Tech Corner with Louis Arias
This not-so-fairy-tale began as a generously compensated secret shopper job opportunity received through my DSC email. It (supposedly) came from a fellow student who also works at the college. Another one of my classmates, who also received this email and knew I was looking to earn extra income, even forwarded it to me. It mentioned DSC’s Job Placement office. Everything seemed perfectly legit.
The poison-pill email included a link to the fictitious employer’s site that directed me to a page with a very simple application form. It just required my name, address, email and telephone number to send the application packet in the mail.
Safety is as simple as ABC: Always Be Careful. I know that. I wasn’t. I didn’t check with the “supposed” sender before I clicked on an email link. I also neglected to go directly to the company’s website to check it out first. Ouch!
Daytona State College has a very efficient and thorough Internet Security department, but in the cat-and-mouse cyber-security game, it’s only a matter of time before a digital rodent will weasel its way through the firewalls and operational-technological safeguards.
One did this time. The email address I gave in the linked application became compromised… And a FedEx envelope arrived at my house on the next business day. To my surprise, instead of a packet, it contained a set of instructions for my first assignment… and a cashier check for $2,950. Computer technology has not only given hackers the ability to gain access to carefully protected email lists., it also has also given con artists the ability to print very good counterfeit checks.
Bank regulations require that financial institutions make funds available before they can verify the authenticity of cashier checks. This process can take up to a couple of weeks. Victims of the scams are accountable for the moneys they receive plus the bank fees. A quick YouTube search on mystery shopper or cashier check scams can clearly demonstrate how prevalent this problem is.
When I called the number on the instruction letter — which requested that I buy two gift cards for $1,300 each and send them pictures of the receipt and security codes via text message — a recorded message informed me that the number was only set up for texts. Now, the red flags were just too many. After going to the bank and verifying the bank account on the check did not exist, I immediately reported the issue to the Orange City Police Department.
Officer Jamila Rodriguez advised me that because I had not fallen victim of the scam, filing a report would serve little to no purpose. She did inform me, however, that three people in my area had recently fallen for this scam and also advised me that money-transfer, gift card and cashier check scams were on the upswing.
Rodriguez also warned me that smartphones are now also being cloned without people’s knowledge giving criminals access to any financial apps and information stored on them. It’s always important to remember our ABCs.
After my local police office, I contacted and forwarded the emails in question to DSC’s Internet Security department. Paul Wheeler, Chief Security Officer said of the security breach, “Yes, unfortunately, phishing emails are a very real threat to employees and students alike. And once someone internally gets compromised by an external phishing email, their internal account now begins sending out phishing emails which seem more legitimate to their recipients.
“In this way, the perpetrators were able to put their deceptive message in front of many College users, driving them to their propped up website to record their contact details to then be used as part of their gift card ruse.”
With current technological advances, safety might not be as simple as ABC anymore. We need the help of dedicated and competent security professionals. We also need to cooperate with them and mind their recommendations.
And, of course, we must Always Be Careful.
Editor’s Note: The College recently released the following statement regarding this incident.:
“Recently a number of students received an email that appeared to come from the College’s Job Placement office advertising a mystery shopper-side job in which students could make an easy $3,000. And even though some students got large checks, they were fake. Bottom line, these ‘spoofed’ emails were a scam in which students were encouraged to buy thousands of dollars in gift cards then scratch off the backs and send the perpetrators the codes.
“To keep from becoming a victim of scams like these, visit the Federal Trade Commission’s website. And if you want to read more about Mystery Shopper scams, in particular, check out this the FTC’s Mystery Shopper Scams article.”