Beware of Identity Thieves and Scam Artists after a Disaster

October 14, 2017

As government agencies and charitable groups continue to provide disaster assistance, con artists, identity thieves and other criminals may attempt to prey on vulnerable survivors.

The most common post-disaster fraud practices include phony housing inspectors, fraudulent building contractors, bogus pleas for disaster donations, fake offers of state or federal aid and charging for free services.

Scam attempts can be made over the phone, by mail, by email, through the internet, or in person. Con artists are creative and resourceful. It is important to remain alert, ask questions and require identification when someone claims to represent a government agency. If an offer sounds too good to be true, it should be questioned.

Here are some tips from FEMA to safeguard against fraud:

  • Ask to see ID badges. All Federal Emergency Management Agency representatives always carry an identification badge with a photograph. A FEMA shirt or jacket is not proof of identity. If you are unsure or uncomfortable with anyone you encounter, contact local law enforcement.
  • Keep your FEMA registration number safe. It is your key to your application information. Do not share it with others.
  • Safeguard personal information. No state or federal government disaster assistance agency will call you to ask for your financial account information. Unless you place a call to an agency yourself, you should not provide personal information over the phone. It can lead to identity theft. FEMA will only request an applicant’s bank account numbers during the initial registration process. FEMA inspectors will require verification of identity but will already have your registration number.
  • Beware of people going door to door. People knocking on doors at damaged homes or phoning homeowners claiming to be building contractors could be con artists, especially if they ask for personal information or solicit money.
  • Know that federal workers do not solicit or accept money. FEMA and Small Business Administration staff never charge applicants for disaster assistance, inspections, or to help fill out applications. FEMA inspectors verify damages, but do not involve themselves in any aspect of the repair nor recommend any contractor.

Those who suspect fraud may call the FEMA Disaster Fraud Hotline at 866-720-5721 (toll free). Complaints may also be made to local law enforcement agencies.

The quickest way to apply for federal assistance is online at Survivors may also apply by phone at 800-621-3362 (Voice, 711 or VS) or 800-462-7585 (TTY). Due to high demand, lines may be busy. Please be patient, and try calling in the morning or evening when call volume may be lower. The FEMA helpline numbers 800-621-3362 (Voice, 711 or VS) or 800-462-7585 (TTY) are open from 7 a.m. to 11 p.m. (ET), seven days a week until further notice.

If you believe you might be the victim of a home repair scam or price gouging, call your state’s Attorney General office.


Photo by J.T. Blatty / FEMA


Avoiding scams, phishing and malicious emails (things to watch for, how to report them + more)

November 19, 2014

Scam artists use clever schemes to defraud millions of people around the world each year. People need to learn how to recognize common phishing tactics and malicious emails and what you can do to avoid them.

Scammers typically create emails and messages that look like they’re from real companies, agencies and organizations and even use their logos, fonts, layouts and color schemes.

According to, some clues that an email or text message is suspicious include:

  • the message is requesting your personal information — do not respond or click links! Companies, agencies (like the IRS, etc.) and organizations will not request your password, user name, credit card data, account numbers, or other personal or financial data through e-mail or text.
  • the email appears in your junk folder;
  • the sender’s email address does not have that business or agency domain name in it;
  • when you hover over a link or coupon the web address is not that company’s / agency’s website;
  • if you receive a coupon for a free or discounted item, ask yourself if you signed up to get emails from this company. If not, it’s unlikely they’d send you a discount or freebie out of the blue;
  • the email or message has several typos, missing data or poor English.

If you’re not sure an email is legit, DON’T click any links or open any attachments. Instead, look for signs that the email isn’t the real thing or do a search or visit that company’s site to see if there are any complaints from others who received similar emails.

Shipping confirmations or delivery failed messages

Fedex, UPS, USPS and other carriers are often used in fraudulent emails asking users to click on links that more often than not will place malware on the user’s machine. The subject lines typically say things like there was a problem with delivery or they want you to verify information or some important information is missing, etc. The fraudulent email may have an attached file that contains a virus or other malware … or the link may take you to a website that might download a malicious file. Don’t fall for these scams and report it (if you want to) then delete it. Read more about delivery failure phishing scams on Denver’s ABC7 

ups phishing shipping receipt


Be on the alert for fake emails posing as online retailers like PayPal, Amazon and others with a subject line similar to a receipt you would see for a purchase on that vendor’s online store, a PayPal payment to someone, etc. These fake receipt emails are sent by cyber criminals — not the retailers — and clicking links contained in a fake receipt email may install malware on your system, in particular spyware used in severe forms of cyber crime such as credit theft, extortion, and identity theft.

For example, just last week I placed a small order on Amazon and received my order confirmation as usual.

The next day I received another Amazon confirmation email for a $1,099 electronic device and the first thing I thought of is someone hacked our account..!

I immediately logged onto and checked our shipping history and it didn’t appear so I went back to the email in my Inbox and noticed several things…

#1 – The “To” line had an email id called “bobrph@…” (my name is Janet);

#2 – The “Hi %USERNAME%” didn’t auto-populate a name;

#3 – When you hover the mouse over a link (DON’T CLICK IT – just hover) it displays a website NOT called “…” but rather “…”. << We strongly suggest you not visit this site – just in case!

email phishing1

Note the email has Amazon’s logo and layout, fonts and color scheme are almost identical to a typical order confirmation email from them so you need to be on guard.

#4 – As I scrolled down and hovered the mouse over other links (again without clicking) the same domain / website name kept showing up.

email phishing2

#5 – Whoever designed this email even added a typical footer that Amazon uses on their confirmations. This was just an image (nothing popped up when I hovered over these links), but it sure gives the appearance it is a normal message from them.

email phishing3

If you click a phishing or malicious link…

According to once a victim visits a malicious website the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of the legitimate entity’s URL over the address bar, or by closing the original address bar and opening a new one containing the legitimate URL.

In another popular method of phishing, an attacker uses a trusted website’s own scripts against the victim. These types of attacks (known as cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or service’s own web page, where everything from the web address to the security certificates appears correct.

A Universal Man-in-the-middle Phishing Kit, discovered by RSA Security, provides a simple-to-use interface that allows a phisher to convincingly reproduce any website and capture any log in details entered at the fake site.

Report Malicious / Phishing / Scam emails

It does help to report suspicious emails to the respective company but it is always best to find out how they want you to report it. Some may ask you to forward an email while others prefer you send it as an attachment.

Below are some examples of common brands we’ve seen in suspicious emails over the years, and it’s easy to do a search on a company name and the phrase “report phishing” to find their preferred method of sending them the data.

Once you report an email just delete it so you don’t accidentally click on any links in it later. Realize you probably won’t hear back from the company you reported the malicious email to, but you will get an auto-reply explaining they received it and will be investigating it.

As mentioned in the auto-reply to me, “please be assured that is not in the business of selling customer information. Many spammers and spoofers use programs that randomly generate e-mail addresses, in the hope that some percentage of these randomly-generated addresses will actually exist.”

You can also forward phishing emails to and/or The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

If you might have been tricked by a phishing email:

Additional resources:
Anti-Phishing Working Group
Protecting your devices from cyber threats

Stay safe out there..! j & B

%d bloggers like this: