Scam of the Day
Scam of the day – July 18, 2023 – Work at Home Scams that Turn You Into a Criminal
Laundering money derived from a scam is an essential element of many scams. Scammers can be extremely clever at distancing themselves from their scams in order to avoid detection. The people they enlist either as willing or unknowing participants in the laundering of the proceeds of a scam are called money mules. Scams in which innocent people are lured into being unknowing money mules are numerous. One of the more common of these involves work at home scams where your job is to receive goods, often electronics that have been shipped to you, inspect them and then reship them to an address provided to you by your new employer. The problem is that these goods have been purchased with stolen credit cards and you have just become an accomplice to the crime when you ship them to someone else who will then sell them to turn the merchandise into cash.
Other times the scammers will say that your job is to receive funds sent to you by the scammer, deposit the funds in your own bank account and wire the funds to people who the scammers tell you are either clients or suppliers of the scammers phony company. Finally, money mules are also used is in a variation of the romance scam where you are asked by your romantic partner to wire funds to someone on behalf of the scammer on a variety of pretenses.
Many times the scammers will use the names of legitimate businesses when attempting to lure people into the reshipping scam. In another variation of the scam, the money mules are told that there job is as a gift wrapper and that they are to receive items, wrap them and ship them to their instructed destination.
TIPS
As always, if it sounds too good to be true, it usually is. Check out work at home scams with your local attorney general and the FTC. And as always, you can Google the name of the particular company offering you the work at home program with the word “scam” next to it and see what turns up.
As for reshipping goods as a work at home job, it is important to remember that there are no such legal jobs for reshippers. They are always a scam and you should steer clear of them. You also should never use your own bank account to transfer funds for an employer. Asking you to purchase gift card numbers and send that information to someone is also always a scam and finally, you should always be skeptical of someone with whom you have recently established an online romantic relationship who either asks you for money (the most common scam) or asks you to pass on money to a third party as directed by the scammer.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – July 17, 2023 – Mavis is Back! The Lottery Scam Using Her Name Continues
With both the Megabucks and Powerball lotteries recently at tremendous payout amounts it is not surprising that scams using the name of lottery winner Mavis Wanczyk are back although the truth is scams using her name have never gone away in the six years since she won a 758 million dollar Powerball drawing in 2017. Here is a copy of an email that I received recently and, I should add, not from an email address of Mavis Wanczyk.
I’m Mrs. Mavis Wanczyk, the winner of Mega Millions Jackpot, I am donating to 5 random individuals if you have received this email then your email was selected after a spin ball THIS IS YOUR DONATION CODE: RFCJ-13709/2023 Reply with the DONATION CODE to this email: maviswanczyk.0875@gmail.com Regards, Mrs. Mavis L. Wanczyk
TIPS
It is difficult to win a lottery you have entered. It is impossible to win one that you have never entered and neither lottery winners, nor anyone else is sending out messages through the Internet offering free money to anyone who responds with personal information. Never give out personal information that can make you vulnerable to identity theft unless you have absolutely verified that the party requesting the personal information is legitimate and has a legitimate need for the information. Also never pay anything to a lottery claiming you owe fees in order to claim your prize. This is a telltale sign of a scam. No legitimate lottery requires the payment of a fee to collect your winnings or requires you to pay the lottery income taxes on the prize. While income taxes are due on lottery winnings, those taxes are either deducted by the lottery sponsor before giving you your prize or the prize is given to you in full and you are responsible for the payment of any taxes. No lottery collects taxes on behalf of the IRS.
Finally and most importantly, remember neither Mavis Wanczyk nor any other lottery winner is giving away money to strangers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
Scam of the day – July 16, 2023 – California Retirement System Data Breach
The California Public Employees’ Retirement System (CalPERS) and the California State Teachers’ Retirement System (CalSTRS) recently notified hundreds of thousands of California retirees that their personal information was compromised in a major data breach. The compromised information included names, Social Security numbers, dates of birth, and zip codes which is critical information that can easily lead to identity theft. An interesting aspect of this particular data breach is that the computers of CalPERS and CalSTRS were not directly hacked. Instead it was the computers of PBI Research Services which is a company used by both CalPERS and CalSTRS that was hacked through the exploiting of a vulnerability in software used by PBI Research. This type of supply chain attack where cybercriminals attack third party vendors to get at your information is becoming more and more common.
TIPS
If you were a victim of this data breach, here is a link to take you to information as to how to obtain free credit monitoring. https://www.calstrs.com/information-about-pbi-data-security-incident
As I often say, it is not a matter of if your personal information will be compromised in a data breach, but when. You are only as safe and secure as the weakest places that hold your personal information which is why whenever you get an email, text message or phone call in which you are asked to click on a link or provide personal information, you should remember my motto, ‘trust me, you can’t trust anyone.” The risk of clicking on a malware infected link or providing personal information to a scammer or identity thief is too great unless you have absolutely independently confirmed that the communication is legitimate.
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are in the mood to get scared you can go to the free website haveibeenpawned where you can find out what data breaches have affected you personally. https://haveibeenpwned.com/
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – July 15, 2023 – AI Investment Scams
Convicted Ponzi schemer Bernie Madoff who stole 50 billion dollars from unsuspecting victims may be the last person from whom you would accept investing advice, but in fact, his advice, as contained in a 2014 jailhouse interview Madoff gave to the Wall Street Journal is helpful to people hoping to avoid the fate of Madoff’s many victims. With great “chutzpah,” Madoff blamed his victims for their losses. He said that his investors were “sophisticated people” who should have known better. “People asked me all the time, how did I do it. And I refused to tell them, and they still invested. Things have to make sense to you. You should ask good questions.” About this he is correct. No one should ever invest in anything that they do not totally understand.
And this leads us to Artificial Intelligence (AI) which is a term describing sophisticated technologies that enables computers to comprehend and even learn similar to actual human intelligence. AI can be used to create a wide variety of content such as writing stories or music that previously could only be done by humans. It’s capabilities are constantly being touted in news stories and online posts. Scammers are always alert to whatever is capturing the interest of the public and, in this case, scammers are already contacting people falsely claiming they have developed AI programs that can make investment decisions guaranteed to make large profits. In particular, the scammers are tying their AI claims to investments involving cryptocurrencies which many people invest in, but don’t fully understand which is a dangerous combination.
Scammers have actually used AI to create YouTube videos touting cryptocurrency investments showing the CEO of the company persuading people to invest with his company. In this case, however, the CEO doesn’t exist. His image and voice were merely creations of AI.
TIPS
The bottom line is that Bernie Madoff was right about one thing. No one should ever invest in anything without totally understanding the investment and the inherent risks. If you understand cryptocurrencies and still wish to invest in them, that is fine, but all investment decisions should be made only after being properly informed. You may want to check out the SEC’s investor education website at www.investor.gov.
Before investing with anyone, you should also investigate the person offering to sell you the investment with FINRA’s Central Registration Depository. http://www.finra.org/industry/crd This will tell you if the broker is licensed and if there have been disciplinary procedures against him or her. You can also check with your own state’s securities regulation office for similar information. Many investment advisers will not be required to register with the SEC, but are required to register with your individual state securities regulators. You can find your state’s agency by going to the website of the North American Securities Administrators Association.http://www.nasaa.org/2709/how-to-check-out-your-broker-or-investment-adviser/
Here is a link to the SEC’s warning about possible problems you can encounter when investing in Bitcoins or other cryptocurrencies.
https://www.sec.gov/oiea/investor-alerts-bulletins/investoralertsia_bitcoin.html
Finally, YouTube is not the place to go to in order to find investments.
Scam of the day – July 14, 2023 – The Danger of Criminal Identity Theft
Identity theft can take many different forms and one about which most people are unaware is criminal identity theft. Criminal identity theft occurs when someone steals your identity and then commits crimes using your name and Social Security number. The problems encountered by someone whose identity has been stolen by a criminal who then commits crimes in the name of the identity theft victim are tremendous. Victims of criminal identity theft have been arrested for crimes they never committed and often have had difficulty having the crimes, committed by someone who stole their identity, removed from their records. A faulty criminal record can affect your ability to get a job or obtain various benefits.
One noteworthy example occurred in Daytona Beach, Florida in 2019, when Jonah Scott Miller was stopped for a minor motor vehicle violation and when a record check was done, it appeared he had an outstanding arrest warrant for failing to appear in court for a shoplifting charge. Despite Miller’s vehement protests that he had absolutely no criminal record and that they had arrested the wrong man, Miller was jailed overnight before it was determined that someone had stolen Miller’s identity and had committed the crimes using Miller’s name.
TIPS
If you find that you are a victim of criminal identity theft, you should hire a lawyer and contact the police as well as the District Attorney’s office to straighten out the matter. File a report indicating that you are the victim of identity theft. It will be necessary for you to confirm your true identity through photographs and fingerprints. In addition, show law enforcement authorities your driver’s license, passport or any other identification that you might have that contains your photograph.
Get a letter from the District Attorney explaining the situation to have available if you are ever stopped for a traffic violation and your record is checked. A few states have Identity Theft Passport programs through which anyone whose identity has been stolen by someone who uses it to commit crimes can, upon proving their identity, receive an Identity Theft Passport that protects them and confirms their true identity .
Not all states have Identity Theft Passport programs, but even if your state does not have an Identity Theft Passport program, get a letter from the law enforcement agency that arrested the person using your name known as a “clearance letter” which indicates that you have not committed the crimes which were done by the identity thief who used your name. Keep this document with you at all times.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – July 13, 2023 – Phony Tech Support Phone Number Scam
Clever scam artists, the only criminals we refer to as artists, are increasingly setting up phony websites that appear to be for customer service or tech support of many of the companies with which we do business. They also purchase telephone numbers that are a single digit off of the legitimate phone numbers for many companies’ tech support or customer support in order to take advantage of common consumer misdials. Compounding the problem is the fact that many companies, particularly social media companies, do not provide a customer service telephone number to call and speak to a real person about your problem. They only provide online support.
Often the scammers either purchase an ad to put their phony website with their bogus tech support phone number at the top of a search engine search or, if they are sophisticated enough, they are able to manipulate the algorithms used by Google and other search engines to have their phony website with bogus tech support numbers appear high in a search engine search.
TIPS
The best place to look for a telephone number for customer support or tech support is right on your bill or the legitimate website of the company. Even when you do call legitimate tech support or customer service telephone numbers take extra care to make sure that you are dialing correctly and not calling a clever scammer who may have purchased a telephone number that is a digit off of the correct phone number in an attempt to ensnare people who may misdial the number.
Among the social media services that do not provide tech support by phone are Facebook, Instagram, Snapchat and Twitter. Here are links to tech support for those social media services:
Facebook: https://www.facebook.com/help/
Instagram: https://help.instagram.com/
Snapchat: https://support.snapchat.com/en-US
Twitter: https://support.twitter.com/
Here are some tech support phone numbers for popular companies:
Amazon – 888-280-4331 Microsoft – 800-642-7676 Apple – 800-275-2273 Google 650-253-0000 Facebook 650-543-4800 although you won’t reach a real person and the help you receive calling this number is not very helpful
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – July 12, 2023 – Amazon Prime Day Scams
July 12th is the second day of Amazon Prime Day which is odd to say. Amazon really should change the name for the two day event to Amazon Prime Days. Amazon Prime Day is a global promotion of Amazon featuring sales on a variety of items available solely to Amazon Prime members. There is always great interest in Amazon Prime Day and as with everything else that attracts great interest by the public, it also attracts great interest by scammers who are eager to take advantage of people participating in Amazon Prime Day.
The security company McAfee identified a phishing kit specifically tailored for Amazon customers. This kit is called 16Shop and its creator uses the alias DevilScreaM. Following the business model of the creators of much of today’s malware, DevilScreaM makes his or her money by leasing the malware created by him or her on the Dark Web to other less sophisticated cybercriminals. The Dark Web is that part of the Internet where criminals buy and sell good services. The 16Shop malware can be used to create an official looking email that appears to come from one of the major tech companies. This email comes with a PDF attached that appears to be an Amazon log-in page. Anyone who falls for the scam and provides his or her Amazon password and account information will have turned over that information to a scammer who will use it to buy items that will be charged to the credit card of the Amazon account holder.
TIPS
Much of malware including ransomware comes as links in phishing emails or tainted attachments. As a general rule you should never click on links or download attachments that come in emails unless you have absolutely verified that the email is legitimate. You also should never provide personal information in response to an email, text message or phone call unless you have absolutely confirmed that the communication is legitimate.
Phishing emails and more specifically tailored spear phishing emails can often appear quite legitimate initially so it is important to be skeptical. Because Amazon Prime Day is now going on, many people expect emails from Amazon which is even more reason for you to be skeptical. Trust me, you can’t trust anyone. Check the email address of any communication that appears to have come from anyone to make sure that it is the real email address. Many phishing emails come from email addresses that have no relation to the real email address of the company they purport to be while others look very legitimate unless you carefully examine the email.
When going to what purports to be an Amazon page, the URL should begin with “Amazon.com.” To be sure that you are actually on the real Amazon website, you can check the domain name to make sure that it is not a counterfeit by going to the website https://www.whois.com/whois/ where you can type in the domain name and learn who actually owns it. If your Amazon website appears to be owned by someone in Nigeria, for example, you know you have a problem. The security company Check Point recently identified 1,500 counterfeit Amazon websites.
It is also important to remember that you should not use your debit card for anything other than as an ATM card. Use your credit card for online and offline purchases because the law protects you much more from fraudulent purchases than a debit card does. If you do not promptly report misuse of your debit card, you could potentially lose the entire bank account tied to your debit card while the maximum liability for misuse of your credit card is only fifty dollars and most credit card companies don’t even charge you that amount.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in our email address on the tab that states “Sign up for this blog.”
Scam of the day – July 11, 2023 – HCA Healthcare Data Breach
HCA Healthcare, which operates 180 hospitals and healthcare facilities has disclosed that it has suffered a massive data breach in which personal information including names, email addresses and phone numbers of eleven million of its patients was stolen and recently posted on the Dark Web. The good news is that the stolen information does not include credit card numbers or Social Security numbers which can more directly lead to identity theft. However, information such as was compromised in this data breach can readily be used by scammers and identity thieves to formulate effective spear phishing emails and text messages to lure people into clicking on infected links and downloading malware or otherwise falling for a scam that may seem legitimate because the spear phishing scammer is able to tailor the email or text message to actual matters that relate to the targeted victim.
Spear phishing differs from more conventional phishing emails and text messages because they will include your name in the salutation rather than a generic “dear customer” or something similar. They also tailor the message with information that relates to you personally, such as, in the case of the HCA Healthcare data breach, a medical matter.
TIPS
As I often say, it is not a matter of if your personal information will be compromised in a data breach, but when. You are only as safe and secure as the weakest places that hold your personal information which is why whenever you get an email, text message or phone call in which you are asked to click on a link or provide personal information, you should remember my motto, ‘trust me, you can’t trust anyone.” The risk of clicking on a malware infected link or providing personal information to a scammer or identity thief is too great unless you have absolutely independently confirmed that the communication is legitimate.
If you are in the mood to get scared you can go to the free website haveibeenpawned where you can find out what data breaches have affected you personally. https://haveibeenpwned.com/
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – July 10, 2023 – New Income Tax Refund Scam
We are all getting so familiar with scams being communicated by way of phone calls, text messages and emails that it was a little bit surprising to learn of a new scam about which the IRS recently issued a warning that involves an old- fashioned snail mail letter that comes to you in a cardboard envelope that appears to come from the IRS. The letter contains the logo of the IRS although that is very easy to counterfeit. The letter informs you that you have an unclaimed tax refund and asks for you to provide your cellphone number, bank routing information, bank account information and your Social Security number. If you provide this information, you will end up becoming a victim of identity theft as well as having your bank account looted.
The scammers creating this letter apparently are not terribly sophisticated in the use of AI because the letter is filled with improper grammar and punctuation which is a red flag that it is a scam.
TIPS
As I often tell you, whenever you get a phone call, text message or email that purports to be from the IRS, you can be confident that it is a scam because the IRS does not initiate contact with taxpayers by phone, text messages or emails. The IRS, however, does contact people by regular snail mail so it is not unusual to receive a letter from the IRS, however, letters from the IRS will not have improper grammar and punctuation.
In regard to information about any refunds to which you may be entitled, you should go to the IRS website section which will provide you with information about any refunds to which you may be entitled. Here is the link.https://www.irs.gov/refunds
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – July 9, 2023 – FTC Settles Lawsuit Against Extended Car Warranty Scammer
Last April, I told you that the FTC filed lawsuit against American Vehicle Protection Corporation (AVP) accusing it of scamming people with phony, expensive extended car warranties. American Vehicle Protection Corporation (AVP) lied to consumers, telling them that AVP was affiliated with the automobile manufacturers and further lied about the protection provided by their expensive policies. Making matters worse, they also marketed their worthless products through telemarketing calls to people who were registered on the Do Not Call List.
Now that case has been settled with AVP being permanently banned from the automobile warranty business. A 6.5 million dollar penalty was imposed, but all but $500,000 was suspended due to AVP’s inability to pay.
Extended warranty scams have been with us for years. Actually, they are not “extended” warranties at all because if you read the fine print you will notice that although the notice that often comes through a postcard looks official, it is not from either the car manufacturer who issued your original warranty or the car dealer who sold you the car. The warranties themselves vary from scammer to scammer with some of the “extended” warranties being relatively worthless, but with all of them based on misrepresentations.
If you are registered for the Do Not Call list and you do receive a call from a telemarketer attempting to sell you an extended warranty, you can be confident that the call is a scam because no legitimate telemarketer would call you if you are enrolled in the Do Not Call list. It is also important to note that while telemarketing is not, in and of itself, illegal, commercial telemarketing, such as the sale of these “extended warranties” through robocalls is always illegal.
TIPS
In regard to car warranties, it is always a good idea to check with your local auto dealer as to what warranties cover your car. Never trust anything that comes to you by way of an illegal robocall or telemarketing call if you have enrolled in the federal Do Not Call List. Never feel pressured to act immediately when someone calls you on the phone with an unsolicited offer and never give any personal information including your credit card over the phone to someone who calls you because you can never be sure who is actually calling.
Registering for the Do Not Call List is easy and free. Merely go to http://www.donotcall.gov to register your phone number.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/