Universal Credit Scam Hits Dating Apps

Users being enticed in with ‘get money quick’ scam.

Universal Credit Logo

After media outlets broke the details about the Universal credit scam leaving claimants up to £1,500 out of pocket, DPS Computing can exclusively reveal that the brazen scammers have now relocated to popular dating apps, including Grindr, in an attempt to find more people to scam.

Scammers are approaching people online suggesting that they can make £600 to £800 online in a matter of hours as long as you have a passport, driving license and bank card available.

Different stories have been encountered, but the most recent is that they have a contact that works within Job Centre Plus that would open an unspecified account in your name, process back payments and then close the JCP account after the payments had been deposited in your account.

Responding to common privacy fears, the scammers attempt to reassure would be victims by saying that your documents are uploaded directly to a government approved and authorised application and there is no need to pass your details directly to them.

Verifying through the app will avoid any interviews with an adviser at Job Centre Plus according to the scammers.

For facilitating this ‘free money’, the scammers demand 50% or more of the payment as a fee. However, unknowingly the money is likely to have been obtained via a fraudulent benefits claim which will leave the victim potentially thousands of pounds out of pocket as well as collectively costing the tax payer millions.

Despite the growing crisis, the government appears to be completely unable to put a stop to this scam and have today warned victims that they may still have to pay the money claimed back according to the BBC.

Not Always As It Seems? – The Modern Online ‘Scam’

Many, if not all, of us will be familiar with online scams.  From the ‘you’ve won the lottery scams’ right through to the fact that Gadaffi’s fortunes have been left in the hands of a solicitor who wants to give you $20 million just because he’s a nice kind of guy.  E-mail scams have been going on for a long, long time.  But is there a new way that we are getting scammed online?  A way that we don’t realise we are getting scammed?

Well unfortunately, the answer appears to be yes.  And most of the time we might not be aware that we are getting scammed.  It can often go undetected due to the fact that they aren’t targeting our money – rather they are targeting our time (to get others money ultimately).  Let’s explain…..

The Traditional Online Scam

The traditional online scam.  To all intents and purposes, it is as old as the Internet itself.  With e-mail scanning becoming more prevalent and online users becoming more wary, scammers are needing to stay ahead of the game.  After traditional online scams have been exploited for over two decades they are bar far less effective than they used to be.  And the future looks like the success of these traditional scams will likely to continue to decrease.

But scammers still need to scam – it’s what they do.  So what they need is a new scam…..

The Modern Online Scam

That brings us on to the modern online scam.  A scam which isn’t really covered anywhere else and isn’t widely known about.  Dare I say, very few people will probably be aware of it (to its full extent).

A major flaw of the traditional online scam is that sooner or later it becomes obvious that financially, you’ve lost out – whether it be cloned cards used for fake withdrawals or fraudulent online transactions.  Ultimately, quite detectable.

So logic would dictate that to make the crime less, or undetectable, we remove the missing money element.  However, then how would the scammer gain from the scam?

If there was some way that they could leave the person ‘scammed’ with their finances intact but indirectly use them to obtain money for the scammer from third parties.  An ingenius theory – but how to pull it off?  In the offline world, something like this would be impossible to pull off.  But as many people learn on a daily basis, pretty much anything is possible online.

How Does It Work?

Right, lets get to the nitty gritty of how this works.  The people being ‘scammed’ = Internet users – however these aren’t the ones who financially lose out.  The Internet users are in effect being used to scam third parties, usually affiliate advertising programs, of their money without the knowledge of the user.  In essence its all legitimate – I guess it would come down to how you define ‘scam’ as to whether you class it as a scam, dishonesty or just plain immoral.

Let’s explain with a simple example.

In our theoretical world DPS Computing launches ‘DPS Keyboards’.  Now these aren’t just any keyboards – they are the most amazing keyboards in the world…. ever!  Not only do they work in the way that a traditional keyboard works but they also many other special things that makes them completely irresistible.  Needless to say that everybody in the world wants a DPS Keyboard – priced at £99.99 (told you it was amazing!).

Now, in our theoretical world their is a scammer, called Bob.  Bob wants to make money online.  Bob notices that there is loads of media attention surrounding DPS Keyboards and that everyone in the world wants one.  Bob capitalises on this.  He sets up a website.  The topic of his website?  Well, that’d be ‘COMPLETELY FREE DPS Keyboards’.  Wow, Bob must be rich……..

Bob sets up his ‘COMPLETELY FREE DPS Keyboards’ website and places loads of affiliate ads all over the pages from many different ad providers (Adsense for example).

Everyone all over the world is searching for DPS Keyboards, and Bobs page, over the course of a few weeks, quickly rises to the top of the search rankings – who wouldn’t be interested in a £99.99 amazing keyboard for free?

Everyone goes on Bobs website, registers for their free keyboards, looks at other pages on there, maybe even clicks on an ad or two.

Everyone excitedly waits for their free DPS Keyboard.  It doesn’t turn up.

So back to Bobs website, have a browse, try to contact him, find an e-mail address, contact him and while on Bobs site have a little more browsing for answers (again viewing more ads and clicking on a couple).

Fast forward a year….. and no one has their free DPS Keyboards.  However, Bob has been making a nice little earning on the side from all the extra revenue he has created.  But how?  He was giving the keyboards away for free – he wasn’t getting any card details.

True, true.  However, what he was doing was getting people to his website viewing ads when each page load and also clicking on some of them.  All of this will have been making money for Bob.  That in itself isn’t the ‘scam’ part of it…. that’s completely legitimate.  But for the fact that……

Bob never had any DPS Keyboards.  And he certainly never intended to give any of them away for free.  What he did was pick a popular topic that loads of people were searching for and made an irresistible offer – in this case an expensive item for free.  There was no intention to actually go through with what was on offer – just the intention of having you browse lots of pages and click lots of ads on a website which had lured you there under false pretences.

Now I picked an extreme example here to highlight how it works…. but there are many takes of this scam currently happening on the Internet.

Ever seen ads for ‘paid for blogging’ services?  While some are legitimate, some are just there to perpetrate this type of scam.    Everybody would like to make half a million pounds a year from blogging.  Getting paid to blog about things would be a dream come true for many people.  So, a site will spring up and get you to register with them with the promise that you’ll be sent offers x times a day and you’ll be making hundreds of pounds in no time.  Only, with the scamming sites, when you actually register you don’t receive anything.  The whole idea of the site was to pick a popular subject, lure people in, and hopefully rake in advertising revenues.

Same goes for survey websites offering £7 per survey.  Yes there are some legitimate sites that pay for you to complete surveys…. but remember there are also scam sites set up.  Always use caution and good judgement.

Remember the old saying, if it’s too good to be true, it probably is.  This applies on the Internet as well – maybe even more so!

Conclusion

Although the person being scammed doesn’t lose out financially, you do lose out on your time.  And if time is money….. it’s just a round about way of getting cash for the scammers.

It always pays to be vigilant on the Internet.  Do your research, know who you’re dealing with.  Look for reviews, past experiences and previous site members.  Don’t get sent down blind alleys that promise you everything and give you nothing!

If you’ve ever registered for an offer/service/competition/part time job etc online that has turned out to be nothing, other than a honeypot to lure you in so they can earn affiliates advertising money, feel free to leave a comment below.  :).  Stay safe everyone!

Fake SpamCop E-mails Doing The Rounds – Beware! – (spaNcop)

SpamCop Logo

Fake SpamCop e-mails are once again doing the rounds as e-mails purporting to be from SpamCop (but actually not from SpamCop) have increased once again over the past few days.

The fake SpamCop e-mails inform the recipient that their e-mail address ‘could’ have been blacklisted for taking part in fraudulent activity.  The e-mail then goes on to advise that you download and open up an archive file which is attached to the e-mail.

It should be noted that SpamCop is a legitimate anti-spam company based at www.spamcop.net.

These fake e-mails are coming from the domain www.spancop.net – notice the subtle difference – then ‘n’ rather than the ‘m’.  E-mails from spancop.net should not be acted on and you should not open any attachments in e-mails from this domain.  The attachments, according to online security companies, contain malware that in some instances is automatically extracted and executed on some machines after it is download to a users computer.

It is strongly advised that you delete these e-mails from spaNcop.net as soon as possible after receiving them.  You can (and probably should) report them as well – I’m sure the real SpamCop would be grateful to hear about these shameless attempts to impersonate their company and damage their reputation.

Please note, spaNcop has nothing to do with spaMcop!

SpamCop are a legitimate company and would never send you e-mails such as the fake ones being received, purporting to be from the real SpamCop.

Please note, the e-mail subject and body will refer to ‘SpamCop’ (spelt correctly), however the fake e-mails are originating from spaNcop.net (you can see this in the ‘From’ field in your e-mail client.

The ‘From’ field of the fake e-mails will look something like the following:

Spancop - Fake E-mails - From Field

Please be aware that there could (and likely is) variations with the e-mail address, particularly likely in the part before the ‘@’ symbol.

As you can see though, by the time we get to the ‘Subject’ field, the spammers attempt to impersonate the real SpamCop by using their name:

Spancop - Fake E-mail - Subject Field

Then the body is typically this or a variation on this theme:

Spancop - Fake E-mail - Body Text

Please note that the real SpamCop never send e-mails such as this one!  Again, once again note that the e-mail refers to the real SpamCop even though it isn’t from them – don’t be fooled!

An attachment, usually an archive, is also attached:

Spancop - Fake E-mail - Attachment

DPS Computing Limited can confirm that the e-mails from spaNcop.net are fake, and the sample e-mails from them that we have analysed all had attachments which contained malware, which appear to mainly target Windows operating systems (although there may be variations out there affecting other operating systems as well).

Yell.com – Could ‘Rogue’ Employees Be Responsible?

Yell.comFollowing our completely shocking experience with Yell.com sales staff, DPS Computing is asking the question – “could rogue employees be responsible for their terrible reputation”?

Further to our initial encounter with Yell.com on the telephone we immediately rang Yell.com’s customer service department to lodge a complaint against a phone call which was vulgar, rude, offensive and aggressive.  The lady that we talked to at customer services seemed to be a very polite woman – and to her credit remained polite throughout the phone call, and did indeed call back and leave us a message several days later (exactly as she indicated in the call).  During the initial phone call the lady from customers services indicated that the telephone number was not recognised as being one of theirs.  As our account (and listing) had only just been submitted and was not actually visible on the site, she informed us that she couldn’t currently access any information about our company or any calls made to it.  During our call she did apologise for the treatment we received.  She alluded to the fact that this could have been a scam call but that they would ring us back in a few days after investigating information relating to our account.

One interesting thing to note is that apparently, until a listing is displayed on the Yell.com website, it is not accessible to sales staff.  This could well be true, but the information must be stored somewhere by Yell.com in between registration and displaying the listing.  Also, information for companies is likely to be registered in many places, so it is likely that Yell.com sales staff could generate new ‘leads’ by targeting non-Yell registered businesses and gathering their information from many different Internet sources.

We unfortunately missed the return call however we got a message yesterday indicating that she could now access the account however, there was no indication that a sales representative had called us or had even been able to access our information.  She remained polite and added that should we have any more information about the call she would be happy to receive a call from us so that they could investigate further.

So…. at this stage, we’ve got a dilemma.  Could it be a scam?  Well, yes, it would be untruthful to say that there is no possibility that it is a scam.  However, there would be several indications towards the fact that the call was genuine including:

  • This call was received hours after registering for a free listing on Yell.com.
  • We helped a client of ours recently (around 2 weeks ago) register for a free listing on Yell.com – the same thing happened, within a few hours Yell.com sales called up – we were present when the call was received.
  • The caller only seemed to know information that was entered into the Yell.com website.  Now, obviously, DPS Computing is advertised in many different places, but most forms have different fields / quirks etc to them – and our information isn’t normally entered as a carbon copy of what we have entered onto the other websites.
  • The caller rang from an easily recordable (i.e. not unknown / private / withheld number) number and this number was not a ‘throw away’ pre paid mobile – again, not usually preferred by a scammer as if reported to the authorities, this number could be traced.
  • The caller stayed on the line for approximately an hour – very unusual if it was a scammer.
  • The caller stayed on the line despite questions being asked and challenges to the information being provided – again very unusual if it was a scammer.
  • Reports of call from Yell.com on ‘0800108579’ have been reported on for approximately 3 years on the Internet – again, scammers only usually set up operations for days or at most months – not years – the chance of being caught becomes too high.
  • The customer service representative informed us that she ‘did not recognise the number’.  However, there has been no direct denial that Yell do not own the phone number.

Now, obviously, this is mostly circumstantial.  But all of this circumstantial evidence adds up and when evaluated together would suggest a strong probability that callers from 0800108579 are from Yell.com.

Unfortunately, there is no way to quickly identify the registered owner of business 08xx numbers in the UK as reverse phone lookup services are illegal (please note, free services claiming to be ‘reverse phone lookup’ services are in fact, not performing a reverse look up, but instead displaying other user comments regarding this number – this is not the same thing!).

However, in addition, there are at least two experiences which have been personally witnessed at DPS where Yell.com sales staff have called straight after registering for their free listing.

Of course, one obvious possibility would be that a scammer is trawling Yell.com’s website to hunt for companies to ring pretending to be from Yell.com.  This could be plausible – however in this case, as the calls were received prior to the listing going live we can completely discount this theory.

Following this, the next day (today) we received a call from a Customers Mediation Team Executive at Yell who apologised for our experience of the sales staff and got some more details from us to continue to investigate the matter in an attempt to identify the member of staff responsible.  We were also assured that this type of behaviour by any of their staff is completely unacceptable.

Of course, the last two calls from both customer services and the customers mediation team executive were very welcome calls – and it’s obviously good to see that there are some polite and well mannered employees at Yell.  So a few brownie points for that.

However, we still remain deeply suspicious of the initial phone call.  As previously indicated it is within the realms of possibility that it could be a scammer.  However, on the balance of probability our initial call is likely to be genuinely from Yell.com staff.

DPS Computing receives many scam calls per week (ironically, most commonly relating to advertising!) which all follow similar or identical paths – the Yell.com sales call did not follow this path (or MO, if we’re getting all CSI about this! ;)) and for the reasons we listed above it is likely to be a call from Yell staff.

If it was a scammer, they’d be leaving such an unimaginably distinctive trail that they would be caught in no time – let alone being able to continue for, at least, 3 years.  It is inconceivable to believe that a company with the resources of Yell.com would not take action against “scammers” impersonating them over such a long period of time – therefore, this would indicate the call was probably genuine.

If you receive a call from Yell that you are not happy about we would strongly suggest making a complaint and contacting them.  The best way, from our experience, was phoning their customer services number 0800 555 444.  This will benefit yourself and the public in general as it will a) make Yell aware of your complaint, b) ensure it is properly investigated and c) will allow Yell to take necessary action.

Obviously, as a big company, some scammers are going to naturally try to impersonate Yell.com – this is to be expected.  It would be especially important to ensure that scammers are reported to Yell to allow them to take necessary action against them with the authorities.  However, as we have previously said, the characteristics of this call would indicate it to be genuine.  Even so, calls that you are unhappy about from Yell, scammer or not, should be reported to their customer services – if you end up reporting a scammer, it means Yell can take action to have their operations shut down and if you end up reporting a staff member, they can take the necessary disciplinary action against the employee – so either way, by complaining about a Yell call you are unhappy about is a win-win situation for both sides.

All in all, we still believe the original call came from Yell.com sales staff and they were definitely rude to say the least!  However, the two customer service Yell.com employees we talked to were polite and understanding.  We can’t help but think something shady is occurring in the Yell.com offices.  IP addresses are much easier to ‘reverse lookup’ than telephone numbers – and, unlike with telephone numbers, it is perfectly legal to do a reverse IP lookup (hence why these services are maintained on whois websites).  You will recall from our second posting regarding Yell – ‘Are Yell.com Attacking Small Businesses’ – that Andy Kinsey had published photographic evidence that commenters on his blog trying to discredit him were using computers connected to the Internet from Yellow Pages registered IP addresses.

The situation is a very murky one.  We still think that something fishy is going on at Yell.com offices.  Therefore, at this moment in time, we will be neither signing up for paid / contracted services with Yell.com nor recommending that others do so.

Finally, when considering both possibilities (so that we cover all possible eventualities):

1) If it is a scammer (which we don’t think it is, but just for arguments sake), Yell.com aren’t being very proactive about protecting customers / potential customers from them – after all they’ve been using the same phone number and ‘sales patter’ for a few years now.

2) If it is genuine (which we believe, based on our experiences and other evidence), Yell.com have got some very poor sales staff working from them providing false information and attempting underhand, immoral and dubiously legal tactics in an effort to get sales (and therefore, likely commission).

In any case, this isn’t good – not good by a long stretch.

This also calls into question legislation regarding telephone numbers in the United Kingdom.  Should it be illegal to perform a reverse phone lookup?  Well, for residential phone numbers, most probably – there are obvious privacy reasons for that.  But for business telephone numbers (including 08xx numbers)?  Well, this can’t be right – companies registering phone numbers should be accountable and ‘reverse lookup’ information for business phone numbers should be provided easily to the public (in our opinion).

The current reasoning given is that reverse lookup of phone numbers can’t be provided (due to legislation) and shouldn’t be provided as you can “always ring them back”.

That’s all well and good but there are well known scams where you receive a missed call from a number with the hope that you do ring back the number, usually a premium rate number.  This has become a common scam with 0700 numbers – as many people believe these to be mobile numbers when in fact they are premium rate numbers, similar to 09xx numbers.

Secondly, what happens if you call them back and they are a scammer?  They’re not suddenly going to pick up the phone and say “Hello.  You’re through to ScamLine – conning people out of their money since 1995”.  No they’ll introduce themselves as the same company that they said when they first rang you!

This suggests that current legislation is woefully inadequate for business telephone numbers and that reverse phone lookup for business telephone numbers would go some way to both thwarting scammers and ensuring businesses’ use their phone numbers in an acceptable manner.