Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – October 22, 2020 – FTC Refunding Victims of Get Rich Quick Scam

I have been reporting to you about this particular scam since December of 2017 when the Federal Trade Commission (FTC) first filed a complaint in Federal Court against Ronnie Montano, Hyong Su Kim, Martin Schranz and their companies, eMobile Code, Easy Cash Code, Full Money System and Secret Money System that the FTC alleged they used to scam consumers out of millions of dollars through sales of phony get-rich-quick schemes through which the defendants promised their victims that they could earns thousands of dollars a day using the defendants’ secret code. The defendants’ “secret code” was nothing more than generic software applications used to make mobile-friendly websites and the promised riches were non-existent. The defendants sold their products through their websites which had names such as mobilemoneycode.com, automobilecode.com and secretmoneysystem.com which featured phony testimonial videos with actors falsely claiming they made thousands of dollars a day using the defendants’ products and systems. Victims of the scam who tried to exercise their “60 day hassle-free money back guarantee” found it all but impossible to get a refund. In July of 2018 the FTC settled the claims with the defendants. Under the terms of the settlement, the defendants paid $698,500 to the FTC to be refunded to their victims. In 2019 the FTC sent a first round of checks to victims of the scam.  If you were a victim of the scam, you may have already received your check in the mail.   Now the FTC is mailing a second round of checks to the victims of the scam who received an earlier partial payment from the FTC.   There are no fees nor are you required to provide account information to cash one of these refund checks.  Scammers often contact the people who are to receive such refunds and ask for personal information used to make them victims of identity theft.  They also ask for cash payments although no payment is required to receive your refund.  For more information about this refund go to the “FTC Scam Refunds” section in the middle of the first page of http://www.scamicide.com and click on “Mobile Money Code.”

TIPS

As with any investment, if it sounds too good to be true, it usually is. You also should never invest in anything that you do not fully understand. In addition, you should never invest in anything unless you have investigated fully both the investment itself and the people offering the investment. Anyone investigating what was being offered by these alleged scammers would have found that there was no secret system and that the investment was bogus.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 21, 2020 – Coronavirus Related Student Debt Relief Scams

I have written often about phony student loan debt relief companies and with good reason.  More than forty-two million Americans have student loans with an outstanding balance of more than 1.4 trillion dollars so it is no surprise that scammers are focusing their attention on these students and former students through scams that falsely promise to provide debt relief. The CARES Act which provided for stimulus checks to be sent to millions of Americans also provided debt relief for students who had federal student loans held by the Department of Education.  Specifically, until December 31, 2020, loan payments the law provided for collections to be halted for defaulted loans and a 0% interest was set for a period of 60 days.    It is important to note that you do not have to pay anything to get the 0% interest rate for 60 days or any of the other relief provided for in the CARES Act.  Unfortunately, scammers are contacting students and charging them a fee for helping them obtain these benefits during the pandemic.  None of these companies are affilaited with or endorsed by the Department of Education.  For more information on CARES Act student loan benefits go to https://studentaid.gov/announcements-events/coronavirus

In October of 2017 the Federal Trade Commission, working with the Attorneys General of eleven states, launched what it cleverly calls, Operation Game of Loans to jointly target these various student loan scams.   Some scammers promise dramatic reductions of debt of 50% or more in return for upfront fees of between $500 and $2,500.  Often these scam companies have names that make it appear that they are endorsed by the federal government in order to trick people into trusting them.  Another student loan scam involves promises related to consolidating student loans.  Often the scammers represent that they are associated with the U.S. Department of Education although the Department of Education does not associate with private lenders in regard to student loan consolidation.  These scammers also charge significant fees for their student loan consolidation services when the truth is that there is no fee for legitimate student loan consolidation.  It is also important to remember that consolidating your student loans does not lower your interest or monthly payment.  Instead, after loan consolidation the student’s monthly payment is equal to a weighted average of the interest rates on the student’s current loans.

TIPS

The old adage still is true.  If it sounds too good to be true, it probably isn’t true.  Many of these student loan debt relief scammers promise quick loan forgiveness, which is unrealistic.  In addition, you should never pay any upfront fees for student loan debt relief assistance.  Those fees are illegal and are a sure indication that you are being scammed.  Also, remember my motto, “trust me, you can’t trust anyone.”  Don’t trust scammers merely because they use names that sound like they are affiliated with the government.  You also should never share your FSA ID with anyone.

For information you can trust about federal student loan repayment option, go to https://studentaid.ed.gov/sa/repay-loans .  There you can learn about loan deferments, forbearance, repayment and loan forgiveness programs and there is never an application fee.  If you owe private student loans, contact your loan servicer directly.  You can also look into student loan refinancing rather than consolidating the loans.  Refinancing student loans can result in a lower interest rate.  For more information about student loans go to https://www.consumer.ftc.gov/articles/1028-student-loans  Here is a link to a calculator that can help you determine whether you will save more by consolidating or refinancing student loans.https://www.makelemonade.co/calculators/student-loan-consolidation-refinancing-calculator/

Here also is a link to an FTC video that explains student loan scams and what you can do to protect yourself.  https://www.youtube.com/watch?v=7TjSI4Q6ztQ

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 20, 2020 – FTC Refunding 7 Million Dollars to Victims of Tech Support Scam

Tech support scams in which consumers are tricked by scammers into believing there is a problem with their computers that require the expensive services of the scammers is a major problem.  Tech support scams are increasingly common and victimize consumers 60 years or older about five times more than people between the ages of 20 and 59 according to the Federal Trade Commission (FTC).  Recently the Federal Trade Commission (FTC) settled a lawsuit it brought against two Tech Support scammers, Vast Tech Support, LLC and OMG Tech Help, LLC who used free security scanning software trials to trick people into thinking that there were security problems with their computers when there were no problems with their victims’ computers. The tech support scammers pressure their victims into buying unnecessary tech support products and services.  The FTC is sending refunds to the victims of this scam through PayPal.  For more information about the refund program if you were a victim of this scam, click on the tab entitled “FTC Scam Refunds” in the middle of the first page of Scamicide.com

TIPS

Over the years I have warned you about a variety of tech support scams.  The most common tech support scams start with popups on your computer that provide notices of security problems that contain telephone numbers for you to call to fix the problem,  Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided. If your screen freezes, all you need to do is just turn off your computer and restart it. If you are concerned that you may be experiencing a real security problem you can contact tech support at the real tech companies directly by phone or by email using the phone number and email addresses you find on their respective websites.

Scammers also call people posing as employees of the major tech companies and tell their victims that they are employees of companies such as Microsoft and Apple.  Sometimes they request remote access to your computer.  Remember, whenever you get a phone call, you can never be sure who is really calling you.  The truth is that neither Microsoft nor Apple nor any of the major tech companies will ever call you to inform you that there are security problems with your computer.  Scammers can “spoof” a call to you by which they trick your Caller ID to make it appear as if the call is legitimate.  Never give personal information or certainly remote access to your computer to someone who calls you unless you have absolutely confirmed that the call is legitimate and there is a need for your response.  The better course is to hang up and confirm whether or not the call is legitimate.  Most of the time you will find it was not.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 19, 2020 – PayPal Phishing Email

Here is another good example of a phishing email that is presently being circulated. It was sent to me by a Scamicide reader who received it.  It makes for compelling reading, but it is a scam.  Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.  Copied below is a new phishing email  presently being sent to unsuspecting people that appears to come from PayPal.  It contains a PayPal logo, but that is easy to counterfeit.   A telltale sign that this is a phishing email is that the email address of the sender was one that has nothing to do with PayPal and was most likely part of a botnet of computers infected by scammers and then used to send out the phishing email in a way that is not readily traceable back to the scammer.  If you hovered over the link where it says “Sign Up Now” you would have seen that it would not take you to PayPal, but rather to a scammer who will ask for a credit card.  I disabled the link.

PayPal

You sent a payment of $799.99 USD to Nova Armory Inc.

October 16 2020
Receipt No:0158-6987-1468-2896
Hello,

This charge will appear on your bank statement as payment to PAYPAL *Nova Armory Inc.

Save time with a PayPal accountCreate a PayPal account and save your payment information. You won’t need to enter your payment information every time you shop online.

Shop with confidenceWe keep your financial information secure.

Transactions monitored 24/7Our fraud specialists help protect your account.

You’re protectedZero fraud liability for eligible unauthorized purchases.

Merchant information:
Nova Armory Inc.
Instructions to merchant:
None provided
Shipping information: Shipping method:
Not specified
Description Unit price Qty Amount
Online Order $799.99 1 $799.99
Total: $799.99 USD
Receipt No: 0158-6987-1468-2896
Please keep this receipt number for future reference. You’ll need it if you contact customer service at PayPal.You have 24 hours from the date of the transaction to open a dispute.For assistance Call +1 801 753 9482

 

Please don’t reply to this email. It’ll just confuse the computer that sent it and you won’t get a response.

Copyright © 2020 PayPal, Inc. All rights reserved. PayPal is located at 5630 N. First St., San Jose, CA 92563.

PayPal Email ID PP8662336 – 5bce5c7455490

TIPS

Legitimate emails from a company with which you do business would include the last four digits of your account and include your name rather than a salutation that merely says, “hello.”  This email had neither.   Obviously, if you are not a PayPal customer, you will recognize immediately that this is a scam.  As with most phishing emails, they lure you into clicking on a link by attempting to trick you into believing there is an emergency that you must deal with.

As with all phishing emails, two things can happen if you click on the link provided or call the number provided to dispute the charge.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download malware such as keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call PayPal, your bank or other institution from which the email purports to originate at a telephone number that you know is accurate and you will be able to confirm that it is a scam.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 18, 2020 – Barnes & Noble Data Breach Endangers Customers

Bookseller Barnes & Noble announced that it had suffered a data breach which it only recently discovered.  Fortunately, customers’ credit card information appears not to have been compromised in the data breach, however, some personal information including transaction history and, most significantly, email addresses were stolen in the data breach.  Cybercriminals often use the information gathered in data breaches such as this to form the basis of scams that start with spear phishing emails which are phishing emails specifically tailored with information about you and your interests.  Information about the books you have bought can be used by cybercriminals to send specifically crafted spear phishing emails to Barnes & Noble customers using the stolen email addresses. These spear phishing emails will attempt to lure you into either providing personal information that can be used to make you a victim of identity theft or to click on links containing harmful malware. You should always be skeptical of any email asking for personal information or prompting you to click on a link. Never provide such information or click on links until you have confirmed that the email is legitimate.

TIPS

This data breach is another reminder that you should have unique usernames and  strong passwords for each of your online accounts so that in the event that there is a data breach and the password for one of your accounts becomes compromised, all of your accounts will not become vulnerable to being hacked.  Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.  Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

Also, whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.

In addition, if you have not frozen your credit reports, this would be a good time to do so.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:

https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
https://www.transunion.com/credit-freeze/place-credit-freeze
https://www.experian.com/freeze/center.html

Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.

I also urge you to regularly go to the website https://haveibeenpwned.com/ where you can insert your email address and find what data breaches may have compromised your information.

Finally, Barnes & Noble customers should be on the lookout for spear phishing emails.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 17, 2020 – FTC Shuts Down Illegal Debt Collector

Receiving a telephone call from a debt collector is not a pleasant experience. Being hounded by someone attempting to collect a debt you do not owe is fraud. I have written many times in the past about scammers who use deceptive and abusive collections practices in attempting to collect non-existent debts.  These scammers violate the Fair Debt Collection Practices Act by making threatening and verbally abusive phone calls, contacting third parties about the  phony debts, threatening legal action and attempting to collect debts that the scammers knew were not owed.  Recently the Federal Trade Commission (FTC) initiated Operation Corrupt Collector, a joint action by the FTC and state authorities to shut down illegal debt collectors.  This week the FTC obtained a Temporary Restraining Order shutting down Critical Resolution Mediation LLC’s illegal debt collection operation while legal action continues against it.  According to the FTC, Critical Resolution Mediation LLC’s employees threatened consumers with arrest, wage garnishment, revocation of drivers’ licenses and lower credit scores if they did not pay debts claimed by Critical Resolution Mediation that in many instances were never ever owed, so-called phantom debts.  The FTC also alleges that Critical Resolution LLC also illegally contacted consuemrs at their workplace and illegally notified family members about the phony debts.

TIPS

Subject to strict federal laws, legitimate debt collectors are permitted to call debtors, however, the law prohibits them from threatening imprisonment for the failure to pay a debt and attempting to collect a debt that the debt collector knows is bogus.  It can be difficult to know when someone calls attempting to collect a debt if indeed they are legitimate or not, so your best course of action if you receive such a call is to not discuss the debt with the person calling, but instead demand that they send you a written “validation notice” by regular mail which describes the debt they allege you owe and includes a listing of your rights under the Federal Fair Debt Collection Practices Act.    In this case, Critical Resolution Mediation never supplied the validation notices as required by the Fair Debt Collection Practices Act.  Never give personal information over the phone to anyone who calls you attempting to collect a debt. You can never be sure who they are. You also can check your credit report at each of the three credit reporting agencies, Equifax, Experian and TransUnion to see if any debts which you are not aware of appear on your credit reports.  If you receive the validation notice and it appears to be legitimate, you may be better off contacting your creditor directly because the person who called you may not be representing the creditor, but may merely have information about the debt.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 16, 2020 – Critical Adobe Flash Security Update

Adobe has just issued new security updates for the popular, but intensely flawed Adobe Flash software. In 2018 Adobe confirmed that it would stop updating and distributing Adobe Flash at the end of 2020 although frankly, it would be wise for you to migrate away from this very vulnerable software program as soon as possible if you have not already done so.   In 2010 Steve Jobs loudly complained about Adobe Flash’s lack of security and would not allow it to used on iPhones, iPods and iPads due to its serious susceptibility to being hacked. Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.

It is always important to update all of the software you use with the latest security updates and patches as soon as they are available. Numerous hacks and data breaches could have been avoided if individuals as well as companies installed security updates when they became available. Hackers take advantage of the fact that many of us procrastinate installing security software to our great detriment. The major data breach at Equifax that affected 148 million people involved a security flaw in Apache software for which a patch had already been issued months earlier, but Equifax had not yet installed.

TIPS

If you are going to continue to use Adobe Flash, it is imperative that you update your software with the latest security patches when they are issued.  Here is a link to the latest updates for Adobe Flash.
https://us-cert.cisa.gov/ncas/current-activity/2020/10/14/adobe-releases-security-updates-flash-player

However, it may well be time for you to replace Adobe Flash to avoid future problems.
Here is a link to a website with alternative plugins you may wish to consider to replace Adobe Flash.
http://alternativeto.net/software/flash-player/

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 15, 2020 – Breast Cancer Awareness Month Scams

October is Breast Cancer Awareness month and scammers are taking full advantage of the increased attention to this disease which is diagnosed in more than 200,000 women each year.   Recently, I received a telephone call from a telemarketer seeking a contribution to a breast cancer charity or at least that is what she said.  Even if you are on the federal Do-Not-Call List, the law permits charities and politicians to contact you.  However, whenever you receive a telephone call, you can never be sure who is really calling you.  Even if your Caller ID indicates that the call you are getting is coming from a charity the name of which you recognize, the call actually may be from a scammer using a technique called Spoofing to make it appear to your Caller ID that the call is legitimate when it is not.  The truth is that the call you receive may or may not be from a legitimate charity or a telemarketer on behalf of a legitimate charity and you can’t tell who is really on the other end of the line.

Other Breast Cancer Awareness month scams involve the pink ribbon often used as a symbol of breast cancer awareness. The pink ribbon symbol is not trademarked and may be put on products that can lead you to believe that the sale of the particular product is tied to the company’s monetary contribution to legitimate breast cancer organizations when, in fact, there may be no contribution or a very limited contribution being made by the company.

TIPS

When you receive such a call from a telemarketer or someone purporting to represent a charity, if you are interested in the particular charity the best thing you can do is just to ask them to send you written material.  Do not provide your credit card number over the phone to anyone who calls you because you cannot be sure that they are legitimate.   Also, as I have warned you in the past, many phony charities have names that are similar to real charities so it is always a good idea to investigate a charity before you make a charitable contribution.  In addition, when you receive a charitable solicitation telephone call from a telemarketer, the telemarketer is generally being paid a commission for the money he or she collects.  Thus, your contribution to the charity is diluted by the amount that goes to the telemarketer and as Jerry Seinfeld would say, “not that there is anything wrong with that.”    However, if you really want to make your charitable contribution go farther, you will  be  better served by first checking out the particular charity at http://www.charitynavigator.org where you can find out not only if the particular charity is legitimate, but also how much of your contribution goes toward administrative costs and how much actually goes toward the charity’s charitable purposes.  Then you can make your contribution directly to the charity without any amount being deducted for fund raising expenses.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 14, 2020 – Most Dangerous Celebrities on the Internet for 2020

Each year, computer security company, McAfee releases a list of the most dangerous celebrities on the Internet.  These are people whose popularity is exploited by identity thieves and hackers who lure unsuspecting people through links in emails, social media and text messages relating to these celebrities to malware filled websites where their victims unknowingly download ransomware or keystroke logging malware that enables the identity thieves to steal all of the personal information from the victim’s computer, laptop, smartphone or other electronic device and use that information to make the person a victim of identity theft.  Topping the list this year is actress Anna Kendrick, followed by Sean Combs, Blake LIvely, Mariah Carey, Justin Timberlake, Taylor Swift, Jimmy Kimmel, Julia Roberts, Kate McKinnon and Jason Derulo

TIPS

It is important to remember that merely because a website turns up high on a Google search does not mean that it is legitimate.  Google doesn’t check out websites for legitimacy in ranking sites.  The ranking is done by secret algorithms that some identity thieves are adept at manipulating.  A good practice is to check out the actual URL of any celebrity website with which you are unfamiliar with whois.com which will let you know who actually owns the particular website.  This can help identify one that may have been set up by cybercriminals.Also, as I constantly warn you, never click on links or download attachments unless you are absolutely sure that they are legitimate.  It is also important to remwember with some types of malware, merely going to an infected website wil download dangerous malware so you need to be very careful.  Merely because it appears that a friend is passing them on to you does not make them legitimate.  As for celebrity videos and photos, you should have a healthy mistrust of websites with which you are not entirely familiar.  For gossip, http://www.tmz.com is a good place to go.  They always have the latest gossip and they are legitimate.  Finally make sure that you keep all of your electronic devices secure with anti-malware and anti-virus software and keep your security software current with the latest security patches.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – October 13, 2020 – Amazon Prime Day Phishing Threat

Today is the beginning of Amazon Prime Day.  I say the beginning because Amazon Prime Day actually extends from Octboer 13th through October 14th.  Amazon Prime Day is a global promotion of Amazon featuring sales on a variety of items available solely to Amazon Prime members.  There is always great interest in Amazon Prime Day and as with everything else that attracts great interest by the public, it also attracts great interest by scammers who are eager to take advantage of people participating in Amazon Prime Day.  Last year security company McAfee identified a phishing kit specifically tailored for Amazon customers.  This kit is called 16Shop and its creator uses the alias DevilScreaM.  Following the business model of the creators of much of today’s malware, DevilScreaM makes his or her money by leasing the malware created by him or her on the Dark Web to other less sophisticated cybercriminals. The Dark Web is that part of the Internet where criminals buy and sell good services. The 16Shop malware can be used to create an official looking email that appears to come from one of the major tech companies.  This email comes with a PDF attached that appears to be an Amazon log-in page.  Anyone who falls for the scam and provides his or her Amazon password and account information will have turned over that information to a scammer who will use it to buy items that will be charged to the credit card of the Amazon account holder.

TIPS

Much of malware including ransomware comes as links in phishing emails or tainted attachments.  As a general rule you should never click on links or download attachments that come in emails unless you have absolutely verified that the email is legitimate.  You also should never provide personal information in response to an email, text message or phone call unless you have absolutely confirmed that the communication is legitimate.  Phishing emails and more specifically tailored spear phishing emails can often appear quite legitimate initially so it is important to be skeptical.  Because Amazon Prime Day is now going on, many people expect emails from Amazon which is even more reason for you to be skeptical. Trust me, you can’t trust anyone.  Check the email address of any communication that appears to have come from anyone to make sure that it is the real email address.  Many phishing emails come from email addresses that have no relation to the real email address of the company they purport to be while others look very legitimate unless you carefully examine the email. It is also important to remember that you should not use your debit card for anything other than as an ATM card.   Use your credit card for online and offline purchases because the law protects you much more from fraudulent purchases than a debit card does.  If you do not promptly report misuse of your debit card, you could potentially lose the entire bank account tied to your debit card while the maximum liability for misuse of your credit card is only fifty dollars and most credit card companies don’t even charge you that amount.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories