Job Seekers Beware a “Work at Home” Scam

A complex, social engineering attack exists and it targets job seekers.  Folks make bad decisions when they are desperate and scared, criminals know this.  Numerous intricate social engineering cons happen, look out for one called a “Mule Scam.”  These attacks target the unemployed, mostly through job boards, LinkedIn groups, and resume posting sites.

An acquaintance of mine shared his story with me to help others protect themselves.  This man is an intelligent, conscientious man, that was scared and desperate, who saw what he wanted to see, and, in the end, it cost him thousands of dollars.  Before you judge, understand the fear and anxiety that goes through the mind of a successful individual that can’t provide for his family.

The con started with a foreign business asking him to translate communications between their European business and the “new,” American market, they are trying to penetrate.  He simply took email messages and re-wrote them into proper English.  He performed this task about a half dozen times and earned a couple hundred dollars.  The deal seemed harmless, turns out, this was the hook.

The email messages were basic, telling the story of a European online auction site that provided high priced items to collectors.  Some notes thanked customers for their purchases.  Other communications discussed activity with “representatives” who were “financial intermediaries” that took money from buyers and, after taking a small cut, sent the remainder, via wire transfer, to the business based in Europe.

My source was happy with this small amount of money and hoped the business would ask him to become a “representative” as he would make ~$2,000 per month in addition to the commission on all transactions, simply by taking money into his PayPal account and transferring it via wire to their business in Europe.  He believed the activity was a good will gesture as, he was told, PayPal has low dollar limits in Eastern Europe.  His work was “kindness” as this business wanted to supply their goods to American’s and “nice” people allowed them to do this by acting as a “financial intermediary” to get around PayPal’s limitations.

After a couple of weeks rewriting bad English, the offer came forward.  My acquaintance provided screen shots showing his PayPal account had no limits and that he was a “preferred” member.  He also sent a photo of a redacted driver’s license showing his new employer that he was a human being and did exist.  He even had a phone interview and discussed the opportunity.  He did Google searches on the company and the position and even found Scam Advisor rate the business as 100% safe.

The first deal came forward.  A simple eBay transaction for goods that cost around $2,250.  His contact with his new “employer” provided shipping information and when the buyer received the merchandise, he sent the money, minus fees, from PayPal to his bank account.  After the money arrived, he then wired the money to a bank in Eastern Europe.  He was allowed to keep hundreds of dollars for the typing and his commission.  It all looked great.

The following week another transaction came into his PayPal account, this time for a larger sum.  He was pleased.  This meant another couple hundred dollars in “salary” after PayPal took their cut, money for his family, or so he thought.  The “employer” contacted him with shipping information and his American contact called to follow up as well.  The phone call made sure he would promptly move the money to his bank account and wire funds as soon as possible.  No problem, all was on the up and up, as far as my associate was concerned.

While the money was in transit from PayPal to his bank account he received a call from eBay.  The customer service department noticed strange activity on his account and wanted to know what was happening.  After about 30 minutes on the phone, and validating through questions that eBay was really eBay, it turns out my acquaintance is the victim of a “Mule Scam.”  He’s the middle man for criminals, taking money for false transactions and then wiring the money to con artists in Europe.

Thanks to eBay, my contact was able to move the money for the second transaction back to his PayPal account.  Unfortunately, since my acquaintance was neither a buyer nor seller, PayPal does not insure the money and he now owes PayPal for the first transaction.  Since he already wired money to Europe, he has to come up with this money lest PayPal “take him to court.”

My contact is intelligent, diligent, and thoughtful.  He failed to follow the basic tenant that if something seems too good to be true, it probably is.  He also didn’t pay enough attention to realize the con artists used email from a 3^rd party, not the domain they were supposedly working for.  Lastly, he should’ve wondered why eBay was involved when the auction house was supposed to be in Europe.

There are many morals to this sad tale, not the least of which is beware of social engineering.  Con artists are smart, detailed, and they prey on scared and desperate people.  Pay attention, be alert, and listen to your inner self, if something seems amiss, it probably is.  Don’t fall prey to scams and be especially aware during desperate times.

Cyber Security: Facebook is a Parent’s Best Friend

To set the stage, I am a cyber-security expert with over 15 years’ experience including engagements in healthcare, aerospace, technology and as a department of defense contractor at an Air Force Base.  I know about cyber security not only from a professional standpoint, I am keenly aware from a personal and family perspective as well.

I have four children, ages 13 to 17 covering grades 7 through 12.  Three of my kids are female, one is male, and each bring their own challenge, joy, stress, and happiness.  Their Facebook involvement goes from the youngest not having an account to the oldest, a female 17 year old in her senior year, that posts constantly.

I quickly learned when the 15 ½ year old daughter created a Facebook account against my wishes, behind my back, at age 12, I needed to understand and follow what was going on.  Thanks, in part, to her, I gained the wonderful education that Facebook is a parent’s best friend.

Before going any further, I want to begin with the obligatory security concerns.  Parents must set FIVE (5) concrete rules BEFORE allowing any child under 18 to have a Facebook account.

1. At least one parent must have a Facebook account and the child must be “friends” with any/all parents and any family member up to and including 3^rd cousins twice removed, that ask to “friend” them.
2. Never, ever, ever, under ANY circumstance, be “friends” with anyone they don’t personally know, with the exception of parental permission based on rule #1.
3. Parents not only are allowed the password, and the authority to log in as the child, any day, anytime, anywhere; the parent sets the security permissions.
4. Remind the child that their “digital footprint” lasts forever. What they post at age 14 could come back and haunt them at age 32, be smart, be responsible.  This includes talking to their friends about “tagging” them in pictures.  Your child’s friends must understand they need permission to tag.
5. Be aware of “data leakage” and routinely search the Internet for any information that may go from Facebook to other accounts. I once found a picture of myself on another Eric Jeffery, a man in Alabama.  I also caution on the amount of personal data placed on the profile, this goes for all Facebook users.  For example, don’t use your exact birthdate as some websites use that data as a password security question.

Once these rules are established, implemented, followed, and policed, Facebook away, as the following reasons make Facebook a parent’s best friend.

1. See who your kids’ friends are. Does your child connect with the suicidal, lonely, drug obsessed Goth chicks?  How about the band geeks?  Jocks?  Nerds?  When my daughter was 12 she was friends with a 15 year old boy that “liked” Quagmire.  I immediately told her to “unfriend” and never talk to him again.  She was, shall we say, perplexed, by my awareness and engagement.
2. Understand your child’s interests. My oldest adores Cosplay, Dr. Who, and Anime.  She posts all the time about these interests and I get to see what her current fancy is and engage her at dinner or, even, shock of all shocks, ask her if she wants to watch the new episode of Sword Art Online.
3. Observe how they speak/behave in a public forum. Does your child berate friends for their interest?  Do they comfort and help friends that are suffering?  Do they post happy quotes?  My youngest likes to quote books she’s reading and share with her friends.  Seeing a child share in a public forum is a great way to see their growth and maturity.
4. Talk to ALL of their friends at once (or just one). Comment on one of your kids’ post and any/all of their friends can see it.  I love engaging the 16 and 17 year olds with conversations about college and what they plan to do in the next year or two.  I think the kids kind of get a kick out of seeing a parent engaged, well, at least that’s what I tell myself.
5. Share, learn, and grow with your child. It’s a wonderful shift when kids start teaching parents.  I will admit, I learn a lot from my kids through Facebook.  Hearing their concerns and fears, watching when they post their school schedule, comprehending their excitement/devastation when the season of a favorite reality show comes to an end, looking at the pictures they and their friends share.  There’s so much benefit and joy that comes from learning and growing with your child from Facebook, only those that engage can understand.

All in all parents can achieve great benefit with Facebook.  Rather than shy away due to media hype or fear of technology, the positive results of engaging children with Facebook, in my opinion, far outweigh the potential drawbacks.  With a solid understanding of the rules and security, up front, the entire family can, and should, benefit from children utilizing Facebook.

Like Gungon Consulting on Facebook

Follow us on Twitter @Gungonconsult

 

Eric Jeffery has 20+ years’ experience with Information Technology including stints in the Retail, Aerospace, Defense, Hardware, Entertainment and Healthcare industries.  Eric has a Bachelor of Arts degree in Economics from the University of Colorado at Boulder.  Mr. Jeffery recently founded Gungon Consulting to help businesses solve the exact problems mentioned in this article.  You may contact Eric at eric@gungonconsulting.com.