Wednesday, February 06, 2019

Huddle House Reports Point of Sale Hacked Since August 2017

If you had a meal at Huddle House and used a payment card -- you might want to give the issuing financial institution a call (or review your account online) and make sure your financial health wasn't compromised! Huddle House announced that the compromise occurred from the beginning of August 2017 until "present."

It always amazes me how long compromises go on without being detected. In this case, it was well in excess of a year!


Huddle House is a casual dining and fast food chain that operates in the southeastern United States. On 02/01/2019, they announced that their point of sale system had been hacked on the main page of their website. 


Huddle House reported that the following personal details were compromised:


"Based on the facts known to Huddle House at this time, the malware was designed to collect certain payment card information from the magnetic stripe, including cardholder name, credit/debit card number, expiration date, cardholder verification value, and service code."


The page also details all the resources available to protect yourself. 


Please note that some people opt for "paid services" to protect their financial resources, but you can also do it yourself for free. 


Free credit reports are available at AnnualCreditReport.Com and the Federal Trade Commission has great information on how to deal with any issue that arises from using your card at Huddle House.


In the United States, billions of dollars of payment card fraud are incurred by customers, banks, and merchants a year. The biggest losers are the merchants, but we can assume that we are all paying for it when these losses are passed down to the consumer via higher prices and fees.


Please note that there are varying estimates of the true cost of fraud. Based on years of personal experience, I have always found that large amounts of fraud loss are buried as "bad debt" because no one (normally a Collections Department or Fraud Department) spent the time to investigate the true cause of the loss. 


The sad thing is that when this happens, fraud losses tend to go up because no one is effectively mitigating the root cause of how the money is being stolen. 


Tuesday, February 05, 2019

Better Business Bureau Tool to Track, Report and Educate the Common Person on Scams

The BBB Scam Tracker is a robust interactive tool to track fraudulent activity in throughout North America. The data I viewed from Mexico seems to be minimal at this point, although this might be because Mexico was added after the United States and Canada.

The site collects data from users, who were the victims of a scam, or from smart people who figured out someone was trying to scam them.

The tool enables the user to search potential fraudulent activity by keyword, type of scam, location, and time frame. Please note that scams are most successful when they hit a new geographical area because the "word is not out yet." Because of this, scammers frequently travel and even rotate the particular scam in order to catch innocent people/businesses off guard. Just because the particular scam is not showing up in your geographical area doesn't mean that it won't knock on your doorstep tomorrow.

The scam activities tracked include home repair, tree trimming, tax, advance fee, job, lottery, collection, counterfeit checks, bogus credit cards, vishing, phishing, and identity theft. There is even an "other" category to cover anything that is a previously unknown activity. New scams are hatched all the time. The main thing all scams have in common is that they are "too good to be true."

The data collected is provided to the National Cyber-Forensics and Training Alliance, who in turns shares it with law enforcement, 

Here is a link to the BBB Scam Tracker. Scammers count on people not taking the time to report their activity (assuming they do not fall for it). Reporting it is a good deed because it protects other people.

The BBB also has a video on YouTube on this tool, if you would like to watch it.

Monday, February 04, 2019

Are Lyft's Earning Claims for Drivers Deceptive?


With all the bad publicity Uber has received recently, Lyft is trying to position themselves with the public as a better option and a good citizen in the techie community. They claim all over the internet that a driver can make up to $35 an hour/$1500 a week, which sounds great, but is this claim too good to be true? I decided to find out!

To begin my adventure, I signed up and ultimately chose to use their new "Express Drive program." where a rental car is provided for a fee. To calculate what the costs would be if I used my own vehicle, I employed a tool called MileIQ to track the amount of mileage incurred and estimate what the wear and tear on a personal vehicle would be.

I then carefully read all their tutorials on how to maximize the amount of money I would make and made an appointment to pick up the vehicle via the Lyft App from Hertz at a local Pep Boys. Please note, I tried to call this car rental center over 10 times to clarify some items and no one ever answered the telephone. After making the appointment, I received daily text messages and emails reminding me to pick up the vehicle on the time/date specified.

Upon my arrival, a male wearing gym shorts and a tee shirt gruffly informed me that it was his lunch time and I would have to wait for an hour for him to return. When I told him, I had an appointment, he said the computer made a mistake and that wasn't his problem. He then got into an SUV with Lyft decals on the side and left with a male and a female. I later discovered the other two people were the Hertz employees dedicated to the Lyft Express Drive Program.

During the hour-plus he was gone, numerous drivers showed up trying to find someone because they were having issues and couldn't get anyone to answer the phone. Several of them also told me that they had made numerous calls and never got an answer.

When they returned, the male in the tee shirt and shorts (who I later identified as a contract employee for Lyft) had me watch a video and directed me to the Hertz employees. One of them took me to a Mazda with approximately 75,000 miles on it to do an inspection. The car was filthy inside and out, had cigarette ashes everywhere, and had dings all around the exterior. Having just read the paperwork threatening me with a "large fine" if I smoked in the car, I voiced concern and was told that this was being documented and not to worry about it. I was then told I would be given a self-service car wash coupon to clean the car.

I have rented cars many times for a week that were much newer and "clean" for about the same price when traveling on business or having service performed on one of my personal vehicles. My guess is the cars Lyft provides are originally regular Hertz rentals that did not sell on their used car lots.

Lyft does claim to eat the approximately $180 plus taxes a week fee if you give 85 (partial) or 105 rides (total) in a week -- but based on my overall experience and speaking to drivers -- this is unrealistic unless you work an excessive amount of hours. Please note that you also have to maintain a 90 percent acceptance rate to get this benefit, which is explained below.

We then returned to the Hertz counter and computer issues ensued causing further delay. After about three hours, I was ready to begin my "Lyft Adventure" with a filthy, smelly car and headed to the car wash. After cleaning the car myself and going home to take a shower, I was finally ready to start making money.

The first thing I noticed was the substandard navigation on Lyft Driver App (run by GoogleMaps). Frequently, it would tell me to turn at a street/exit, I had already passed. Throughout the week, I noticed it sending me in crazy loops that made no sense considering the location of the customer. In many areas, it got street names wrong, and on more than one occasion it sent me several miles out of the way before telling me to turn around and go back to where I came from. Since the customer sees the driver going all over the place on their Lyft Customer App, this causes some frustration on their part, and they blame the driver.

The next thing I noticed is how the rides are accepted. When Lyft sends you a ride request, the phone lights up and prompts you to accept it. To accept the ride, you tap on your phone and the navigation takes over. The customers are all supposed to have pictures, but many do not. Lyft's instruction is to follow their navigation and you have no idea what the ultimate destination is going to be until you are about ready to arrive. I found that sometimes, the destinations were in high crime areas, which might be a safety concern for some drivers.

Another thing I noticed is that the app literally hijacks your phone and it is very difficult to use other apps after opening it up. The main screen displays the Lyft purple ball after logging on -- and on several occasions -- it logged me on again after logging out and it accepted rides. Once, this happened when the phone was being charged in another room.

It also opened my contacts and pinned them to the main screen. I later discovered (hidden in the fine print) that I had agreed to give them access to my contacts, which they claim is to spread "Lyft Love" to everyone listed in there. Please note that a lot of malicious code does the same thing when trying to compromise a system.

You are rated based on your acceptance rate and when the phone lights up there is no sound prompt. This means you have to constantly keep an eye on the phone, which is a driving distraction and could be dangerous. It also doesn't help when the app accepts rides after you think you have logged out.

Failure to maintain a 90 percent acceptance rate also prevents you from hitting any offered bonuses, and can even get you deactivated (geek for getting fired).  Based on the chatter on numerous internet forums, few if any people, ever hit the parameters to achieve a bonus.

The next interesting thing is their rating system. At the end of each ride, both the rider and driver rate each other from 5 to 1 (5 being the best). If a driver falls below a 4.8, they start getting messages that they are at risk of being deactivated. In the week, I drove I picked up some pretty interesting people. Many were intoxicated and some were downright scary. Some of them spilled items in the car and or left their trash in it.  Often I would arrive to pick one person up and four or five people would pile in the car. Frequently these groups were intoxicated and so rowdy that it was difficult to hear the navigation. I did meet many very nice people, but you literally have no choice who you pick up if you want to maintain an acceptable rating.

I even got a homeless person and a woman, who blatantly told me she was an escort using Lyft to drive her to a client. One or two 4 ratings will knock your overall rating down and if an intoxicated person gives you a 1, it will be pretty hard to recover. In my humble opinion, this rating system is a tool used to intimidate the drivers into not saying anything to a customer when they are clearly acting in an unacceptable manner. Of course, drivers are expendable and easily replaced with fresh people responding to the "up to $35 an hour/$1500 a week come-ons."

I ended the week with a 4.7 rating, which in any other arena would be "darned good," especially considering the challenging aspects faced when providing this service. Despite this, 4.7 is considered as a "needs improvement" by Lyft.

On my third day, I got a "snippy e-mail" telling me I got a complaint that the car smelled of smoke. The customer related they had asthma, which made the ride difficult. Considering the condition of the car when I got it, I guess the smoke smell lingered on after I cleaned it inside and out. I promptly cleaned and washed the car again, purchasing a fairly expensive product to remove the smoke smell. I then emailed Lyft about this because I felt bad about what the customer had experienced. Prior to this, they had always answered right away, but this time they did not and despite daily follow-ups, they never did.


Lyft does show power zones on the navigation map, which light up in shades of red. They recommend that you go to these zones to maximize your earnings. These zones are where they claim they need drivers and are charging them higher fares (referred to as prime time). My experience with the power zones was that I would drive towards them, and they would disappear right before I got there. I also noticed that they tended to light up when I was headed home, which seemed to be a strange coincidence. On the few times, I made it to the red zone in time, I either got no business or a $3 to $6 dollar fare. The end result was a lot more gas and carbon gasses expended with no return on investment.

Please note that the reason for this could be that so many drivers are on the road trying to make $35 an hour, it has caused the market to become over saturated. There is very little doubt that they are engaged in a price war with Uber in an attempt to gain market share and that this is cutting into the amount being made by the drivers.

So far as making money, there were a few times I got busy, but there were also times where I would drive for up to two hours with no business. There were also many times when all I would get were $3 to $8 dollar rides at the rate of about one an hour (despite following all the revenue-enhancing tips provided by Lyft). Please note that these fares are the amount before Lyft took their 25 percent cut.

When in "driver mode," the app shows your earnings and details them by the ride. The earnings being displayed are before Lyft takes their cut. This tends to make the driver think they are making more money than they actually are.

Lyft advertises that they let the driver keep the tips, but few customers actually tip. I averaged about 7 percent in tips for the week.

Lyft does provide insurance while you are logged into the app, but it has a $2500 deductible. Your primary insurance will probably have to take over if an accident occurs and it is possible you will be dropped by your insurance carrier if they discover you were driving for Lyft. Consumer Affairs published a telling article detailing this risk and potential liability.

Towards the end of the week, I started getting hit with numerous messages via text and email to renew my rental. These messages confused me as to what day it was due back and I reached out to Lyft Support for a clarification. Here again, despite several follow-ups, they never answered me until a day after the vehicle had already been returned. When returning the car, I asked the Lyft employees if there was a number I could call and they told me that one does not exist.

Now for the money, I was able to make. Listed below is the summary provided by Lyft. The rental was prorated (normal cost is $180 a week) because I picked up the car a day into the pay cycle. It doesn't include gas cost, car washes, or my time cleaning the car because of the condition it was in. Also not included is the three hours to pick up the car, or the hour it took to return it.

54 Rides and logged into the Driver App for 45h 16m 57s

Ride Payments: $510.57

Tips: $35

Lyft Fees: -$127.72

Rental Fees: -$154.28

Rental Tax: -$12.86

Total Earnings: $250.72

I made $250.71, and after taking the $132 in gas/miscellaneous expenses out, I netted a whopping $118 for 45 hours work. This equates to $2.62 without taking into account overtime and would have been close to the minimum wage in the '70s. On the other hand, Lyft made $127.72 plus whatever they and Hertz made on the rental.
I calculated the miles, which if recorded could be written off in taxes on a personal vehicle, but also represent wear and tear. There are tales in the forums of drivers wearing out vehicles before they were paid off. I drove 917 miles for the week, which at the federal mileage rate of 53.5 cents a mile equates to  $490.60 (rounded up). Please note the federal mileage rate is an official calculation of what wear and tear represents.

This amounts to 50,440 miles driven a year if the driver (who gets no vacation time) drives every week.  If you subtract the $490.60 from what I made, I would have been operating at a net loss. Of course, these are all estimates, but estimates based on factual data.

I wonder how many financial losses are incurred by the auto industry when a car wears out and the person can no longer afford to make the payments?

Lyft advertises all over the Internet that a driver can make up to $35 an hour/$1500 a week. While this sounds like a great opportunity, the truth is a far different story, and Lyft is laughing all the way to the bank at the expense of their easily replaced drivers.

The drivers receive no benefits, and many of them are making a lot less than minimum wage when all things are considered. I discovered by speaking to several drivers that some of them work up to 14 hours a day/7 days a week) trying to make ends meet. I was told several times that if I wanted to make money, I would have to drive to San Francisco (4 hour round trip) and put in some long shifts.

Lyft does regulate the number of hours a driver can be on the road and there are differences in some jurisdictions, but for the most part, they allow 14 hours a day with at least a 6-hour break. There does not appear to be any limit on how many days a driver can work in a row. Of course, they are not paying overtime since the drivers are considered to be self-contractors, either.

One could make a pervasive argument that Lyft is creating a potentially dangerous situation for everyone on the road, and creating a lot of unnecessary carbon gasses in their quest for easy money and market domination.

There have been recent legal efforts to have rideshare drivers classified as employees. This would go a long way to creating a level playing field for the competition that is being run out of business by outfits like Lyft and Uber. It would also go a long way towards preventing these outfits from creating an abusive atmosphere for their drivers.

The truth is their drivers provide all the fixed costs (vehicles, gas, cell phone, time etc.) and Lyft collects 25 percent of the earnings with a computer application that maintains command and control of the driver. Because they pass on their costs of doing business and are paying no benefits, it is no wonder that they have run the competition out of business. With no benefits being paid, the taxpaying public is also probably picking up the costs of providing them to their drivers.

It is also no secret that both Lyft and Uber and pursuing the driverless car option. Will this lead to them replacing their drivers, in the same manner, they have replaced traditional transportation outfits? The sad thing is that the drivers are providing all the fixed costs of pursuing this goal and will eventually be replaced by a machine.

If most businesses were able to operate in this manner, they would probably be shut down by the government for gross violations of labor laws and essential human rights.

On a closing note, here is a list of political donations given by Lyft employees. I was shocked to discover that most of the recipients claim to be social justice warriors. Recipients include Bernie Sanders, the DNC, Hillary Clinton, Kamala Harris, and Jill Stein, They also gave a $1,000,000 donation to the ACLU to fight President Trump's immigration ban. This ban essentially blocked people from countries with no functioning government from entering the country. The Obama administration was the one who designated these countries as dangerous because of a lack of effective government and ties to terrorism.

Doesn't the first initial of the ACLU stand for American? Perhaps they and Lyft should revamp their efforts to prevent abuse to human beings in this country instead of pursuing an agenda that could be dangerous to our citizens.

Friday, February 01, 2019

Caller ID can Cost You $$$$

Fraud using the telephone is nothing new and has been around for as long as there have been telephones. After all, a telephone is merely a communication device that can be used to dupe someone into doing something they might regret later.

Saying that telephone technology, which has grown rapidly in recent years, has given fraudsters a wide array of new tools. More and more frequently, these tools are used to depart common people and even large businesses from their hard-earned money.

Take Caller ID for instance, which is marketed as a means of protecting our privacy. When I say marketed, it's normally sold to us for a fee so we can see who is calling us. The irony of the situation is that for a fee (over even for free in an app store) -- just about anyone can make the ID appear to whatever number they desire. If you have a person stored in your contacts and their number is used, the contact information stored in your phone will appear on the screen. 

The ability to spoof (fake/impersonate) Caller ID has been around for a few years. Collection agencies, private investigators, telemarketers, and even law enforcement agencies use it to get people to answer their telephone.  Unfortunately, scammers and seedy telemarketers are now using this technology to trick people into buying questionable goods and services or even steal from them. 

The FTC has a great site to educate the public on this activity and you can file a complaint with them.

Common lures/signs of a scam to snag a victim include:


  • Your banking credentials have been compromised and they ask for financial verification to verify your identity (they often spoof the financial institution's number).
  • You owe the IRS money and will go to jail if you do not pay today.
  • You owe for a loan and will go to jail if you do not pay today.
  • That they have been monitoring your credit and you now qualify for zero interest on your credit cards. 
  • You've been specially selected (for this offer).
  • You'll get a free bonus if you buy our product.
  • You've won one of five valuable prizes.
  • You've won big money in a foreign lottery.
  • This investment is low risk and provides a higher return than you can get anywhere else.
  • You have to make up your mind right away.
  • An offer of a free vacation. 
  • An offer of a "too good to be true" business or investment opportunity. 
  • You trust me, right?
  • You don't need to check our company with anyone.
  • We'll just put the shipping and handling charges on your credit card (If they get your payment card they often use it to commit additional fraud).

Please note that some of these scams are telemarketing come-ons. Many are also charity scams, where no money is ever given to a real charity. It is prudent to research the validity of any charity, which can be done by visiting the Charity Navigator website

More and more frequently, Caller ID is being used by organized (and maybe some not so organized) criminals to commit fraud. A couple of years ago, 62 people were arrested for operating from a call center in India and impersonating IRS or ICE agents. They allegedly made $75,000,000 in one year from this operation. I received several of the alleged IRS calls and they all had a Washington DC area code appearing on my telephone. With tax season here, we can probably expect to see these calls resurface again. 

Most of the calls, I have personally received or heard about involved a person with a foreign accent. I suspect a lot more of this activity comes from call centers located overseas. Unfortunately, we have all been "trained" to accept calls from people with foreign accents by corporate entities outsourcing jobs in order to save payroll dollars. 

The Truth in Caller ID Act was signed into law in 2010, which makes it illegal to spoof a number in order to commit fraud. Despite the law, the amount of this type of fraud seems to be on the rise. Due to the fact that most of these calls originate from overseas by purchasing a local telephone number -- and then forwarding the calls -- the danger of any real consequences is extremely minimal. The other option provided is to sign up for the FTC's "Do Not Call List," but this seems to be ignored by the people making the calls. 

Being able to spoof a call has become too easy. A simple Google search will reveal all kinds of "resources" available to anybody. 

In my humble opinion, the need for additional legislation to combat this growing problem is pretty apparent. Most of us are exposed to this activity "too frequently" via easily available technology, which not only includes "spoofing," but also includes professional sounding "phone trees" backed up by "robocall dialers." Perhaps the solution is to make it illegal to sell this type of technology to "anyone." The telecom types should also be forced to aggressively to come up with robust solutions to protect their customers from a service they are charging them for.