National Consumer's Protection Week 
Beware of Romance Scams!

March 6-10, 2023

Unfortunately, the Internet, social media, and dating websites are perfect for tricking susceptible Americans into romantic relationships. Scammers will pretend to be interested in an unwitting person and, after building a rapport, ask them to send money or to cash a check or money order. Often, the scammers create urgency by claiming to have a medical emergency or promising to come to the U.S. to be with that person—just as long as a check or money order is cashed to cover expenses. None of their stories are true. Anyone who is socially isolated is susceptible to this scam.

Although many dating sites take steps to provide a safe forum for meeting online, you can do more to protect yourself from scamming fraudsters to keep your online relationships safe.

  • First, with any Internet-based relationship, keep your personal details to yourself.
  • Next, do a quick Google search of the other person’s name and the town they claim to be living in.
  • From there, proceed slowly and look for inconsistencies in the other person’s profile and the information they share.
  • Keep an eye out for signs the relationship is moving in a direction that it wouldn’t otherwise go if meeting in real life.
  • As you get to know the other person, gently apply the brakes if your new friend pushes to take the conversation to private email. Stay on the website’s platform until it’s time to meet in person.

Indications that someone may not be who they say they are:

  • Their name and the name embedded in their email address does not match.
  • Obvious spelling and grammar errors.
  • The online profile suddenly disappears from the dating site.
  • They pledge their love way too quickly.
  • They ask you to send or receive money/packages.
  • They need money right away due to a medical or family emergency.
  • They need a Visa or plane tickets.
  • They claim a business opportunity arose that was too good to turn down, and they ask you to wire a loan.


People conducting online imposter scams frequently spin the same lines or tell the same backstory over and over.
That’s where conducting a Google search can be especially helpful. If an online love interest starts making declarations of undying devotion and churning out love poems, search some of the lines on the Internet and see where they’ve been used before. The expressions and pet phrases that online catfishers use are frequently recycled.


Common phrases include:

  • My child is being cared for by a nanny or guardian.
  • My wife or husband is dead.
  • My child is already calling you “mom” or “dad.”
  • You are my love or my darling.
  • I cannot wait to be with you.


A legitimate love interest will understand if you ask for proof they are for real.
Request a customized photo. Ask them to hold today’s newspaper or a book you have both read in the photo. Next, conduct an online search of any photos they’ve already provided.

If using Bing, choose “Search by Image” by clicking the camera icon under the image search subsection. If using Google, do an image search. If the search results indicate something suspicious, it’s time to lay the evidence on the table. Don’t be surprised if they admit they are a scammer but “have fallen in love for real.” That’s just another tactic, and a heavily recycled one.



What you can do:

  • As difficult as it may be, cease all communication.
  • Block attempts to resume contact via email, text, or phone. Above all, resist the temptation to physically locate and confront the person you’ve been corresponding with. Turn over everything, including copies of correspondence, to law enforcement and let them investigate.
  • If you met on a dating site, contact the site administrator, and let them know.
  • If you met on social media, lock down your account.
  • New “friend requests” could be the same scammer or one of their associates.
  • Screen incoming calls and don’t answer any callers you don’t immediately recognize; let it go to voicemail.
  • If possible, change your phone number and make it non-public.



    Romance scams hit twice: once in the heart, and then in the pocketbook.

      • If your bank or credit accounts were used, contact the bank and credit provider and the Social Security Administration.
      • Put a credit alert or freeze on your accounts.
      • Get a free copy of your credit report and look for accounts you don’t recognize. Make a report with the FBI’s Internet Crime Complaint Center: www.Ic3.gov and the FTC’s Bureau of Consumer Protection: www.consumer.ftc.gov.
      • Or, call the FTC: 877-382-4357.


    What we can all do together:

      • Educate and promote awareness about online romance scams, so people can identify scams and report them.
      • Report and encourage others to report online romance scams. The more reports of these scams, the more resources will be dedicated to preventing them in the future.
 
Tennessee Secretary of State Warns of New Scam Targeting Tennesseans

September 28, 2022

The Tennessee Secretary of State’s office is warning Tennesseans about an official-looking mailer from TN UCC Statement Service that incorrectly implies that businesses or individuals need a copy of the UCC-1 financing statement filed against them.

The Uniform Commercial Code (UCC) is a comprehensive set of laws governing sales and other commercial transactions. A UCC-1 financing statement is a legal form that a creditor files to give notice that it has the right to take possession of and sell certain assets belonging to the debtor for the repayment of a specific debt.

UCC-1 financing statements are common in Tennessee, with the Secretary of State’s Division of Business and Charitable Organizations issuing around 200,000 each year.

The scam mailer, Tennessee UCC Statement Request Form, tries to get Tennesseans to pay $107 for the TN UCC Statement Service to request a copy of the UCC-1 financing statement on behalf of the debtor. The mailer implies that the recipient needs a copy of the UCC-1 financing statement. This is rarely the case, the Secretary of State clarified.

Businesses and individuals that do want a copy of a UCC-1 financing statement can request one directly from the Secretary of State’s office for $15 by phone at 615-741-2286, mail or online.

To report the receipt of a suspicious mailer about a UCC-1 financing statement, contact the Division of Business and Charitable Organizations by phone at 615-741-2286 or email at TNSOS.CERT@tn.gov and the Attorney General’s office by phone at 615-741-3491 or online.

 
LinkedIn Brand - Most Abused in Phishing Attempts

by Dark Reading Staff; April 20, 2022; DarkReading.com

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks.

April 20, 2022

Shipping, retail, and tech companies are no longer the most popular brands used to hide phishing attacks. Instead, social media platforms have become the brands of choice used to dupe victims and steal their personal data, with LinkedIn-related lures accounting for a full 52% of all global phishing attacks during January, February, and March of 2022, according to new data.

LinkedIn phishing-lure use exploded by 44% over the previous quarter, when it was used in just 8% of phishing attempts, according to Check Point's latest Brand Phishing Report.

"As well as LinkedIn being the most targeted brand by a considerable margin, WhatsApp maintained its position in the top ten, accounting for almost 1 in 20 phishing-related attacks worldwide," the report said.

Shipping is still a draw, even though LinkedIn overtook DHL as the brand most often used in phishing attacks. DHL is now the second-most abused brand, behind 14% of attempts during the same time period. FedEx moved up from seventh place to fifth over the past quarter, with 6% of all phishing attempts spoofing its brand.

Check Point's List of Top 10 Abused Brands

  1. LinkedIn (accounting for 52% of all global phishing attacks over the quarter)
  2. DHL (14%)
  3. Google (7%)
  4. Microsoft (6%)
  5. FedEx (6%)
  6. WhatsApp (4%)
  7. Amazon (2%)
  8. Maersk (1%)
  9. AliExpress (0.8%)
  10. Apple (0.8%)

Top 10 Scams for 2022

  1. Debt Collection:
    Most of the complaints under this category involve debt collectors. Consumers tell of receiving calls from harassing collectors who are threatening and will repeatedly call attempting to collect a debt. Other complaints that fall under this category involved credit/debit card fees, pay day loans, credit repair companies and unauthorized use of credit/debit cards. Some of these complaints involved hidden fees and billing disputes as well.
  2. Fake Government Officials 
    If you received an email, letter or phone call from a government agency (typically the IRS or FBI) and it instructs you to wire, Western Union or MoneyGram money someplace, or follow a link and enter information - don't believe it!  The U.S. government would never instruct anyone to use those methods to pay any bill or carry out a financial transaction, particularly with an overseas bank or agency.
  3. Identity Theft, Phishing and Pharming
    Scammers gain access to your confidential information, like social security numbers, date of birth and then use it to apply for credit cards, loans and financial accounts. Typically, the victim receives an email that appears to be from a credible, real bank or credit card company, with links to a website and a request to update account information. But the website and email are fakes, made to look like the real website.
  4. Phone scams
    This includes telemarketers violating the Do Not Call list, Robo-dialers, scammers calling up pretending to be from a bank or credit card company. The National Do Not Call Registry (U.S.) or the National Do Not Call List (Canada) offer consumers a free way to reduce telemarketing calls. Scammers call anyway, of course, and they've even found a way to scam consumers by pretending to be a government official calling to sign you up or confirming your previous participation on the Dot Not call list! A good example of this is the "Your Microsoft license key has expired" scam call - which you can hear and read about on this page.
  5. Loans Scams / Credit Fixers
    False promises of business or personal loans, even if credit is bad, for a fee upfront. Or a scam that promises to repair your credit for a fee.
  6. Fake Prizes, Sweepstakes, Free Gifts, Lottery Scams
    You receive an email claiming you won a prize, lottery or gift, and you only have to pay a "small fee" to claim it or cover "handling costs". These include scams which can go under the name of genuine lotteries like the UK National Lottery and the El Gordo Spanish lottery.  Unsolicited email or telephone calls tell people they are being entered or have already been entered into a prize draw. Later, they receive a call congratulating them on winning a substantial prize in a national lottery. But before they can claim their prize, they are told they must send money to pay for administration fees and taxes. The prize, of course, does not exist. No genuine lottery asks for money to pay fees or notifies it's winners via email.
  7. Internet merchandise scams
    You purchase something online, but it is either never delivered or it is not what they claimed it was, or is defective. Online shopping, and other shop from home, such as catalog, mail and phone shopping scams are on the rise.
  8. Automobile-Related Complaints
    Car loans, car buying, car sales, auto repair, fake or useless extended warranties. Some of the complaints alleged consumers paid for repairs and that services provided were shoddy. Consumers reported repair companies that return vehicles to the consumer in a worse condition than how it was initially given to them. Other complaints involved consumers not receiving title to their vehicles at the time of sale
  9. Credit Bureaus and related credit scams
    Credit/debit card fees, pay day loans, credit repair companies and unauthorized use of credit/debit cards. Some of these complaints involved hidden fees and billing disputes as well.
  10. Phishing/Spoofing Emails
    Emails that pretend to be from a company, organization or government agency but ask you to enter or confirm your personal information. 

Scams, Schemes & Swindles from TN Dept. of Commerce

The Scams, Schemes & Swindles webpage managed by the TN Dept. of Commerce and Insurance serves as a central location for scam information with links to fraud and scam webpages of other departments and agencies. The webpage provides common scam information related to dozens of scams impacting all individuals including elderly financial scams like the medicare brace scam or the grandparent scam.


The site includes helpful links about the scam and some resources to help educate consumers, such as this infographic developed in partnership with the ABA Foundation and the FTC that shows the signs of and gives tips to avoid a romance or online dating scam.


New Malware Affecting Home & Small Business Routers

Federal officials and cyber security experts have been reporting about a newly disclosed malware known as “VPNFilter.” Security researchers are estimating that over 500,000 small business and home office routers could be affected. Among the devices identified are routers from Linksys, MikroTik, NETGEAR, TP-LINK and QNAP. While the list of devices reported is not all inclusive, these are the brands identified at this time.

The malware is destructive and it is important for home users to take precautionary steps. Below are some recommended best practices to help protect you and your home network:

  1. Modem/Router Reboot: A simple reboot of your modem/router can help prevent your device from becoming infected. This can be accomplished by unplugging the device from the electrical outlet, waiting at least 10 seconds, and then plugging the device back in.
  2. Proper Password(s): Always make sure any device at home that connects to the internet have unique passwords and never the default admin passwords that come with the device.
  3. Patch/Update Firmware: Many routers and modems receive security updates from time to time, but if you are not sure, contact your Internet Service Provider or go to your router’s website for the most up to date firmware or update for your router. Netgear and Linksys have already established how-to guides on their websites.


Important Tax Fraud Alert

The Internal Revenue Service has issued an alert on erroneous federal tax refunds resulting from an emerging fraud scheme effecting thousands of people. Real taxpayer information including bank account and routing information for direct deposit has been stolen from tax professionals and used to file fraudulent returns. The fraudster contacts the taxpayer posing as an employee of a debt collection agency on behalf of the IRS with instructions on returning the money. If this happens to you, the IRS requests you contact the Automated Clearing House department of the bank/financial institution where the direct deposit was received and have them return it to the IRS. Taxpayers are also asked to contact the IRS at (800) 829-1040 (individuals) or (800) 829-4933 (business) to explain why the direct deposit is being returned. For more information,

Tax Topic Number 161, Returning an Erroneous Refund


Equifax Breach

For information regarding the Equifax breach, please Click Here to be directed to their website or call 866-447-7559.