Well, it's a new year and there's
new scams. So just like every year, I'm going to make this video going over a
bunch of scams that are either brand new or maybe they're not even new, but
they're becoming more popular recently or they're new variation on an old
scam that you should watch out for coming into 2022. But of course, the best way to
defend against them is to simply know about them. So you should be good by the end of the video for
these, at least. So starting out with number one, we have the Google Voice verification scam, and
this one's really tricky because you might not even realize that you were tricked by the
end of it. This one usually targets people who are selling things online, such as
on Facebook Marketplace or Craigslist, but really anywhere that people post
their phone number to be contacted. And this even includes, sadly,
people who are looking for lost pets, for example. So how this scam works
is they'll first contact you and say they're a little bit hesitant. They
want to verify you're a real person, or verify that you're the real pet's owner, or verify
anything really. And then they'll say that they're going to send a verification text or may also be a
voice phone call, and it'll be from Google Voice. It'll say Google Voice verification text,
and then a code, and they'll ask you to give that code to them. And if you do, even
if you don't have a Google Voice account, they've got you. So let me explain. Google Voice
is basically a service where you get assigned a virtual phone number that ties to your
main phone number, and then you can then receive calls on the virtual phone number
that gets forwarded to your main number. Or you can also make calls from the Google Voice
number, the virtual number. And in this scam, what the scammer is trying to do is set up a new
Google Voice account with the Google Voice number, except it'll be associated
to you, the victim, not them. Because when they set it up, they enter in a
phone number that it will be associated with, and then it sends that phone number, of course,
a verification text. And if you give that, then they can basically sign up for an account
under your number. And this is basically just a way for the scammers to get a nearly unlimited
supply of new phone numbers because normally, obviously, you need a specific phone
number to sign up for each account. But if they're going from person to person online,
they can just trick everyone into signing up and get a whole bunch of numbers. And then those
numbers would be used to scam other people. So in this one, you might particularly
not lose any money or anything. But still, your number is going to now be associated
with some random Google Voice account. And if you do get tricked, you basically have to
go through a process which is called reclaiming your number, which I believe involves just
signing up for your own Google Voice account and then re-verifying with your phone
number. But it'll now be switched on to your actual account that you
created, and take it off the other one. So, yeah, just be aware of this one, because
you might not have realized that this was even possibly a scam. All right next up, we have these
Zelle payment scam, and this one's interesting because you might not even realize that a lot
of banks, possibly even your bank, uses Zelle and may have automatically signed you up so
you can receive payments or send payments through Zelle, even though you never really
made an account for it. And that's what the scammers take advantage of. So how this
scam works, is scammers will send out mass text messages to a whole bunch of
people and it'll say something like, "fraud detected, if you did not make this
charge for whatever amount of dollars, reply no or yes". And no matter what you
respond, if you do respond at all, they will then call you from a spoofed number to
look like the bank and pretend to be the bank's fraud department. Then they'll say something
like, "Oh, we need to verify your identity" and they'll ask for your bank username, not
your password, which some people might be thrown off by. And the reason for this is what
they're going to try and do is go through the password reset process with you on the phone,
but you don't realize that's what's happening. So they basically go onto the bank's website, put
in the username you just gave them and say forgot password, which will then, with Zelle at least
apparently trigger a text message to be sent to the phone number associated with it. Which again,
is your number, but you might not realize that it is. And what they'll say is, "Oh, I'm going to
be sending you a SMS message with a verification code, and you'll have to read that back to
me to make sure you're legit" or whatever. And unbeknownst to you, that's not a
verification text code, it's a code to reset your password. Anyway, so once they get
this number, they basically are able to get into your bank account and potentially
even change your password. And because Zelle is tied to your bank account usually,
they can use this to send money out of it. Now, I believe in some scenarios when they
do go to try and transfer money out, it will also trigger another confirmation text message. So
what they'll probably do is keep you on the line, and they'll say that, "hey you're going to get a
text message and it's the refund confirmation. So you have to make sure that you
confirm it because I'm sending the money back into your account that
was stolen" or something like that. Meanwhile no, it's actually a confirmation
for money coming out of your account to the scammer. So you have to be aware of that, that
they will say really anything to get you to put in these codes or confirm the text message. And
this one is actually part of a larger trend of scammers realizing they can get around two factor
authentication using SMS codes, because a lot of websites stupidly basically make it so a text
message turns into a one factor authentication, where you can reset your password with nothing
but the confirmation code on your phone, which then opens up the possibility of
scammers simply asking people for it. And even though usually it says,
never share this code with anyone, people apparently do it anyway. And what's
actually apparently really bad about this one, is a lot of banks they say in their terms
of service that the Zelle transfer doesn't actually get covered under certain fraud terms.
So you kind of might just be out that money. So definitely be aware of this one. All right onto
the next one, we have the cloud access job scam. And this one is another interesting
one because it doesn't always scam the person directly, but rather uses
them sort of like the Google Voice scam to scam other people. Although sometimes depending
on the situation, you can be scammed directly. So how this scam works is the scammers
will post a fake job listing online, which people will respond to, and they may even do a mock interview where they don't really show
their face, of course. But maybe it's a text interview or over chat or something like that.
And then they'll offer you the job, of course. And then afterwards they'll say something
like, "Oh, well we do have some requirements for you to actually be getting into this job
and we have to have you sign this tax form and an NDA". And first of all with the tax form,
that's not even the main part of the scam, but they might be kind of double dipping
by when you do fill that information out, like with your Social Security number, they
might take that and use that later against you. But the main part of the scam is actually this
other document, which they may call an NDA, and it'll say things like, "Oh, to get this
job, you need to confirm that you're willing to go through our setup process within
24 hours or else you won't get the job". And this process basically involves you signing up
for a cloud computing account. Whether that's AWS, Amazon Web Services or Google
Cloud, something like that. And the payoff for the scammers is they'll
ask you, all right, after you set it up, give us the username and password and we can
complete our setup process. And then once you do, of course, then they can use that Google
Cloud or AWS account for nefarious purposes. A lot of times these accounts will have a starting
bonus credit or something like a trial credit, and those users now used your information that
you're now associated with for fraud, which obviously is not good. Or sometimes I believe they
may even get you to add your credit card number to the account and then say, "Oh, we'll reimburse
you and we'll give you a bonus if you do this". And then of course, they can not only just charge
the trial credit, but then start using your credit card information for fraudulent purposes by
running, maybe a DDoS attack, or whatever they want to use these computing resources
from this account on other people. So if someone asks you to sign up for an account and
then you give them the username and password, that's really suspicious because why couldn't
they have just done that for you then? So just be wary that these types of scams are
out there. Up next, we have post-disaster scams, which is a more general category. And these
are becoming more common simply because there is more things happening. For example,
in 2021, there is that huge "tornado outbreak", it's being called where a whole bunch of
homes across the United States were destroyed, and then scammers of course lined
up to take advantage of this. For example, you may see an advertisement
or receive a text or phone call, whatever, and it'll say, "Hey, you're eligible for
FEMA relief funds. You can get some money and you just have to pay this fee and then
we'll get you the funds". And obviously, fees for FEMA relief are not a thing.
It's a scam to just take your money. Some scammers may also pretend to be government
officials as part of the relief effort and say that, "oh, to help you out or get you whatever
resources, we need to first get your personal information and your banking information", or
maybe even transfer money directly. And of course, it's the same idea, that they might use it
to steal your identity, something like that. So just be very suspicious and only sign up
for any kind of resources through official government websites. And an example of
one apparently that was more frequent was these scammy debris removal services, where
they were not qualified professionals or anything. But they would advertise these services to remove
debris from your home or wherever. And they would either demand outrageous prices way above market
rate that didn't even make sense to scammy levels, or they may demand money upfront and then have crappy work and then refuse to refund
you, or just crappy work in general. So of course, just remember even if you go through
a disaster. Still try and take the time to vet some of these people that are claiming to be
who they are, they might not be. All right, moving on, we have the Geek Squad subscription
scam. And no, this is not saying that Geek Squad is the scam, but rather scammers
using that name as part of the scam. Now this scam is actually really similar
to other scams, but usually the scammers use something like Amazon. So I'd never
seen it used before with Geek Squad, so I figured I'd bring it up. And how this
one works is they'll send you a text message or probably an email, that will be a
fake subscription renewal confirmation. And then they'll say, "Oh, to contact
for information about this order, contact this phone number", of course, which is
going to contact the scammer. And then from there, it's the usual. They ask you, "Oh, what's your
credit card info? So we can confirm the order", or something like that. And of course, they
just use that to steal and take your money. And the way to defend against these scams,
is to simply call the official phone number on the actual retailer's website. So in this
case, you go on Best Buy's actual website, check their actual phone number, don't
rely on the one there's in the email if you really want to check for it, or just kind
of be able to recognize that it is a scam. And also just be aware that these types
of scams are not just happening for Apple, iTunes and Amazon anymore,
it's more obscure services. All right, onto the next scam is the Omicron
PCR testing scam. And apparently this one is happening mostly in the United
Kingdom, but really could happen anywhere. And basically, how it works is you'll get a
text message or an email, something like that. Maybe even see an advertisement,
that claims to be a way to get a free COVID Omicron test. And in the United Kingdom,
at least the one that's mostly going around sends you to a website that looks like the NHS,
the National Health Service. And basically, you have to fill out all your personal information,
potentially even a credit card information, and then they'll just steal whatever you put
in. And then you don't get the test, obviously. And I remember actually talking
about this scam I think last year, where it was obviously not Omicron, but it
was the same story, scammers pretending to be a government agency. And in that one, they
did ask for your credit card number for a fee. So just be aware, to always only go to the
official website and make sure you check that URL. Now this next scam is definitely not new,
but it does show, I think, that scammers are becoming more bold in their scams, and that
is that some of them are using even prop, fake money to pay for things they are buying
from you online. And this actually did happen to someone on Reddit, they posted about
it, which is where I got this example. Where they sold their iPad in a public place
and the person handed them fake prop money, where on it it literally says "for motion
picture use only". But they, I guess, didn't inspect it close enough. And you can
kind of see it looks different. And they also mention it was very, very cold out, which could
have been the reason maybe why he didn't notice that it felt different because your
hands are a little bit more numb. Now in this example specifically, they were
given 100 dollar bills, but theoretically it could happen with any denomination. So if
you do receive large bills from anyone really, always be sure to maybe give it an extra glance
to make sure it is at least passably real. And I think if you are selling something to a stranger,
then check it no matter what the denomination is. Even if it's very small, you want
to make sure they're not giving you anything fake that's smaller, because
people might not check smaller bills. Now, I was under the impression that prop money
was supposed to be either larger or smaller or have some other characteristics that
made it easy to spot up close as being fake, but either the scammers modified it somehow or
the person really didn't look close at all. OK, coming near the end, we still have a couple more.
This next one is child tax credit scams. Now, last year in the United States, the federal
government did send out payments in the form of tax credits, depending on if
you had children and stuff like that. But theoretically, this could happen anywhere
in the world for any government program that is involving sending money to
people. And what scammers have been doing is at the time these payments were going
out and still to this day continuing, saying that, "Oh well, you
qualify for this tax credit", or maybe by this point they'll say, "Oh, you're
qualifying to get another tax credit". And how this one works is not really a new story. They contact you via text message or voicemail
or whatever email, and they'll say, "Hey, you qualify for this tax credit. You can get this
amount of money, but you have to do x y z first". And really the sky is the limit after you
contact them and believe it, they could ask for personal information, banking information
a fee or something for the bank transfer. Whatever they say, they're probably going to try
and get as much as they can out of you. And if you do seem like a gullible person, they might not
stop at just asking for identity information, but maybe even try to get you to
directly pay with a credit card, stuff like that. OK, finally we have the
Emergency Broadband Program impersonators. Now this one is actually a really run-of-the-mill
scam in terms of the technique, but I wanted to point this one out because the real
program, not the scam one, obviously, is actually something I think most
people should at least know about, so I wanted to mention it. It's just
another federal program here in the USA. But basically, if you qualify, the
government apparently will give you a refund of, or a kind of a rebate of,
50 bucks a month for internet service, and like 100 for any laptop you purchase.
So that might be worth checking if you're struggling to pay for your internet bill,
especially in these times of remote work. You might want to look into that, of course,
just on the official government website. Don't believe any of these scammers.
So let me get to that. The main notable thing I noticed about this game when I was
reading is that apparently scammers are using social media advertising to spread it, not
just spam texts and stuff like that. And a lot of people may fall for it because they
may expect to get spam on their text message or email , but maybe not see scams in social
media advertising like on Facebook or something. And then what happens, is you click on
this advertisement or click on the link, maybe they do send an email.
And then it's the usual "Oh, take sign up for this. We need your identity
information. We need you to pay this fee", whatever. So just remember if you do see
advertisements for some government program, even if it is a real thing, definitely look it
up yourself on the actual government website. Google the actual website, don't necessarily
take an advertisement at face value. So by now, you should be at least more aware of some of the
more popular scams, though don't think that these are the only ones going around. But if you are
aware of the general patterns of these scams, at the end of the day, they're kind of
similar so you can start to recognize them, even if it's not exactly the same. Now, if you guys want to keep watching, the next video I'd recommend is one I made talking
about how scammers are using new automated bots to trick people into giving away two factor
authentication codes. Like I mentioned that's kind of a pattern, and it's a little bit
different than what I even mentioned here. So definitely check that one out. So you're
aware of it. So thanks so much watch, guys, and I'll see in the next one.
