Be sure to check this page regularly for important information about special promotions, various alerts, updates to products, weather closings and more.
IRS Phone Scam
Posted in Fraud Alerts on 6.16.17
The Lowell Police Department has received reports of telephone scams where fraudsters claim to be from the IRS. Victims are receiving a pre-recorded message that states the following:
“This is the tax crime investigation unit of the IRS. The reason you are receiving this pre-recorded message is to notify you that IRS has issued an arrest warrant against you right now. You and your physical property are being monitored and it’s very important that I do hear back from you as soon as possible before we proceed further in any legal manner. My direct call back number is 256-371-6456, again that number is 256-371-6456. Thank you.”
If you receive a similar phone call, notify your local police department and under no circumstances return the call. The non-emergency line for the Lowell Police Department is 978-937-3200.
Always remember, never give your personal or financial information to someone who has contacted you over the phone.
FBI Public Service Announcement
Posted in Fraud Alerts on 5.5.17
The FBI has issued a Public Service Announcement on Business Email and Email Account Compromises that provides not only updated statistics on victim impact, but a very good overview of the types of compromises being reported. Targeted victims include company executives, HR and accounting personnel, and lenders and account support personnel. Social engineering techniques allow fraudsters to monitor and study their intended victims, making it easier for them to customize their attack and to succeed with it.
Understanding the attack methods used by fraudsters is a powerful defense against becoming victimized. Read the PSA here.
What You Need to Know About the Massive Google Docs Phishing Outbreak
Posted in Fraud Alerts on 5.4.17
A sweeping campaign of phishing emails masquerading as a shared Google doc invite has infected troves of Google users on Wednesday, May 3, 2017, accessing their contacts lists to spread the attack further.
On Wednesday afternoon, the Internet lit up with reports of phishing emails disguised as invites to a shared document in Google Docs. In many cases, the email appeared to be sent from someone the recipient actually knew — another victim of the attack who had already had their account compromised.
They also resembled the typical Google Docs invite perfectly, with the lone exception of including the recipient “hhhhhhhhhhhhhhhh at mailnator.com.”
Once clicking “Open in Docs,” however, victims were asked to grant access to their account to a fake Google Docs app, which promptly took advantage of that access to raid the victim’s contacts list and use it to send out identical phishing emails to replicate the attack.
Google reacted swiftly to the attack by shutting down the rogue app and adding warnings to suspected phishing emails. But with an untold number of accounts already compromised, the fallout from this attack could be far from over.
What to do:
- DO NOT click on any Google Docs invitations received on Wednesday May 3, 2017
- If you see a “Google Docs” app authorized on Wednesday, May 3, 2017, remove it as well as any other apps you don’t recognize
- If you suspect your Google account may have been compromised, visit this website for details
As always, please be on heightened alert for suspicious emails. This phishing campaign is just one of many that are currently in circulation. If you suspect an email is malicious, please report it.
Fake Online Dating Scam
Posted in Fraud Alerts on 4.25.17
Scammers continue to fake online dating profiles using photos or other people to lure their victims. Once connected, the scammers often say they are from the U.S., but are temporarily traveling or working overseas. The scammers quickly profess their love and tug at the victim’s emotions with fake stories and their need for money. The victims often send the scammers money or provide online banking credentials. The scammers then log into the account and use ACH debits or enroll for mobile remote deposit capture to deposit fraudulent checks. The members subsequently transfer the funds to the scammer before the ACH debits or checks are returned.
Be cautious when it comes to online dating:
- Research the person’s photo and profile using online searches to see if the material has been used elsewhere.
- Go slow and ask lots of questions.
- Beware if the individual seems too perfect or quickly asks you to leave a dating service or Facebook to go “offline.”
- Beware if the individual attempts to isolate you from friends and family or requests inappropriate photos or financial information that could later be used to extort you.
- Beware if the individual promises to meet in person but then always comes up with an excuse why he or she can’t. If you haven’t met the person after a few months, for whatever reason, you have good reason to be suspicious.
- Never send money or account information to anyone you don’t know personally.
Fake Delivery Scam Alert
Posted in Fraud Alerts on 4.25.17
Haverhill Police is warning residents of an unusual delivery scam aimed to obtain your credit or debit card details. A fake delivery company is contacting victims claiming they have a package for them and they must be home to accept it. Upon delivery, the courier requires a small delivery charge to be paid by credit or debit. They will not accept cash. The card reader they use contains a device that saves all the card’s information. The scammer uses the information to create a duplicate card and uses the unsuspecting victim’s money for their own personal gain.
Never accept any unexpected gift or package if you do not personally know the sender or there is no proper identification of who the sender is, especially if you are required to pay any amount to receive the delivery. Never pay for something or provide financial information to anyone unless you initiated the purchase.