America's trade regulator the FTC has issued a warning over reports of a new data-harvesting operation that is targeting the victims of a previous scam.
In this case, the scammers are taking the particularly low road of targeting people who have already fallen victim to one or more scams.
The emails ask recipients to fill out an attached claim form with personal information and details of Western Union transfers that they believe were fraudulently carried out in their names. As it turns out, the claim forms are actually fakes, and the information victims enter when filling them out (including name and home address) is in fact being harvested (and likely resold) by scammers.
"We’ve heard that people are getting official-looking emails about the Western Union settlement," writes FTC staff attorney Karen Dodge.
"The thing to know is that you cannot apply for a refund by email."
The emails reference a settlement the FTC agreed with Western Union in January of last year after the money-wiring service was accused of failing to protect customers from fraudulent transfer orders and cash shifted as part of money laundering or cybercrime operations. Western Union would eventually agree to pay the $586m settlement package to wronged customers who had been defrauded by fraudsters using its payment systems.
The FTC sent out notification letters (real ones) via snail mail starting in November, and the actual refund process is being done via a claim system on its website. The commission stresses that none of the process is done through email, especially by unsolicited messages.
No matter how many times government agencies issue reminders to the public that they don't send official notifications out via unsolicited emails, such scams have long been a reliable way for scammers to net victims. ®