Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – February 21, 2020 – Ring Camera Update

In the Scam of the day for December 14, 2019 I told you about  a Tennessee  family who reported the Ring camera installed in the bedroom of their three young girls was hacked and the hackers not only were able to spy on the children, but also actually spoke to the children through the Ring’s speakers.  As disturbing as this story is, the problem is even more threatening than it appears.    While it may seem that hacking into a child’s monitor may be an invasion of privacy and nothing more, the truth is that in many instances, if a hacker is able to gain access to one device that is part of the home’s WIFi network, he or she could also gain access to other connected devices, such as the parent’s computer containing personal financial information or even be able to connect to the computers of the company for which the parent works if the parent’s computer is networked in for working from home. Many hackers search the Internet for unsecured web cameras and baby monitors that have not changed the factory setting username and password which gives them easy access to these cameras.

In a later Scam of the day I told you that  hackers have published the usernames and passwords of thousands of users of Ring cameras on the Dark Web, that part of the Internet where cybercriminals buy and sell goods and services.  As expected, these usernames and passwords appear largely to have been obtained by hackers through data breaches at other companies.  The problem is that many people make the mistake of using the same username and password for all of their accounts, which puts them in jeopardy whenever a data breach occurs at any of the companies where they have a username and password.

TIPS

In response to these problems and lawsuits filed by Ring users, Ring is now making dual factor authentication mandatory for all Ring users.  With dual factor authentication through Ring, whenever you log into your Ring account, a six-digit code will be sent to you by either a text message or an email that must be used in order to access the account.  Last month Ring had made dual factor authentication a default setting on new devices, but now all Ring accounts must activate dual factor authentication.

Anyone who has a Ring camera or baby monitor should make sure that the camera and software are constantly updated with the latest security software from the company that manufactures the camera.  It also is a good idea to, as I have advised many times previously, make sure that your router, which connects you to the Internet, is password protected and that you change the username and default password for each of your Internet of Things devices.  In the case of the Tennessee family the problem does not appear to have been a flaw in the Ring security cameras, but most likely can be attributed to their failing to change the default password with which the Ring camera came. These default passwords are easily discovered by hackers.  Internet of Things devices are also readily hacked when people use the same password for all of their accounts and one of those companies suffers a data breach in which the hacked passwords became available to cybercriminals.   It is for this reason that it is always a good practice to have unique passwords for each of your accounts.

You should have a unique, strong password for each of your online accounts so that in the event that there is a data breach and the password for one of your accounts becomes compromised, all of your accounts will not become vulnerable to being hacked.  Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Ring password could be IDon’tLikePasswords!!!RING.

Another important way to enhance your security is to use dual factor authentication by which when your account is being accessed, the company sends a one-time code to your cell phone to use to be used to access your account so even if a hacker has your password they would not be able to access your account.  Ring offers the option to use dual factor authentication. Here is the link to set up dual factor authentication on your Ring device. https://support.ring.com/hc/en-us/articles/360024818291-Using-Two-Factor-Security-Authentication-with-Your-Ring-Products

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 20, 2020 – Unclaimed Property Scams

A Scamicide reader recently forwarded to me an email that informed her that unclaimed money from a source not indicated was being held on her behalf and she needed to respond to the email in order to claim the money.  This particular email was a total scam, however, you may receive a “legitimate” email or letter informing you that there are billions of dollars of unclaimed or abandoned money being held by the states and federal government and that some of that money is yours.  For a fee, the person or company contacting you will assist you in locating that property and claiming it for you.  In some instances, the letter or email may appear to come from the National Association of Unclaimed Property Administrators which is a legitimate organization, but not one that initiates communications to individuals whose funds they are holding.

The truth is that indeed various state and federal agencies are holding more than 24 billion dollars of unclaimed money that is waiting to be retrieved by the rightful owners.  State laws require financial institutions, such as banks, to turn over money from inactive accounts.   Among the assets held by these agencies are savings and checking accounts, stocks, uncashed dividend checks, certificates of deposit and utility security deposits.  However, you don’t need the help of these companies contacting you offering their assistance in order to retrieve your unclaimed assets.

The “legitimate” companies that may contact you  offering to assist you in getting back your missing money cannot have any specific information as to what you are owed because of privacy regulations that prohibit them from obtaining that information.

TIP

The best place to find a helping hand to assist you in locating and getting back your abandoned property is at the end of your own arm.  Go to the website of the National Association of Unclaimed Property Administrators at www.unclaimed.org where you can link on to the website for your own state’s agency that deals with abandoned property and take the steps necessary to claim your abandoned property at no cost to you.  Other useful websites for locating money that you may be owed include www.irs.gov, the website for the IRS where you can find tax refund money you may be owed and www.pbgc.gov, the website of the Pension Benefits Guaranty Corporation, a federal agency that holds unclaimed pension funds.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 19, 2020 – New Study of Most Popular Companies Used for Phishing Scams

Over the years, I have written many times about the extreme danger of phishing emails or the more specifically targeted spear phishing emails.  Phishing emails come from scammers who pose as companies, governmental agencies or other entities with which you do business and lure you, generally under the pretense of an emergency, into providing personal information that can lead to your becoming a victim of identity theft or downloading malware such as ransomware.  Spear phishing occurs when the email has been tailored to you specifically with your name, account number or other information that can lead you to trust the email although as I always say, “trust me, you can’t trust anyone.”

Recently, the cybersecurity firm Vade Secure issued its seventh version of the most popular companies impersonated by scammers in phishing emails.  Leading the way were PayPal, Facebook, Microsoft, Netflix and WhatsApp.  Interestingly, phishing attempts in which the scammers posed as banks include not just major banks such as Bank of America and Chase, but also smaller banks such as Desjardins, M&T Bank and ATB Financial.

Here is a link to Vade Secure’s entire list.

https://www.vadesecure.com/wp-content/uploads/VS_Infographic_Phishers_Favorites_Q4_2019_EN-2.pdf

TIPS

There are a number of indications that phishing emails are not legitimate emails. Legitimate emails would  be directed to you by name rather than being sent to you without your name appearing in the email although some more sophisticated spear phishing emails may contain your name.  A big red flag for a phishing email is  when it is sent from an address that has no relation to the legitimate company.  Often the addresses from which the phishing emails are sent are from computers hacked and made a part of a botnet of zombie computers used to send out phishing emails without the person whose computer has been hacked even being aware that their computer is a part of a botnet.  Other times, the scammer will attempt to make the email address look legitimate even if it is not so you have to be very careful.  It is  simple matter for a cybercriminal to use a counterfeit logo in phishing emails so you can’t trust your eyes.  While many phishing emails have good grammar, many have spelling and grammatical errors that may be an indication of the phishing email originating in a country where English is not the primary language.

As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft. The best course of action if you receive an email asking for personal information and have any thought that the email might be legitimate is to contact the real company or agency at a telephone number, email address or website that you know is legitimate to confirm that it was a scam.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 18, 2020 – Virtual Kidnapping Increasing

I have been warning you about phony kidnapping scams, also known as virtual kidnapping, for seven years.  The scam starts with a telephone call informing the person answering the phone that a child or other relative has been kidnapped and if they do not respond by wiring money right away, the relative will be killed.  As with so many scams, we are often our own worst enemy and this scam is no exception.  In many instances, the scammers gather personal information about the intended scam victims from information that the intended victims or members of their families post on social media.  Information harvested from social media may indicate that someone is traveling on vacation making it easier to make the phony kidnapping appear legitimate.  Armed with  personal information gathered from social media, a scammer can describe the supposed kidnapped victim or provide personal information that would make it appear that indeed they actually do have the person in their custody.  Sometimes the phony kidnappers manipulate your Caller ID through  a technique called “spoofing” to make it appear that the call is coming from the supposedly kidnapped family member’s cell phone.

Last week a Rhode Island woman paid kidnappers $1,000 by a wire transfer from Western Union to scammers who told her that they were holding her daughter who was in Miami as a hostage.  Meanwhile in a twist I hadn’t seen previously, the same scammers called the daughter in Miami and told her that they were holding her mother hostage and demanded a ransom. Fortunately, the daughter called the police and did not pay the demanded ransom.

Many of the fake kidnapping scams, according to the FBI. are originating with calls from Mexican prisons, where in most instances the calls are being made by prisoners who have bribed guards to supply them with cell phones.

TIPS

Always be skeptical if you receive such a call.  Never wire money to anyone for anything unless you are totally convinced that what you are doing is legitimate because unlike paying for something with a credit card, once your wired funds have been sent, they are impossible to get back.  Talk to the alleged kidnapper as long as possible, thereby giving someone else with you the time to call  or text the alleged kidnap victim on his or her smartphone.   If the purported kidnapping victim is a young child, call the school to confirm that he or she is safe.   You also could ask the kidnapper to describe your relative as well as provide information, such as his or her birth date, which could be found on a driver’s license, however, it is important to remember that much of this kind of information may be available through social media or elsewhere on the Internet. It also can be helpful for the family to have a code word to use to immediately recognize that this is a scam. If the kidnapper can’t provide the code word, it is clear that it is a scam.

Many of these kidnapping scams are originating in Mexico so be particularly skeptical if you receive the telephone call from Mexico which has many area codes which can be found by clicking on this link.  http://dialcode.org/North_America/Mexico/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 17, 2020 – Netflix Cancellation Smishing Scam

The popularity of Netflix makes it a preferred subject for phishing emails and phishing text messages, which are referred to as smishing.  Smishing is the name given to text messages that lure you into clicking on links or providing personal information in response to a text message from what appears to be a trusted source, such as a company with which you do business.  Smishing scams are increasing in frequency.  Reproduced below is a smishing text message that appears to come from Netflix and lures you into clicking on a link that takes you to a phony, but legitimate appearing Netflix page that asks for your Netflix username, password and credit card number.  If you supply this information, you will become a victim of identity theft.  Here is the smishing text message presently circulating.  DO NOT CLICK ON THE LINK.

Netflix scam text message

TIPS

As I always say, “trust me, you can’t trust anyone.”  You can never be truly sure when you receive an email seeking personal information such as your credit card number whether or not the email is a scam.  The risk of clicking on a link or providing the requested information is just too high. Instead, if you think that the email might be legitimate, you should contact the company at a telephone number that you know is legitimate and find out whether or not the email or text messagewas a scam.

As for Netflix in particular, it will never ask in an email or text message for any of your personal information so anytime you get an email or text message purportedly from Netflix asking for your credit card number, Social Security number or any other personal information, it is a scam.  Here is a link to Netflix’s security page for information about staying secure in regard to your Netflix account. https://help.netflix.com/en/node/13243

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 16, 2020 – Student Loan Forgiveness Scam

I have written often about phony student loan debt relief companies and with good reason.  More than forty-two million Americans have student loans with an outstanding balance of more than 1.4 trillion dollars so it is no surprise that scammers are focusing their attention on these students and former students through scams that falsely promise to provide debt relief.  Reproduced below is an email sent to me by a regular Scamicide reader, who, it should be noted does not have any outstanding student loans.

In October of 2017 the Federal Trade Commission, working with the Attorneys General of eleven states, launched what it cleverly calls, Operation Game of Loans to jointly target these various student loan scams.   Some scammers promise dramatic reductions of debt of 50% or more in return for upfront fees of between $500 and $2,500.  Often these scam companies have names that make it appear that they are endorsed by the federal government in order to trick people into trusting them.  Another student loan scam involves promises related to consolidating student loans.  Often the scammers represent that they are associated with the U.S. Department of Education although the Department of Education does not associate with private lenders in regard to student loan consolidation.  These scammers also charge significant fees for their student loan consolidation services when the truth is that there is no fee for legitimate student loan consolidation.  It is also important to remember that consolidating your student loans does not lower your interest or monthly payment.  Instead, after loan consolidation the student’s monthly payment is equal to a weighted average of the interest rates on the student’s current loans.

Here is a copy of the email sent to the Scamicide reader.  It should be noted that there was no salutation to her by name.  Also, the grammar and syntax in this email is faulty.  This is often the case when scams originate in a country where English is not the primary language.

“Hello,                                                                                                                                                                                                                                                                                                                                                Student Loan amnesty happening at your Door. Contact us today and we will resolve your outstanding student loan tension. You will get a portion or total loan forgiveness.                                                                          To get a chance to contact us at (844)_929_1306 (7:00 am to 5:00 pm) PST So, we can confirm your eligibility. We are excited to hear from you.                                                                                                                    Thanks”

TIPS

The old adage still is true.  If it sounds too good to be true, it probably isn’t true.  Many of these student loan debt relief scammers promise quick loan forgiveness, which is unrealistic.  In addition, you should never pay any upfront fees for student loan debt relief assistance.  Those fees are illegal and are a sure indication that you are being scammed.  Also, remember my motto, “trust me, you can’t trust anyone.”  Don’t trust scammers merely because they use names that sound like they are affiliated with the government.  You also should never share your FSA ID with anyone.

For information you can trust about federal student loan repayment option, go to https://studentaid.ed.gov/sa/repay-loans .  There you can learn about loan deferments, forbearance, repayment and loan forgiveness programs and there is never an application fee.  If you owe private student loans, contact your loan servicer directly.  You can also look into student loan refinancing rather than consolidating the loans.  Refinancing student loans can result in a lower interest rate.  For more information about student loans go to https://www.consumer.ftc.gov/articles/1028-student-loans  Here is a link to a calculator that can help you determine whether you will save more by consolidating or refinancing student loans.https://www.makelemonade.co/calculators/student-loan-consolidation-refinancing-calculator/

Here also is a link to an FTC video that explains student loan scams and what you can do to protect yourself.  https://www.youtube.com/watch?v=7TjSI4Q6ztQ

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 15, 2020 – Critical Adobe Updates

Adobe has just issued new security updates for a number of its products including Adobe Acrobat and  the popular, but intensely flawed Adobe Flash software. Last year Adobe confirmed that it will stop updating and distributing Adobe Flash at the end of 2020 although frankly, it would be wise for you to migrate away from this very vulnerable software program as soon as possible. In 2010 Steve Jobs loudly complained about Adobe Flash’s lack of security and would not allow it to used on iPhones, iPods and iPads due to its serious susceptibility to being hacked. Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House. Adobe will still be issuing security patches until the end of 2020, but now is a good time to move away from Adobe Flash if you have not already done so.

It is always important to update all of the software you use with the latest security updates and patches as soon as they are available. Numerous hacks and data breaches could have been avoided if individuals as well as companies installed security updates when they became available. Hackers take advantage of the fact that many of us procrastinate installing security software to our great detriment. The major data breach at Equifax that affected 147 million people involved a security flaw in Apache software for which a patch had already been issued months earlier, but Equifax had not yet installed.

TIPS

If you are going to continue to use Adobe Flash, it is imperative that you update your software with the latest security patches when they are issued.  Here is a link to the latest updates for Adobe Flash.
https://www.us-cert.gov/ncas/current-activity/2020/02/11/adobe-releases-security-updates-multiple-products

However, it may well be time for you to replace Adobe Flash to avoid future problems.
Here is a link to a website with alternative plugins you may wish to consider to replace Adobe Flash.
http://alternativeto.net/software/flash-player/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 14, 2020 – Oscar Movie Scams

As I have told you many times, scammers constantly take advantage of whatever is of interest to the public and turn it into a scam.  Last week’s Academy Awards brought a lot of attention to the movies nominated for best picture Ford v. Ferrari, 1917, Jojo Rabbit, Joker, Little Women, Marriage Story, Once Upon a Time in Hollywood, The Irishman and the surprise winner, Parasite.  The security company Kaspersky found twenty phishing websites and 925 malicious files all appearing to offer free access to pirated downloads of these movies.  The most malicious files were for Joker and while no phishing websites or malicious files were found related to Parasite, it can be expected that following Parasite’s win for Best Picture that such malicious sites will be popping up in short order.  Last May I warned you about a similar scam involved with the release of the Avengers: Endgame movie.

Attempting to stream an illegal version of a movie is not only illegal and unethical, but it could also lead to your being scammed out of money.  Many of these scam websites and malicious files require you to take a survey in order to see the free, pirated version of the movie.  These surveys may ask for personal information including credit card information that will be used to make you a victim of identity theft.  In other instances the phishing websites and malicious files will automatically download malware on to your phone or computer.  In the case last Spring of the bogus websites promising a free pirated version of the Avengers: Endgame movie, an online search for websites promising to provide the movie for free took you to one site in particular that appeared to provide the movie, but a few moments after the movie started, it stopped and a pop up appeared requiring you to set up an account.  The pop up said that the account was free and that all you needed to do was provide your email address and a password.  Once you did this, you were then instructed to provide a credit card number and the CVC security code on the back of the card merely to verify that you were located in a country where the website was licensed to distribute the movie.   Unfortunately, the website did not provide the Avengers:Endgame.  The few minutes of what you initially saw of the movie were just scenes taken from the readily available trailers for the movie.  So not only did people falling for this scam not get to see the movie, they ended up providing their credit card information to the scammers in addition to providing a password, which, in too many instances, was the same password the scam victim used for other online services such as online banking.  The moral of this story is that trying to view a pirated version of a popular movie for free will only cause to put you into a predicament that even the Avengers couldn’t get you out of.

TIPS

The first and foremost tip is not to use illegal streaming services.  They are illegal and what they are doing is also unethical.  Don’t trust search engine searches to provide you with legitimate websites for streaming services.  A prominent position in a Google or other search engine search only means that the websites appearing high were adept at understanding the algorithms used to position websites.  Never provide a credit card as a means of verification.  It is only a means of payment and as for the justification in this Avengers: Endgame scam that the credit card was needed to verify that you are located in a country where the website is licensed to distribute the movie, pirated versions are not licensed anywhere.  Another red flag that indicates that the website offering to provide a movie for free is a scam is the extension used for the video file.  Common extensions for video files are avi, mkv and mp4. However, malware loaded files often end in .exe so that if you see that extension on the attached file, you know it is a scam.  Finally, as always, you should have unique passwords for all of your online accounts so that in the event that a password on one of your accounts is hacked or otherwise compromised, all of your accounts will not be in jeopardy.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 13, 2020 – Valentine’s Day Scams

Tomorrow is Valentine’s Day.   This is a very important day to many people including scammers and identity thieves who always manage to find an opportunity in whatever is newsworthy  to scam you out of your money.  There are many Valentine’s day scams, but the most prevalent are phony florists, online dating scams, phony Valentine’s day electronic greeting cards and delivery scams.

Scammers set up phony florist websites or send you an email purporting to be from a local florist with a great deal you merely have to click on in order to save a great deal of money on flowers.

Online dating scams are plentiful with most revolving around scammers quickly professing true love for you and then asking for money.

Electronic greeting cards are a great way to send a Valentine’s day card at the last minute when you forget to get one ahead of time, but phony electronic greeting cards can be filled with malware and if you click on the link to open the card, you will infect your computer or other electronic device with malware that will steal your personal information and use it to make you a victim of identity theft.

A common delivery scam operating on Valentine’s day involves a delivery of a gift basket of wine and flowers to you, however the person delivering the gift basket requests a small payment, generally five dollars or less, as a delivery fee because alcohol is being delivered.  The person delivering the basket will only accept a credit card as payment.  When you turn over your credit card, the scammer then takes down the information and runs up charges on your credit card.

TIPS
Never trust an online florist or other retailer until you have checked them out to make sure that they are legitimate.  Otherwise, you might be turning over your credit card information to a scammer.  It is also important to remember, as I constantly warn you, that you can never be confident when you receive an email, particularly one with a link in it or an attachment to download, if the person sending you the email is who they claim to be.  Clicking on links sent by scammers can download keystroke logging malware on to your computer or other electronic device that will, in turn, enable the identity thief to steal personal information from your computer and use it to make you a victim of identity theft.  Always confirm the legitimacy of an email or text message before clicking on links contained in the message.

As for online dating scams, of course you should be wary of anyone who immediately indicates he or she is in love with you and then asks for money.  Some other telltale signs of an online romance scam include wanting to communicate with you right away on an email account outside of the dating site, claiming to be working abroad, asking for your address and poor grammar which is often a sign of a foreign romance scammer.  Many romance scams originate in Eastern Europe.

Never trust an online greeting card, particularly if it does not indicate from whom it is being sent.  Be very wary of a card sent by “an admirer.”  Even if you recognize the name, confirm that it was really sent from that person before you click on the link and open the card. It could be filled with malware.

In regard to the delivery scam, there is no special delivery charge for alcohol so if someone requires a payment for such a delivery and on top of that won’t accept cash, merely decline the gift.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – February 12, 2020 – Another Wells Fargo Phishing Scam

Here is another good example of a phishing email that is presently being circulated. It was sent to me by a Scamicide reader who received it.  It makes for compelling reading, but it is a scam.  Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.  Copied below is a new phishing email  presently being sent to unsuspecting people that appears to come from Wells Fargo.  This particular one came with a Wells Fargo logo and was sent from an email address that, while not a real Wells Fargo email, did appear to be legitimate, which makes the scam even more tempting to more people.  It contains an update of a phone number that is incorrect.  This is done in an attempt to lure you into clicking on a link to update your contact information.  Clicking on the link will either lure you into providing personal information that will be used to make you a victim of identity theft or merely by clicking on the link you will download malware such as ransomware on to your phone or computer.  The link in the email is found where it reads “update contact information.  I have removed the link.  Additionally, I have removed the link to contact wellsfargo.com because the link provided in the email would not take you to wellsfargo.com, but would take you to a phony Wells Fargo website.

Here is the email.

wellsfargo.com

We’ve updated your contact information

  • Phone Number: (***) ***-1808
To view your current information, go to update contact information.
If this is not you, contact wellsfargo.com immediately. We’re available 24 hours a day, 7 days a week.
Thank you for banking with Wells Fargo.
Wells Fargo Online Customer Service
Wells Fargo Security Center

Note: You may also receive this alert if you are a “Guest User” with view-only access on another customer’s account. The Administrator on those accounts may have recently updated your email address. Please contact the Administrator for assistance.

Please do not reply to this automated email.

9013c377-4360-4e23-aae4-c086809f9e1e

TIPS

Legitimate emails from your bank would include the last four digits of your account and include your name.  This email had neither.   Often such phishing emails originate in countries where English is not the primary language and the spelling and grammar are poor. However this one appears grammatically correct. Obviously, if you are not a Wells Fargo customer, you will recognize immediately that this is a scam.  As with most phishing emails, they lure you into clicking on a link (we have blocked the links) by attempting to trick you into believing there is an emergency. If you hover on the links contained in the actual phishing email, you will find it does not go to Wells Fargo.

As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call your bank or other institution from which the email purports to originate at a telephone number that you know is accurate and you will be able to confirm that it is a scam.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories