Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – June 25, 2021 – McAfee Phishing Scam

McAfee is a popular security software company so it is somewhat ironic that scammers are using their name in phishing emails to scam people.  Recently, law enforcement officials in Nevada warned about a scam that starts with an email that purports to be from McAfee informing you that you are being charged $300 for McAfee Total Protection anti-virus software unless you cancel the order by calling a phone number provided in the email.  If you call the number provided you will be greeted by a scammer posing as a McAfee employee who will ask for personal information including a bank account number supposedly to verify the account.  Anyone providing this information is well on their way to becoming a victim of identity theft.

TIPS

There are  number of telltale signs that this is a phishing scam.  Emails from the real McAfee company are not sent through Gmail although the scams are sent using a Gmail account.  In addition, the phishing emails being sent by the scammers are sent as mass mailings so when you receive one of these phishing emails, not only does your name not appear on the email, but you are able to see that the same email was sent to numerous other people.

As always, you should never click on a link or provide information in response to any email you receive unless you have absolutely confirmed that the email is legitimate.  Nor should you trust the phone number in such emails. B.S. – Be skeptical.  If you have concerns that the email may be legitimate, merely call the company, in this case McAfee at a telephone number you know is accurate which in this case is. 866-622-3911 which, of course is not the number that appears in the phishing email.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – June 24, 2021 – WhatsApp Account Hijacking Inreasing

More than a billion people use the WhatsApp mobile messaging app that helps you send text messages, photographs, videos and audio.  Due to its extreme popularity, it is not surprising that WhatsApp has become an attractive platform for scammers. I have reported to you for years about the various scams targeting WhatsApp users. A common WhatsApp scam that is happening frequently involves social engineering used to hack your account and then use your account to scam other people.  The scam starts when you receive a message through WhatsApp that appears to come from a friend of yours. The message from your trusted friend tells you that you are about to receive a text message and requests that you send that message back to your friend.  The truth is that the message you received through WhatsApp is from an account taken over by a hacker who is looking to take over your account too.  The text message that you are sent on your phone is actually a dual factor authentication code sent to you because the hacker is trying to take over your WhatsApp account and if you sent it to your “friend” as requested, you are actually turning over that code to a hacker who can then use it to take over your WhatsApp account in order to send out messages with malware or lure your WhatsApp friends into becoming victims of scams because they believe the messages sent by the hacker with malware and scams are coming from you.

TIPS

In 2017 WhatsApp added dual factor authentication capabilities and you should use this if you are a WhatsApp user.  Passwords are just too vulnerable to be the sole method of authentication for important apps or accounts.  Whenever you are able to use dual factor authentication for a particular website, account or app, you should take advantage of this.  Some dual factor authentication protocols do not require it to be used when you are accessing the account from the computer or phone that you usually use, but only if the request to access the account comes from a different device, which still provides security without even having to use the special code.  However, as indicated in the scam I referred to above, dual factor authentication is not foolproof.  Never underestimate the power of a fool.  Fortunately, there is a way to protect yourself from this scam by setting up a PIN for your WhatsApp account so that even if someone got your dual factor authentication code, they could not access your account. You can set up a PIN by going to the Settings-Account section of the app.  Of course, you should also remember to never under any circumstances provide to anyone the dual factor authentication code sent to your phone.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address in the tab that states “Sign up for this blog.”

Scam of the day – June 23, 2021 – The Danger of Criminal Identity Theft

Criminal identity theft occurs when someone steals your identity and then commits crimes using your name and Social Security number.  The problems encountered by someone whose identity has been stolen by a criminal who then commits crimes in the name of the identity theft victim are tremendous.   Victims of criminal identity theft have been arrested for crimes they never committed and often have had difficulty having the crimes, committed by someone who stole their identity, removed from their records.  A faulty criminal record can affect your ability to get a job or obtain various benefits. Last year in Daytona Beach, Florida, Jonah Scott Miller was stopped for a minor motor vehicle violation and when a record check was done, it appeared he had an outstanding arrest warrant for failing to appear in court for a shoplifting charge.  Despite Miller’s vehement protests that he had absolutely no criminal record and that they had arrested the wrong man, Miller was jailed overnight before it was determined that someone had stolen Miller’s identity and had committed the crimes using Miller’s name.

TIPS

If you find that you are a victim of criminal identity theft, you should hire a lawyer and contact the police as well as the District Attorney’s office to straighten out the matter.  File a report indicating that you are the victim of identity theft.  It will be necessary for you to confirm your true identity through photographs and fingerprints. In addition, show law enforcement authorities your driver’s license, passport or any other identification that you might have that contains your photograph.

Get a letter from the District Attorney explaining the situation to have available if you are ever stopped for a traffic violation and your record is checked.  A few states have Identity Theft Passport programs through which anyone whose identity has been stolen by someone who uses it to commit crimes can, upon proving their identity, receive an Identity Theft Passport that protects them and confirms their true identity .  Even if your state does not have an Identity Theft Passport program, get a letter from the law enforcement agency that arrested the person using your name known as a “clearance letter” which indicates that you have not committed the crimes which were done by the identity thief who used your name.  Keep this document with you at all times.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it states “Sign up for this blog.”

Scam of the day – June 22, 2021 – Another Wells Fargo Phishing Email

A number of Scamicide readers have sent me copies of  phishing emails that appear to come from Wells Fargo.  One of them is reproduced below.  It makes for compelling reading, but it is a scam.  Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.  Copied below is a new phishing email  presently being sent to unsuspecting people that appears to come from Wells Fargo.  This particular one came with a Wells Fargo logo and was sent from an email address that, while not a real Wells Fargo email, did appear to be legitimate, which makes the scam even more tempting to more people.

Here is the email.

 

 

 

Secure message from Wells Fargo Online®

We posted a new notice or letter to your “Statements & Document” on your account

We recently detected an activity which seems unusual to your normal account activities.

Therefore as a preventive measure we have limited your access to sensitive account functions.

Please use your online access to sign on.

XXX

 

.

If you have questions about your account, please refer to the contact information on your statement. For questions about viewing your statements online, Wells Fargo Customer Service is available 24 hours a day, 7 days a week. Call us at 1-800-956-4442 or sign on to send a secure email..

 

wellsfargo.com | Security Center

Please do not reply to this automated email. Sign on to send a secure email.

2d80b-150-ab54-712f3fdcf-a2658bb2_5e35a546_d15d-5211

TIPS

Legitimate emails from your bank would include the last four digits of your account and include your name.  This email had neither.   Often such phishing emails originate in countries where English is not the primary language and the spelling and grammar are poor. However this one appears grammatically correct. Obviously, if you are not a Wells Fargo customer, you will recognize immediately that this is a scam.  As with most phishing emails, they lure you into clicking on a link (We have blocked the link and inserted xxx) by attempting to trick you into believing there is an emergency. However, if you hover on the sign in link contained in the actual phishing email, you will find it does not go to Wells Fargo.

As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call your bank or other institution from which the email purports to originate at a telephone number that you know is accurate and you will be able to confirm that it is a scam.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it states “Sign up for this blog.”

Scam of the day – June 21, 2021 – Nine Romance Scammers Charged in 2.5 Million Dollar Scheme

Romance scams continue to be a major problem.  In fact, these scams have increased dramatically during the Coronavirus pandemic.  According to the Federal Trade Commission (FTC) Americans lost more money to romance scams last year than to any other scam and the situation is getting more serious.  The FTC reports that Americans reported losing a record 304 million dollars to romance scams in 2020.  It is also important to note that romance scams are not limited to the United States, but occur worldwide. Recent figures from Hong Kong show the incidents of romance scams have also increased there dramatically in the past year.  Romance scams generally follow a familiar pattern with the scammers  establishing relationships with people, generally women, online through various legitimate dating websites and social media using fake names, locations and images.  The scammers often pose as Americans working abroad or in the military serving abroad.  In many cases, the scammers steal the identity and photo of a real person serving in the military, which has been recently reported to have been done many times by scammers using the name and photo of U.S. Navy officer Mike Sency.  After building trust with their victims scammers ask for money to help them through some sort of emergency.

Recently federal prosecutors charged nine people from Ghana, Nigeria and the United States with operating romance scams.  A number of these scammers posed as “Daniel Moore” who claimed to be from Michigan, but working on an oil rig in Dubai.  According to prosecutors this romance scam ring took in more than 2.5 million dollars from their victims over the last four years.  According to U.S. Attorney Lisa Johnston, “Crimes involving romance scams and other online scams are increasing at an alarming rate.  This case is a reminder that users of email, texts and social media should be aware of such scams and exercise extreme caution.”

While anyone can be the victim of a romance scam, according to the FBI, the elderly, women and people who have been widowed are particular vulnerable.   Most romance scams are online and involve some variation of the person you meet through an online dating site or social media quickly falling in love with you and then, under a wide variety of pretenses, asking for money.  Since 2019 approximately half of the reported instances of the romance scam have started on social media, particularly Facebook and Instagram rather than on dating sites or dating apps according to the FTC.  One particularly scary statistic is that people over 70 years old victimized in a romance scam lose, on average, about $10,000 as contrasted to $2,800 for younger victims of romance scams.

Two interesting new developments in romance scams involve money mules and  cryptocurrencies such as Bitcoin.  In the cryptocurrency romance scam, the scammer convinces his victim to leave the dating site and use a texting app such a WhatsApp where they tell you about a family member who has made a lot of money investing in cryptocurrencies and lures the victim into putting money into a phony cryptocurrency investment where the funds are quickly stolen by the scammer.

In the second scam, the scammer actually sends the victim money under a variety of pretenses and then asks the victim to wire the money back to them.  In this case, the victim becomes a criminal because he or she is actually participating in money laundering.  This has been seen a lot this year in relation to the massive filing of phony claims for unemployment compensation where the scammers will have the money sent to the romance scam victim and then use them to send the money to the scammer overseas, often in Nigeria.  In other instances not involving the romance scam, the scammers will post phony ads for work at home jobs where the job is to receive money in your bank account and wire it to someone else.

TIPS

There are various red flags to help you identify romance scams.  I describe many of them in detail in my book “The Truth About Avoiding Scams.” The most important thing to remember is to always be skeptical of anyone who falls in love with you quickly online without ever meeting you and early into the relationship who then asks you to send money to assist them with a wide range of phony emergencies.

Here are a few other things to look for to help identify an online romance scam.  Often their profile picture is stolen from a modeling website on the Internet.  If the picture looks too professional and the person looks too much like a model, you should be wary. You also can check on the legitimacy of photographs by seeing if they have been used elsewhere by doing a reverse image search using Google or websites such as tineye.com.  Particular phrases, such as “Remember the distance or color does not matter, but love matters a lot in life” is a phrase that turns up in many romance scam emails.  Also be on the lookout for bad spelling and grammar as many of the romance scammers claim to be Americans, but are actually foreigners lying about where they are and who they are.  Of course you should be particularly concerned if someone falls in love with you almost immediately.  Often they will ask you to use a webcam, but will not use one themselves.  This is another red flag.  One thing you may want to do is ask them to take a picture of themselves holding up a sign with their name on it.  In addition, ask for a number of pictures because generally when the scammers are stealing pictures of models from websites, they do not have many photographs. Ask for the picture to be at a particular place that you designate to further test them.  If you meet someone through a dating website, be particularly wary if they ask you to leave the dating service and go “offline.”

You also should be particularly wary of online relationships with people in the military because while many real military personnel do use social media and dating websites, they are a favorite disguise for scammers.

As for the cryptocurrency scam tie to the romance scam, the rules still apply that you should never invest in anything you do not fully understand.  In addition you should always be skeptical when your new romantic partner is in a rush to get off of the dating site to communicate in another fashion.

In regard to being a money mule, there is no legitimate reason for someone to have money wired to you merely to wire to someone else.  This is always a scam.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – June 20, 2021 – Phony PayPal Invoice Scam

The phony invoice scam is a common scam popular with scammers because it is quite effective.  It starts when you receive an email that purports to be from a popular company with which many of us do business that indicates that you owe them a significant payment.   The scammers count on people being concerned that they are being wrongfully charged for a product they did not order.  You are provided a telephone number to call if you dispute the bill. If you call the number, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  Here is a copy of the phony invoice presently being circulated.

This email appears to come from Norton, a company that provides a wide range of digital security services.   As always, the purpose of a phishing email is to lure you into clicking on links contained within the email or providing personal information, in this case by phone if you call to dispute the phony bill . If you click on links in phishing emails, you end up downloading malware and if you provide the requested information, it ends up being used to make you a victim of identity theft. This particular phishing email provides a phone number to call if you wish to dispute the obviously phony invoice.  If you call the number in the phishing email you will be asked for personal information that will be used to make you a victim of identity theft.

There are a number of red flags that indicate that this is a scam.  Your name does not appear anywhere in the invoice.  Only your email address appears in the phony invoice.  Also, the email was sent from an email address that appears to have nothing to do with PayPal, but is most likely the email address of someone whose email account was hacked and used to send out these scam emails..

Here is a copy of the invoice being circulated.

 PayPal

Tue 24th may 2021
Transaction ID: 8570844792817

You Send a payment of 1500 USD to BestBuy
(recipt@Bestbuy.com)

It may take a few moments for this transaction to appear in your account.

Description

1 Year Pc Support Pro Plan

Unit price

1 Pc 1 year

Amount

1500 USD

TOTAL

$1500 USD

Get In Touch With Us @ +1(405) 786-6744

Funds will appear on your account as Send from “PAYPAL to *BestBuy” Payment send to recipt@Bestbuy.com

Kind regards,
PayPal

Issues with this transaction?
You have 180 days from the date of your PayPal payment to open a dispute for eligible transactions in our Resolution Centre. Learn about Buyer Protection

Currency conversion: To complete this transaction, we converted the payment amount to the currency of your card based on our agreement with you. PayPal’s currency conversion fee is added to the exchange rate, set by an external financial institution. For more information about fees, see our user agreement.

Copyright © 2021 PayPal, All rights reserved.
You subscribed to our newsletter via our website

PayPal Invoice
2178 Beeghley Street
Memphis Tennessee 38111
United States

TIPS

Once, I received a large invoice from a company with which I do business for goods I did not order, but rather than click on the link provided in the email, I went directly to the company’s website to question the invoice.  When the website came up, the first thing I saw was a large announcement that the invoice was a scam and that many people had received these phony invoices.  If you ever receive a phony invoice such as this and you think that it may possibly be true, don’t click on links or call phone numbers provided in the email.  Rather contact the real company directly at a phone number or website that you know is legitimate where you can confirm that the phishing invoice was a scam.

Never click on links or download attachments in emails or text messages unless you have absolutely confirmed that they are legitimate and don’t call companies at telephone numbers that appear in the email such as this one.  Instead, if the email appears to come from a legitimate company, you can call them at a telephone number you confirm is legitimate .  Don’t call the number that appears in the email.  In the case of PayPal, the real telephone number to call for customer service is 888-221-1161.  One of the indications that this is not legitimate and is a phishing email is the fact that  nowhere in the email does your name appear.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – June 19, 2021 – REAL ID Scams

The most effective scams are the ones that capitalize on real things that apply to you.  There was a proliferation of scams during the past year related to the Coronavirus pandemic which is one reason why there is a separate section of Scamicide.com that provides you with a comprehensive account of the many scams related to the Coronavirus pandemic and how to avoid them.  Similarly many people are familiar with the REAL ID, which is a new version of your driver’s license mandated by federal law.  The REAL ID Act established new security requirements for driver’s licenses and identification cards with which all states must comply and which will eventually be needed by you if you wish to board an airplane or enter certain federal facilities although you can still do so if you have a passport.  The original date by which you had to get a REAL ID was set at October 1, 2021, however due to the Coronavirus pandemic, the deadline has been postponed until May 3, 2023.  This is both good news and bad news.  It is good news because it gives you more time to get your REAL ID, but it is also bad news because it gives scammers more time to contact you posing as governmental officials seeking your personal information under the guise of helping you apply for your REAL ID when their real purpose is to harvest your personal information and use it to make you a victim of identity theft.

The scam is turning up in many forms. such as emails, text messages and phone calls in which you are urged to either provide sensitive personal information or click on links taking you to websites that appear to be official where you will either unwittingly have downloaded malware such as ransomware by clicking on the link or, again, be prompted to provide personal information used to make you a victim of identity theft.

TIPS

No states are initiating contact with people by emails, text messages or phone calls asking for personal information to apply for your REAL ID.  An important thing to remember is that whenever you get a phone call, text message or email, you can never be sure you is really contacting you even if the email address, phone number or Caller ID indicates that the communication is legitimate.  This is why you should never provide personal information or click on a link in an email or text message unless you have absolutely confirmed that the communication is legitimate.  Sometimes, you may be able to pick up on obvious (or not so obvious) mistakes in the communications such as in recent text messages to residents of Illinois that purported to be from the Department of Motor Vehicles.  This is a mistake because Illinois does not have a Department of Motor Vehicles.  The name of its agency dealing with these matters is the Department of Driver Services.  In any event, if you receive a communication pertaining to the REAL ID, your best choice is to contact your state agency that deals with them at an email address you know is legitimate.  Here is a link to a listing of the websites for all of the state agencies that deal with REAL IDs. https://www.dhs.gov/real-id

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

Scam of the day – June 18, 2021 – Puppy Scams Continue to Rise

“Puppy buying is at an all-time high,” according to the Nebraska Attorney General’s Office  and along with the increase in the purchase of puppies that dramatically rose during the Coronavirus pandemic, the number of scams related to puppy buying increased substantially as well.  Scams involving sales of non-existent puppies had already increased dramatically in the last few years, but really took off  during the Coronavirus pandemic when many people were looking for the emotional support of a loving dog.   People buy dogs or other pets online and, although they think they are taking proper precautions, they often end up getting nothing in return for the money that they wire to the scammer who may have a website or some other way of marketing their non-existent pets with photographs and false information. Often the scammers hook their victims for more and more money, such as when even after the victims has paid for the non-existent dog, the victim is asked for additional payments for a special crate to transport the dog along with additional transportation company fees.

TIPS

It is simple for a scammer to construct a website that appears to be legitimate and scammers can readily steal the name of a legitimate animal breeder. Always check into the reputation of the breeder with the Better Business Bureau, your state’s attorney general and even Google the name with the word “scam” to see if a legitimate breeder’s name that is being used has been stolen for scams previously. Be wary of anyone who asks you to wire money because that is a telltale sign that a scam is going on because once the money is wired, it is impossible to get it back. If you are told that a courier company is being used to transport the animal, check out the company to make sure it is legitimate and actually shipping the dog. There also are a number of ways such as using the website http://www.tineye.com to search the photos sent to you of the dog to see if they appear elsewhere other than the website attempting to sell you a puppy. If so, this is a good indication that you are being scammed. Also, always get a veterinarian report on any animal before you consider buying it. Finally, you are always going to be better off buying a pet that you can see in person prior to buying the pet.

Some phony breeders claim they are certified by the American Kennel Club (AKC) however, the AKC doesn’t certify breeders.  Legitimate breeders will however, register their litters with the AKC and you can find out by calling the AKC’s customer service line 919-233-9767 if a particular litter has been registered.

Here is a link to a television interview I did about pet scams:https://turnto10.com/i-team/consumer-advocate/12-scams-of-christmas-phony-pet-breeder

You also might want to consider getting a dog from a local animal shelter where you can both get a great dog and give an animal in need a loving home.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – June 17, 2021 – What to do if Your Email is Hacked

Recently I received an email from my most trusted friend (my wife).  The email merely said that she found an article in which I would be interested and included a link for me to click on to the article. Similarly, last year I got an email that read:
“Hi Steve
I’m sorry for bothering you with this mail, I need to get an iTunes Gift Card for my Niece, Its her birthday but I can’t do this now because I’m on a sickbed and I tried purchasing online but unfortunately no luck with that. Can you get it from any store around you? I’ll pay back as soon as I get better. Kindly let me know if you can handle this.

Natalie”

The email from my wife did not appear to me to be what my wife would send me although the email address used was indeed my wife’s email.  Similarly, the  second email came from the email address of a person who is a friend and client of mine, but it was pretty clear to me that Natalie had not sent the email.  In both instances, their email accounts had been hacked and used to send emails to people on their contact lists .  In the email purporting to be from my wife, the scammer was attempting to lure me into clicking on a link which would have most likely downloaded malware.  In the second email, it asked for gift cards which are the equivalent of cash.  As I often tell you, you can never be sure who is actually calling you on the phone, sending you a text message or sending you an email.  Therefore you should never give personal information, credit card information, gift card information or wire money in response to such a communication unless you have absolutely confirmed that the communication is legitimate.  Gift cards and wiring money are two of the favorite ways that people are scammed so when you are asked to provide either of those, you should always be skeptical.  Nor, as I always advise you, should you click on a link in an email or text message unless you have confirmed that the communication is legitimate.
But what do you do if your email account is hacked?
TIPS
Here are the steps you should take if your email account is hacked:
1.  Report the hacking to your email provider.
2.  Change your security question.  I often suggest that people use a nonsensical security question because the information could not be guessed or obtained by research online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Change your password on your email account.  If you use the same password for other accounts, you should change those as well.
4.  Contact people on your email list and let them know you have been hacked and not to click on links in emails that may appear to come from you.
5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program.  This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
5.  Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
6.  Get a free copy of your credit report.  You can get your free credit reports from www.annualcreditreport.com.  Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.   You should then consider signing up for an identity theft protection service if you have not already done so.
7.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide was recently cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates  “Sign up for this blog.”

Scam of the day – June 16, 2021 – Mistaken Zelle Payment Scam

Peer to Peer Payment Payment Services (P2P) such as Zelle, Venmo, ApplePay, PayPal, Square Cash and PopMoney are popular ways to quickly and conveniently send money electronically from your credit card or bank account. These services are used by 113 million Americans. These services also provide easy ways to be scammed and unlike scams targeting your credit cards directly, you may not have as much protection under the law to get your money back if you do get scammed. Zelle which originated in 2017 is operated by a consortium of banks and appears on your mobile banking app. Sending money through Zelle only requires you to enter the recipient’s phone number or email address. In addition to scammers luring their victims to pay for worthless items through P2P services, scammers have also been sending phishing emails and text messages in which they lure their victims into providing their Zelle usernames, passwords and PINs to take over their victims’ bank accounts through their Zelle accounts.

A complicated scam that is happening now occurs when you receive a call telling you that the caller mistakenly used Zelle, Venmo or one of the other similar P2P services to send you money intended for someone else and asks you to return the funds to him or her.  When you check your account, you find that indeed money was deposited into your account.  But should you return the money?  The problem is that scammers connect stolen credit cards to a P2P account and then use it to transfer money to an unsuspecting victim whom they then contact and tell them that the money was sent mistakenly and ask for the money to be returned.  Meanwhile, the scammer deletes the stolen credit card from his or her account and replaces it with his own credit card so when you send money, you are not sending it to the credit card used to send you the money, but rather the credit card account of the criminal enabling him or her to launder the illegal funds.  When this is discovered, you will end up losing the money you sent.

TIPS

Before signing up for any P2P service, you should familiarize yourself with their fraud protection rules. In the fine print of many P2P services, you may find that you have little, if any, protection if you use the account to purchase something that ends up to be a scam. While PayPal offers significant protection from fraudulent transactions, Zelle and Venmo, for example do not offer such protection, which is why these services should never be used for commercial transactions, but only to transfer small amounts of money to people you know. In order to protect your account from being hacked and being taken over by a scammer who could access your credit card or bank account, you should use a PIN or other dual factor authentication whenever your particular service provides for it. In addition if you are hacked and your account is tied to a credit card, you should be able to get the amount fraudulently taken refunded from your credit card company in accordance with federal law and if it is tied to a bank account, you should be able to get the money refunded if you report it immediately pursuant to the Electronic Transfer Act.  Zelle does not let you use a credit card, but Venmo does.  You are always safer using a credit card rather than having your bank account tied to your P2P app.

To avoid having your Zelle account and other accounts from being taken over by hackers, never provide your username, password or PIN in response to any email, text message or phone call unless you have absolutely confirmed that the request for this information is legitimate, which it never is. You can confirm this by contacting your bank or other company by calling them at a telephone number you know is accurate. Even if you get a call that appears to come from your bank or other company with which you do business, your Caller ID can be tricked by spoofing to make the call appear legitimate when it is not.

As for the specific stolen credit card scam indicated above, if you do receive such a call and money is put into your account in that manner, you should contact your bank for assistance in straightening the situation out and determining whether a stolen credit card was used for the transfer or whether it was indeed just a legitimate mistake.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

  • Categories