Posts Tagged ‘PayPal’

Service of Responding at Your Peril

Thursday, July 21st, 2022

Hardly a week goes by without a new con to entice recipients to respond to a phone call, text, email or fake ad on a social media platform.

Just this week I got a text from “PayPals [sic] Service.” It started:  “We have restricted your account.” Since when did PayPal add an S to its name?

In the last few months I noticed stalkers on Facebook not where you’d expect them–asking to be your friend the old fashioned way–but in comments. When a woman placed a comment to a post the stalker-stranger would not address the topic or the remark but instead would introduce himself and invite the woman to connect.

For a long while we’ve received emails and texts announcing “your order has been processed” when there’s been none or “thank you for renewing your membership to Geeksquad” to a nonmember. And then there’s a warning that my friend shared about a purchase on her Amazon account. She doesn’t have one and she added “Sadly many naive people would push #1 as instructed. Not me!”

She mentioned an email allegedly from Yahoo asking her to confirm her email address or she’d stop getting emails within 48 hours. “There was none of the usual verbiage from Yahoo so I knew it was a scam,” she said. “Plus they’d never only give you 48 hours for any change. But makes me sick when I think of how many people fell for it.”

I was distressed reading Christina Morales’s story “Restaurants Face an Extortion Threat: A Bad Rating on Google.” In The New York Times she reported: “In a new scam targeting restaurants, criminals are leaving negative ratings on restaurants’ Google pages as a bargaining chip to extort digital gift cards.” The one star ratings–the worst you can get–feature neither photos nor descriptions and the writers haven’t been to the restaurants, some of which have Michelin stars. The scammers request $75 Google Play gift cards to remove the review.

From California to New York, the emails were the same wrote Morales: “We sincerely apologize for our actions, and would not want to harm your business but we have no other choice.” She continued: “The email went on to say that the sender lives in India and that the resale value of the gift card could provide several weeks of income for the sender’s family. The emails, from several Gmail accounts, requested payment to a Proton mail account.”

Google removed some but not all of the bad ratings. A spokesperson said the company is looking into the reviews and removed those that violated policy which states you must have been to the place you review. If not, the writer faces account suspension and/or litigation.

It’s not that easy to contact Google although “Law enforcement officials have urged” the restaurants to do so as well as to notify local police, F.B.I. and the FTC. “The commission advises businesses not to pay the scammers,” she wrote.

The takeaway for those who check out restaurant ratings is to discount any that come with no photos or descriptions.

Have you noticed any new scams attempting to trick you into playing ball? If a restaurant has mostly good reviews and one bad one do you discount it, assume it might be written by the competition or a nut or do you take it seriously?

Service of Cart Before the Horse: Corporations Collaborate When Foolproof Locks on Internet Security Don’t Exist

Thursday, August 16th, 2018

Thank goodness all giant corporations aren’t leaping into bed together to share respective expertise and information although some are inching in that direction and others are raring to go. It won’t be long.

But first a digression: In arriving at the topic for this post I counted seven fuzzy attributions in one newspaper article. Isn’t that a lot? Laced throughout a recent front page article in The Wall Street Journal I read: “According to people familiar with the conversations; the people said; a person familiar with the discussions said; some of the people said; said people familiar with the matter; some of the people said and people familiar with the matter said.”

Nevertheless I believe the topic is valid and am troubled by its implications. The title and subtitle: “Facebook to Banks: Give Us Your Data, We’ll Give You Our Users. Facebook has asked large U.S. banks to share detailed financial information about customers as it seeks to boost user engagement data.”

Reporters Emily Glazer, Deepa Seetharaman and AnnaMaria Andriotis wrote that Facebook had spoken with people at JPMorgan Chase, Citigroup and U.S. Bancorp “to discuss potential offerings it could host for bank customers on Facebook Messenger.” Facebook Messenger is a messaging app and platform.

What did “people say” about the conversations? “Facebook has talked about a feature that would show its users their checking-account balances, the people said. It has also pitched fraud alerts.” In addition, “Facebook asked banks for information about where their users are shopping with their debit and credit cards outside of purchases they make using Facebook Messenger.” Messenger has 1.3 billion active monthly users according to the reporters.

Timing could be better for this outreach. The reporters reminded readers about current investigations in which Cambridge Analytica accessed data on some 87 million Facebook users without user OK. “‘We don’t use purchase data from banks or credit-card companies for ads,’ [Facebook] spokeswoman Elisabeth Diana said. ‘We also don’t have special relationships, partnerships or contracts with banks or credit-card companies to use their customers’ purchase data for ads.’”

Banks are tempted by the digital reach and doing business with online platforms with healthy and growing businesses. Even though Facebook has introduced what it says are safety features, “Bank executives are worried about the breadth of information being sought, even if it means their bank might not being available on certain platforms their customers use.”

While PayPal and Square have beaten banks to the punch in the world of mobile commerce many customers continue to be comfortable with traditional ways of paying such as credit and debit cards, cash and checks.

Some deals between big players are already struck though I question their purpose: American Express members can reach a rep through Facebook. [Why would you need to do that?] Paypal users can send money through Facebook Messenger and Mastercard’s Masterpass digital wallet lets customers place online orders with some merchants.

Before all these mergers of communications, customers and data happen, shouldn’t there first be a firm grasp on digital customer privacy? Why are we becoming so lazy: Is it so onerous to check a balance on your bank’s website that you need Facebook do it for you? Can you believe that AmEx members can’t reach out to a company rep but instead need Facebook to do it for them? These “benefits” appear to potentially favor everyone but the consumer—do you agree?  Do you pay for things via mobile wallet, credit or debit cards, cash or checks? And last, does an article with more than a few generic attributions disturb you?

Service of More Born Every Minute

Monday, May 9th, 2016

Sorry to have to share more scams for suckers but it’s important to get out the word.

Moving right along

Did you hear about the Douglas County, Georgia family that hired a moving company through Craigslist and with the exception of one box, lost all their worldly goods?

The movers had stolen the U-Haul truck [that the vehicle didn’t have the name of a mover painted on the side would have given me immediate pause]. According to Richard Elliot of WSB TV, after loading the truck the movers “appeared to be heading to the family’s new home in another county. But along the way, the homeowner said, the movers ditched her and vanished.” Estimated loss: $75,000. The box was recovered on a sidewalk by Cobb police two days later.

The homeowner was grateful. She’d said “If I don’t get anything back, I want that box, because it has all of our social security, birth certificates in it. It has death records from my mom and son,” she said, as well as the family Bible. The iPads and phones were missing from the box.

The naïveté of the customers made me sad: Most would have kept small electronic items and personal papers with them or stored them with friends. No wonder they were easy marks. I have to give it to the movers: They cleared the house in four hours. That’s lightening fast. Given my recent experiences in moving, I’d guess they didn’t pack or protect much; they must have tossed the furniture and other belongings in the truck.

Vote by hanging up

Have you been invited to attend a town hall meeting on the phone with a political candidate? Take care warned Catherine Fredmen on www.Consumerreports.org where she shared intel from David Dewey, director of research at Pindrop Security, a firm that sells anti-fraud detection technology to call centers and others.

If you’re enticed by scammers that take advantage of the season and you give your credit card number to donate to your favorite pol, “Not only have you handed over money to an unknown entity, you have opened the door to identity theft.” She advises if the call is unsolicited, don’t play ball.

Not playing around

Wrote Fredmen, “Scammers are after more than your credit card number. Instead, they glean personal information to build detailed profiles that can be used for sophisticated forms of identity theft that may not be immediately obvious.” Her example is VTech, a toymaker. She continued: “For example, scammers could exploit the VTech data breach, which compromised the profiles of 6.4 million kids around the world, to hack identities for years. Because kids have no credit history and their parents generally don’t check their credit reports regularly, the theft might not be noticed until the kids grow up and apply for a credit card or financial aid for college.”

Mobile wallets on the move

“Dewey put the security of mobile wallets to a little test,” such as Apple Pay, Google Wallet, Samsung Pay, Android Pay and PayPal, added Fredmen.  “First, he secretly copied credit card numbers and expiration dates from a few colleagues at Pindrop. A little Google investigating revealed the answers to ‘secure’ identification questions (such as a colleague’s mother’s maiden name) needed to activate the colleague’s card under Dewey’s mobile wallet account. Within minutes, Dewey had strolled over to Whole Foods and bought lunch for the office—paid for by his unwitting colleague. (The colleague was reimbursed.)”

Are you familiar with these scams or potential breaches? Know of others?

Get This Blog Emailed to You:
Enter your Email


Preview | Powered by FeedBlitz