Updated every Monday!   Subscribe to free weekly newsletter.

Devilish Scam Bombards Victims With Spam to Hide Fraudulent Credit Card Purchases

This was a new one on MrConsumer. A New York friend recently called to say he was getting deluged with spam all of a sudden — over 120 in an hour. They kept mounting up in his inbox and for some reason they generally were not even going into his spam folder.

In the midst of this flurry of junk mail, he was trying to do his taxes and started reviewing his American Express account online. He noticed a $2000+ pending charge at Build.com. My friend knew immediately he did not make that purchase so he called AMEX. They canceled his card on the spot since its use at that online store was fraudulent.

My poor friend, one minute he is being spammed to death and the next he is the victim of credit card fraud. How unlucky can one get to have these two independent events happen to you in the span of an hour? Or were they really a coincidence?

MrConsumer postulates they were all part of a grand scheme by a very clever crook. Someone clearly gained access to my friend’s existing Build.com account which might have had his American Express number saved for future use. Or the scammer separately obtained his American Express account number some other way. With that information, it was easy to make a purchase (or many of them) and send the loot to anyone in the country.

But what does that have to do with the spam bomb that my friend experienced? Since online sellers usually immediately send a purchase confirmation email after an order is placed, the crook had to do something to lessen the chance that my friend would see it in his in-box. So he bombarded him with tons of spam emails at the very time the order confirmation was likely to be received hoping it would go unnoticed, get mistaken for spam, and be deleted along with the rest of the junk mail.

*MOUSE PRINT:

Spam Bomb

Fortunately, my friend was able to contact Build.com in time to cancel the order slated for next day delivery. Their security system also flagged the transaction.

order canceled

So here’s the moral of the story. If all of a sudden you get hit with an unusually large deluge of spam, go through each one looking for an order(s) you never placed. Call your primary credit card issuer(s) to ask about any unusual activity they see on your account, including recent purchases and address changes. Delete any saved credit card numbers from online stores where you make purchases. And change passwords on any affected accounts.

Updated every Monday!   Subscribe to free weekly newsletter.

Apple’s New OS Predicts Your Impending Death

The new Mac operating system dubbed “Monterey” debuts this week, but apparently not all its new features will be ready for release until later this fall. And that delay has led to the unfortunate placement of an asterisk in their promotional material.

One improvement being made is an enhancement to Apple ID which will help a family member or loved one access your account in case you suddenly pass away without having left your password behind.

Apple death

That little asterisk at the end, however, has sent a chill through Mac owners’ bones and created a sense of sudden urgency. Down the page, it leads to this surprising disclosure.

*MOUSE PRINT:

Apple death coming soon

What does Apple know that even your doctor doesn’t?

Updated every Monday!   Subscribe to free weekly newsletter.

GoDaddy Offers Employees a Holiday Bonus, But…

Just before Christmas, Internet service company GoDaddy apologized for not having a holiday party this year because of the coronavirus, but instead emailed employees news of a holiday bonus they could sign up for.

GoDaddy invitation

The email from HappyHoliday@GoDaddy.com directed employees to a link to sign up for the bonus, and presumably asked them to verify their identity by entering their official login credentials, etc. so the bonus could be processed.

A few days later the 500 or so employees who signed up got another email from the company.

*MOUSE PRINT: (details that were missing from the first email)

This time they were told the invitation was really a phishing test by the company, that they just failed it, and they would have to attend a remedial class on Internet security. And incidentally, there really was no company bonus this year.

Employees were livid and ultimately GoDaddy apologized for pulling this stunt so close to the holidays when money was short for many people.

[This story was originally reported by the Copper Courier.]