2. Fraud Awareness
Yogi Schulz
Biography
Partner in Corvelle Consulting
Information technology related management
consulting
Microsoft Canada columnist & CBC Radio host
PPDM Association board member
Industry presenter:
– Project World - 6 years
– CIPS Informatics - 7 years
– PMI - Information Systems SIG - 2 years
– PPDM Association - several years
2
4. Fraud Awareness
Nigerian Scam
4
Sweet; some guy
in Nigeria
has $2 billion
he wants to
transfer to my
bank account.
All I have to do
is provide
him with my
personal banking
information!
9. Fraud Awareness
Learning
Objectives
Increase our awareness of possible fraud
Help others to be more fraud alert
Avoid panicking
anyone
9
My items did not
arrive and I received
no reply!
11. Fraud Awareness
Enticing Offers
You can earn a lot of money working from
home; provide some personal information
You’ve won a lottery prize; send us your
account number
A long-lost relative has died leaving you a
major inheritance; pay a fee to release funds
Help us transfer money from our country to
your bank account; you’ll receive a share
11
14. Fraud Awareness
Bank Contacts
I want to verify your account number
I want to make an appointment for you to
visit with our staff
We notice an unusual transaction on your
chequing account
I want to explain our RSP offerings to you
I want to confirm your pin number
14
17. Fraud Awareness
Threatening
Contacts
You haven’t paid your property taxes; we’ll
foreclose unless you send us a payment
We grabbed your daughter at the bus stop;
we’ll send you her finger unless you pay us
This is CRA; we haven’t received your tax
payment; we’ll garnishee your wages
You’re over your VISA card limit; send us a
payment or we’ll ruin your credit rating
17
25. Fraud Awareness
Computer-related
Contacts
Your computer has been hit with a virus; let
me access it remotely to repair it
Please let me explain our computer
monitoring and repair service
We’ve blocked access to your computer; for a
fee we’ll restore your access
Your computer is sending spam everywhere;
for a fee we’ll stop this activity
25
28. Fraud Awareness
Recommendations
to avoid Fraud
Trust your instincts
Read your emails carefully
Be careful where you click
Review your bank statement monthly
Review your credit card statement monthly
Verify what someone on the phone claims
Don’t believe an alleged threat
28
29. Fraud Awareness
Suggested Actions
Keep your computer software up-to-date
Create a backup of your data
Keep a written userid and password file
Create file folders for your monthly
statements
Address indications of identity theft
Report fraudsters
29
Press 1 to be ripped off,
2 to be robbed or
3 to be bankrupted.
31. Fraud Awareness
Handling Phone Solicitations
Don't believe everyone who calls
Don't disclose personal information
Don't be afraid to hang up
Don't be afraid to ask for documentation
Don't be pressured into making a decision
Do take the time to call a friend, relative, or police
Do call the police to report any suspicious phone calls
Do ask the caller questions
Do ask for literature
Do ask the company for references
31
32. Fraud Awareness
Bibliography - 1
Beware Of These Telephone Scams
– By Louie G January 15, 2016
– http://wild104fm.com/beware-of-these-telephone-scams/
5 tips to shop safe and avoid online identity theft
– 9 Feb 2014 by Sesame
– http://www.vivawoman.net/2014/02/5-tips-to-shop-safe-and-avoid-
online-identity-theft/
5 Ways Cyber-Criminals Are Trying to Steal From You – And What
To Do About It
– https://www.brighttalk.com/webcast/15037/252865
Has your iPhone been hacked?
– Yogi Schulz, January 11, 2017
– http://www.itworldcanada.com/blog/has-your-iphone-been-
hacked/389507
32
33. Fraud Awareness
Bibliography - 2
How big of a problem is fraud?
– Vantiv’s “ShopTalkTM” report reveals new fraud statistics
– https://www.vantiv.com/about/newsroom/shop-talk-infographic
How to avoid seven of the most common online scams
– Jacob Siegal, July 16th, 2015
– http://bgr.com/2015/07/16/how-to-avoid-online-scams/
Increasing cyber incidents could mean ‘tragedy’ for online trust: Industry
group
– Howard Solomon, February 5th, 2017
– http://www.itworldcanada.com/article/increasing-cyber-incidents-could-
mean-tragedy-for-online-trust-industry-group/390191
Little Black Book of Scams
– http://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/03074.html
Protecting yourself from scams | ACCC
– https://www.accc.gov.au/consumers/consumer.../protecting-yourself-from-
scams
33
34. Fraud Awareness
Bibliography - 3
Scamwatch
– http://www.scamwatch.gov.au/
Share: file a police report for an online fraud?
– 30 Nov 2011 by Sesame
– http://www.vivawoman.net/2011/11/share-file-a-police-report-for-an-online-
fraud/
10 Common Facebook Scams and Frauds; Beware
– abhishek, March 12, 2014
– http://listdose.co/10-common-facebook-scams-and-frauds-beware/
These Obvious Tell-tale Signs Will Help You Know How To Avoid Internet
Scams
– http://momsaffiliatemarketing.com/how-to-avoid-internet-scams/
Unmasked: What 10 million passwords reveal about the people who
choose them
– http://wpengine.com/unmasked/
34
35. Fraud Awareness
Calgary Police Service
Fraud Awareness Webpages
Telemarketing fraud or scams
– http://www.calgary.ca/cps/Pages/Community-programs-and-
resources/Crime-prevention/Telemarketing-fraud-or-scams.aspx
Email scams and safety
– http://www.calgary.ca/cps/Pages/Community-programs-and-
resources/Crime-prevention/Email-scams-and-safety.aspx
Scams and fraud targeted at seniors
– http://www.calgary.ca/cps/Pages/Community-programs-and-
resources/Crime-prevention/Scams-and-fraud-targeted-at-
seniors.aspx
35
36. Fraud Awareness
The Little Black Book of Scams
Table of Contents
Introduction
Lotteries,
Sweepstakes
and Contests
Pyramid Schemes
Money Transfer Requests
Internet Scams
Mobile Phone Scams
Health and Medical Scams
Emergency Scams
Dating and Romance Scams
Charity Scams
Job and Employment
Scams
Small Business Scams
Service Scams
Handy Hints to Protect
Yourself
Scams and You: What to Do
if You Get Scammed!
Getting Help and Reporting
a Scam
36
Editor's Notes
Fraud Awareness
Thanks for inviting me to address the <Organization Name>Until <someone> mentioned your organization recently, I must confess I had not heard of the organization
After attending last week, I discovered your active and engaged group that listens to excellent speakers on fascinating topics
Today we’re going to discuss how to increase our individual Fraud Awareness
The goal is to provide you with the knowledge that you can use to avoid being scammed by some unscrupulous persons and also to help others avoid being scammed
We decided on this topic for our meeting because we are aware of some close calls among the members of our group
Presentation created by Yogi Schulz in the winter of 2017 - YogiSchulz@corvelle.com
I’m happy to share this presentation with anyone who wants to present it to their family & friends or another community group that needs to hear this message
2
Yogi Schulz
Nigerian Scam
Sweet; some guy in Nigeria has $2 billion he wants to transfer to my bank account.
All I have to do is provide him with my personal banking information!
Barry is not smarter than your average bear
File: Other_Coast_2013_07_08_crtoc130708
Growth in Fraud vs. Growth in Charge Volume
Rates of fraud are growing faster than the dollar volume being charged
This trend should cause us to be more attentive
US Card Fraud Hits Staggering $8 Billion in Losses (Up 20% Again)
In Fraud Trends, October 28, 2016
http://frankonfraud.com/fraud-trends/us-card-fraud-hits-staggering-8-billion-in-losses-up-20-again/
USA Identity Theft - Fraud Victims and Fraud Losses
The number of fraud victims is fairly stable but is still in the tens of millions each year
The dollar losses in the billions are staggering
I hope these numbers are trending down as shown because consumer awareness of fraud is up
Identity Fraud - Victims and Losses
12.7 million victims
US$ 16 billion lost
An essential tool to dramatically reduce the risk of Identity Fraud is to use a cross-cut shredder
I hope you all own one and are actively using it
Dumpster diving for personal information is a very successful activity for some fraudsters
Global Cost of Payment Card Fraud
$6.8 billion in the rest of the world and $7.1 billion in the United States in 2013
If you think bank card fees or bank card interest rates are too high, these losses are a big part of the reason
The US Sees More Money Lost To Credit Card Fraud Than The Rest Of The World Combined
John Heggestuen, March 5, 2014
http://www.businessinsider.com/the-us-accounts-for-over-half-of-global-payment-card-fraud-sai-2014-3
Fraud Losses - Debit and Credit Cards
Canada experiences significantly lower losses than the US even on a per capita basis
I believe that’s due to the earlier introduction of chip cards and a smaller economy than the United States
Some believe that Canadians are just more honest
Perhaps we’re poorer and therefore a less appealing target for fraudsters
Overall these statistics show us that fraud is a real problem
Today we’ll discuss some fraud scenarios and how to protect ourselves
Yogi Schulz
How Well are Consumers Protecting themselves from Fraud?
These statistics suggest the majority of consumers are taking the basic steps that significantly reduce the risk of fraud and identity theft
These steps are:
On your computer, keep the operating system, the browser and the anti-virus software up-to-date
Review your bank statement monthly for strange transactions
Review your credit card statement monthly for purchases you did not make
If you’re not already taking these simple steps, please start after lunch today
I won’t ask for a show of hands of those who are already taking these steps
All frauds have one feature in common
They are initiated by someone else
We wouldn’t think to start a communication that results in us being defrauded
Now I’m going to describe the common frauds so that we can all be more alert when they occur in our lives
What do consumers think?
How big of a problem is fraud?
Vantiv’s “ShopTalkTM” report reveals new fraud statistics
https://www.vantiv.com/about/newsroom/shop-talk-infographic
Enticing Offers
Let’s look at the situation where you received an enticing email or phone call
Which of these statements are legitimate and which are a scam? True or False?
Let’s have a show of hands
You can earn a lot of money working from home; provide some personal information to start the enrolment process
Working from home is a cover story fraudsters use to steal your identity
Paid surveys are a similar scam
You’ve won a lottery prize; send us your account number to deposit the funds
You haven’t won anything; the fraudster’s real goal is to clean out your chequing account
A long-lost relative has died leaving you a major inheritance; pay a fee to release funds
There is no long lost relative and there’s no inheritance; this is just a pretext for stealing your money by way of an alleged fee
Help us transfer money from our country to your bank account; you’ll receive a share
There’s no money to transfer; the fraudster’s real goal is to clean out your chequing account
Email Scams
The perpetrators of Advance Fee Fraud (AFF), known internationally as "4-1-9" fraud after the section of the Nigerian penal code which addresses fraud schemes, are often very creative and innovative
The way it works:
Step 1: You receive an email asking for help to transfer a large sum of money out of a foreign country, initially Nigeria
Step 2: To receive your cut, you must send some money to cover various fees and you must send your bank account details
Step 3: Nothing; you never receive the money, your cut or any more contact from the original person
If someone ask you to send money before they can send you much more money, it’s really a fraudster trying to extort money from you
Enticing Offer ScamWarning signs
You don’t know the sender of the email or you don’t know the person calling
The offer is too good to be true; that’s a clear sign of a scam
Email contains spelling and grammatical errors; that’s an indication of foreign origin
Person calling is speaking English with a heavy accent and may make grammatically errors
Avoid being a victim
Never reply to these emails
Don’t click on any links
Don’t open any attachments
Don’t click on Unsubscribe; that just confirms your existence to the fraudster
On the phone, just say thank you and hang up
Consider reporting the scam
Yogi Schulz
Yogi Schulz
Banking Scam
Warning signs
The originating email address is similar, but not identical, to the name of your bank
The email doesn’t address you by name but uses a generic phrase
The visible link in the email is different from the actual link once you hover over the link
The email is phrased to create a sense of urgency; normal emails generally don’t have that tone
Avoid being a victim
Never click on links to your bank
Always reach your bank by typing the domain name or by using a Favorite you created
Here’s an example of a fraudster email that was supposedly sent to me by Air Canada.
The claim that my credit card has been charged immediately grabs my attention
Notice that the visible link in the email is different from the actual link
This is a fake email that I can confidently delete
I don’t need to call Air Canada to confirm anything
That call will just be a waste of my time and theirs
Threatening Contacts
Let’s look at the situation where you received a heated phone call or an abrasive, demanding email from someone who you don’t know
Which of these statements are legitimate and which are a scam? True or False?
Let’s have a show of hands
You haven’t paid your property taxes; we’ll foreclose on your home immediately unless you send us a payment
Even if you haven’t paid your property tax, you’ll receive multiple delinquency notices from the city in the mail before foreclosure proceedings start
Foreclosure is a last resort action on the part of the city
This threat is to intended to catch you off balance and extort money from you
We grabbed your daughter at the bus stop; we’ll send you her finger unless you pay us
Kidnapping is highly unlikely despite what you may have watched on TV
This threat is to intended to create panic, cause you think unclearly and extort money from you
This is CRA; we haven’t received your income tax payment; we’ll garnishee your wages today
Even if you haven’t paid your income taxes, you’ll receive multiple delinquency notices from the CRA in the mail before a garnishee starts
This threat is to intended to make you think you’re in serious trouble with CRA and extort money from you
You’re over your VISA card limit; send us a payment immediately or we’ll ruin your credit rating
Even if you haven’t paid your outstanding VISA balance, you’ll receive multiple delinquency notices from VISA in the mail before a collection procedure starts that can undermine your credit rating
This threat is to intended to make you think your credit rating is in jeopardy and extort money from you
Threat Scam
This is the email version of the threatening phone call
Step 1: You receive an email threatening some harm to you or a member of your family
This is email is deliberately designed to create panic and induce a lack of clear thinking
Step 2: The email demands payment
Typically, the extortioner wants you to wire money him somewhere using a service like Western Union
Step 3: No benefit to you; the threat is bogus and you have just been scammed of money
Threat Scam
Warning signs
The email exhibits poor English
You have no reason to be threatened by anyone
The scammer is asking you for money
Avoid being a victim
Don’t reply to the email; a reply confirms to the fraudster that you are a prospect for the scam
Check your social media settings to make sure that your personal information is not more public than you believe
Report threats to the police
Facebook Scams
Have you logged into what appeared to be a Facebook home page?
The goal of this web page is to steal your Facebook credentials and then use them to steal your identity and to create havoc
Look carefully at the URL; it includes letters beyond the word Facebook
That’s an unequivocal indicate of a fraudulent Facebook login page
Now look carefully at the URL; it contains no letters; just an IP address
This is also a fraud
It’s intended to lull us into thinking this must be the Facebook IP address; it’s not
Here’s what the real Facebook URL looks like; this distinguishing features are:
It’s says Facebook and only Facebook
It contains the s after http
Facebook Scams
Have you clicked on a Like that caused another page to be displayed?
Clickjacking is a kind of spam that is annoying for Facebook users
Hackers have found a way by which once you click on a “Like” button, you will also, unknowingly, be clicking on the invisible “Like” button which is placed just behind it
You will be then redirected to some other page where you will be asked to fill some forms mentioning your personal data to view the content
In some instances you are asked to take part in some online surveys
Now since you have clicked on the “Like” button, your like will be registered and your friends will now be able to see the posting in their feeds
Your friends will assume the posting to be genuine because you have seen it
Your friends will end up being cheated the same as you have been
Facebook Scams
Have you installed a Facebook widget that spammed all your friends?
The goal of the hacker is to undermine your reputation among your friends and encourage them to click on a link that steals their identities
Yogi Schulz
Facebook Scam
Warning signs
An unexpected page is displayed that asks you to complete a survey or click on a box
The page content is shocking or pornographic
The unexpected page offers information, such as profile views, that Facebook does not offer
Avoid being a victim
Research apps or plugins before installing them
Build your understanding of what Facebook does and does not do; for example, there is no Dislike button
Review your Facebook apps and delete every one that appears suspicious or you don’t care about anymore
Yogi Schulz
The Fake Anti-virus Alert
Step 1: A window pops up advising you that your anti-virus software is out of date or that your anti-virus software has identified a virus
The window is most often created by a web page that you have just loaded
This is window is deliberately designed to create panic and induce a lack of clear thinking
In fact there is no problem with your software
Step 2: You’re encouraged click on a button or dial an 800 number to spend money to license software to correct the supposed problem
This event should cause you to question if you want to stay at the website in question
Here’s an example screen that illustrates the Fake Anti-virus Alert
The problem will not in fact go away if you click OK
If you click OK, you will download malware or be asked for money to install nothing useful
Fake Anti-virus Scam
Warning signs
Pop-up uses overly dramatic language
Pop-up warns you about a virus, malicious software or pornography on your computer
Avoid being a victim
Don’t click on the pop-up; not even the Close X
Close the pop-up using Alt+F4
Confirm that your anti-virus software is up to date
Keep your web browser version up to date
Use a pop-up blocker like Adblock
Yogi Schulz
Suggested Actions
These simple actions will substantially reduce the risk of you becoming a victim of fraud
These actions are easy to implement
Keep your computer software up-to-date
Keep the operating system, and the browser up-to-date
Use anti-virus software; Ensure your anti-virus software is active; Ensure your anti-virus software is up-to-date and stays that way
Create a backup of your data
Store it with a friend
Keep a written userid and password file
Keep this file in paper form
Vary your passwords from website to website
Create physical file folders for your:
Bank statements
Credit card statements
Utility statements
Address indications of identity theft
Don’t think a small problem will just go away; more likely it will become bigger
If you think you have become a victim, change all your passwords and confer with your bank
Report fraudsters
Do call the police to report your incident
In most cases, they can’t take any meaningful action
The police are trying to accumulate statistics of the prevalence of these attacks
Yogi Schulz
Don't believe everyone who calls with an exciting promotion or investment opportunity.
Don't disclose personal information about your bank accounts, credit cards or address over the telephone.
Never give your credit card number to someone calling you
Don't be afraid to hang up.
Don't be afraid to ask for documentation to verify a product or investment. But remember, even the unscrupulous have professionally prepared literature, catalogues and invoices.
Don't be pressured into making a decision. Any legitimate gift or prize will still be available tomorrow.
Do take the time to call a friend, a relative, your banker or a police agency before making a decision to send money.
Do call the police to report any suspicious phone calls or mailings.
Do take the opportunity to ask the caller questions about their offer or promotion. No legitimate company will refuse your inquiries.
Do ask for literature so you can read about the company before making a commitment.
Do ask the company for references from other customers who live in your area.
Bibliography - 1
Bibliography - 2
Bibliography - 3
Calgary Police Service Fraud Awareness Webpages
The Little Black Book of Scams - Table of Contents
Competition Bureau
Little Black Book of Scams
http://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/eng/03074.html