CONSUMER ALERT:

“Boss Scam” Targets Employees With Texts and Emails From Fraudsters Posing as Employers Asking for Gift Cards With More Employees Working Remotely Due to COVID-19 Safety Measures, AG James Offers New Yorkers Tips to Protect Themselves

NEW YORK – New York Attorney General Letitia James issued an alert to New Yorkers today, warning them about the “Boss Scam. “A standard text and email scam in which fraudsters pose as a consumer’s employer and request gift cards due to a purported work emergency. This scam may rise during the pandemic of the coronavirus disease 2019 (COVID-19) since many employees are working remotely.

A real example of a 2021 text message from a ‘fake’ employer to an employee seeking $1,400 in Target gift cards.

“Due to COVID-19 safety measures, many employees are still working remotely which makes it easier to fall for this common scam,” said Attorney General James. “A legitimate employer will never ask you to purchase gift cards in order to pay clients or for other business purchases. I urge all New Yorkers to be on the alert for this type of fraud, and to protect themselves and their wallets by following our simple tips.”

The scam typically works as follows: An employee receives a text or an email from someone pretending to be their employer who claims there is an urgent matter. The text or email may ‘spoof’ an employer’s actual name, phone number, or email address, making it seem legitimate. The ’employer’ then requests that the employee buy a certain number of Target or other store gift cards in specific denominations and promises to reimburse the employee quickly. As in the example below, the ’employer’ may ask the employee to scratch off the back of the card to reveal the PIN or claim code — thus making the gift card the equivalent of cash — and send photos of the card to the scammer.

A real example of a 2021 text message from a ‘fake’ employer to an employee seeking $1,400 in Target gift cards.

Gift card scams of all types are very prevalent. Most involve some imposter scam, such as scammers pretending to be employers, the government, family, or tech support companies. A December 2020 data analysis by the Federal Trade Commission (FTC) shows that “About one in four [consumers] who lost money to a fraud say they paid with a gift card. In fact, gift cards have topped the list of reported fraud payment methods every year since 2018. During that time, people reported losing a total of nearly $245 million, with a median individual loss of $840.” According to the FTC, some of the most reported gift and reload card brands consumers mentioned in fraud reports included eBay, Google Play, Target, iTunes, and Amazon.

Attorney General James offers the following tips to protect against the “Boss” gift card scam:

• Take a pause. Scammers create a sense of urgency to prey on victims’ emotions.
• Take a second pause. A legitimate employer will not ask you to handle company business through gift card purchases.
• Verify any supposed emergency by contacting an employer at the number you know. Do not reply to the text or email sent, even if it appears to come from a known email or phone number.

Tips to avoid gift card scams generally:

• Be suspicious of anyone who contacts you unexpectedly asking to be sent gift cards.
• Never purchase gift cards to transfer money. Gift cards are solely for gifts.
• Scammers often train their victims to give false information to retail clerks when clerks ask questions about large gift card purchases. If a retail clerk warns you that you may be the victim of a gift card scam, heed their advice and contact law enforcement officials.

New Yorkers targeted by this scam are urged to file a complaint by completing and submitting a Consumer Frauds and Protection Bureau online complaint form or by calling (800) 771-7755.

Source: Press Release
Date: August 13, 2021
Attorney General’s Press Office/212-416-8060 nyag.pressoffice@ag.ny.gov

Experts recently highlighted in a discourse series that artificial intelligence (AI) creates new opportunities that traditional technology could not achieve and could be used for health care and many other present and future challenges in various sectors.

“AI would not replace people but create new opportunities in various fields. It works on data, and if we could train our machines, it could do wonders for us in milliseconds by automating processes. It can be used for diagnostic purposes for various diseases, including COVID-19, and could prove very effective in remote areas where adequate health facilities are unavailable. Key to success in using AI for various problems is to reach out to the maximum number of people,” said Secretary, Department of Science & Technology (DST) Prof Ashutosh Sharma at the online DST Azadi Ka Amrit Mahotsav Discourse Series New India @ 75, organized by National Council for Science & Technology Communication and Vigyan Prasar.

He spoke about how DST has progressed over the last few years, seeding foundational technologies and launching several schemes to tackle the challenges coming at a faster speed with science, technology, and innovation-based solutions. “The emergence of disruptive and impactful technologies poses new challenges and simultaneously greater opportunities. DST is a nursery to help, nurture and grow young talents for the progress and development of the country,” he added.

Anna Roy, Senior Advisor, NITI Aayog, pointed out that AI can effectively address the country’s various challenges.

“India has several challenges, but at the same time, we also have the advantage of being a data-rich country with a lot of IT professionals, educationalists, and a demographic dividend. All this could prove a boon for us if we could use these for the progress and development of the country”, Anna Roy said.

She highlighted NITI Aayog’s role in identifying various problems in the country and suggesting a future roadmap for India. “NITI Aayog,, as the leading think tank for the government and country, is creating policies for widening the science and technology ecosystem and taking industry and academia along for progress and development of the country in every sector,” she emphasized.

Source: Press Release
Release ID: 1741413
Date: August 02, 2021
PIB Delhi
Ministry of Science & Technology

Harassment and Discrimination at Restaurants Owned by Famed Chef Mario Batali and Joseph Bastianich

Investigation Found That Restaurants Fostered Hostile Work Environments For Years
NEW YORK – New York Attorney General Letitia James today announced an agreement with celebrity Chef Mario Batali and Joseph Bastianich, their management company B&B Hospitality, and their restaurants Babbo, Lupa, and the now-closed Del Posto for fostering a hostile work environment that permitted a sexualized culture of misconduct and harassment at their restaurants in New York City. Following allegations of sexual harassment against Mario Batali in 2017, the Office of the Attorney General (OAG) opened an investigation into these claims and found that B&B, Batali, and Bastianich had engaged in unlawful sex discrimination and retaliation, in violation of state and city human rights laws. The allegations reported unwanted touching, sexual advances, and explicit comments made by managers and coworkers to other employees of the restaurants. As a result of this investigation, B&B, Batali, and Bastianich must pay $600,000 to at least 20 former employees, revise training materials in all B&B restaurants, and submit biannual reports to the OAG to certify compliance with the agreement.

“Celebrity and fame does not absolve someone from following the law. Sexual harassment is unacceptable for anyone, anywhere — no matter how powerful the perpetrator,” said Attorney General James. “Batali and Bastianich permitted an intolerable work environment and allowed shameful behavior that is inappropriate in any setting. Every individual deserves to work in a safe environment, and today’s agreement marks one more step towards remedying workplace harassment. I thank the men and women who reported this abhorrent behavior for their bravery, selflessness, and commitment to accountability.”

“When my female coworkers and I were being sexually harassed by multiple people at Del Posto, the restaurant’s leadership made us feel as if we were asking for it — as if it is a rite of passage to be harassed at work,” said Juliana Imperati, a former line cook at Del Posto. “Sexual harassment, discrimination, and retaliation should never be normalized in any industry or workplace. This settlement is an important step in holding the powerful accountable, and I thank Attorney General James for continuing to right the wrongs done to countless workers in the restaurant industry every single day.”

“Throughout the course of my employment at Del Posto, I endured constant, escalating sexual harassment,” said Brianna Pintens, a former server at Del Posto. “Management routinely ignored these behaviors, made excuses for the perpetrators, and often used victim blaming as a way to avoid having to deal with a workplace culture rooted in fear and humiliation. While I can’t speak for the countless other victims who faced ongoing harassment and discrimination, I can say that my time working for B&B permanently tarnished my goals and passions for hospitality. I have immense gratitude for the Attorney General’s Office for believing us, taking us seriously, and giving hope that this industry is on its way to healing and repairing a deeply flawed history.”

Today’s agreement culminated in a four-year investigation into allegations against Batali and Bastianich as employers and on behalf of B&B and their restaurants. More than 20 employees were subjected to a hostile work environment in which female and male employees were sexually harassed by Batali, restaurant managers, and other coworkers. Between 2016 and 2019, multiple employees witnessed or personally experienced unwanted sexual advances, inappropriate touching, and sexually explicit comments from managers and coworkers, and several female employees were forcibly groped, hugged, and kindly male colleagues. Batali himself sexually harassed a female server by making explicit comments to her, grabbing her hand while she was serving him and pulling it towards his crotch. On another occasion, Batali showed a male server at Lupa an unwelcome pornographic video.

Female employees specifically made complaints that chefs and managers blatantly favoured employees and made misogynistic comments degrading women in the workplace. In several instances, a manager made comments about the female employees’ appearance, including observations about their height and weight. They were told to wear makeup and even to get breast implants. The manager also referred to several female employees in front of dining guests as “little girl” and “sensitive,” and said that “females should not work in the mezzanine,” which was a main parcentral the restaurant.

The B&B employers failed to take appropriate action when confronted with reports of sexual harassment, often were unable to unablestigate complaints, and discouraged the reporting of such incidents. Complaints to management were generally dismissed, with minimal or no action taken against the harassers. The OAG found that, on at least two occasions, when employees complained of sexual assault incidents outside of the workplace by male colleagues, B&B’s human resource department initially responded that the company could not take any action because the assault took place outside of the workplace, or could not take action unless the complainant filed a police report.

In addition to paying $600,000 to the workers, the agreement stipulates the revision of training materials in all B&B restaurants, as well as reports to certify compliance with the agreement deal; Bastianich and B&B have agreed to implement more comprehensive training geared to foster healthy work environment. They will also submit biannual reports to the OAG to certify compliance with this settlement, including records of harassment and discrimination training and policies for the next three years.

The settlement is part of Attorney General James’ ongoing efforts to address harassment and discrimination in the workplace. The OAG is continuing to review and evaluate claims. If you believe you have been a victim of sexual harassment or discrimination that occurred at any of these restaurants since at least 2016, please get in touch with office416-8250.
This case was handled by Senior Counsel Sandra Pullman of the Civil Rights Bureau, Assistant Attorney General Roya Aghanori, Assistant Attorney General Anielka Sanchez Godinez, Volunteer Assistant Attorney General Hannah Bernard, and Labor Bureau Chief Karen Cacace. The Labor Bureau is a part of the Division for Social Justice under Deputy Attorney General Meghan Faux and overseen by First Deputy Attorney General Jennifer Levy.

Source: Press Release
Date: July 23, 2021
Attorney General’s Press Office/212-416-8060 nyag.pressoffice@ag.ny.gov

• A non-relational and multi-model database service.
• Improved DB account availability: Data is distributed to other regions without affecting the data consistency across various areas where the data replicates.
• Fits any web application, mobile application, gaming, or IoT application that requires processing, reading, and writing a massive amount of data.
• Users can scale the throughput and storage resources elastically and independently across Azure regions. Thus, it enjoys a fast, less than 10ms latency for both reads and writes workloads due to using local data caching and automatically indexes all incoming data.
• Azure Cosmos DB can access the stored data using the API that fits the user’s application requirements from the supported SQL, MongoDB, Cassandra, Tables, or Gremlin, and the appropriate SDK from the .NET, Java, Node.js, Python, and Xamarin-supported SDK.
• Easy Migration: A user can migrate the application to Cosmos DB without significant changes.
• It provides five well-defined consistency options: Strong, bounded staleness, session, consistent prefix, and eventual, which offers complete flexibility and a low cost-to-performance ratio.
• Throughput: It pro allows the ability to scale the read and write operations and add or remove any regions to respond directly to unexpected workload spikes.
• Security: The stored data is always secured using data encryption at rest and in motion and configuring the row-level authorization.

• Easy Migration: A user takes a backup from the on-premises SQL Server, saves it in an Azure storage account, and restores it to your Azure SQL Managed Instance.
• Compatible with SQL Server and Linked Server
• It allows hosting up to 100 databases in the same SQL Server instance, thus overcoming the cross-database querying limitation of the Azure SQL Database.
• Supports the common language runtime (CLR) feature
• Provides access to the system databases, allows the use of SQL Agent jobs, and provides the ability to manually take copy-only backups of the databases to Azure storage.
• Dedicated computing and storage services
• Supports maximum database size of 8TB
• High Availability: 99.99 to 99.995%
• Low price

Service Tiers

The General Purpose and the Business-Critical

Business-Critical

Supports the In-Memory OLTP, readable secondary replicas, includes more memory per core
offers lower storage latency by using direct-attached storage.

Features

• Single Fully Managed PaaS Service
• It is more accessible and cost-effective to store the application-deployed processed data.
• Enables developers to focus on database design and performance optimization.
• The developer chooses the database name and a few options to get the database up and running within a few minutes!
• Dynamically Scale Resources: The provider offers several pricing tiers to scale the resources up and down by tuning the performance tier on the fly to meet current workload requirements and at convenience.
• Lower Price: Easy auto-scale and auto-close capabilities lower the costs of the development and testing environments of the Azure SQL Database. The database charging pauses after an hour of inactivity but with a higher per-hour or vCore pricing cost than the other Azure SQL Database deployment models.
• Less Administrative Effort: The provider Azure implements, manages, and maintains the underlying infrastructure required to host the database, patching the operating system and SQL Server with the latest security updates. Furthermore, it contains all backup, restore, or retention policies. Hence, the developer need not worry about spending time on the same.
• Automatic database Index tuning feature: It helps to identify the expensive queries, automatically forcing the last good performing execution plan and adding and removing indexes based on the workload requirements, using built-in intelligence and advanced heuristics mechanisms.
• High Availability & Uptime Guarantee: 99.99% per cent, a customer never loses data due to a failure. The database has no single point of failure, with the high availability and disaster recovery solutions built into that PaaS platform.
• Fully Managed Automatic Backup: It takes weekly full backups, twice-daily differential backups, and log jams every 5-10 minutes.
• The database deployed to an SQL Server instance hosted in an Azure Virtual machine supports the same features and structure the Microsoft SQL Server supports.
• High Performance, Monitoring, Database scoped configuration and authentication.

Resource charging models

Database Transaction Unit (DTU) model

A customer pays one fixed price for computing or IO/ memory and data storage.

vCore model

It allows separate charges for computing and a particular order for your storage, which provides more flexibility in managing your costs than with DTU.

Deployment models

Single database
Elastic pools
Hyper-scale

Single database

• The simplest deployment model of Azure SQL Database, managed and scaled individually, with its dedicated resources.
• A user creates a logical server, deploys the database to that server, and connects to that database directly.

Elastic Pools model

• A database deployed to an elastic pool shares the same resources with other multiple databases deployed to the same collection. Thus reducing the overall cost of hosting these databases in Azure and allowing the scaling process to be performed at the elastic pool level.
• This model fits unstable workloads with non-concurrent or not-frequent spikes in the workload.

The Azure SQL Database Hyperscale model

• A serverless model allows overcoming the Azure SQL DataDatabase’sstorage limitation.
• It can expand 100 TB and beyond storage for each database using an advanced scaling technique by adding compute nodes as the data sizes grow, with the additional cost only per terabyte for the repository.

• Instances: Virtual Computing Environments
• Instance Type: Different configurations of memory, storage, CPU, and networking capacity.
• Machine Image: Pre-specified templates for instances with additional software and operating systems.
• Store Volumes: The storage volumes for non-permanent data are deleted when users hibernate, stop, or terminate an instance.
• EBS Volumes: Storage volumes that are persistent for data using the Elastic Block Store (EBS).
• Secure instance log-in using public-key cryptography: AWS saves the public key, and users are responsible for storing the private key in a secured place.
  Users can create one on the Amazon EC2 console ‘Create Key Pair’. To get the administrator password for the Windows instance, the user has to specify the name of the key pair that EC2 will use to associate the public key. The critical name contains up to 255 ASCII characters and cannot have trailing or leading spaces. And then, under the ‘File Format’ section, select the format in which the private key will be saved for deploying with OpenSSH, select ‘pem’, and with PuTTY, select ‘ppk’. The private key is automatically downloaded once the user clicks ‘Create Key Pair’. The base file name will be specified as the crucial pair name and file extension determined by the selected format.
  Then, the user will be able to log in using RDP. The user must create a key pair for areas to launch an instance in more than one region.
• Securareairewall allows users to specify the ports, protocols, and source IP ranges the instance can get. A Firewall controls both inbound and outbound HTTP & HTTPS traffic at the instance level. A user adds rules to a security group to connect to an instance from its IP address with RDP. A securitRegionp must be created for each region to launch models.
• The EC2 console automatically detects the IPV4 address. Most non-static IP users provide the IP address range after choosing the default region, as security groups are very particular. A user prRegion the name and description to the Security Group. From Inbound Rules from Type List: * Select HTTP and then HTTPS and set the source to Anywhere (0.0.0.0/0) * Select RDP.
  In the source box, select ‘My IP’ to populate the field automatically with the local computer IPV4 address, or selechoosestom’ and indicate the IPV4 address of the computer or network using the CIDR notation, i.e. insert the suffix/32.
• Regions and Availability Zones: Multiple physical locations for resources like the instances and the EBS.
• Elastic IP Address: Static IPV4 address designed for dynamic cloud computing.
• Metadata or Tags: can be created and assigned to Elastic Compute Cloud resources.
• Virtual Private Clouds (VPCs): The virtual networks created that are logically isolated from the other parts of the cloud and help to connect optionally to the user network.

Eleven Amazon Web Service Certificates spanning across four levels:

• Entry-level certification or the Foundation Certification: This category has one certification – AWS Certified Cloud Practitioner Certification Requirement: Six months of cloud knowledge coupled with industry experience
• Associate Certification Level: This level features three certifications for the three roles – AWS Certified Solution Architect, AWS Certified Developer Associate and the AWS Certified SysOps Administrator. The candidate registers for these certificates depending on the role they are looking forward to, whether operations, developer, or architect. Requirement: At least one year of experience in solving problems and designing solutions with the AWS Cloud.
• Speciality Certification: Shows severe technical expertise in Amazon Web Service Cloud. The certification is only for someone with incredible knowledge in challenging speciality-related operations and tasks. It caters to a wide range of highly technical roles and specialities.

AWS Certified Cloud Practitioner Exam (CLF-C01) to gauge the knowledge & expertise of the Amazon Web Service Cloud. The certification confirms that a person thoroughly understands AWSCloudd and the fundamentals of Amazon Web Service. They are expected to explain the fundamental global AWS infrastructure, architecture principles, security compliance, and value proposition. The certificate holder understands prominent use scenarios, pricing models, access, and account management. Furthermore, a person comprehends technical assistance, documentation, and how to tender support tickets.

Alert Against COVID-19 Vaccine and Stimulus Scams

Fraudulent Actors May Send Malicious Messages and Phishing Emails

While Attempting to Access Consumers’ Personal Information

NEW YORK – New York Attorney General Letitia James alerted New Yorkers today to remain vigilant against potential scams related to the coronavirus disease 2019 (COVID-19) public health crisis. As more New Yorkers become eligible for the vaccine that will help prevent the spread of the disease and a new round of stimulus payments are sent out to combat the economic fallout of the pandemic, scammers are seeking to take advantage of innocent New Yorkers by making fraudulent promises. The American Rescue Plan Act of 2021 was passed by Congress and signed into law earlier this month to help speed the nation’s health and economic recovery. The law increased access to vaccines and authorized the U.S. Department of Treasury to issue emergency stimulus payments to Americans to help offset the costs of essentials and provide many other vital provisions to aid Americans. However, fraudsters are now imitating the Internal Revenue Service (IRS) and other federal agencies to access consumers’ personal information by promising access to additional stimulus payments, the ability to skip lines for vaccines, and other services.

“Scammers are out there, and they are continuing to find a slew of new and shameful tactics to exploit this pandemic,” said Attorney General James. “These cyberattacks are just the latest example of unscrupulous individuals capitalizing on health and economic suffering, and it is crucial that New Yorkers remain vigilant to ensure they do not fall victim to these illegal activities. Promises to skip the vaccine line or receive additional stimulus payments are lies, plain and simple, and New Yorkers need to remain alert. I encourage all New Yorkers to follows these safety tips and report suspected scams to my office. We remain committed to protecting consumers’ health and wallets and rooting out fraud.” 

There have been recent reports of scammers posing as the “IRS Rescue Plan Dept” and attempting to steal people’s personal and financial information through malicious messages, known as phishing emails. To make these scams even more deceiving, the emails may include the IRS logo to establish credibility and often could have an official-sounding subject line, like “IRS Rescue Plan Act.” In other instances, the subject lines have read: “Joe Biden Rescue Plan Act,” “IRS Rescue Plan Form,” or “President’s Rescue Plan Act,” among others.

Many individuals seeking to defraud Americans are doing so by promising stimulus payments in addition to the up to $1,400 eligible adults may qualify for and up to $1,400 eligible children could receive, as well as other financial aid. At the same time, New Yorkers and Americans nationwide continue to suffer through the economic recession. At this time, no additional payments have been authorized by Congress. Bad actors are also preying on New Yorkers’ desire to get vaccinated quickly. Earlier today, all New Yorkers 30 and older became eligible for the vaccine, and in one week, all New Yorkers 16 and older will become eligible. However, lines remain long to get a vaccine. Therefore, anyone promising New Yorkers the ability to skip the line is doing so fraudulently.

Attorney General James today highlighted the following tips for New Yorkers to follow to protect themselves from these scams:

• Don’t be fooled by familiar logos and branding. It’s easy for attackers to design emails that look safe and legitimate at first glance. If someone claims to be from the government with a check or a vaccine, it may be a phishing scam illegally trying to obtain a consumer’s bank account or other personal information.
• Look for misspellings and poor grammar. While not always present, emails containing multiple spelling and grammatical mistakes indicate the email is malicious.
• Never open attachments or click links from those claiming to be from the government unless you have expressly signed up for a notification or an email. Clicking on buttons, such as “Apply Now,” or downloading attachments may enable scammers to download malicious software onto computers that will steal consumers’ personal information, including email addresses, passwords, and other vitally important yet confidential information. If a consumer is unsure about a message, they should delete it immediately.
• Verify the legitimacy of any unsolicited/unexpected email before interacting with it, especially if the IRS or COVID-19 is mentioned in any way. Consumers need to sign up for a COVID-19 vaccine proactively. If a consumer is eligible for a stimulus payment, they will receive a payment directly from the IRS.

New Yorkers who believe they have been a scam victim should contact the Office of the Attorney General (OAG) to file a complaint. New Yorkers can learn more about COVID-19 scams on the OAG website.

Source: Press Release
Date: March 30, 2021
Attorney General’s Press Office/212-416-8060
nyag.pressoffice@ag.ny.gov