Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – July 30, 2021 – Informed Delivery Identity Thief Arrested

Identity theft can be high tech, low tech or no tech.  Stealing mail from mailboxes for purposes of identity theft has been done by identity thieves for years.  Numerous times over the last ten years I have warned you about the danger of having your mail, such as credit card bills or bank statements stolen from your personal mailbox.  In addition, many people put themselves in great danger of identity theft by putting their outgoing mail in their mailbox and put up the red flag to alert the mail carrier that there is mail to be picked up.  Unfortunately, that is also an alert to identity thieves cruising the neighborhood of mail to be easily stolen.

Recently, in Tennessee Jennifer Shrum was arrested and charged with using the U.S. Postal Service’s Informed Delivery Program to learn when her targeted victims would be receiving important mail, such as credit card applications or bank statements that she would steal and use for purposes of identity theft.  In one instance she applied for multiple credit cards in the name of one of her victims and used them to spend thousands of dollars at various local stores.

The Informed Delivery Program is a free service of the U.S. Postal Service that will send you an email each morning with images of the mail you will be receiving later that day.  This service was first done on a pilot basis in 2014 in parts of California, Connecticut, Maryland, Virginia and Washington D.C. and became available to everyone three years later.   Identity theft through the stealing of mail such as credit card statements and bank statements from your mailbox is a significant problem and this program both alerts you as to when to look for important mail, as well as let you know if such important mail has been stolen from your mailbox so you can respond more quickly. However, nothing is full proof.  A few years ago I told you about the identity theft of more than thirty-five people living in the same Miramar, Florida neighborhood caused by criminals exploiting flaws in the program.  These criminals signed up for the program in the names of their victims and were able to see when credit card statements and other mail containing personal information would be delivered so that they were alerted as to when to steal the mail from the mail boxes of their victims and gain access to their credit cards as well as sign her up for additional cards which they also exploited.  While in order to set up an Informed Delivery account, you need to answer security questions, the information necessary to answer those questions can often be readily obtained online.

TIPS

In order to avoid becoming a victim of identity theft through your mailbox, you should make sure that it is securely locked so that it is not easily accessed by your friendly neighborhood identity thief and when it comes to outgoing mail, don’t put it in your mailbox for your mail carrier to pick up regardless of how convenient it may be to do so.  In fact, identity thieves have been known to steal mail from the U.S. Postal Service mailboxes found on the corners of major streets so, in order to be safe, you should mail your outgoing mail at the post office.   It may seem like this is being a bit excessive when it comes to protecting your mail, but remember, even paranoids have enemies.

The best way to avoid the problem of someone using the Informed Delivery Program to learn about your upcoming mail deliveries is to sign up for the Informed Delivery Program yourself before an identity thief does so in your name.  Here is the link to go to sign up.

https://informeddelivery.usps.com/box/pages/intro/start.action

It is also important to note that if you do sign up for the service, you should use a unique and complex password to prevent identity thieves from hacking your account to let them know when important mail that they can exploit for identity theft purposes will be arriving to your home.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – July 29, 2021 – Church Email and Text Scams

I first warned you about this particular scam in June of 2017, but it has recently resurfaced in many places around the country including Florida recently where the Trinity Lutheran Church in Summerfield, Florida sent a note to it members saying someone had been using the name of their Senior Pastor Dan Kelm in emails and text messages requesting money.  Generally in this scam, local church, synagogue or mosque members receive what appear to be emails from their religious leaders asking them to make contributions through gift cards and credit cards. In 2017 the scams primarily asked targeted victims to wire money to accounts and people named in the emails. The emails come from email addresses that appear at first glance to be that of the local religious leaders, but a closer inspection will disclose that it is coming from a different email provider than what their religious leader.

TIPS

The key to protecting yourself from this scam is to first be skeptical whenever you get a request to wire money or make a payment through gift cards because once money has been wired, it is gone forever which is why it is a favorite method of payment for scammers. As for gift cards, once you provide the numbers from the gift cards, the scammers utilize the gift cards to make purchases that they quickly sell in order to get cash. No religious institution solicits gift card payments nor does the IRS which is why when someone posing as a religious institution or the IRS asks for a payment through gift cards you can be sure it is a scam.  The second thing that we all should do is to always confirm the legitimacy of any request for a donation of any kind before making a payment.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

Scam of the day – July 28, 2021 – New Banking Trojans Threat

In 2019, 75% of Americans used mobile bank apps to some degree for their personal banking needs.   However, since the Coronavirus pandemic hit, even more people are using these apps to conveniently do their banking.  This fact has not been lost on hackers and scammers who have in recent years increasingly focused much of their attention on scams and hacking of mobile phones.  One of the more effective tactics used by hackers is to create malicious apps called banking trojans which appear to the targeted victim to be a legitimate app such as a game or tool which the victim downloads.  Once downloaded, the malicious app stays dormant until the victim goes to use their legitimate banking app at which time it creates a phony version of the victim’s bank’s login page which appears on top of the legitimate app. The victim then inputs his or her username and password into the malicious app thereby providing this information to the hacker.  Making this crime even more devious is the fact that once the victim has inputted his or her information, the banking trojan sends the victim to the real banking app login page so the victims do not become immediately aware that they have been hacked .

Recently the security software company, Kaspersky discovered two spam campaigns distributing two banking Trojans designated as IcedID and Qbot.  These particular trojans were distributed through attachments in phishing emails that lured people into opening the tainted file and run the macro in it thereby downloading the banking trojans.  Both of these banking trojans are readily sold by cybercriminals to other less sophisticated cybercriminals on the Dark Web, that part of the Internet where criminals buy and sell goods and services.

Another technique used by hackers is to create phony banking apps that appear to be the banking apps of major banks and offer them on major legitimate app stores.  People using these counterfeit apps think that they are providing their username and password to their bank when they use these apps, but instead are providing them to a hacker.  Despite the best efforts of the major legitimate app stores to police their sites, according to the FBI in 2018 there were close to 65,000 phony banking apps that were available on the legitimate major app stores.

TIPS

As you can see, it can be very easy to become a victim of a mobile banking app attack.  Although the major legitimate app stores try to vet the apps that are offered on their sites, they are not perfect.  I suggest that when possible you obtain the banking app for your particular bank directly from the website of your bank.  Most banks will provide a link to their mobile banking app on their website.  As I often suggest, you also should use dual factor authentication whenever possible to protect the security of your online activities, particularly banking.  Through the use of dual factor authentication using biometrics, hardware tokens, authentication apps or text messages to your cell phone you can protect the security of your transaction even if someone is able to hijack your username and password.  Also, remember your bank will not call you or text you asking for dual factor passcodes.  Hackers often pose as your bank and will call you or text message you and ask for this information under some pretext.  Don’t give it to them.

As for these two particular banking trojans, IcedID and Qbot, the lesson is the same as always – Trust me, you can’t trust anyone.  Don’t click on links or download attachments and run macros unless you have absolutely confirmed that they are legitimate.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 27, 2021 – Another Significant Data Breach

As I have reminded you many times, we are only as safe and secure as the security as the companies and websites that have our personal information.  So even if you are extremely diligent in protecting your personal information, you can be in danger of identity theft and scams if your personal information falls into the hands of hackers which is just what happened to people whose information was contained in emails from employees of The Millennia Companies, a billion dollar Ohio based real estate management company.  Between October 21, 2019 and December 8, 2019 a number of employee email accounts were hacked that included significant amounts of personal information such as names, Social Security numbers, credit card information and more that could lead to identity theft.  While the data breach occurred in 2019, Millennia did not become aware of it until recently and on June 29, 2021 notified people whose information was compromised.  The company also offered credit monitoring services to these people.

Personal information, such as the information contained in the hacked emails is used by cybercriminals not just to directly steal the identities of the affected people, but also to create specifically targeted spear phishing emails and text messages (called smishing) to lure people into clicking on malware infected links or providing personal information that will be used to make you a victim of identity theft.  While many common phishing emails and text messages are easily recognized as phony, sophisticated spear phishing emails and text messages can be tailored by the criminals to our own interests using the information obtained through the data breach in order to appear to be trustworthy which makes them quite dangerous.

TIPS

One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  It is also critical that we all remember that whenever we get an email, text message or phone call, we can never be sure who is really contacting us so you should never click on links or provide personal information in response to such communications unless you have absolutely confirmed that the communication was legitimate.  Trust me, you can’t trust anyone.

Freezing your credit is something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – July 26, 2021 – Walmart Text Message Scam

Phony text messaging, called smishing, which  purport to be from a legitimate source such as your bank is a scam about which I have been warning you for years, but appears to be a scam that is dramatically increasing.  Recently, a Scamicide reader informed me she had received a text message that appeared to come from Walmart informing her that she was entitled to $1,820 from the Walmart pandemic relief fund.  This scam is being perpetrated by other scammers using differing amounts, but the scam is still the same.  The text message comes with a link you are instructed to click on in order to process your payment.  In some instances, merely clicking on the link will download dangerous malware such as ransomware on to your device.  In other instances, if you provide the requested information at the legitimate appearing, but definitely phony website the link takes you to, you will end up becoming a victim of identity theft.

Phony text messages like this can be particularly problematic if you have signed up to receive text message alerts from your bank. Whenever you receive a text message you can never be sure who is really sending it to you, so you should never call a telephone number indicated in the text message, provide information or click on links in such text messages which may either download ransomware malware on to your phone or keystroke logging malware that can lead to your becoming a victim of identity theft.  The best course of action when you receive such a text message, if you have a concern that it may be legitimate, is to merely independently contact your bank to determine whether or not the text message was a scam, but be careful that you do not misdial the telephone number of your bank as some scammers purchase phone numbers similar to those of legitimate banks and credit card companies hoping that they will receive calls from unwary consumers who may have merely misdialed the telephone number of their bank or credit card company.

As for the Walmart pandemic relief fund, there is no such fund and Walmart is not giving away money to people through any such fund.

TIPS

Regardless of how official such a text message may appear, you should never provide personal information to anyone in response to a telephone call, email or text message because in none of those situations can you be sure that the person contacting you is legitimate.  If you do receive a communication from a bank, government agency or any other person or entity that you think might have a legitimate need for personal information from you, you should call the real entity at a telephone number that you know is legitimate in order to ascertain the truth.  Banks do not call, text or email their customers asking for personal information.  You should always be skeptical of anyone asking for such information.  Of course, if you receive a text message that appears to come from a bank at which you do not have an account, you can be confident it is a scam. If the text message provides for you to respond to stop future texts, don’t do it. Sending such a message to a scammer merely alerts them to the fact that yours is an active phone number.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”

Scam of the day – July 25, 2021 – Jamaican Lottery Scammers Plead Guilty

I have been reporting to you for years about the infamous  Jamaican lottery scam by which many Americans, mostly elderly, have been scammed out of money after being told that they have won the non-existent Jamaican lottery.  The scam begins when the victim receives a telephone call informing them that they have won this non-existent lottery that they never entered and are then pressured to pay “fees” and “taxes” before their winnings can be sent to them.    This scam has been going on since the 1990s.

Recently two Jamaicans, Jason Wedderburn and Kayan Kitson pleaded guilty to swindling people out of more than $600,000 through this scam with one victim paying the scammers $325,000.  They will both be sentenced in Rhode Island Federal Court on October 6, 2021.

TIPS

As I have often told you, it is difficult to win a lottery you have entered.  It is impossible to win one that you have not even entered.  You should always be skeptical about being told that you have won a lottery you never entered.  It is also important to note that it is illegal to play foreign lotteries except when you are actually present in the other country.

While it is true that income taxes are owed on lottery winnings, legitimate lotteries never collect tax money from winners.  They either deduct the taxes from the winnings or leave it up to the winners to pay their taxes directly to the IRS.  You also should never pay a fee to collect a legal lottery prize.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”

Scam of the day – July 24, 2021 – Millennials Most Victimized by Tech Support Scams

Tech support scams are a profitable way for scammers to steal your money.  I have been warning you about these scams for years.  They come in a number of different varieties including pop up ads on your computer and telephone calls purportedly from Microsoft, Apple, Google or other tech companies.  Earlier this year I told you that  the Federal Trade Commission (FTC) along with the Attorneys General of Pennsylvania and Connecticut  settled a legal action against the company, Click4Support which the FTC indicated stole more than 17 million dollars from unwary consumers by pretending that they represented Microsoft, Apple and others offering unneeded tech support services.

Click4Support used online advertisements and popups that made them appear to be a part of Microsoft or Apple.  The ads would lure unsuspecting computer users to call Click4Support and then give Click4Support remote access to the victims’ computers for purposes of identifying viruses, malware and other problems, which were always found whether or not they actually existed.  Then Click4Support sold its services either on a one time basis or a long-term service plan at a cost that ranged from $69 to thousands.  In return, the victims actually got nothing of value and, in some instances, their computers were harmed.

Microsoft just released an interesting report about tech support scams in which, surprisingly to many, Microsoft found that Millennials were victimized  more by these scams than any other demographic group.  In fact, Millennials were victimized six times more often than Baby Boomers.

TIPS

In the phone scams for tech support, it is important to remember that neither Microsoft nor Apple will ever call you about tech support so if someone represents that they are doing just that, it is a scam.  Hang up the phone.

Don’t trust popup ads for tech support service either.   Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided.  Neither Apple nor Microsoft nor any of the other tech companies ever provide notices of security problems that contain telephone numbers for you to call to fix the problem.  If your screen becomes frozen, all you need to do is just turn off your computer and restart it. If you are concerned that you may be experiencing a real security problem you can contact tech support at Apple or Microsoft directly by phone or by email using the phone number and email addresses you find on their respective websites.

Often the tech support scammers will attempt to lure people into providing them with remote access to your computer in order, they tell you, to check your computer for problems.  Providing remote access to anyone to your computer can lead to a myriad of problems including identity theft and the downloading of ransomware.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – July 23, 2021 – Indiana Attorney General Warns of Utility Phone Scam

Recently, Indiana Attorney General Todd Rokita issued a warning about a dramatic increase in telephone scams involving scammers posing as utility company customer service representatives demanding immediate payments and threatening to turn off electrical power if a payment is not made immediately.  Scams involving utility bills for electric, water or gas services have long been popular with scammers. Some of these scammers are so blatant that they even have asked for payments to be delivered to a laundromat.

In one common utility scam, potential victims receive telephone calls purportedly from their utility company informing them of a special company promotion for which they are eligible.  They just need to provide some personal information.  This, of course leads to identity theft.

In another version of the scam, potential victims are called on the phone and told that their utility service will be terminated for non-payment unless they pay by credit card, debit card or gift cards.  A demand for payment by way of a gift card is a good sign that you are dealing with a scammer since legitimate utility companies never require payments or accept payments through git cards.

In a third version of this scam, potential victims receive an email that has a link to take them to their bill, but if you click on the link, you either download malware or are prompted to provide information that will be used to make you a victim of identity theft.

TIPS

You can never be sure when you get an email or a telephone call if it is really from a legitimate source.  Email addresses can be hacked to appear legitimate and even if you have Caller ID, a scammer can use a technique called “spoofing” to make it appear that the call is from a legitimate caller.  Trust me, you can’t trust anyone.  Never provide personal or financial information to anyone in response to a telephone call, text message or email until you have independently confirmed that the communication was legitimate.  In the case of a utility bill, merely call the number on the back of your bill and you will be able to confirm whether or not the communication was legitimate.  Also, never click on links unless you have confirmed that they are legitimate.  The risk is too great.  It is also important to remember that no legitimate utility company will require you to immediately pay your bill over the phone through a gift card.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

Scam of the day – July 22, 2021 – Wildfire Charity Scams

As we have seen far too well during the Coronavirus pandemic, scammers are quite capable of taking whatever is happening in society and turning it into an opportunity to scam people.  Natural disasters such as hurricanes and wildfires are common occurrences and we are about to enter both hurricane and wildfire seasons.  Partially due to global warming, last year the United States experienced 22 major natural disasters that cost more than a billion dollars each.   Natural disasters, such as hurricanes, wildfires, tornadoes and earthquakes bring out the best in people who want to donate to charities to help the victims. Unfortunately natural disasters also bring out the worst in scammers who are quick to take advantage of the generosity of people by contacting them posing as charities, but instead of collecting funds to help the victims of these natural disasters, these scam artists steal the money for themselves under false pretenses. Charities are not subject to the federal Do Not Call List so even if you are signed up for the federal Do Not Call List, legitimate charities are able to contact you by phone. The problem is that whenever you are get a phone call, you can never be sure as to who is really calling you so you may be contacted either by a fake charity or a scammer posing as a legitimate charity. Using a technique called spoofing, the scammers can manipulate your Caller ID to make it appear that the call is coming from a legitimate charity when it is not. Similarly, when you are solicited for a charitable contribution by email or text message you cannot be sure as to whether the person contacting you is legitimate or not.

Presently there are 80 major wildfires burning in 13 Western states causing tremendous damage.  Scammers are already setting up phony charities to capitalize on the generosity of our fellow citizens.  If you wish to give to charities helping the people affected by these wildfires, it is important to make sure that you are giving to a legitimate charity.

TIPS

Never provide credit card information over the phone to anyone whom you have not called or in response to an email or text message. Before you give to any charity, you may wish to check out the charity with http://www.charitynavigator.org where you can learn whether or not the charity itself is a scam. You can also see how much of the money that the legitimate charity collects actually goes toward its charitable purposes and how much it uses for fund raising and administrative costs.  Here is a link to a specific page of Charitynavigator.org that deals with vetted charities helping victims of wildfires. https://www.charitynavigator.org/index.cfm?bay=content.view&cpid=7574&search-box

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – July 21, 2021 – FTC Refunding Money to Victims of ReJuvenation Pill Scam

In June of 2020 I told you that the makers of the bogus anti-aging supplement called ReJuvenation settled charges brought against them by the Federal Trade Commission (FTC) and the FTC is now sending full refunds to people who were scammed into buying this worthless anti-aging pill.  The makers of ReJuvenation deceptively advertised the pill as being able to cure a wide variety of age related conditions such as cell damage, heart attack damage, brain damage and deafness.  ReJuvenation advertised its products by mass mailings and emails.  It also sold the products on its websites: ReJuvenationAntiAging.com, JournalOfAntiAgingBreakthroughs.com and QuantumWellnessBotanialInstitute.com. The FTC has already sent checks to the victims who they are aware of, however, if you were a victim of this scam and have not received a check, you should call the refund administrator, Rust Consulting at 1-877-844-0319.  The deadline for filing a claim is August 31, 2021.

TIPS

For more information about this refund program go to the tab in the middle of the Scamicide home page entitled “FTC Scam Refunds.”  It is important to note that there is never a charge for obtaining a refund through the FTC or any of its refund administrators.  Anyone who asks for such a payment is just another scammer.

As for anti-aging products in general, the truth is that there are no quick fixes when it comes to remedying age related conditions and you should be wary of any product that promises to do so.  You should also be wary of any anti-aging product that is sold exclusively either over the Internet or through mail-order advertisements. The best course of action is to ask your physician about the effectiveness of a particular anti-aging product or program before you considering buying any such product.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

  • Categories