scam
Latest
PSA: That Razer esports sponsorship email is a scam
So, you stream your gameplays and recently received a lucrative sponsorship offer via email from popular esports platform Team Razer. Exciting, right? Unfortunately, it's nothing but a scam -- that email is actually from a cyber criminal and not a "scouting agent." Team Razer has sent out a notice that scammers are using its brand name to spread malicious software.
Sketchy adoption app Adoptly is a hoax after all
A few weeks ago, a company called Adoptly stated a Kickstarter for an app that promised to make adoption easier -- with the help of a ridiculous, Tinder-style interface for swiping left and right on children. We immediately questioned whether something like this was even real, although it did seem to be legally plausible if extremely ill-advised. But now, the truth comes out: Adoptly was part of an "ongoing satirical art project" from Ben Becker and Elliot Glass, the duo who brought us the "Pooper" hoax of last summer.
AT&T service prevents scam calls from reaching your phone
Yes, you can block phone numbers used for robocalls and tech support scams, but that usually means having to take at least one call (or running the right software) before you realize something's fishy. And AT&T, at least, is trying to do better. In response to the FCC's request for tougher action, the carrier has introduced a free Call Protect service for HD Voice (voice over LTE) users that aims to block fraudulent and spam calls, in many cases before they even reach your phone. An automatic fraud blocking feature will stop scams at the network level, while you'll also get warnings about suspected spam calls if you're in an HD Voice coverage area.
The Milwaukee Bucks fell prey to a phishing email scam
Just because you're part of a major league sports team doesn't mean you're immune to internet fraudsters. The Milwaukee Bucks have confirmed that they fell victim to a phishing scam that compromised the basketball team's financial data. After receiving an email impersonating team president Peter Feigin, an employee sent out 2015 tax year data for all of the Bucks' employees, including players. Yes, that means that the salaries and social security numbers of some NBA athletes are in sinister hands.
NYU says Craigslist sucks at spotting fake rental listings
Researchers at New York University claim that Craigslist has a serious problem identifying fraudulent listings. After digging through two million of 'em, a team from the Tandon School of Engineering thinks that the site misses anything up to 55 percent of scam entries. They normally work by offering a juicy property for rent, but forcing users to undergo a credit check or pay cash straight to see the full listing. Naturally, both are designed to separate would-be renters from their money, but apparently they're pretty easy to spot. Despite this, Craigslist stands accused of leaving fraudulent entries linger online for anything up to 20 hours.
Chrome gaming add-ons steal your Steam inventory
Beware browser add-ons that promise to boost your Steam-based games -- you might be in for a rude surprise. Security gurus have spotted a known scammer offering Chrome extensions that claim to change your Counter-Strike: Global Offensive theme or help you gamble, but do nothing more than steal from your Steam inventory. It's not the greatest loss if you're a victim (the malware isn't compromising the games or your Steam account), but it'll probably leave you crestfallen if you spent ages collecting rare virtual objects.
FTC starts cracking down on crowdfunding fraud
Hang around the crowdfunding scene long enough and you'll hear tales of campaigns that were too good to be true, or creators who simply took the money and ran. It's scary stuff, we know -- but you'll be glad to hear that the Federal Trade Commission now has your back when the host sites' safeguards aren't enough. The government body has taken its first action against a crowdfunding fraudster, reaching a settlement with Erik Chevalier after he cancelled a Kickstarter board game project and reneged on promised refunds. The culprit won't pay restitution, unfortunately (he's allegedly unable to pay), but he's barred from any deceptive crowdfunding practices and obligated to honor whatever refund policies he sets. A slap on the wrist, then? Maybe, but it's still a shot across the bow of scammers who are only interested in padding their bank accounts. [Image credit: Getty Images]
Sprint and Verizon to pay $158 million over bogus texting charges
No, Sprint and Verizon* aren't going to escape the FCC's bid to punish carriers for letting shady text message services bill their customers. The two providers are respectively paying $68 million and $90 million to settle FCC claims that they not only turned a blind eye to this bill cramming, but frequently denied refunds when subscribers complained. About $120 million of this total payout will compensate victims, while the rest will go to both state governments and the US Treasury.
TalkTalk admits attackers stole customers' personal details
TalkTalk has enjoyed its fair share of positive press in recent months, thanks to its new carrier deal with O2 and the acquisition of Blinkbox Movies, but there could be some rougher times ahead. In an email to customers, the quad-play provider confirmed that it was the target of an intrusion at the end of last year, which saw attackers steal personal data including names, addresses, phone numbers and TalkTalk account numbers. The company says that it has confirmed a number of cases where scammers have used that information to tease more sensitive details like bank account and credit card numbers from customers.
Spyware tries to lure gamers through fake in-game voice apps (updated)
Malware targeting gamers usually tends to revolve around the games themselves, such as fake copies of a hot new shooter or deceptive in-game items. Well, it looks like these attackers are mixing up their strategy: Malwarebytes Labs has found spyware spoofing an in-game voice chat app. At first, it steers you to a fake website offering Razer's Comms software. If you're eager enough to click the Windows download link, you instead get a script that tries to harvest your logins and other sensitive info. A cursory glance suggests that it's (poorly) written by Russian cybercriminals renting their services.
T-Mobile pays $90 million to settle claims it profited from texting scams
T-Mobile protested its innocence after the Federal Trade Commission accused it of letting text message-based scams run amok in the name of profit, but it's not going to fight that complaint to the bitter end. The UnCarrier has agreed to a settlement that will have it paying "at least" $90 million in fines to the FCC and all 50 states. Moreover, it'll have to both offer full refunds to victims and require explicit permission for third-party charges. In the future, that sketchy celebrity gossip service can't take your cash unless you offer consent. T-Mobile's decision to cry "uncle" isn't surprising given that AT&T already settled with the FTC over similar unauthorized billing. However, it suggests that Sprint faces an uphill battle in its own texting dispute -- history definitely isn't on the company's side.
Changes to Steam gift rules aim to deter resellers
Were you planning to purchase a game on Steam and then trade said game for another this holiday season? Well, you may want to plan ahead. Valve changed the rules regarding how Steam users can trade games purchased as gifts this week, making gifted titles untradeable for 30 days. "All new games purchased as a gift and placed in the purchaser's inventory will be untradeable for 30 days," Valve wrote in a recent announcement post. "We've made this change to make trading gifts a better experience for those receiving the gifts. We're hoping this lowers the number of people who trade for a game only to have the game revoked later due to issues with the purchaser's payment method." In other words, this is an attempt to curb the number of people who purposefully use fraudulent payment details to buy Steam keys in bulk and sell or trade them away, as users who purchase or trade for such a game have their access revoked once the payment fails. A gift that is not being traded can still be gifted at any time, Valve clarifies in the post; the only change is to how trades function. [Image: Valve]
FTC shutters bogus tech support firms that scammed $120 million from victims
You've heard it happen one time or another: a senior who's not very tech-savvy clicked a dubious link online and paid a shady internet company a hefty sum to remove a virus that was never there. It's one of the oldest tricks in the book, and apparently, still one of the most effective: the Federal Trade Commission has just shut down two massive Florida-based telemarketing operations that reportedly scammed victims (mostly seniors) out of $120 million in total, duping them into buying fake anti-virus software and fake tech support. Both have been active since at least 2012, so they might sound familiar. The first one sold software called PC Cleaner, while the other did business under several names, including Boost Software Inc., OMG Tech Help and, hilariously enough, OMG Total Protection.
Google says the best phishing scams have a 45-percent success rate
Conceptually, phishing scams sound easy to see through: a fake webpage with the wrong URL that doesn't look quite right -- who's going to fall for that? Quite a few people, apparently. According to a new Google study, the most successful phishing websites will capture data from 45-percent of its visitors. The least successful scams only scored information from three percent of its visitors, but when crooks are sending out phishing emails by the millions, that still adds up. The study found that the majority of the hijackers operate out of China, the Ivory Coast, Malaysia, Nigeria and South Africa, and that they work quick: 20-percent of accounts were compromised within 30 minutes of having information phished.
PSA: There is no beta for GTA5 on PC, PS4, Xbox One
Heads up: if someone claiming to represent Rockstar offers you beta access to the upcoming PC, PlayStation 4, or Xbox One versions of Grand Theft Auto 5, they're trying to scam you. Rockstar has officially stated that it has no plans to offer a public beta test in the weeks leading up to GTA 5's next-gen console debut. "Please note: There is no pre-release 'beta' test for Grand Theft Auto 5," the developer's statement reads. "If you see ads or solicitations to join a beta program, beware as this is likely some type of online phishing scam." It's an understandably tempting offer, and scammers are likely hoping that the game's notoriety will cloud player judgment. Stay safe out there, folks. Grand Theft Auto 5 will hit the Xbox One and PS4 on November 18, and a PC release is slated for 2015. [Image: Rockstar]
Is this wrist-worn smartphone on Indiegogo a hoax or a fever dream?
One downside of Indiegogo's lax attitude to projects is that there's no requirement for a prototype or any proof that the device being pitched could even exist. In fact, the site is so laissez-faire, that a creator could probably promise a hoverboard powered by unicorn tears, and the only limit to its success would be human credulity. In unrelated news, Arubixs has taken to Indiegogo to ask for $300,000 of funding for Portal, a flexible, bendable smartphone that can be worn on your forearm like Leela's Wristlojackimator - with a watch strap holding it in place at either end.
Watch out: eBay vulnerability leads to phishing log-in page
Thinking about picking up a used iPhone on eBay? Shop carefully, friends: it's apparently phishing season. The BBC is reporting some auction listings are redirecting to counterfeit eBay login pages -- fronts for phishing scams designed to steal customer usernames and credit card information. The good news is that eBay isn't technically hacked. The online marketplace allows sellers to use scripting to gussy up item listings. Cross-site scripting is generally not allowed, but these scammers are doing it anyway.
Google now rejects scam email that tricks you using non-Latin characters
Google did a favor for Gmail users worldwide when it added support for non-Latin characters in email addresses. However, it also opened up a can of worms -- scammers can write from addresses that seem legitimate, but are really using non-native letters to (potentially) fool you into trusting a message's contents. Thankfully, the crew in Mountain View is already aware of the threat. Gmail now tosses out email with odd combinations of letters that are likely to represent phishing attempts, reducing the chances that you'll hand your account details to a "bɑnk" instead of your actual bank. The filtering relies on a Unicode standard, too, so you'll know the exact criteria Google is using. Other email providers will have to follow suit for the measure to really hit data thieves where it hurts, but this represents an important first step.
FTC busts up $275 million credit card scam, sues the folks behind it
The folks down at the Federal Trade Commission are busy helping all of us these days, whether they're weighing in on patent disputes or forcing firms to help cover your child's lack of parental supervision. Today, the FTC charged several companies and individuals with participation in an elaborate shell game from 2010 that was really just a $275 million dollar credit card scam. According to a separate, ongoing lawsuit filed by the Commission, a company called I Works did the stealing, but wouldn't have been able to take $26 million of the total without the aid of the defendants in this new lawsuit.
League of Legends retires skin codes to fight scam artists
Riot Games is retiring skin codes released prior to April 2014 in an effort to curb third-party re-selling and fraud, according to Community Coordinator Ben Forbes, AKA Riot Draggles. If you're just tuning in, skins in League of Legends change a character's visual look, so that a pirate might become a cowgirl, or a hamster-looking creature might don a spacesuit. So what does this mean if you're a League player with your eye on that sweet new skin for your favorite champ? Nothing, actually - skins sold through the League of Legends client will still work just fine. The new policy affects codes that are printed onto cards and given out at events such as PAX, Gamescom and Anime Expo, and only those created before April of this year. These skins, due to their limited availability, are sometimes considered rare, and thus have been sold through third-party sites at a hefty markup. Forbes wrote on the game's forums that Riot found one skin selling for more than $1,000. If you find yourself stuck with a legitimate skin code that you haven't yet redeemed, you have until July 23 to submit a ticket to League of Legends customer support with info verifying authenticity. Visit the skin code FAQ page to learn more. [Image: Riot Games]
