Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – July 10, 2020 – More Coronavirus Related Phishing Scams

I first started telling you about coronavirus phishing scams on February 8th.  Today, I am warning you again because scammers have dramatically increased the number of phishing scams using the Coronavirus as a hook to lure people into providing personal information or clicking on links and downloading dangerous malware.  Most phishing emails try to create a sense of emergency to entice you into quickly and without thinking provide information or click on links.  Concerns about the Coronavirus are easily exploited by scammers who trick people to throw caution to the wind and become victims of their phishing scam.

According to the security company GreatHorn, one of the more common Coronavirus related phishing emails comes with the subject line that reads “Mandatory Covid-19 Assessment for Employees.”  Victims of this phishing email, believing it is from the company for which they work, click on the link and provide personal information that is used for purposes of identity theft.

The security company ProofPoint identified a number of other Coronavirus related phishing emails that were used to lure people into downloading dangerous ransomware malware.  These have been coming with subject lines including “Your COVID-19 results are ready / 85108,” “Your COVID-19 results are ready / 85513,” Your COVID_9 results #99846,” “View Your COVID19 result #99803” and “COVID19 virus analysis #83273.

TIPS

Phishing emails are a leading cause of many scams and even major data breaches.  It is relatively easy to craft a legitimate appearing email that can use a variety or pretenses to trick people into clicking on links or downloading attachments.  Anytime you get an unsolicited email that asks for personal information, instructs you to click on a link or download an attachment you should be wary.  Remember my motto, trust me, you can’t trust anyone.  Never provide personal information, click on a link or download an attachment unless you have absolutely confirmed that the email is legitimate.  You can hover over a link with your mouse and determine where the link will take you.  Often this can help you learn that the link is part of a phishing scam, but regardless the best course of action is to never click on a link unless you have absolutely confirmed that the it is legitimate.

You should also make sure that your phone, computer and any other devices you may have are protected by security software and update your security software with the latest security patches as soon as they become available.  It is important to remember, however, that the most up to date security software will always be at least thirty days behind the latest strains of malware so you cannot depend on your security software to be 100% effective.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide.com was recently cited by the New York Times as one of three best sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 9, 2020 – FTC Issues Warning About Skimmers at Gas Pumps

Summer and the lifting of many Coronavirus restrictions around the country are resulting in more people taking to the roads.  Recently, the Federal Trade Commission (FTC)  issued a warning about the dangers presented by skimmers on gas pumps.  I have warned you about the dangers of skimmers for many years.  Skimmers are small electronic devices that are easily installed by an identity thief on gas pumps, ATMs and other card reading devices.  The skimmer steals all of the information from old style magnetic strip credit card or debit cards which then enables the identity thief to use that information to access the victim’s bank account when the skimmer is used on a debit card.  If a credit card is used, the identity thief can use the stolen information to access the victim’s credit card account.  Each skimmer can hold information on as many as 2,400 cards.

MasterCard and Visa announced in December of 2016 that the deadline for the installation of EMV chip card readers on gas pumps was being delayed three years to October 1, 2020. Wider implementation of the use of EMV chip cards at retail stores where their use has been mandated since 2015 has resulted in a dramatic reduction in data breaches and credit card fraud at retailers using this equipment.  EMV  chip cards are far safer than the old-style magnetic strip cards.  The deadline for the installation of EMV chip card readers at gas pumps was originally scheduled for October 1, 2017.  Around the country there has been a dramatic increase in the use of skimmers installed by criminals at gas pumps.

TIPS

Always look for signs of tampering on any machine you use to swipe your credit card or debit card although the more advanced forms of skimmers are installed in the gas pump’s interior and cannot be detected from an inspection of the outside of the pump. Keys to open the gas pumps to allow the installation of the skimmer are readily available online.  If the card inserting mechanism appears loose or in any other way tampered, don’t use it.   Debit cards, when compromised through a skimmer put the customers at risk of having the bank accounts tied to their cards entirely emptied if the theft is not promptly reported and even if the victim reports the theft immediately, the victim loses access to his or her bank account while the matter is investigated by the bank. Debit cards should not be used for purchases at gas pump. Instead use your credit card and monitor your account regularly to find out early if you have become a victim of this scam. With a credit card, your liability for fraudulent purchases is limited by law to no more than $50 and I am not aware of any credit card companies that hold their customers responsible for any fraudulent purchases. However, fraudulent debit purchases do not come with the same legal protection.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide’s list of Coronavirus was recently featured and recommended in the New York Times. https://www.nytimes.com/article/coronavirus-money-unemployment.html

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 8, 2020 – Costco Text Message Scam

Identity thieves are sending text messages to people that appear to come from Costco indicating that your Costco membership will be cancelled unless you click on a link and take a survey in which you are asked for personal information that is used for purposes of identity theft.  Costco has warned people about this on its website.   Phishing text messages such as this which are called smishing use the same techniques to lure you into clicking on links and providing personal information that more conventional phishing emails use, namely they scare you into acting quickly in order to avoid a major problem.   It can sometimes be difficult to determine when you get a text message such as the phony Costco text message as to whether or not it is legitimate., however, you will be safe if you remember my motto, trust me, you can’t trust anyone.”

TIPS

Obviously, if you are not a Costco member, you will immediately know that the text message is a scam.  For everyone else it is important to remember that whenever you get a phone call, text message or email, you can never be sure as to who is really contacting you.  Therefore you should never click on links or provide personal information unless you have absolutely confirmed that the communication was legitimate.  In this case, Costco will never threaten you with cancellation of your membership for failing to answer a survey, however, if you have any concern that such a text message might be legitimate, you should merely contact Costco so you can confirm whether or not the communication was legitimate.  Here is a link to the section of the Costco website that provides contact information for Costco.  https://customerservice.costco.com/app/answers/detail/a_id/9

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three best sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 7, 2020 – Good News About Robocalls

Over the years I have written numerous times about the problems presented by robocalls and with good reason.  Automated robocalls which, for commercial purposes, are illegal, are the number one consumer complaint reported by the public to the Federal Trade Commission (FTC) at a cost to consumers of billions of dollars each year. Robocalls are used by scammers to perpetrate a wide variety of scams.  The ease by which illegal robocalls may be made by computers using Voice over Internet Protocol (VoIP) accounts for much of the problem.

Now for the good news.  According to the FTC, the number of robocall complaints for April this year was 68% less than in 2019 and the number of robocall complaints for May this year was 60% less than in 2019.  To a great extent the FTC attributes the drop in robocalls to its actions against companies providing VoIP services to scammers making illegal scam robocalls.  However, other steps are also being taken by the government to reduce the number of illegal robocalls

Last year the Federal Communications Commission (FCC) enacted a new rule that allows cell phone carriers to automatically drop robocalls through the use of technology that is able to identify illegal robocalls and block them. This technology is called the SHAKEN/STIR standard. SHAKEN/STIR is an acronym for Signature-based Handling of Asserted Information using toKENs and the Secure Telephone Identity Revisited.  SHAKEN/STIR technology verifies calls with a symbol on your phone indicating that the person calling you is legitimate and  is actually calling you from the number that appears on your screen.  While it doesn’t block robocalls, it does let you know if the call is legitimate so you can decide not to answer shady calls.  The FCC required all phone networks to implement the technology by the end of of 2019.  AT&T and T-Mobile announced that SHAKEN/STIR is available for calls between those two networks.  Previously they had only implemented its use for calls within their own networks.  This is not a cure-all, but it is definitely a big step in the battle against phone fraud.  The FCC  also enacted new rules to require phone companies to adopt new Caller ID features to their SHAKEN/STIR standard by June 30, 2021.  These new rules will go a long way toward stopping “spoofed” calls where your Caller ID is manipulated by the criminal to make the call appear as if it is coming from a legitimate source.

TIPS

While SHAKEN/STIR is important, it is not the only weapon against robocalls.  As I reported to you two years ago, Verizon has implemented new services to help its customers avoid illegal robocalls.  The new Call Filter service offers spam alerts and new protections from robocalls for its wireless customers.  Customers will receive alerts when a call is most likely a scam.  The new Call Filter service will also automatically block robocalls based of the customer’s preferred risk level.  The Call Filter service is offered in a free version and an enhanced version that among other things will enable customers to create a personal robocall block list.  For more information about the Call Filter Services and how to sign up go to https://www.verizonwireless.com/solutions-and-services/call-filter/

There are a number of other options for preventing robocalls including a number of apps that for free or a small fee will  reduce and in some instances prevent robocalls.
Samsung’s SmartCall informs you if the call you are receiving is from a known robocaller. This feature is available with newer Samsung Galaxy phones. Here is a link to information about SmartCall and instructions as to how to activate this app.
http://www.samsung.com/levant/apps/smart-call/

Google also has a spam blocker that will warn you when you are receiving a robocall and your screen will turn red. Here is a link to information about the app and how to install it.
https://play.google.com/store/apps/details?id=com.google.android.dialer&hl=en

AT&T also offers free apps to block robocalls on iPhones and Android phones. Here is a link to information about these apps.
https://www.att.com/features/security-apps.html?partner=LinkShare&siteId=TnL5HPStwNw-yrUS1uDw9WGvN._xt67yew&source=ECay0000000CEL00O

Verizon’s CallerName ID is a free service for iPhones and Android phones that will alert you to suspected robocallers. Here is a link to Verizon’s app.
https://www.verizonwireless.com/solutions-and-services/caller-name-id/

T-Mobile offers a free scam blocker of known robocallers for Android phones which you can activate by merely dialing #662#

Sprint offers a paid service to protect your iPhone or Android phone from robocalls. For more information, use this link
http://explore.t-mobile.com/callprotection

For landlines as well as smartphones there are a number of apps such as Nomorobo, Truecaller, Hiya, RoboKiller and YouMail that offer robocall blocking for free or for small monthly charges. Here is a link to those apps. I have used Nomorobo for years and find it to be tremendously useful

https://www.nomorobo.com/
https://www.truecaller.com/
https://hiya.com/
https://www.robokiller.com/
https://play.google.com/store/apps/details?id=com.youmail.android.vvm&hl=en_US                                                                                                                                                                        https://www.youmail.com/home/apps

Finally, you can just choose to ignore any calls that come from numbers you do not recognize.   This is a good option.  If they are legitimate calls, they will leave a message and you can call them back.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 6, 2020 – Phony App Store Receipt Scam

Today’s Scam of the day comes from a Scamicide reader who was emailed the receipt copied below.  It is a very well done phishing email that like many phishing emails tries to lure you into clicking on a link that will either download malware such as ransomware or keystroke logging malware on to your computer or alternatively convince you to provide personal information that will be used to make you a victim of identity theft.  In this particular case, you are sent a receipt from the App store for a video game that you have not ordered.  The receipt contains a link for you to click on if you dispute the charge.  As phishing scams go, this one is quite convincing, but there are some obvious indications that it is a scam.

TIPS

One of the first things to remember is that it is quite simple to counterfeit a corporate logo so the fact that the receipt contained the Apple logo is not an indication that the receipt is legitimate.  Some of the indications that the receipt is a phishing scam is that the email address from which it is sent is not an official Apple email address. This is one of the first things you should look at if you ever get such an email.  However, even if the email address appears to be legitimate, a sophisticated scammer is able to mask the email address from which he or she is really sending the email so merely because the email appears to come from a legitimate email address is not grounds for trusting it.  Another indication that this is a scam is that it is addressed to “Dear customers” which not only does not use your name, but uses the plural “customers” which is odd.  A real receipt would include both your name and your account number.  You can hover your mouse over any link in emails that you may receive in order to learn where you are being sent if you click on the link.  In this case, it would not have sent you to an Apple website.  The best course of action if you receive such an email and you think that it may be legitimate, is to contact the company, in this case Apple, directly rather than through the link in the email.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 5, 2020 – New AOL Phishing Scam

Today’s Scam of the day is about a phishing email presently circulating that attempts to lure you into clicking on a link in order to continue using your AOL account.  If you click on the link one of two things can occur and both are bad.  Either you will end up providing personal information to an identity thief or you will, merely by clicking on the link, download dangerous malware such as ransomware on to your phone, computer or other device.  Here is the email presently being circulated.  The link where it reads “Follow instructions here for update” has been disabled.  If you hovered your mouse over the link, you would have seen that it would not have taken you to an AOL website.

Dear User,

The Classic version of AOL Mail will be replaced by our new version on the 23rd June 2020. So it’s time to upgrade before you lose your email access.

 
Due to an upgrade in AOL service maintenance. Kindly ensure you upgrade now.
Follow instructions here for update

Note: Failure to comply within 48hrs might lead to permanent deactivation.Thanks,

AOL Administrator

 

TIPS

When AOL communicates with its customers about their accounts, they do so by AOL Certified Mail, which will appear as a blue envelope in your inbox and will have an official AOL Mail seal on the border of the email.  This particular email had neither.  This email also did not have an AOL logo and had no salutation indicating to whom the email was being sent.  Whenever you get an email, you cannot be sure who is really sending it.   In the case of this email, the email address of the sender had no relation to AOL and most likely was the email address of someone whose email account was hacked and made a part of a botnet of computers used by cybercriminals to send such communications.  Never click on a link unless you are absolutely sure that it is legitimate.  If you think the email might be legitimate, the best thing to do is to contact the real company that the email purports to be from at an address or phone number that you know is accurate in order to find out if the communication was legitimate or not.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide’s list of Coronavirus was recently featured in the New York Times as a source for reliable information on Coronavirus scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 4, 2020 – Fourth of July Scams

Every season is scam season and every day provides unique opportunity for scam artists, the only criminals that we call artists, to try to scam us out of our hard earned money.  Here are a few scams that you should be aware of that will be coming today on the Fourth of July.  Many scammers send out emails or text messages purportedly from your bank, the IRS or any of a number of state and federal agencies in which they require you to provide personal information under the guise of some emergency, such as an alleged security breach at your bank.  They do this because if they can frighten you enough to act today, in some instances you will be unable to confirm with the real entity as to whether the communication is legitimate because all of these entities will be closed on the Fourth of July.  If you provide the requested information, it will be used against you to make you a victim of identity theft.  You also should be wary of Fourth of July e cards that you may receive.  These can be loaded with keystroke logging malware that will steal all of the information from your computer or portable device if you download the malware by clicking on the link.  Finally, be on the lookout for messages that appear on your Facebook page with links to Fourth of July themed videos that arouse your curiosity.  Again, the links contained within these messages may be loaded with keystroke logging malware.

TIPS

The IRS and many other state and federal agencies will not initiate communications with you through email so you can disregard that email from the IRS or other similar entities.  It is important to be skeptical of any email or text message that you receive that requests personal information.  Never provide such information or click on links in such emails unless you are absolutely sure that the request is legitimate and you can’t be sure unless you have confirmed with the person or entity that purportedly sent it that it is indeed legitimate.  If you can’t confirm on the Fourth of July, let it wait until you can.  As for e cards, never click on a link to an e card unless the message specifically indicates from whom it is being sent and only then after you have confirmed with that person that they indeed did send you an e card.  Also remember that messages that you get on Facebook may appear to come from friends, but may actually be coming from scammers who have hacked your real friend’s Facebook account.  In addition, unfortunately, sometimes you actually will get videos sent to you by your real friends who are unwittingly passing on malware infected material.  Trust me, you can’t trust anyone.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide’s list of Coronavirus was recently featured in the New York Times as a source for reliable information on Coronavirus scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 3, 2020 – FTC Settles Lawsuit Against Bogus Healthcare Device Company

The FTC recently settled charges brought against Willow Labs LLC and three other defendants who made and distributed a low-level light therapy device called Willow Curve which the defendants falsely claimed was clinically proven to be able to successfully treat chronic, severe pain and inflammation.  The defendants marketed the device which would emit infrared and invisible light through deceptive “native advertising” which is advertising disguised as independent journalism.  Under the terms of the settlement, the defendants are prohibited from marketing the device and must pay a substantial fine.

TIPS

You should  be wary of any health care product that is sold exclusively either over the Internet or through mail-order advertisements. The best course of action for any health care product is to ask your physician about the effectiveness of a particular product or program before you consider buying it.  This case is also a warning to be wary of journalistic stories about so-called medical breakthroughs which could be merely disguised native advertising.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide.com was recently cited by the New York Times as one of three best sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 2, 2020 – Black Lives Matter Phishing Scam

Scammers constantly take advantage of whatever is foremost in the minds of the people to turn it into an opportunity for scams.  Since the start of the Coronavirus pandemic we have seen many phishing emails that exploit the public’s interest and concern about the Coronavirus to lure people into clicking on malware infected links in phishing emails that appear to provide important information about the Coronavirus.  Now, as outrageous as it may seem, it was probably inevitable that scammers would attempt to exploit interest in the Black Lives Matter movement which took on new levels of public interest following the tragic death of George Floyd in Minneapolis.

It is being reported that emails with the subject line “Vote anonymous about Black Lives Matter” are being sent in which the recipient of the email is encouraged to click on a link in the email to leave an opinion about the Black Lives Matter movement.  Unfortunately, the link is infected with malware that gets downloaded on to your computer when you click on the link.  The malware is keystroke logging malware that will steal personal information from your computer which will be used to make you a victim of identity theft.

TIPS

Remember my motto, “trust me, you can’t trust anyone.”   You can never be sure when you receive an email, text message or phone call as to who is really contacting you so you should never click on links, download attachments or provide personal information unless you have absolutely confirmed that the communication is legitimate even if the email or text message appears to come from a trusted source.  Your trusted source may have been hacked specifically in order to be used to send emails or text messages that will appear to be legitimate.  It is also important to remember that even if you are using the most up to date security software on your cell phone, computer or other electronic device, you are not protected from the latest forms of malware.  It generally takes the security software companies at least a month before they come up with security updates for the latest zero day defects.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide.com was recently cited by the New York Times as one of three best sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 1, 2020 – FBI Issues Warning About Coronavirus Antibody Testing Scams

The Coronavirus pandemic continues to rage throughout much of the country and many parts of the world.  With no vaccine presently in sight, much attention has been focused on antibody tests for the Coronavirus.  A proper antibody test can determine if you have developed antibodies against the Coronavirus.  Antibodies are typically a sign that you have previously been infected with the virus.  While many people assume that the presence of antibodies to the Coronavirus means that you are protected from future infections by the Coronavirus, researchers are still studying whether or not this is true in regard to the Coronavirus and, if so, for how long such immunity would last.

Legitimate antibody tests are available, but it is no surprise that scammers are jumping on the bandwagon and trying to sell you bogus tests that not only are worthless, but in the process of selling you these phony tests, the scammers are often asking for information that can later be used by the scammers to make you a victim of identity theft.  The FBI recently issued a warning about these scams.

Scammers often claim that the Food and Drug Administration (FDA) has approved the test being offered to you.  Here is a link to the website of the FDA which lists the actual tests that are authorized by the FDA. https://www.fda.gov/medical-devices/coronavirus-disease-2019-covid-19-emergency-use-authorizations-medical-devices/vitro-diagnostics-euas

Scammers are adept at marketing bogus antibody tests through social media, email and telephone calls.  You should immediately be skeptical of any antibody test being offered through these means.  You also should be wary of anyone who contacts you offering a free Coronavirus antibody test or even offers to compensate you for taking such a test as these promises generally are made by scammers interested in gathering information from you to use to make you a victim of identity theft.

TIPS

Before taking or purchasing any kind of Coronavirus antibody test, you should first confirm that the test is approved by the FDA and consult with your primary care physician about taking such a test.  You also should make sure that the laboratory doing the test is one approved by your health insurance company and to confirm that they will cover the cost of such a test.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories