Valentine’s Day Scams: All in the Name of Love

GUEST BLOGGER

Courtney Babin
ACFE Communications Coordinator

Let’s be honest, February might as well belong to Hallmark. It’s the season of professed love as cards, flowers and teddy bears with chocolates are stocked in the shelves at your local stores. Subliminal pink and red palettes remind you to make reservations and order long-stem roses as Valentine’s Day looms around the corner. In the spirit of the holiday, let’s all be careful not to get swept off our feet by possible romance scams, especially in the world of online dating.

While dating websites are full of honest people wanting to find love, these sites can be brimming with cons that only pine after your hard-earned cash. Here are a few scams that can turn your ideal relationship into a romantic blunder:

Automated Russian dating bots
KrebsonSecurity recently reported that there are romance scam packages that cybercriminals can purchase to lure men into believing they are dating a Russian woman via email spam or dating websites. These packages include emails from the woman’s mother, pre-fabricated excuses for not talking on the phone, and even crooked call centers that employ men and women con artists who speak a variety of languages.

Nigerian Yahoo Boys
Yahoo Boys are Nigerian men who specialize in cybercrime using multiple cons including romance scams. In October, a story was released of a woman who had been contacted via Facebook, romantically scammed and subsequently used as a money mule for the Yahoo Boys all while believing she was assisting a man she was going to marry. She now resides in prison for money laundering.

Curve ball: Old-fashioned con
Romance fraud is not just perpetrated by long-distance cyber scammers that appear with open hearts (and pockets) and disappear without a trace. While in-person romance scams are not as popular as online scams, there are still old-fashioned conmen and women who would love to sweep you off your feet. For example, doctor Paolo Macchiarini. He was a famous surgeon who wooed an NBC producer while filming a documentary about his work. They took lavish vacations on his dime and eventually became engaged. He was wealthy, generous and a public figure but he still defrauded his fiancée (and the public). He lied about his marriage, his connections, his status with notable figures and even his surgical credentials.

During this season of love, don’t let your wallet and heart get stolen in a Valentine’s Day scam. There are common tell-tale signs that may clue you in on whether your new special someone is actually a smart scammer. Find more information here: Fraud-Magazine, FBI.com, antifraudnews.com, and Romancescam.com

Review: Spam Nation Provides Detailed, Practical Workings of Cyberfrauds

BOOKSTORE STAFF PICK

Spam Nation: The Inside Story of Organized Cyber Crime

The ACFE Bookstore offers hundreds of resources including books and manuals, self-study CPE courses, the CFE Exam Prep Course, merchandise and more. In this interview, Dick Carozza, CFE, editor-in-chief of Fraud Magazine, offers his suggestion on one must-have resource to help you in your fight against fraud.

What is your professional background and current role at the ACFE?
My background is in journalism. I’ve worked as an editor and writer for several newspapers and magazines. I’ve been editor-in-chief of the ACFE publication, Fraud Magazine, since we developed it into a four-color magazine in 1995.

Why would CFEs be interested in the new book, Spam Nation?
Brian Krebs, the author of KrebsOnSecurity.com, is a noted cybersecurity expert and a former Washington Post reporter. (He’ll be a keynoter at the upcoming 26th Annual ACFE Global Fraud Conference and will receive the ACFE’s Guardian Award.) He broke the story that credit and debit card accounts stolen in a massive data breach at Target had been flooding underground black markets. Krebs also discovered breaches at Home Depot, Neiman Marcus and others. Because of his deep contacts in the financial sector and the shadowy cybercrime world, he’s able to provide detailed, practical workings of some of the largest global cyberfrauds. Early detection equals prevention. (Read the cover article for the March/April 2015 issue of Fraud Magazine.)

How is the information in this product useful for CFEs in their professional roles?
CFE’s clients, employers, family members and friends look to them to help deter fraud in their lives and organizations. The detailed information Krebs provides — including the prevention tips — will help us keep our personally identifiable information intact and prevent organizational data breaches. And the book is a great read. Krebs writes about the machinations of cybercrime rings and his travels to Russia to interview some of the colorful, complex fraudsters who spew spam around the world that enables identity theft. Edge-of-your seat copy!

Order your copy of Spam Nation today on ACFE.com.

Data Breach: Two Words You Don't Want to Hear

LETTER FROM THE PRESIDENT

Data breach! Stomachs churn, blood pressures rise and knees quiver when organizations hear those two words.

On Dec. 18, 2014, Brian Krebs was the bearer of bad news when he broke the story that credit and debit card accounts stolen in a massive data breach at Target had been flooding underground black markets. The next day, Target confirmed to Krebs, the author of KrebsOnSecurity.com, that cybercriminals had stolen more than 40 million debit and credit cards from the retailer's stores throughout the U.S.

Management at Home Depot, Kmart, P.F. Chang's and many others also reached for the Pepto-Bismol when Krebs revealed that they were data breach victims, too.

Why do these huge breaches keep happening? Well, first of all, the largest ones make the splashiest news, no doubt. But any organization that's connected to the Internet is at risk. Cybercriminals can creep into companies via outside vendors (like the Target breach), email attachments, bogus websites or some adept social engineering.

"Stolen credentials and passwords, in particular, are some of the most intractable problems in cybersecurity today," Krebs, an award-winning investigative journalist, says in the cover article of the March/April issue of Fraud Magazine. "It's bad enough that many banks do not even offer their customers the ability to authenticate themselves with anything more than a user name and password which, when phished, lost or stolen, can be used to impersonate that person. However, the lack of two-factor authentication within organizations for employees with access to sensitive customer and employer data is a recipe for disaster."

Krebs says that most companies spend "ridiculous percentages" of their security budgets on hardware, software and services that alert them when suspicious activity occurs on their networks that might indicate breaches. "Unfortunately, these systems generate so much noise and false alarms that it becomes a challenge whittling down the alerts to a few that you really need to read and act on," Krebs says. "This is a constant struggle because organizations are producing lots more data each day, and more devices are being added that generate alerts."

Read Krebs' interview so you can help your organizations (plus family and friends) protect themselves against breaches and data theft. Better yet, come to the 26th Annual ACFE Global Fraud ConferenceJune 14-19 in Baltimore, Maryland, to hear Krebs, a keynoter speaker, in person.

I'm looking forward to seeing all of you as we compare notes on the latest fraud-fighting techniques. See you in Baltimore!