quickly as possible."
It is important to note that this attack runs on a variety of different Windows OS platforms, not just Windows 8. So a major clue involves Windows 8 security pop-ups on machines that are not running Windows 8.
"We are also starting to see the phishing attempts leverage Windows 8, as well," added Clay. "One of the scams involves an email that offers a free copy of Windows 8 in exchange for personal information such as email addresses, passwords and user names that they can use in a variety of different ways. They make it look very real to the user."
Clay recommends that users exercise caution when clicking on links or visiting Web pages, particularly those that are offering free products or services. "These guys really know what they're doing," he added. "They do everything they can to instill a sense of emergency or a sense of opportunity that will make you accidentally open your computer to them."


Hackers Already Blasting Windows 8 With Phishing, Fake AV Scams