Jump to main content
NY.gov Portal State Agency Listing
DOS, Consumer Protection logo DOS Home | About Us | Contact Us | Site Index | En Español | FOIL
Andrew M. Cuomo - Governor          
Consumer Topics A-Z Accessibility Disclaimer Privacy Policy
Scam Alerts -- 2008

New Scams Hit Social Networking Site

New phishing and downloadable virus scams have emerged on the popular site Facebook.com. Phishing and downloadable virus scams trade on the lack of caution people may exhibit online. Phishing is the fraudulent process of tricking individuals into visiting fake websites designed to look like the login page of a popular website for the purpose of stealing their personal information.

Criminals target personal information that users disclose on Facebook. In each scenario, users receive a message that appears to be from a friend. The message may tell the user that a friend is changing their online profile, mentioned them in a blog posting, or alert them to an exciting new online picture or video. It may use slang or even include the users’ name to a link that appears legitimate, thereby encouraging the user to see it for themselves.

The link will direct them to a URL like view-facebookprofiles.com or facelibook.com that looks identical to the real Facebook login page. Users who submit their e-mail and Facebook password then have their profiles hijacked, giving the scammers access to all of their personal information. Their friends may then also receive a similar message, thus continuing the cycle. While it is not clear for what purpose the information may be used, a widely-used practice is for criminals to input the same e-mail and password combination into other websites to gain additional information about the consumer and access to their personal information. Criminals can then also assume the Facebook profiles of innocent victims.

Alternatively, once the user clicks the link contained in the message, they may be asked to download a file or run a program on their computer. This download scam is known as a Trojan horse, a virus masquerading as a file related to the clicked-on link, with the most popular virus called a Koobface worm. As part of the Koobface worm virus’ malicious payload, the worm transforms victim machines into “zombie” computers that send similar messages to the users’ friends to continue the cycle.

In addition, the Koobface worm is designed to upload additional malicious modules via the Internet. It is probable that a victim’s machine will not only be used for spreading links via these social networking sites, but will also be used for other malicious purposes.

To avoid Facebook.com scams:

The company has also posted information on its security page to help users. We advise users of Facebook to be cautious when checking e-mails from their facebook friends and to not open links that appear to be untrustworthy and/or strange. It is further recommended that Facebook users utilize up-to-date antivirus software. For more information about using the Internet safely, please see the Division's Internet Security page.

Cross-border Scams

The Buffalo Better Business Bureau (BBB) reported that a high number of scams have taken place out of Champlain, NY, a small town with a population of about 1,200 located near the Canadian Border. The BBB reports that out of 20,000 complaints received, 3,000 involve companies with Champlain and at other addresses near the Canadian border. Hundreds of victims nationwide are being scammed from companies claiming to be from this town. The targets of these scams are small businesses, consumers, churches, and senior citizens. The scammers, claiming to be from Champlain, request confirmation of personal information to be included in a directory, while others claim to be credit card companies, discount health care plans, or firms offering grants or advance-fee loans. Many victims do not realize that a scam has occurred and proceed to make payments on phony invoices received. When small businesses and consumers receive the bill for the alleged services, they realize that the company they have spoken to is actually located in Canada. These types of scams are also occurring on a smaller scale in the other nearby areas of Plattsburgh and Rouses Point.

“809” Phone Scam:

Consumers are receiving e-mails, voicemails, or pages telling them to call a phone number with an "809", "284", "876" (or some other three-digit) area code to collect a prize, find out about a sick relative, etc.

Consumers assume you are making a domestic long distance call - as "809", "284", "876" (and other three-digit area codes involved in this scam) appear to be typical three-digit U.S. area codes. Only later do they find out that they are unwittingly connected to a phone number outside the United States (it has been linked to the Dominical Republic, Canada, and various other countries) and are charged international rates for the call, learning of the exorbitant fee for the call upon receipt of a phone bill.

Minimize your risk of falling prey to this scam and incurring a charge by:

If you feel you are a victim of this scam, and received a bill for placing such a call, contact your telephone service provider. If you are unable to resolve it directly, you can file a complaint with the FCC. You can also file your complaint with the FCC's Consumer Center by e-mailing fccinfo@fcc.gov; calling 1-888-CALL-FCC (1-888-225-5322) voice or 1-888-TELL-FCC (1-888-835-5322) TTY; faxing 1-866-418-0232.

Note: This information was shared by the Federal Communications Commission

Cell Phones, the Do Not Call Registry and Privacy:

An e-mail is circulating claiming that telemarketers will soon be calling your cell phone because of a new database. This is NOT TRUE.

According to the Federal Trade Commission (FTC), telemarketing to cell phone numbers is illegal in most cases and will continue to be so. The FTC provides the following information regarding the National Do Not Call Registry program:

Note: This information was shared by the Federal Trade Commission.

Economic Stimulus Rebates Spur Scammers

Some scam artists are trying to trick consumers into revealing personal financial information that can be used to access their financial accounts. These scam artists make promises relating to the federal economic stimulus payment. To obtain the payment, eligible individuals in most cases will not have to do anything more than file a 2007 federal tax return. But some criminals, posing as IRS representatives, are falsely leading taxpayers into revealing their bank account number by telling them they must provide that type of information to receive their payment. If the target is unwilling, the victim is then told that he/she cannot receive the rebate. Individuals should remember that the only way to get a stimulus payment is to file a 2007 tax return. The New York State Department of State Division of Consumer Protection and the Internal Revenue Service (IRS) urges taxpayers to be extra-vigilant. Additionally, the IRS will not contact taxpayers by phone or e-mail about their stimulus payment.

"Phishing" scam uses the lure of a tax refund

A similar scam occurred last year as perpetrators tried to fool people into giving up important information about themselves, their credit cards and bank accounts. The tactic used by Internet-based thieves, called “phising,” misleads unsuspecting victims into revealing personal information they can then use to access the victims’ financial accounts.

These scammers use the information obtained to empty the victims’ bank accounts, run up credit card charges and apply for loans or credit in the victims’ names. Phishing scams often take the form of an e-mail appearing to come from a legitimate source. Some scam e-mails falsely claim to come from the Internal Revenue Service (IRS). The spam message, which is "signed" by the IRS, states:

"After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $109.30. Please submit the tax refund request and allow us 6-9 days in order to process it. A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access the form for your tax refund, please click here."

To date, taxpayers have forwarded more than 33,000 of these scam e-mails, reflecting more than 1,500 different schemes, to the IRS. The IRS never uses e-mail to contact taxpayers about their tax issues. Taxpayers who receive unsolicited e-mail claiming to be from the IRS can forward the message to a special electronic mailbox, phishing@irs.gov, using instructions contained in an article titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.” Remember: the only official IRS Web site is located at www.irs.gov.

Phony Mortgage Overpayment Notices Reaching Consumer Mailboxes


Consumers are being deceived by misleading advertising disguised as overpayment letters. Dressed in official looking “Final Notice” envelopes with the words “Notice of Overpayment” below, security tinted pages and a note citing the five-year maximum prison sentence for mail tampering law, these letters warn consumers that they may be making larger than necessary payments on their home. The notice then provides contact information for a local assigned specialist who will work with the homeowner to avoid possible overpayments. The phone number provided is listed to an organization known as, “Domain Mortgage.” Calling the number connects to a representative who informs the consumer that the letter is a sales pitch for refinancing options meant to grab attention and receive a response.

Spoof E-mails Being Used to Defraud ATM Users

Fraudulent messages are being sent under the name of a financial institution looking to collect personal information. Spoof e-mails sent under the name Tennessee Valley Federal Credit Union (TVFCU) are falsely alerting consumers that their TVFCU ATM card has been deactivated due to “irregular activity.” These e-mails are primarily being sent to individuals who have never opened a bank account in Tennessee. Also raising eyebrows, the credit union phone number provided in the e-mail is disconnected. A check of the TVFCU’s website informs visitors that they were nearly the victim of a “vishing” scam.

A “Vising” scam involves Voice-over Internet Protocol (VoIP) phones to steal personal information. Identity thieves use a “war dial” attack over a VoIP system to blanket an area. A recorded message tells the victim, for example, that his/her credit card has been breached, and directs him/her to call a telephone number to clear the problem. The number dialed connects to a VoIP phone which can recognize telephone keystrokes. The victim is then instructed to enter his/her account number, but if s/he complies, his/her identity could be stolen. It is recommended that cardholders call the firm’s activation center to confirm their standing.

Craigslist Scam targets those desperate for affordable NYC Apartments

New York City’s lower residential vacancy rate and increased rental costs have led residents on a desperate search for affordable housing, including the newest arena for apartment rental fraud: the Internet. Using popular network sites, like Craiglist, consumers are entering into advance-fee scams that provide neither affordable living nor housing. A listing on Craigslist recently advertised a fully furnished two-bedroom with a balcony in Bay Ridge, Brooklyn for $950 a month, as compared to the average monthly market rate of $2,200. The reduced price was attributed to the current tenant’s “sudden job transfer to North Carolina.” Under the arrangement proposed, the would-be tenant would have to take the apartment without seeing it and send a security deposit. With appealing photos, a quick response to inquiries from the scam artist using the alias “JoAnn Rinaggio,” the apartment ad peaks the interest of any renter in the market. The scammer states this arrangement is based on trust between each party, further creating a friendly situation. In the ad, the prospective tenant requested to wire a $550 security deposit with a promise of a return envelope containing apartment keys. Several victims fell for this ruse by sending money and never heard back from “Rinaggio”. It was also learned that a false address was given for the apartment.

Networking sites, like Craigslist, are platforms for selling locally. Red flags should be raised whenever an out-of-state seller is involved. In order to avoid this type of scam, it is recommended to never wire money anywhere, try to do business face-to-face and never provide personal information or respond to offers requiring escrow money. If it sounds too good to be true, it probably is.

Schemes to avoid paying owed taxes on the rise

Promoters of frivolous schemes encourage people to make unreasonable and unfounded claims to avoid paying the taxes they owe. Most recently, the IRS expanded its list of frivolous schemes from which taxpayers should stay away. Taxpayers who file a tax return or make a submission based on one of these positions on the list are subject to a $5,000 penalty. The most recent schemes include: misinterpretation of the 9th Amendment to the U.S. Constitution regarding objections to military spending, erroneous legal claims that taxes are owed only by persons with a fiduciary relationship to the United States, a nonexistent “Mariner’s Tax Deduction” related to invalid deductions for meals and the misuse of the fuel tax credit. The complete list of frivolous arguments is on the IRS Web site at IRS.gov.

Last Modified: April 26, 2011