scam
Latest
FTC says T-Mobile has let text message scams run wild (Update: T-Mobile responds)
Is your cell phone bill running a little high? You might be suffering from unauthorized third-party charges, a type of text messaging subscription scam that bills users for SMS-delivered celebrity gossip, horoscopes, quizzes and other content. Consumers can choose to sign up to these services manually, but are often duped into signing up to them through fraudulent and deceptive advertisements -- causing charges in upwards of $9.99 to appear on their phone bill without their authorization. It's a practice the Federal Trade Commission calls "cramming," and it says T-Mobile as been allowing these scammers to charge its customers unchecked for far too long. Now the FTC is taking the carrier to court, demanding it issue refunds to the customers it failed to protect.
Watch out: fake EA social accounts are swiping World Cup fans' logins
Internet scams certainly aren't new, but they're kicking into high gear now that the World Cup has many people eager for some futbol. For example, Malwarebytes has spotted a fake EA Sports account on Instagram (fake accounts have been on Twitter for a while) that lures FIFA 14 gamers with promises of free team members. If you're tempted enough to click through, you wind up at a plausible-looking phishing site that asks for your EA Origin and Xbox Live credentials -- do that and you'll quickly lose control of both logins. There's no guarantees that Instagram or authorities can shut the Instagram account (or any other nogoodnik) down for good, so the best defense is a healthy dose of caution: always double-check an offer if it seems too be good to be true, no matter where it comes from.
Watch out for Warlords of Draenor phishing scams
With another expansion looming on the horizon, there's another round of phishing scams and emails designed to trick you into giving up your account information. With this kind of scam, you get an email or visit a website that's so much like Blizzard's that you wind up typing in your login information, which the scammers then use to pick your account clean. Though you may think this is the sort of thing people only fall pray to when they aren't paying attention, phishing scams get more sophisticated -- and harder to recognize -- every day, so you need to keep your guard up. Take this Warlords of Draenor phishing scam reported by Malwarebytes as an example. It starts off with an email that's formatted like a message from Blizzard saying you've won a free copy of Warlords -- which is really where you should get suspicious. Once you click on the link in the email, you're sent to a perfect copy of the Battle.net login screen where you're asked to enter your login information as well as your secret question and answer before you can redeem your free copy... but of course the scammers just run off with your info without giving you a thing. To avoid being had, always check the header to see where an email has come from -- Blizzard emails will only come from an @blizzard.com address -- and if an offer sounds too good to be true, contact Blizzard directly to ask about it. For more tips on avoiding phishing, check out the support page on phishing scams.
Here's some of the cyberbullying that happens in EVE Online
EVE Online griefers have grabbed their share of headlines during the game's first decade, but rarely have the masses gotten a chance to witness them in action. Now you can, though, thanks to a player named Erotica 1 who has publicized an audio recording of a "Bonus Round" scam being carried out via voice chat. Jester at EVE News 24 has the full story as well as a link to the Soundcloud file. It's worth noting that portions of the audio are NSFW due to graphic language. [Thanks Max!]
Warning: Yet another wave of phishing emails targets Apple users
Email scam artists seemingly love Apple users, and following on the tail end of a widespread Apple ID phishing attempt earlier this year, a new round of sketchy emails has descended upon a large number of email addresses. Unlike the previous scam -- which claimed that a user's Apple ID had been disabled for security reasons -- the newest version simply asks you to "confirm your account within 48 hours" using a provided link. The email can be sent from a number of different email addresses, but mine came from "appleid[at]id[dot]appleidupdates[dot]com" and included a gray background, Apple logo, and Apple copyright. Needless to say, if you find this email in your inbox or spam filter, delete it and don't look back. Remember, Apple will never ask you to confirm your account details or change your password by clicking a link embedded in an email. Using your cursor to hover over any links on the page, especially the shady "Verify Now" link, will usually point to a domain that is clearly not associated with Apple. The safest way to ensure your account is updated is to simply log into your Apple ID via iTunes, and when nothing seems amiss you can feel good that you've outsmarted the scam artists. Be sure to share this warning with any friends or family members who may be less web-savvy, as they are typically the ones who fall victim to such attacks. Stay safe!
Need another reason to hate the horrible Flappy Bird clones? They steal content, too
Flappy Bee -- or "Happy Bee Game" as its title screen says -- is a Flappy Bird clone that changed its name to steal downloads from people searching the App Store for the now-removed iOS top-rated game. Flappy Bee is garbage, which is enough of a reason to hate it, but it also happens to have stolen its mascot directly from the game Bee Leader. Greg Harding, the director of Bee Leader developer Flightless, submitted a complaint with Apple more than three days ago, but the offending app remains on the market. What's worse, Flappy Bee has been in the top 5 most popular free games for more than 48 hours, and is raking in the cash while using stolen assets. I realize there's a protocol for this sort of thing, and the system that is in place exists so that fraudulent dispute claims can't be made against legitimate developers, but give me a break. It shouldn't take this long for an App Store scam artist to be removed, and I can only hope Flappy Bee is axed before much longer. By the way, Bee Leader is a fantastic game that also happens to be free. I'd not had the chance to try it out prior to finding its clone, but the original game is quite fantastic. I suppose I can thank Flappy Bee for that, but Bee Leader should really be the one at the top of the popularity list rather than its poorly coded doppelgänger, so I'll make it easy for you; click anywhere on this paragraph to give Bee Leader a try.
MMO Mechanics: Three fair ways to distribute loot
I mentioned last week that players throw their precious characters into the MMO meat grinder in the pursuit of higher levels, new achievements, or shinier gear. We gladly jump on the seemingly endless PvE treadmill, cranking up the speed with each new patch in an attempt to catch the dangling carrot of character perfection. Of course, we don't just punish ourselves like this to say we overcame some previously impossible challenge; there's shiny new loot to be had! The best booty usually comes from completing group activities like dungeons and raids, but not everyone can agree on how to share the spoils of joint pursuits. Several different loot distribution methods have been devised over the years to solve the problem of fairly distributing the swag, with most methods starting life as player-made agreements that weren't officially supported by hard-coded game mechanics. Players have long since rolled for gear or took turns to claim items round-robin style, leading developers to implement the most popular methods as actual game mechanics to avoid ninja-looting and then the inevitable public pity parties associated with player-led arbitration. In this edition of MMO Mechanics, I'll break down three of the most equitable loot distribution systems used in MMOs today and look at why this age-old problem doesn't have a one-size-fits-all solution.
No, iOS 7 does not make your phone magically waterproof
Ah, the merry pranksters of the interwebs: your gleeful enthusiasm for messing with people shall never fade. It seems some of the jokers on Reddit and other corners of the web have taken it upon themselves to convince other people -- perhaps slightly less technically savvy -- that among iOS 7's many new features is a resistance to immersion in water. No, really. See the impressive graphic above. That took some effort. As pointed out in a few places, the idea that a software update could magically bestow water resistance on hardware is a bit farfetched, but unfortunately that didn't stop some folks from going ahead and testing it out. Ouch. So that there's no confusion: this is false. It is fake. It is a hoax. iOS 7 does not make your phone water-resistant. Have a nice Monday! Thanks, Oscar! [Want to help your friends and family learn the real story about the new iPhone OS? Send them a link to our Don't Panic Guide to iOS 7. -- Ed.]
Daily Update for August 9, 2013
It's the TUAW Daily Update, your source for Apple news in a convenient audio format. You'll get all the top Apple stories of the day in three to five minutes for a quick review of what's happening in the Apple world. You can listen to today's Apple stories by clicking the inline player (requires Flash) or the non-Flash link below. To subscribe to the podcast for daily listening through iTunes, click here. No Flash? Click here to listen. Subscribe via RSS
Don't get hooked by this Apple Store phishing campaign
Apple fans beware! A new email phishing campaign dangling a bogus US$200 Apple Store gift card as bait to snag unsuspecting victims is making the rounds, according to security firm Webroot. The email that arrives (see image above) looks strikingly similar to those that are sent by Apple, using the Apple logo and similar type styles. As usual with phishing campaigns, this deal sounds too good to be true -- all you need to do is click a download link or open an attached file, and voila! A $200 gift card is yours! Well, not really -- instead, performing either task installs Java-based malware that can pull personal data from your computer. That data could be enough to make you the victim of identity theft if you fall for this deadly hook. Apple never just randomly sends out gift cards. In cases where the company has provided gift cards to customers, they're in much smaller amounts and done for some specific reason -- like a rebate on a previous purchase. Apple also never displays a link to an external site or requires the download of an attachment. Another tell -- Apple never refers to customers as "clients." So, if you get an email in the next couple of months telling you about a $200 Apple Store gift card that you've magically received, dump it immediately. Do not click the link, and most assuredly do not look at the attachment. Be sure to pass this warning along to your less tech-savvy friends who might not read TUAW. [via MacNN]
Cheeky scam artist puts apples in iPhone boxes, sells them to unsuspecting woman
Buying pricey electronics from a private seller is never advised, but when a woman in Brisbane, Australia met with a seller at a local McDonalds to purchase a pair of "new" iPhones, she figured she was safe. As the Herald Sun reports, after buying what appeared to be two new iPhone boxes from the seller for a total of $1,500 AUD (approx. US$1,300), she returned home to find that the boxes contained actual apples in place of Apple smartphones. The scam began on a UK classifieds site called Gumtree where users can post free ads for items, as well as ads stating they are willing to buy specific goods. The victim in this case posted an ad saying she was looking to buy two iPhones. Of course, the thief's plan would have quickly unraveled if the buyer would have simply opened the boxes to verify their contents. I mean really, always check the box, people, or you're asking for trouble.
Natural Selection 2 credit card scam sees developer out $30,000
Valve has deactivated 1,341 Steam keys for Natural Selection 2, a result of a scam that saw developer Unknown Worlds Entertainment out a total of $30,000. These 1,341 keys were purchased through the developer using stolen credit cards. The real credit card owners made chargeback claims on the fraudulent charges, and as a result the developer never received its money and was instead hit with the $30,000 fee to recoup the stolen funds.It seems someone "purchased" keys through Unknown Worlds, sold them to third parties at a discount and then vanished once original credit card holders disputed the charges to Unknown Worlds. As a result, Unknown Worlds has temporarily closed its store, making Steam the only eligible place to purchase Natural Selection 2 at the moment.As of today, anyone who purchased those illegitimate keys will find their game deactivated. Unknown Worlds suggests contacting the site you purchased the key from for a full refund – good luck with that.
EVE Evolved: Making EVE history
EVE Online has the odd distinction of being one of the only MMOs in which the developers have almost no control over the active storyline. There have been plenty of fiction articles written about the game's backstory, and the NPC factions occasionally butt heads in short news pieces, but none of it feels very real. It's only when these events actually occur inside the game world that they become real, and when that happens, the outcome is at the mercy of players. 2010's spectacular Sansha abduction live event was the perfect example of this, with thousands of players becoming immersed in a very real emerging storyline. The story was fluid and evolved based on what players did, and so it made the NPC factions come alive in a way that fiction never could. While the scripted NPC portions of these storylines certainly constitute part of EVE's history, the most interesting tales follow the unexpected actions of players and alliances. The fascinating thing is that the audience for these stories extends far beyond the playerbase itself, with news of high-profile events occasionally taking the global gaming media by storm. But for every 3,000-man battle and 200 billion ISK scam that's reported, there are hundreds of smaller events that would be just as interesting to read about or watch a video on. Most of these events have been lost to the mists of time, kept secret or talked about only among those directly involved ... until now. In this week's EVE Evolved, I look at the types of NPC-based and player-run stories that happen regularly in EVE and speculate on CCP's upcoming plans to document and preserve that history.
Fake installer malware makes its way to Mac
If you download a Mac app and its installer asks you for your phone number, you're likely looking at the latest malware to find its way onto OS X. According to Russian security firm Dr. Web, a Trojan malware has been identified called Trojan.SMSSend.3666 that requests your mobile phone number in exchange for a promised activation code, but actually initiates automatic charges to your account should you be gullible enough to go along with it. These Trojans can be attached to legitimate applications that would otherwise be available without the need for SMS-based activation, the site points out, or even to junk programs that do nothing at all. They're nothing new to Windows and Android users, but this is the first time that such malware has been identified on Mac. Needless to say, if you find yourself presented with a request like this, you should exit the installer immediately. If you're trying to install an app you know to be legitimate, make sure you're downloading it from the developer's official site. [Via The Next Web]
Obama signs Safe Web Act into law, extends FTC power to combat online scam artists
See that guy? The one in the bubble? He's probably up to no good. Thanks to President Obama, however, he's going to have a much harder time duping innocent young ladies like the one also shown here. Per The Hill, the POTUS has just signed into law the Safe Web Act, which extends the Federal Trade Commission's authority to "clamp down on Internet fraud and online scammers based abroad." In simpler terms, it enables the entity to share data about "cross-border online fraud with foreign law enforcement authorities" through September of 2020. According to an unnamed official within the FTC, the existing edition of this act has allowed it to conduct over 100 investigations into cross-border fraud and scam, but it's unclear how much crime was stopped and how many people were needlessly annoyed. We kid, we kid.
EVE Evolved: Top ten ganks, scams, heists and events
It's been called "boring," "confusing," and "the world's biggest spreadsheet," but every now and then a story emerges from sci-fi MMO EVE Online and grabs the gaming world's attention. Tales of massive thefts, colossal battles, high-value kills, record-breaking scams, political dirty deals, and controversial player-run events never fail to grip us. Perhaps it's the fact that these events have such huge impacts in the EVE sandbox that captures our imaginations, or maybe we just want to watch with morbid curiosity as a virtual society self-destructs. Whether it's innocent interest in quirky stories or a secret sense of schadenfreude that keeps us glued to EVE's most illicit events, the game continues to deliver them with startling regularity. Most scams, thefts, and high-profile battles will never make the news, instead becoming another forgotten part of EVE's history or just a story for a few friends to reminisce about. But those stories that do reach the news always draw in a huge audience that wouldn't play EVE in a million years but can't get enough of its engrossing stories. In this week's EVE Evolved, I run down a list of ten incredible EVE kills, scams, heists, and sandbox events that have made it into the news over the years.
EVE Online $6,000 ship kill may be a hoax
EVE Online player "stewie Zanjoahir" made history yesterday when he reportedly lost a tiny ship with cargo worth over $6,000 US. Now it appears that the value of the kill may not have been accurate or that the kill could even be a hoax. Evidence that the kill may not be authentic surfaced last night as players found that three Hulk blueprints listed on the kill were marked as originals. That would make them priceless items that change hands for over 500 billion ISK each, which would raise the kill's value to a ludicrous 1.71 trillion ISK ($51,685 US). It's believed that many of the original blueprints in the kill were actually cheaper blueprint copies. One possible explanation for the aberration is that there was an error in the EVE API that supplied the original kill data to third-party killboard websites. It's also possible that the kill was marked as API Verified without actually being checked, in which case the kill may have never even happened. An alternative version of the kill valued at only 34 billion ISK ($1,024 US) has also surfaced, but this was manually uploaded and so isn't verified at all. CCP Games posted the kill on its Facebook page and Twitter feed, but didn't officially confirm the kill or its value. We reached CCP for comment, but privacy concerns prevented the company from confirming or denying the kill's authenticity. If this monumental kill turns out to be an error or a hoax, the next-highest value confirmed EVE kill would be Bjoern's Avatar class titan destroyed in March 2011. The titan was kitted out with expensive officer modules and came to a total value of over 128 billion ISK. As the price of PLEX was much lower in 2011, this would have bought 355 PLEX worth a total of $6,212.50 US.
EVE Evolved: Three ways to break Retribution
EVE Online's upcoming Retribution expansion is set to revolutionise PvP with its brand-new criminal and bounty hunting systems. Players will be able to hunt down criminals who show their faces in highsec, and bounty hunters will track not just individuals but also entire corporations and alliances. If past expansions are any indication, however, the first thing players invariably do with any new feature is to try to break it. Some people will undoubtedly find ways to bend the new gameplay into scams, others will trick players into getting themselves killed for a few laughs, and a few will hunt for borderline exploits. We now know enough about Retribution's new features to figure out some of the ways they can be potentially abused. The ability to sell kill rights opens up a whole new scam based on tempting players with a juicy target and then pulling the rug out from under their feet. The new Suspect flag that lets players dispense justice to criminals can also be used to bait innocent players into getting themselves killed. There may even be a way to get rid of bounties for free, undermining one of the expansion's core mechanics. In this week's EVE Evolved, I look at three potential pitfalls in the upcoming Retribution expansion, how they might work when the expansion goes live, and how to protect yourself from falling victim to them.
FTC offers $50,000 prize for stopping illegal robocalls, we could have used this a few months ago
Robocalling is considered a plague in the modern phone world, especially during an election year -- and while you likely won't get rid of all the pitches from political candidates anytime soon, most of the commercial calls are outright illegal. The Federal Trade Commission has devised a unique contest to help cut back on those law-breakers without having to chase down every shady debt relief offer. It's offering a $50,000 reward for the cleverest solution to blocking the banned variety of robocalls. The only requirement is that you be an adult US resident: if you can invent a surefire remedy in your basement, the FTC wants to hear from you. Entries will be open between October 25th and January 17th, with word of a winner around April 1st. We're hoping that the champion has a truly effective cure in use before long, because we'll undoubtedly have reached our breaking point on robocalls by... oh, around November 6th. [Image credit: SarahNW, Flickr]
McAfee shows how major Android scamware ticks, prevents us from learning first-hand
Most Android malware lives in the margins, away from Google Play and the more reliable app shops. It's nonetheless a good idea to be on the lookout for rogue code, and McAfee has stepped in with thorough explanations of how one of the most common scamware strains, Android.FakeInstaller, works its sinister ways. The bait is typically a search-optimized fake app market or website; the apps themselves not only present a legitimate-looking front but include dynamic code to stymie any reverse engineering. Woe be to anyone who's tricked long enough to finish the installation, as the malware often sends text messages to expensive premium phone numbers or links target devices to botnets. The safeguard? McAfee would like you to sign up for its antivirus suite, but you can also keep a good head on your shoulders -- stick to trustworthy shops and look for dodgy behavior before anything reaches your device.
