Protecting yourself from online frauds and scams

January 29 2012 by Ellen Roseman

This month, I wrote columns about two of the best known scams. And as usual, I heard from other people who fell for these scams — or came close to falling for them.

When it comes to online sales pitches, extreme skepticism is required. If you don’t see the people involved, why should you trust anything they say?

The first fraud I wrote about usually starts with a phone call. Someone who works for Microsoft says your system is in danger of crashing and can be fixed if you give the person remote access to your computer.

This scam has gone viral, says the Canadian Anti-Fraud Centre, and the dramatic increase means the scam is working.

I’m rarely at home, but I got one of these “Microsoft” calls the very same day my article appeared. I just laughed and hung up.

The second fraud usually starts with an email. Your friends or family members are in a jam in a foreign country and need you to send money right away to get home. If you fall for the emergency scam, as it’s called, you wire funds by Western Union or MoneyGram to a fraudster and never get it back again.

There are other traps for the unwary. Just last week, I heard from someone who ordered tickets online and fell into the hands of a reseller, who charged many times more than the box office rate. I also heard from someone who was buying a computer on Craigslist and fell for the overpayment scam.

Reading the fine print is always tricky — and even more so when the terms and conditions appear online in the midst of a transaction you hope to complete quickly. There’s a temptation to click “I agree” without thinking.

You have to pay attention to your computer, network and browsing. Do you have anti-virus software that is up to date? Do you have a firewall? Are your passwords strong enough and changed often enough? Can you verify that an email from someone you know actually comes from someone you know?

Canada has no anti-spam law yet, unlike other countries, despite watching the problem develop for years. A federal law was passed in late 2010, Bill C-28, and draft regulations are being circulated for comment. But it’s not in force yet.

Meanwhile, spam is moving to new platforms, such as social networking sites, says a report by the Public Interest Advocacy Group. What’s better than a product or service that comes highly recommended by a Facebook friend?

“A significant number of Canadians are ignorant of the risk posed by spam, even those who consider themselves savvy computer and Internet users,” says PIAC.

“Consumers appear aware vaguely of their role in spam propagation and perhaps in denial regarding it.”

You may say, “But I’m not a techie,” when told you have a role in blocking fraudulent messages and fighting off services you don’t want. That’s not a good excuse.

If you use a computer, you have to to keep yourself — and your friends and family — safe from harm. This means you become a techie and shore up your defenses against fraud. You also question everything you see online and take nothing on faith.

There are many shysters lurking online trying to part you with your money, preying on your deepest fears and using every trick in the book to gain your trust.

Check out a few cautionary stories below.

21 comments

  1. HH

    Jan 29 2012

    I recently decided to purchase tickets to a show in Toronto and take my mother as a Christmas gift.

    Having never bought tickets online, I googled the show’s name (War Horse) and tickets.

    I got to two sites and was shocked to see how expensive the tickets were (the cheapest were $223). I checked another site (Prince of Wales Theatre) and found the price was comparable.

    The website I was on, Ticketliquidator.com, said the show was almost sold out and for almost every day I chose, they only had 2 tickets left.

    I decided to buy the tickets as a gift for my mother. There were a few added costs, such as a $41 per ticket \service fee\ and a fee of $15 for delivery.

    Somewhere on the site, it said that I agreed that the funds were in US dollars. I didn’t see that at the time.

    I just got my VISA bill and the total came to $643.57 CND.
    Then I went online and saw tickets in the row I am in for $49 CND at Ticketking (official ticket agency for the Mirvish theatres).

    I was shocked and sick. I played around on that site and found lots of tickets ffor sale. I could get the best seats in the house for $150 each.

    My seats at Ticketking were $49 each, and even with the added costs, they would be $108.50. So I have paid 6 times as much for the worst seats in the house.

    I called Ticketliquidator.com (Kangaroo Entertainment) and spoke with agent \Lee.\ I queried the price difference between the tickets and was told that I should have read all the information. I had purchased the tickets so it was my problem.

    He went on to tell me that, yes, they bought huge blocks of tickets, and sold them for whatever price they wanted.

    I asked if they bought all the tickets to create the illusion the show was sold out and then inflated the price.
    He said that was legal and I should be aware when shopping.

    I called Mirvish.com and spoke with an agent there. He confirmed the seats I purchased were valued at $49 each and was horrified by the price I paid.

    I told them I had found Ticketliquidators through a Google search under Prince Of Wales Theatre. The agent at Mirvish suggested that this site could have been a fake site.

    I finally spoke with Michael, manager of Kangaroo Promotions in Toronto, who said Ticket Liquidator had billed me and not his company.

    But Ticket Liquidator said Kangaroo Promotions had billed me. It says Kangaroo on my Visa bill.

    I called Michael again. He was not very pleasant when I said I had paid $643 for two $49 tickets and said I should have bought them from Mirvish in the first place.

    He said he would not refund my money and that if I pursued this with the media or the police, I would just embarrass myself.

    I am very distressed and want to pass the word around, so that others are not gouged as I have been.

    The joy of the theatre trip has gone. I feel angry and abused by this system of online ticket buying.

  2. JM

    Jan 29 2012

    In the past week, I’ve had my eyes opened to some of the worst experiences I can imagine.

    I wanted to buy a Macbook pro 17 model, so I went on Craigslist and found what I thought was a good deal. The seller claimed to be in the military in Cold Lake, Alberta.

    In order to complete the deal, I was required to send a Moneygram to an agent for a company called Escrowpay in the UK. Once the agent received the funds and verified them, he would then release the product to be shipped to me.

    All good so far…

    The agent that received the money had a mysterious and serious accident, so they claimed the funds were locked and the only option was for me to send another Moneygram for the same amount to a different agent.

    They would then send me the product. with a refund that had an additional 10% as an inconvenience payment.

    I made a mistake and misspelled the agent’s name, so there was some confusion over the transaction reference number.

    I returned to the Moneygram location to cancel the transfer, correct my mistake and resend the funds — only to find out that the money had been accepted.

    Escrowpay denies having received the second transfer. Their solution was for me to send a third payment, with the promise of the same refund amount.

    I refused to carry on with the transaction at that point, not wanting to dig myself in any deeper.

    Escrowpay has said they will refund my original deposit in 72 working days, but I am doubtful they will. They haven’t replied to emails and have never provided a phone number to contact when asked.

    So, I’m out a bunch of money due to some kind of collusion between the seller, Escrowpay and possibly Moneygram.

    I have contacted Moneygram and they have started an investigation. They said the money could not have been received if the name was spelled incorrectly (since two pieces of ID are required).

    I feel embarrassed and cheated.

  3. DF

    Jan 29 2012

    Stupidly, I was caught in the computer virus scam in November. He said he was with Microsoft and that I had a deadly virus.

    Fortunately, it only cost me $120 and PayPal got me back a refund of $72.

    It took several hours for them to do whatever they were doing. They kept calling me and telling me not to touch my computer because they weren’t finished.

    I sure learned my lesson and won’t be so naïve again.

    I’ve also had two emails from people saying they had lost their wallets while in Spain and England and could I send them enough money to get home. That one I didn’t fall for.

  4. RR

    Jan 29 2012

    Thank you for the column, but you are a day too late.

    I got one of these calls and being home alone, it was enough to frighten me into purchasing a $139 antivirus program from a group called PC Geeks.

    Without going into a long story, I contacted them to cancel today and they told me that the $139 would be credited to my credit card account within two days. I will wait patiently for the refund.

    Other than that, I am taking my hard drive to a local technician who has provided fantastic support service for about 6 years now. In return, I have purchased computers from him, paying a little more than I would from the big box stores.

    When I spoke to him today, he offered to look into the computer to see if anything dangerous has been added.

    I should add that I checked out PC Geeks on the internet and they appear to be a legitimate group based in Ohio.

    In any case, a supervisor called me (very unusual) to try to reassure me, but I told him that I had been lied to by his frontline marketers and that I could upgrade my current software for about $50 if I needed to.

  5. RC

    Jan 29 2012

    Oh dear, here we go again. Why won’t people learn at least elementary computer hygiene? Neglect is so costly and so frustrating.

    An aside: I’ve had the call you described. I also knew about the scam weeks ago.

    Microsoft and the various security businesses try to publicize these things as they catch them. And various geeky newsletters pick them up and pass them on.

    I would very strongly recommend the Infopackets Newsletter (www.infopackets.com), which publishes a user-oriented computer email newsletter daily. Subscription
    is free for the asking.

    Dennis Faas, the owner and CEO, and his wife live in Windsor, Ont., with the bulk of the contributors in southern Ontario.

    Each day, they have two new stories culled from the world press and rewritten, and very often they deal with malware. I believe that you would find them very useful, and they need all the eyeballs they can capture. I strongly suggest you take a look.

    For instance, the other and worse plague is scareware and ransomware. In the case of scareware, a popup suddenly appears on your screen and notifies you that your computer is crawling with viruses.

    If you click on the embedded link and buy the “XP Anti-Virus 2012,” the pop-up will go away. Otherwise it won’t – even shutting off your computer and restarting won’t make it go away.

    Ransomeware is even cruder. A notice suddenly appears on your computer, saying your computer has been observed looking at a suspected terrorist (or something equally dodgy) and you must pay a penalty to the Federal
    Investigation Bureau (or similar fictitious but ominous sounding name) to have your computer released.

    The payment is demanded on the spot; no one has managed to trace where the drop box is yet.

    At any rate your bank account is immediately debited (or credit card charged) but nothing happens. The pop-up is stuck there and won’t go away, no matter what you try to do.

    My wife did get caught with the “XP Anti-Virus” pop-up a few months ago; I did manage to cure it, but more by good luck than good judgment.

    But rule number one is don’t pay the ransom – which likely won’t get you unblocked anyway.

    These scams can get through firewalls, deceive anti-viruses, disable your ability to download defensive software and otherwise make themselves unkillable. But they can be dealt with.

    Of course, you can always call in a computer store tech (at an outrageous hourly rate for a lot of hours), who may eventually figure out, at your expense, how to deal with it.

    Or he will simply revert to the standard alibi – can’t be dealt with, you have to reformat and reinstall your
    operating system. He may or may not mention this will destroy all the files and information on your computer.

    Or you can get help.All the big security outfits – http://www.norton.com, http://www.mcafee.com, http://www.trendmicro.com and such – make their information freely available.

    They try to know every piece of malware going and how to handle it. Other like http://www.secunia.com or http://www.bleepingcomputer.com also offer instructions.

    They will tell you what has attacked you and how to get rid of it, and hope afterwards you’ll be impressed enough to
    buy their product. It can be done.

    For the record, it’s easy and free to arm yourself against these onslaughts.

    Microsoft gives away Windows Security Essentials free and it is one of the better anti-virus tools.

    They also are introducing Microsoft Windows Defender Offline Beta to deal with rootkits, an especially nasty and difficult attack to counter.

    Superb antivirus programs can be had free from Avira, Avast, AVG (Grisoft) and a goodly number of others.

    Malware may need different treatment; having Malwarebytes, Super Anti-Spyware, Threatfire, Ad-aware or any number of others installed, even if they are not running continually (as most free versions don’t), can be helpful.

    If they are already there, it is much harder for malware
    to block them and they can be run from safe mode before the malware has a chance to insert the block.

    For the very best free anti-virus and anti-malware programs, with good professional descriptions and safe download links, I have yet to find any site as good as http://www.techsupportalert.com.

    It has everything you could possibly want, categorized and comparatively rated.

    For more general information, advice sites like http://www.askleo.com or http://www.askbobrankin.com, can be helpful.

    If a few hours’ wait can be tolerated, the forum run by the free/paid newsletter http://www.windowssecrets.com has a huge base of helpful fellow users and many well-qualified professionals.

    The forum at http://www.neatnettricks,com has far fewer but they’re more patient and even friendlier.

    Sorry, Ellen, I know this is horribly long, but it’s really the minimum in the way of suggestions that need to be passed on to someone who’s got bit, or hasn’t got bit yet but will be.

    I have to say that my wife got hit, despite having just about every defense known to man.

  6. Bob

    Jan 29 2012

    Well, I was one of many that fell for it. At that time, I was caught off guard with family health issues and didn’t hand up.

    They got into my PC and, according to my IT provider where I dropped off my PC, things had to be cleaned out of it that they put in.

    It’s high pressure sales with lies. Their call came from a European exchange. They had East Indian accents, but used Anglo names. Their website is out of California and they are based in Delhi.

    They are known business-wise, according to their website, as PC Geeks.

    I called their 1-866 number and didn’t get much response. So put it in hands of Visa and hopefully will get my money back.

    Here’s what their tech said was wrong:

    1. performance – 20%
    2. graph.
    3. trojan bug-1033.
    4. risk-91%
    5. windows corrupted-81%
    6. total critical errors-2486
    7. PC health critical
    8. too many services
    9. warnings
    10. total condition-critical

    I quickly took my computer to where I got it and had it cleaned up.

  7. AC

    Jan 29 2012

    Man, was I glad to read your column about the computer virus scam. I have been plagued by these calls for about a year now.

    I have never doubted for a second that it was suspicious and have never given out information.

    Sometimes I have hung up immediately; other times I’ve let them jabber on; and sometimes I’ve even questioned the caller endlessly.

    I told them I’d switched to a Mac. I tried to ask to be on a do-not-call list.

    Your column was so timely, as it came on the heels of yet another call received just last week, which got my husband and me talking about it again.

    And no kidding, they called me again JUST NOW (and I hung up right away), which prompted me to grab yesterday’s Star out of the recycling bin and sit down to email you.

    I was truly so relieved to read your column. Thank goodness that: (1) I’m not alone in getting these calls and (2) my instincts were right that it was fishy.

    I am so glad to know the fraud people are on top of it and I appreciated the tips.

    When do you think the calls will stop coming, if ever???? (We don’t have call display, so I do get caught answering the phone.)

    I hope you are right that stepped up enforcement in 2012 will bring about an end.

  8. AM

    Jan 29 2012

    Ellen, I wish you had written this column a month before.

    Early December, I received a call I was told was from Microsoft about viruses. I went along with questions for a bit, then I was quoted prices for virus protection of $200 up to $500 for one to five years.

    I would not give them any more time, but then my computer crashed. Later, with the aid of a friend, we went into Help, System Restore Wizard and got back the system as it was before the call.

    I had made a note of a phone number that had appeared on the screen, a 315 number we traced to Liverpool, New York State.

    I have upgraded security and also paid to have XP service pack 2, upgraded XP service pack 3, which Vista and Windows 3 have.

    Apparently, my XP computer is considered to be OLD and I was not receiving Microsoft upgrades.

    We contacted our bank and had all trading and savings accounts changed. We changed passwords and cancelled credit cards.

    I will be more careful in the future about taking incoming calls.

  9. DL

    Jan 29 2012

    Your article on the computer virus scam was unsettlingly familiar.

    I received such calls on two different occasions in 2011, warning me that my computer (barely a year old at the time of the first call) was going to crash at any moment due to malicious software.

    Just as you describe, the caller had me open Windows Event Viewer, showing a long list of errors, some critical.

    He then had me run http://www.ammyy.com so that they could remotely control my computer and cleanse it of the offending software.

    What is disturbing is that while in ammyy, they had access to my computer for hours at a time. (They told me to leave the computer while they did their work.)

    After the first call, they offered their continued services for $173, which I accepted. I now have a “Repair Zone” shortcut icon on my desktop.

    I also found a receipt in my email for some $400 from something called, “Turner Web Enterprises,” which I had never heard of.

    Fortunately, my credit card company (CIBC Visa) called to confirm this and two other transactions I had no knowledge of.

    Long story short, the two other transactions were cancelled immediately and the $400 one put through as a fraud complaint — all resolved in my favour and I was issued a new credit card number.

    Finally, I found Malwarebytes Antimalware installed on my computer.

    After the second call, I found I had IObit Freeware Virus protection installed on my computer.

    They gave me a phone number (which I can’t find now). It wasn’t one of those in your article, but it did have a 5** (California) area code. They did claim to be calling on behalf of Windows.

    Also in 2011, I received repeated calls (likely from the same people, I’m not sure), wanting to refund money to me I sent them in error in September.

    I assured them that the matter had been resolved with my credit card company, but the calls didn’t stop.

    The last time, they set up a transaction, first via Western Union, which didn’t work, then through PayPal, which they said would do this refund.

    However, the way the transaction was set up, I was sending money to India, not receiving it.

    I tried to explain this to them, but they either didn’t understand or ignored me.

    At the first opportunity, I filed a “stop payment” with my bank (the funds for this transaction were taken from my bank account) and a dispute with PayPal. Again, all resolved in my favour.

    I’m not sure what to think. The software downloaded seems legit and I have had no problems with my computer since the two calls I’ve told you about. Was I a victim of the virus scam?

  10. GB

    Jan 29 2012

    I was reading your article about the computer virus scam when I received a call from California E T Protection http://www.etpotection.com saying exactly what you mentioned.

    Over the holidays, I was hit by a virus myself that disabled my computer. Luckily, the technician was able to recover most of the files.

    The virus was coming from UPS, saying that I had a package to pick up at my nearest UPS store and that I had to print the attached label to present at the UPS store.

    Since I could not open the attachment, I called UPS. They told me not to open it because it was a virus. Too late for me… but if you write about this, it will help more people.

  11. BS

    Jan 29 2012

    I too have been a victim of this software scam, identifying themselves as Microsoft employees, in December.

    I am knowledgeable with regards to computers and the scam artists that are out there; however, I was caught at a very ‘weak’ moment. Did they know my brother just passed?

    I was scammed by the initial caller “Kevin,” who did get access to my computer and ‘sold’ me on Windows Essential Services for a 5 year contract for $139.

    However, what was installed on my system was a “FREE” anti-virus software from Advanced System Care.

    Payment was sent via PayPal to a merchant called Keshow Prasad Shaw; greatmediainfotech@gmail.com; http://www.escaladesoftsecurity.com; +91 9830620701. Receipt number 5604-7264-3465-4413 had under description “service”.

    Immediately I contacted VISA to dispute the charges and contacted Advanced System Care “iobit.com” to advise them that their ‘free’ product was being ‘sold’ by fraudsters under the auspices of Microsoft.

    In the meantime, I replied to the greatmediainfotech.com receipt asking for the “key” to unlock the software for the 5 year term, hoping this would prompt someone contacting me.

    Surprisingly and almost immediately, Kevin called me to clarify that there was no key required.

    It was during this call that I outed him, demanding a refund to my Visa. He agreed and said he had to receive approval from the finance department.

    A couple of days later, he called to say that the finance department gave their approval and to expect a full credit within the next 3 to 5 days… Could I please confirm the following numbers, being my Visa number.

    The next day, I receive an emailed statement from a firm in the United States thanking me for my purchase on site ‘softpctech.com’ and the purchase will appear as pc-help247 in the amount of $139 US.

    Flabbergasted, I called the number to dispute the charge. Immediately, I get the manager who says he’s the owner who yells and curses me about giving out my credit card number, and that’s what I get and deserve.

    I called VISA again and, doing what I should have done initially, cancelled the card altogether.

    Sent an email to softpctect.com, stating the transaction was unauthorized and they never had permission to charge that card. I received my credit immediately.

    On another note, this receipt had my name and address but someone else’s phone number.

    I called that person and spoke to an older woman, 100 miles north of Vancouver, who was also scammed by Kevin. She went as far as making a payment directly from her bank, but her bank stopped the transaction immediately.

    However, she continues to receive harassing phone calls from Kevin for payment for the so-called product.

    I am pleased to report that the initial charge has now been removed from my Visa as well, dated the same day as the debit, so to me it looks like Visa reversed it, not the vendor.

    Another valuable lesson learned, costing me $7 in US dollar cost difference, plus an insurmountable amount of time that I didn’t have, stress and my pride.

    A happy ending to an unfortunate, time wasting, stressful adventure.

  12. GD

    Jan 29 2012

    I read your story about the woman who was victimized by a Spanish email scam. I had a similar experience.

    Early this month, I got a peculiar text message from a good friend asking where I was. I wrote back and simply said that I was at work.

    But then, both my cell phone and my work phone started ringing off the hook – and that was when I realized that my accounts had been hacked.

    It turns out that it was a Facebook scam, where they hacked into my account and extracted everyone’s email addresses using a contact importer.

    They proceeded to change the primary email address on the account to their created Ymail account, but still using the same user name so that I wouldn’t notice.

    They then hacked into my Gmail account and emailed EVERYONE (old and new contacts) to tell them I was on vacation with my family in the UK. I had been robbed at knife point and I needed money.

    Because I travel quite often, there were a lot of people who thought I was away.

    The perpetrators then set up filters in my email so that all incoming mail would be sent to the new Ymail account.

    Then they deleted everything in my Gmail account, all while I was still signed in to Gmail.

    I also saw that they tried to get into my eBay account, but I caught it before they could.

    I was quite fortunate to be on my computer at the time and I had read about this sort of scam before, so I knew what was happening and what I needed to do to regain control of all of my accounts.

    I was quite surprised that this had happened to me, as I do keep my computer up to date with all the software that is supposed to protect me from these kinds of malicious acts.

    I also had a very strong password.

    Either way, I was quite impressed with the Google Team in helping me restore all of my emails in such a timely manner.

    So, with that, I just wanted to say thank you for the article because I think that without articles like these, people would not be aware of the scams that are happening.

  13. HD

    Jan 29 2012

    The same scam was tried on me, except that my friend was supposed to be in Edinburgh, Scotland.

    The money was to be remitted to an Edinburgh address, which per Google is a Western Union store.

    I immediately assumed it was a scam.

    The Edinburgh Constabulary took the time to explain to me that once money is remitted and a Western Union transaction number is provided, the funds can be diverted to ANY Western Union office in the world (and, of course, not to any location in Edinburgh).

    Moreover, they have discovered that this is normally a
    location in Nigeria – surprise!

    Our inventive Nigerian friends continue to find ingenious ways to fleece gullible internet sheep.

  14. MM

    Jan 29 2012

    When I read your report in The Star, I wanted to let you know that I, another Toronto writer, was hacked on January 17th.

    The same letter was sent out to my 800 contacts, but I don’t think anyone sent money. I did get some calls asking if I were in Spain. All my contacts were taken too, but Yahoo managed to restore them.

    At the same time, my Twitter account was hacked and I can’t get access to the 1,200 people I was following.

    I just went into my PayPal account, changed the passwords and removed the credit card information, at least for now. This is one reason I don’t do online banking.

    Now I have a notice that my Skype account is compromised.

  15. Brad Ferris

    Jan 29 2012

    I hate those microsoft calls. I ask them to wait so I can go turn on the computer and then come back in 10 minutes…usually they’ve hung up themselves, haha.

  16. Susan

    Jan 31 2012

    When I got the dreaded Microsoft call, I simply told them I didn’t have a computer, and the calls have stopped!

  17. Stan

    Feb 11 2012

    I am so glad I read this post. I was also buying a Macbook and it was from a guy in the military in Alberta. Same method of payment, Escrowpay. The deal amazing and I thought it was too good to be true. But he gave me the serial number and everything checked out.

  18. TRUTH EXPOSED WATER HEATER RENTAL INDUSTRY

    Feb 27 2012

    TRUTH EXPOSED WATER HEATER RENTAL INDUSTRY:

    http://waterheaterrentals.blogspot.com/

    ANY QUESTIONS OR CONCERNS, EMAIL WATER HEATER HERO AT WATERHEATERHERO@GMAIL.COM

  19. CanadianInvestor

    Feb 27 2012

    Here’s another scam – you’re selling a used car and someone contacts you by email, saying they will accept the price sight unseen and can only pay by Paypal, after which they will send their agent to pick up the car.

    Sounds a bit smelly, huh?