Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Tristesse
Feb 23, 2006

Chasing the dream.


I get those occasionally ever since I apparently pissed off some crazy person on the internet. Every so often they try to guess my password and I get those notifications, if they are legit from Facebook there should be a link that says something like "this wasn't me, report this" and the URL will very clearly link to Facebook. When clicked the link gives you a "thanks for the report!" spiel but won't ask for logins or passwords. I think you can see the IP address they are coming from as well.

But spammers have also been sending out fake versions of the same message to try to convince people to click and input their logins. Check the URL closely to be sure it has https://www.facebook.com and not farcebutt.ru or something, and you can always just chose to ignore them since it's a notification of an unsuccessful login anyway. I think you can also see any active login sessions in Facebook itself to be sure no one got in.

Adbot
ADBOT LOVES YOU

Fruits of the sea
Dec 1, 2010



JacquelineDempsey posted:

I don't do Facebook very much, but find it a necessary evil for promoting my art/music shows so I pop in occasionally.

Got an email that looks very legit from them saying that someone had tried to log in on my acct from an unknown device, at an hour I know for a fact I was dead asleep. It offered a link (also looks legit) to ensure the security of my account.

My question: yeah, I think this email actually came from Facebook, I'd like to think I'm pretty savvy on spotting email bullshit. But the paranoid part of me wonders: did someone actually try to randomly brute force "hack" my account, or is this FB's sneaky way of gleaning more personal info from me? They could easily send out "oh noes, you may have got hacked! Send us some more personal info like your phone number an another email, so we can scrape your info and sell it to ad companies!"

Thoughts/experiences? I'm just ignoring it for now.

First, go to haveibeenpwned.com and check if the email linked to your facebook account has been stolen in a data breach.* If so, there's a good chance somebody was trying to brute force your account. Keep in mind that website only checks publicized data breaches. Many companies try to cover up data breaches, and some may not even be discovered yet.

Do you have two-factor authentification on your facebook account? If not, then they do want your phone number a whole lot, mostly because it is required for 2fa on Facebook's other apps, like Instagram and Whatsapp. The common phone number lets Alphabet track and record your activity on all their disparate apps.

They aren't interested in selling the phone number. They want to build a detailed profile on you by tracking your actions and personal data on all their apps. That much more intimate and detailed profile can be used to sell advertising space for content tailored just for you. That pays better than a phone number on its own.

*Yes, that website could also have a data breach. You almost certainly have been pwned already though.

Craptacular
Jul 11, 2004



Tubgoat posted:

The AARP contributes money to the American Legislative Exchange Council, a political lobby that LITERALLY submits prefabricated pro-Capital bills to be voted into law by republicans and especially-craven democrats.
Ignoring whether AARP or ALEC are bad or not, the fact that lobbyists have pre-written bills which they then give to sympathetic legislators for them to file is not unique to any lobbying group, issue, or political party.

MightyJoe36
Dec 29, 2013

:minnie: Cat Army :minnie:


Fruits of the sea posted:

First, go to haveibeenpwned.com and check if the email linked to your facebook account has been stolen in a data breach.* If so, there's a good chance somebody was trying to brute force your account. Keep in mind that website only checks publicized data breaches. Many companies try to cover up data breaches, and some may not even be discovered yet.

Do you have two-factor authentification on your facebook account? If not, then they do want your phone number a whole lot, mostly because it is required for 2fa on Facebook's other apps, like Instagram and Whatsapp. The common phone number lets Alphabet track and record your activity on all their disparate apps.

They aren't interested in selling the phone number. They want to build a detailed profile on you by tracking your actions and personal data on all their apps. That much more intimate and detailed profile can be used to sell advertising space for content tailored just for you. That pays better than a phone number on its own.

*Yes, that website could also have a data breach. You almost certainly have been pwned already though.

I was part of the big data breach that let out millions of SSNs of retired DoD personnel. As a result someone filed a bogus tax return using my info. For four years now I have needed a PIN from the IRS to file my tax return.

hyperhazard
Dec 4, 2011

I am the one lascivious
With magic potion niveous

My friend went to file her taxes this year, and they bounced because someone used her SSN as their dependent. It's either an honest mistake (someone could have screwed up a number or two?), or identity theft. But I feel like there are better things to do with someone's information than use it to get a few dollars back on your tax return, so it's a mystery.

occamsnailfile
Nov 4, 2007



zamtrios so lonely

Grimey Drawer

hyperhazard posted:

My friend went to file her taxes this year, and they bounced because someone used her SSN as their dependent. It's either an honest mistake (someone could have screwed up a number or two?), or identity theft. But I feel like there are better things to do with someone's information than use it to get a few dollars back on your tax return, so it's a mystery.

Maybe if they had the SSN but not the DOB? I don't know how hard the IRS checks that stuff, it would be hard to thoroughly check everyone who claims to have children.

Still annoying for your friend though.

peanut
Sep 9, 2007




Facebook tracks logins carefully. If I log into my own account from a new device, they send an email immediately. It says to do nothing if it was me, or to follow-up on Facebook if it's an outside attack. Google is the same.

SA is my most secure password, lol .

Tubgoat
Jun 30, 2013




peanut posted:

SA is my most secure password, lol .
:same:

Ytlaya
Nov 13, 2005

Endorsed by:
Pentecoastal Elites!
fart_man_69!
Terminal autist!
Ruzihm!
Judakel!
Dixon Chisholm!
Nix Panicus!
Neurolimal!

So my boss's colleague was almost scammed, and it's amazing he almost fell for it. I received the same scam e-mail.

Basically it was an e-mail from "myboss'sname27@gmail.com" that said "Hey, are you there. I need you for something." and then had my boss's professional information like in a normal-ish work e-mail (my boss is a department chair at the university I work at). Boss's colleague replies "Sure, what do you need" and then the scammer says "I need some Playstation gift cards" (lol) and then the colleague replies "Where should I send them" (how he did not figure out this is a scam by this point I have no idea; he's worked with my boss for years and they are both men over the age of 60). Fortunately he contacted my boss after the follow-up e-mail said to contact an address that had some random woman's name and a couple typos. He did not buy the gift cards.

I guess it was somewhat sophisticated as far as phishing scams go in the sense that it didn't ask for money immediately and involved posing as a specific person and contacting their coworkers. G-mail notified me "this e-mail isn't from the one Boss's Name usually uses" which was nice.

occamsnailfile
Nov 4, 2007



zamtrios so lonely

Grimey Drawer

This is the amateur-hour version of how Fin7 scammed a shitload of people. There's the "wide net" spam that we're all used to, which is very obviously a scam except to the extremely credulous/impaired. Then there's the more careful, handcrafted phishing attack. You figure out a real social bond and exploit it. Of course, asking an academic for Playstation cards is mega-lol but I guess scammers can't entirely help themselves.

MightyJoe36
Dec 29, 2013

:minnie: Cat Army :minnie:


In my inbox this morning:

Ruijs, H.W. (Helen) <Helen.Ruijs@student.ru.nl>

1:41 AM (10 hours ago)

to info@mwanczyk.com

Congratulations

Mrs. Mavis L. Wanczyk has donated Three Million Five Hundred US dollars to you in order for you to help the less privilege within your community. For more details reply to back.



Sincerely,

Announcer: Ruijs, H.W. (Helen)

Corsair Pool Boy
Dec 17, 2004

by Cyrano4747


College Slice

MightyJoe36 posted:

In my inbox this morning:

Ruijs, H.W. (Helen) <Helen.Ruijs@student.ru.nl>

1:41 AM (10 hours ago)

to info@mwanczyk.com

Congratulations

Mrs. Mavis L. Wanczyk has donated Three Million Five Hundred US dollars to you in order for you to help the less privilege within your community. For more details reply to back.



Sincerely,

Announcer: Ruijs, H.W. (Helen)

Well I trust you replied to thank Mavis and H.W. (Helen), you can do a lot of good with $3,000,500.

The Moon Monster
Dec 30, 2005
THIS CUSTOM TITLE WILL COME IN HANDY WHILE LURKING


MightyJoe36 posted:

In my inbox this morning:

Ruijs, H.W. (Helen) <Helen.Ruijs@student.ru.nl>

1:41 AM (10 hours ago)

to info@mwanczyk.com

Congratulations

Mrs. Mavis L. Wanczyk has donated Three Million Five Hundred US dollars to you in order for you to help the less privilege within your community. For more details reply to back.



Sincerely,

Announcer: Ruijs, H.W. (Helen)

Dang, just how underprivileged are you. Before you got the 350 mil, I mean.

Professor Shark
May 22, 2012




MightyJoe36 posted:

I was part of the big data breach that let out millions of SSNs of retired DoD personnel. As a result someone filed a bogus tax return using my info. For four years now I have needed a PIN from the IRS to file my tax return.

Someone explain the scam here for me.

Xenoborg
Mar 10, 2007



They file a fake return using made up numbers that results in a refund which gets send to the scammer. The IRS has no one to point at other than the SSN on the return. I feel like it should be easy for the IRS yo weed those out based on wrong W2 info, but maybe it’s possible to make a passable guess at a military member’s who has a set pay rate?

goatsestretchgoals
Jun 4, 2011

in soviet russia, you shove robot

The IRS has copies of all your W2s, 1099s, etc before you ever file (assuming your employer is doing what they should). I did my taxes this year without even opening my W2 because HR Block was able to import from the IRS.

Proteus Jones
Feb 28, 2013





goatsestretchgoals posted:

The IRS has copies of all your W2s, 1099s, etc before you ever file (assuming your employer is doing what they should). I did my taxes this year without even opening my W2 because HR Block was able to import from the IRS.

Are you sure it wasn’t direct from ADP? Because for the last 6 or 7 years my tax software has imported W2 information direct from my payroll processor (ADP), not the IRS.

(But yes, companies and banks report all that poo poo with the IRS).

Guest2553
Aug 3, 2012


Tax preparation in the US is a combination of bullshit protectionist policies by the tax lobby and raperepublican desire to keep taxes scary and onerous so people don't see them as a good thing.

goatsestretchgoals
Jun 4, 2011

in soviet russia, you shove robot

Proteus Jones posted:

Are you sure it wasn’t direct from ADP? Because for the last 6 or 7 years my tax software has imported W2 information direct from my payroll processor (ADP), not the IRS.

(But yes, companies and banks report all that poo poo with the IRS).

We use Paylocity at work, but I guess they're big enough to do something similar. Thing is, I didn't tell H&R Block anything about who handles the payroll, they just snagged the W2. That implies IRS or some other central clearinghouse.

E: Or H&R Block asks a whole list of payroll processors if they have W2s for SSN 123-45-6789?

goatsestretchgoals fucked around with this message at 03:27 on Mar 20, 2019

shame on an IGA
Apr 8, 2005

Get into shit, let it out like diarrhea
Got burnt once, that was only gonorrhea




Probably just the biggest few but that's still going to work for most people because ADP alone handles more than half of the paychecks in the US.

I've worked at companies that only had two employees besides the owner and still outsourced it to them.

goatsestretchgoals
Jun 4, 2011

in soviet russia, you shove robot

It seems like that's the best selling point for ADP etc; you have 2 employees so don't hire a 3rd one to do payroll. Once you hit 1000 (or some suitably large N) employees, it starts making sense to bring payroll in house.

Proteus Jones
Feb 28, 2013





goatsestretchgoals posted:

We use Paylocity at work, but I guess they're big enough to do something similar. Thing is, I didn't tell H&R Block anything about who handles the payroll, they just snagged the W2. That implies IRS or some other central clearinghouse.

E: Or H&R Block asks a whole list of payroll processors if they have W2s for SSN 123-45-6789?

There's probably a database somewhere that it's pulling from that tells what payroll processor to pull from based on the Fed Tax ID for the company. Or they simply query the ones that provide an API and go down the list until hit a match on the company's Tax ID.

I just don't see the IRS having a reliable enough system (or an available API) for CPAs/Tax Software to use. Like every other federal or state system, they're held together with twine and baling wire.

Raldikuk
Apr 7, 2006

I'm bad with money and I want that meatball!

goatsestretchgoals posted:

The IRS has copies of all your W2s, 1099s, etc before you ever file (assuming your employer is doing what they should). I did my taxes this year without even opening my W2 because HR Block was able to import from the IRS.

Did you use them last year? I used H&R and last year I had to enter in the information for it to initiate the pull, but this year it automatically pulled and asked me to confirm.

Mouse Dresser
Sep 3, 2002

This isn't Middle Earth, Quentin. There aren't enough noble quests to go around.

For folks that are interested in the whole Theranos debacle, there’s a great documentary available on HBO about it, called “The Inventor: Out for Blood in Silicon Valley.”

EL BROMANCE
Jun 10, 2006

COWABUNGA DUDES!



Not sure if scam or kidnapping service.

Sock The Great
Oct 1, 2006

It's Lonely At The Top. But It's Comforting To Look Down Upon Everyone At The Bottom

Grimey Drawer

EL BROMANCE posted:

Not sure if scam or kidnapping service.



My first thought was resurrection.

EL BROMANCE
Jun 10, 2006

COWABUNGA DUDES!



drat, that is a pretty good doctor then!

CannonFodder
Jan 26, 2001



Passion’s Wrench

EL BROMANCE posted:

drat, that is a pretty good doctor then!

Doctor Acula will make sure you don't die in the first place.

Guildencrantz
May 1, 2012

Somewhere, something incredible is waiting to be known.


As much as this is an obvious scam (and there's a huge amount of these whatsapp witch doctors going around in Africa apparently), I love the idea of the alternate reality where this is a real person and that works and she posted on it online.

"Honey, what is this comment you posted? Who is Dr. Akpada?"
"Oh yeah, I meant to tell you, when we broke up I had a wizard cast a love spell on you, that's why we're back together now."
"That is hosed up, I'm breaking up with you!"
"No you're not"
"welp"

EL BROMANCE
Jun 10, 2006

COWABUNGA DUDES!



Yeah, when you google 'akpadatemple' all that comes up is similar "referrals" like this, my favorite being

quote:

Am here to testify of a great and powerful spell caster named Dr Akpada

Sweet Custom Van
Jan 9, 2012


goatsestretchgoals posted:

The IRS has copies of all your W2s, 1099s, etc before you ever file (assuming your employer is doing what they should). I did my taxes this year without even opening my W2 because HR Block was able to import from the IRS.

Actually, the exact reason this type of identity theft works is that the IRS doesn’t have your W-2 info at time of filing! Your employer is required to put your W-2 in the mail to your last known address by 1/31. It is not required to render that same information to the IRS until roughly June. Many employers are faster than that, but there is generally a large gap between the opening date of filing season and the date when the wage info is complete.

Even though identity theft would be nearly eliminated by forcing those dates to sync up, it will never happen. The IRS does not make tax law, it can only enforce those laws written for it by Congress. Congressional reps would either have to piss off their voters by opening filing season on June 15th or piss off the rich capitalists that donate money to them by forcing them to get their poo poo fully together by January 31st. Neither of those are likely, so we’ll just continue to lose millions and millions of dollars a year to foreign organized crime (the single largest source of fraudulent returns).

Mister Kingdom
Dec 14, 2005

And the tears that fall
On the city wall
Will fade away
With the rays of morning light

CannonFodder posted:

Doctor Acula will make sure you don't die in the first place.

Mitch Hedberg posted:

I went to the doctor. All he did was suck blood from my neck. Do not go see Dr. Acula.

MadDogMike
Apr 9, 2008

Can I come out and play?

Proteus Jones posted:

Are you sure it wasn’t direct from ADP? Because for the last 6 or 7 years my tax software has imported W2 information direct from my payroll processor (ADP), not the IRS.

(But yes, companies and banks report all that poo poo with the IRS).

Yeah, it’s from payroll/financial companies not the IRS directly. Considering the IRS doesn’t store state tax info, that would suck for state tax purposes anyway.

BiggerBoat
Sep 26, 2007

For That you Get the Head...

The Tail...

The Whole Damned Thing

Buncha scam podcasts The AV Club linked:

https://www.stitcher.com/podcast/body-tape-intl/lie-cheat-steal

Figured I'd toss them in here

AlbieQuirky
Oct 9, 2012



BiggerBoat posted:

Buncha scam podcasts The AV Club linked:

https://www.stitcher.com/podcast/body-tape-intl/lie-cheat-steal

Figured I'd toss them in here

Awesome, those topics look great. Thanks!

Vegastar
Jan 2, 2005

Tigers will do anything for a tuna sandwich.



I'm mostly numb to the old Nigerian Prince scam emails of old, but this one got caught in the old spam filter and I got an actual laugh out of it.

quote:

OFFICE OF THE CHIEF JUSTICE JACKSON L. KISER
 FEDERAL BUILDINGS AD U.S COURTHOUSE
  Address: 255 W Main St #230, Charlottesville, VA 22902, USA
 Phone Number +1(978) 226 6318

ATTENTION FOR YOUR FUND NOTIFICATION,

 I 'M CONTACTING YOU NOW BASED ON THE ISSUE ON MY DESK THIS MORNING  BECAUSE YOUR PAYMENT FILE WHICH CONTAIN YOUR $5.9M WAS BROUGHT TO ME BY MR. JEROME H POWELL OF FEDERAL
RESERVE BANK, WHO ORDERED  ME TO SIGN THE CANCELLATION OF  YOUR PAYMENT FILE,  AND I ASKED HIM WHY AND HE SAID THAT YOU ARE NOT INTERESTED AND YOU HAVE INSULTED HIM SO
MUCH JUST BECAUSE THEY TOLD YOU TO PAY $150 TO COMPLETE YOUR FUND TRANSACTION.

 SO I DECIDED TO WRITE YOU BECAUSE I FOLLOWED THE LAW AND I WILL NOT BE AGAINST ANYBODY IN THIS WORLD AND I THINK THAT MAYBE HE HAS A LITTLE PROBLEM WITH YOU.
 I HAVE NOT TOUCHED YOUR PAYMENT FILE UNTIL I HEAR FROM YOU THIS MORNING,   BECAUSE I HAVE A HUMAN SYMPATHY AND I KNOW THAT YOU WILL NOT AFFORD TO LOSE YOUR FUND JUST
 BECAUSE OF $150 AND PLEASE ALL I NEED FROM YOU IS SINCERITY AND TRUTH.
 SO MY DEAR I NEED TO KNOW WHAT HAPPENED AND IF YOU STILL NEED TO RECEIVE YOUR FUND THEN I WILL TELL YOU WHERE YOU WILL SEND THE $150 AND HAVE THIS FUND SENT TO YOU

THROUGH MY POWER AND NOTHING WILL STOP IT.  
YOUR URGENT REPLY IS NEEDED AS I AWAIT YOUR EMAIL NOW. 
THANKS, JUSTICE JACKSON L. KISER

bamhand
Apr 15, 2010


As a regular insulter of Chairman Powell, thank you for saving me from this scam.

MightyJoe36
Dec 29, 2013

:minnie: Cat Army :minnie:


Tell me about common cons/scams II: The Final Insult.

BiggerBoat
Sep 26, 2007

For That you Get the Head...

The Tail...

The Whole Damned Thing

2 young looking kids (maybe 18-20 years old) showed up at my door the other day claiming to be from ATT and apologized for "not looking like it" and told me they were informing people of some "services they were upgrading" or some such poo poo. I could have pressed it and asked "why don't I believe you? What department of ATT?".

But...what's the scam? Do people hand non uniformed random teenagers cash for telecom service?

Adbot
ADBOT LOVES YOU

Pharmaskittle
Dec 17, 2007

arf arf put the money in the fuckin bag



BiggerBoat posted:

2 young looking kids (maybe 18-20 years old) showed up at my door the other day claiming to be from ATT and apologized for "not looking like it" and told me they were informing people of some "services they were upgrading" or some such poo poo. I could have pressed it and asked "why don't I believe you? What department of ATT?".

But...what's the scam? Do people hand non uniformed random teenagers cash for telecom service?

I assume anybody shady who physically comes to my house without an obvious product or scam is just checking out places to potentially burglarize. Or I guess just rob you then and there if you let them in :shrug:

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply