EverSafe Scam Watch

Be Wary of Phone Calls from “CFPB Employees”

Always use caution when answering phone or video calls from a stranger. Scammers have lately pretended to be employees of the Consumer Financial Protection Bureau (CFPB), using real names of people who work there in an attempt to gain sensitive information or money from unsuspecting older adults.

The fraudulent callers often tell targets they have won cash awards, such as in a contest or a class-action lawsuit. They then tell them to pay some fees upfront in order to collect their prize. They may claim that their targets owe taxes on the cash, and pressure them to pay right away.

In alerting the public about this imposter scam, the CFPB declared that it will “never” ask individuals for money or personal information. The agency, which was established to help consumers battle unfair financial practices, does not seek fees for its services. The CFPB warns that scammers seek out victims through phone calls, emails, texts, social media, messaging apps, and in person. Consumers should double-check email addresses from government agencies to make sure they end in .gov. Anything else is likely fraudulent.

If you are contacted by someone claiming to be a CFPB employee, you can verify their identity by calling the agency’s consumer call center line at 855-411-2372, between 8 a.m. and 8 p.m. Eastern time, Monday through Friday. Report CFPB imposter scams to the Federal Reserve Office of the Inspector General. Other consumer scams can be reported to the Federal Trade Commission.

Ransomware Gang Attacks Rx Market, Despite Crackdown

Russian scammers have wreaked havoc on the U.S. prescription drug market, causing millions of Americans to pay out-of-pocket for expensive drugs or forego their meds because drug stores could not verify their insurance information. The problem began in late February when the hackers attacked UnitedHealthcare Group’s Change Healthcare business unit, which funnels prescription claims from pharmacies to other firms that assess how much insurance will cover. A Russian-speaking ransomware ring, known as ALPHV or Blackcat, claimed responsibility for the cyberattack, despite an international law enforcement crackdown that targeted the group in December. In a typical ransomware attack, hackers encrypt files and then demand money to unlock them. In the United Healthcare case, the hackers stole patient data and encrypted company files. The company then shut down its network. Wired reported that $22 million in bitcoin was paid to ALPHV in early March, which suggested to some internet security experts that it was a ransom payment for the attack. If that proves to be true, the experts said it would only encourage more attacks in the future. Ransomware can also affect personal computers when users visit suspicious websites or open attachments or links infected with malware. To protect your own computer against such an attack, beyond keeping backup copies of all your data, Microsoft suggests that consumers:

• Look carefully at email addresses and web pages for mistakes in spelling. For example, it an email comes from PayePal instead of PayPal, it’s not the real thing.

• Check spacing and punctuation. Hackers may refer to iTunesCustomer Service, rather than the legitimate iTunes Customer Service, a mistake that can easily fool unsuspecting users into clicking on a malicious link.

• Keep your computer security up to date. One easy trick is turning off your computer at least once a week. Important security applications are updated when you turn the computer back on.

Scammers Target Jurors throughout the United States

Jury duty isn’t just a civic obligation. Now it’s also at the center of a nationwide scam alert, affecting both federal and local courts. Here’s how it works: Callers impersonate court officials, U.S. marshals or other law enforcement and claim you are about to be arrested for skipping out on jury duty. But they say you can avoid jail time by simply paying a fine. The scammer knows your name, address, perhaps even your date of birth. He or she may give you the phone number of your local courthouse, the name of the judge where you were supposed to appear, and their own badge number. Your telephone may display the phone number of an actual courthouse or government agency, but it’s a trick. The caller will seek immediate payment, typically through a cash app like Zelle, gift cards or prepaid debit cards. Don’t be fooled. That money is going to a crook, not to the courthouse. The more urgent the request, the more likely it’s a scam. “We’ve seen a resurgence of jury scams in recent months where a caller demands that someone pay a fee or face arrest for missing jury duty. Let me be clear: these calls are fraudulent,” warns Chief U.S. District Judge Timothy J. Corrigan of the Middle District of Florida. Similar warnings were issued by state courts in Maryland and Virginia. In North Dakota, the scammers even texted a fake arrest warrant to a victim. “If you receive a phone call from someone claiming to be a judge or other court official, do not give them your credit card or other financial information,” Corrigan said. “The court appreciates those citizens who are called for jury service and always endeavors to treat them with respect.” In reality, if you miss jury duty, you won’t get a phone call. Instead, you’ll get notification by U.S. mail. If you are fined, it won’t happen until after you appear before a judge, and it will be in writing. And no legitimate court takes gift cards as payment. If you think you’ve been the victim of a juror scam, report it to the Federal Trade Commission,  your local FBI office if it involves federal court, or the local court where you were supposed to serve.