Beware of ‘free’ puzzles, collect scam calls and more

By Robert E. Holtfreter, Ph.D., CFE, CICA

   Taking Back the ID: Identity theft prevention analysis


To release her nervous energy, Katie Duke enjoyed working Sudoku puzzles in the newspaper. But that wasn't enough. She helped satisfy her addiction by downloading "free" puzzles on a various websites. Big mistake. She soon would become a victim of the "nasty number puzzler scam."

According to the Scambusters' website, fraudsters attach macros — the basic elements of the spreadsheet program, Excel — to emails or embed them on websites. When rabid puzzlers click on notices for "free Sudoku games," they unwittingly download malicious malware programs that exploit weaknesses in the software on their computers and mobile devices and swipe personal identifying information (PII). If you want to work Sudoku puzzles, purchase a booklet at the drugstore.


Scam busters describes the "crooks collect scam": Fraudsters use random dialers to deliver automated messages to phones (both landline and mobile) that ask potential victims to accept collect calls from inmates by pressing the "1" on their keypads. Of course, this is a ruse; live phone operators usually handle collect calls. Pressing the key allows thieves — often actual inmates — to use the connections to make long-distance telephone calls and charge them to victims' accounts.

Those receiving these calls (I got one about six months ago) can ask their service providers to block these calls.


According to the Internet Crime Complain Center (IC3), spammers continue to send billions of emails daily. Some of them, of course, contain malware for stealing usernames and passwords for online banking web sites and harvesting other PII. (See "Spam: delivering malware and advertising dangerous counterfeit goods," Aug. 7, 2013.)

The fraudsters are sending spam that advertises illegal or counterfeit products often made with inferior materials and, in some cases, are dangerous and harmful.

Cybercriminals are increasingly targeting smartphone owners with spear-phishing spam messages purported to be from employees of their firms, credit card companies or banks.

According to the IC3, fraudsters also are sending spam messages with links to malware via social and media networks to steal contact lists and then send text messages asking for PII to those on the lists. A recipient thinks the message is from a friend and is prompted to provide PII or click on a malicious link.

The IC3 reminds us that "if you receive an email that appears to be from a trusted source but are asked for personal or financial information, do not respond." Instead, do the following:

  • Report the email by calling or emailing the company's customer service representatives. If the email you're questioning is from your bank or credit card company, use the phone number on the statements you receive or on the back of the credit card.
  • Never respond to emails asking for personal or financial information unless you ensure they're legitimate.
  • Don't purchase products from spam emails because they're likely to be counterfeit and can be dangerous or deadly.
  • If you receive a spam email or message on social media or social networking websites, delete it immediately and don't click any of the provided links. These can contain malware that could take control of your computer and steal PII.


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.