Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – January 8, 2020 – Ohio Woman Victimized by Publishers Clearing House Scam

Publishers Clearing House, the sponsor of some of the most popular legitimate lotteries in the country no longer limits its contests to one or two a year, but has numerous lotteries each month. Recently there has been an increase in reports of scammers calling people on the telephone and telling them that they have won one of the Publishers Clearing House lotteries, but that they have to pay fees or taxes before being able to claim their prize.  In addition there are reports of targeted victims receiving phony notifications by regular mail that they have won a Publishers Clearing House lottery, but that again they must pay fees or taxes before being able to receive their prize.  Recently, Larenda Jackson of Cincinnati, Ohio became a victim of another variation of the Publishers Clearing House scam in which she lost $5,000.  The scam began with a letter she received that appeared to be a notification from Publishers Clearing House that she had won three million dollars.  The letter included a check for $6,000 to cover costs involved in her claiming her prize including $5,000 for attorneys fees.  She was directed to deposit the check into her bank account and wire $5,000 to the designated attorneys.   The letter also explained that she would be receiving her three million dollars in a few weeks.  Thinking she was acting prudently, Ms. Jackson waited a few days until she thought the check had cleared before wiring the $5,000.  Unfortunately, the check had not cleared and she had only received what is referred to as “provisional credit.”  Provisional credit is only temporary and is given after a few days, but is rescinded once a check bounces.  Whenever you receive a check, wait for your bank to tell you that the check has fully cleared before you consider the funds as actually being in your account. Thinking that the $6,000 check to her had cleared, Ms. Jackson wired $5,000 from her account to the scammers and because the check given to her by the scammers bounced, the entire $5,000 she wired came out of her own funds in her bank account and are lost forever.

It is hard to win any lottery. It is impossible to win one that you have not even entered and yet scam artists have found that it is extremely lucrative to scam people by convincing them that they have won various lotteries. With so many people entered into the Publishers Clearing House lotteries, it is easier for scammers to convince people that they have won.

Most lottery scams involve the victim being told that they need to pay taxes or administrative fees directly to the lottery sponsor; however no legitimate lottery requires you to do so.  As with many effective scams, the pitch of the scammer seems legitimate. Income taxes are due on lottery winnings, but with legitimate lotteries they are either deducted from the lottery winnings before you receive your prize or you are responsible for paying the taxes directly to the IRS. No legitimate lottery collects taxes on behalf of the IRS from lottery winners.  Other times, the scammer tell the “winners” that in order to collect their prizes, they need to pay administrative fees. Often, the victims are told to send the fees back to the scammer by prepaid gift cards or Green Dot MoneyPak cards. Prepaid cards are a favorite of scammers because they are the equivalent of sending cash. They are impossible to stop or trace. Again, no legitimate lottery requires you to pay administrative fees in order to claim your prize.

TIPS

Fortunately, there is an easy way to know, when you are contacted by Publishers Clearing House by phone, email or text message informing you that you have won one of its major multi-million dollar prizes, whether you have been contacted by the real Publishers Clearing House. Publishers Clearing House only contacts major prize winners in person or by regular mail.  They do not contact winners by phone, email or text message so if you do receive a notification of your winning one of their major multi-million dollar prizes by those means of communication you know it is a scam.   In addition, no winners of the Publishers Clearinghouse sweepstakes are ever required to make a payment of any kind to claim their prize so if you are notified by regular mail , as was the case with Larenda Jackson, that you have won, but are required to make any kind of payment before you can claim your prize, you can be sure that it is a scam.  As for other lotteries, remember, you can’t win a lottery you haven’t entered and no legitimate lottery asks you to pay them administrative fees or taxes.

Even if the Caller ID on your phone indicates the call is actually from Publishers Clearing House, it is very easy for a scammer to use a technique called “spoofing” to make it appear that the call is coming from Publishers Clearing House rather than the scammer who is really making the call. Trust me, you can’t trust anyone.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 7, 2020 – Apple Tech Support Robocall Scam

Tech support scams in which consumers are tricked by scammers into believing there is a problem with their computers that require the expensive services of the scammers is a major problem.  Tech support scams are increasingly common and victimize consumers 60 years or older about five times more than people between the ages of 20 and 59 according to the Federal Trade Commission (FTC).   While often these scams start with a popup on your screen that informs you that a tech company with which you do business has found a problem with your computer, they also can originate with a phone call.  The FTC has taken action against telemarketers who convince consumers to provide access to their computers to the scammers who would then purport to run diagnostic tests.  These diagnostic tests were totally bogus and always resulted in the consumer being told that he or she needed computer repair as well as antivirus software and services that would be provided at a high cost.

Recently a Scamicide reader received a robocall from a scammer posing as an Apple employee.  In the call, the scammer indicated that technical problems had been discovered by Apple that needed to be corrected and provided a telephone number for the targeted victim to call to fix the problem.  Of course, this is a scam even though the call appeared on the targeted victim’s Caller ID as coming from Apple.  Through a technique called spoofing, the scammers are able to manipulate your Caller ID to make it appear as if the call is legitimate when it is not.  Fortunately, the Scamicide reader recognized the telltale signs of a scam and did not call the number from the robocall, but instead called Apple where she was told that Apple never makes such calls and that it was a scam.

TIPS

Providing remote access to anyone to your computer can lead to a myriad of problems including identity theft and the downloading of ransomware.  Neither AOL, Yahoo, Apple, Microsoft or any of the other tech companies ever  ask for remote access to your computer to fix problems.  The most common tech support scams start with popups on your computer that provide notices of security problems that contain telephone numbers for you to call to fix the problem,   Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided. If your screen freezes, all you need to do is just turn off your computer and restart it. If you are concerned that you may be experiencing a real security problem you can contact tech support at the real tech companies directly by phone or by email using the phone number and email addresses you find on their respective websites.

Tech companies do not use robocalls such as this to contact their customers so if you receive one, you can be sure that it is a scam.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 6, 2020 – Mariah Carey’s Twitter Account Hacked

Last week hackers took over the Twitter account of singer Mariah Carey and sent out sexually explicit messages to her 21.4 million followers that appeared to come from Carey.  After several hours her Twitter account was secured.  I reported to you in September aboutTwitter CEO Jack Dorsey’s own Twitter account was hacked.   I have reported to you in the past about numerous celebrities whose Twitter accounts were hacked and almost always it was because they failed to use dual factor authentication. More and more companies such as Facebook, Instagram, Twitter, Google, Tumblr, Yahoo, WhatsApp and others use dual factor authentication  which most commonly works such that when your password is used to access your account, a special code is sent to your smartphone that must be used in order to complete access to the account. This provides dramatically enhanced security. Whenever you are able to use dual factor authentication for a particular website, account or app, you should take advantage of this.  Some dual factor authentication protocols do not require it to be used when you are accessing the account from the computer or smartphone that you usually use, but only if the request to access the account comes from a different device. Although we do not know if Mariah Carey’s account was protected by dual factor authentication, in the case of Jack Dorsey, he used dual factor authentication, however, it was able to be bypassed because the hackers gained access to his account by taking over his phone through SIM card swapping.  SIM card swapping is a major problem.  A Subscriber Identity Module, more commonly known as a SIM card, is an integrated circuit that stores information used to authenticate subscribers on mobile devices, such as a cell phone.  The SIM card can be transferred between different devices, and often is, when people update into a newer cell phone.  As more and more financial transactions, such as online banking, are now done through cell phones, identity thieves with access to their victims’ SIM cards are also increasingly becoming able to intercept security codes sent by text messages for online banking as part of dual factor authentication and thereby providing the identity thief with the opportunity to empty their victims’ bank accounts and cause other financial havoc.

Porting is the name for the crime where someone convinces your phone carrier to transfer your SIM card to a phone controlled by the criminal.  They often do this by answering security questions after gathering information about you. To prevent someone from stealing access to your phone through porting, you should have a PIN added to your account so that no one can call your cell phone provider posing as you and ask to have your SIM card transferred.  If Jack Dorsey had done this, his account would have been secure.

TIPS

The first step to protecting your Twitter account from being hacked is to set up dual factor authentication.  Here is the link to information about setting up dual factor authentication for your Twitter account. https://help.twitter.com/en/managing-your-account/two-factor-authentication

The best thing you can do to  protect your SIM card from porting is to set up a PIN or password to be used for access to your mobile service provider account. This will help prevent a criminal from calling your carrier posing as you and convincing your mobile carrier to swap your SIM card to the criminal’s phone merely by providing personal identifying information or answering a security question.

AT&T will allow you to set up a passcode for your account that is different from the password that you use to log into your account online.   Without this passcode, AT&T will not swap your SIM card.   Here is a link with instructions as to how to set up the passcode. https://www.att.com/esupport/article.html#!/wireless/KM1051397?gsi=9bi24i

Verizon enables customers to set up a PIN or password to be used for purposes of authentication when they contact a call center.  Here is a link with information and instructions for setting up a PIN with Verizon.  https://www.verizonwireless.com/support/account-pin-faqs/

T-Mobile will allow you to set up a passcode that is different from the one you use to access your account online.  This new passcode is used when changes to your account are attempted to be made such as swapping a SIM card.  This code will not only protect you from criminals attempting to call T-Mobile and swap your SIM card, but will also prevent someone with a fake ID from making changes to your account at a T-Mobile store.  Here is a link to information and instructions for adding a new passcode to your account. https://www.t-mobile.com/customers/secure

Sprint customers can establish a PIN that must be provided when doing a SIM swap, in addition to merely answering a security question, the answer to which may be able to be learned by a clever identity thief.  Here is a link to information about adding a PIN to your Sprint account. https://www.sprint.com/en/support/solutions/account-and-billing/update-your-pin-and-security-questions-on-sprint-com.html  

You also may want to consider protecting your dual factor authentication from being threatened by a SIM swap by using a dual factor authentication app such as Google Authenticator which is not tied to your cell phone.  Here is a link with more information about Google Authenticator.  https://support.google.com/accounts/answer/1066447?hl=en&ref_topic=2954345

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 5, 2020 – Another Wells Fargo Phishing Email

Here is another good example of a phishing email that is presently being circulated. It was sent to me by a Scamicide reader who received it.  It makes for compelling reading, but it is a scam.  Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.  Copied below is a new phishing email  presently being sent to unsuspecting people that appears to come from Wells Fargo.  This particular one came without a Wells Fargo logo and was sent from an email address that had no relationship to Wells Fargo which are indications it is a scam.

Here is the email.

“Wells Fergo. Alerts! <rattghx76r@knology.net>
To:Recipients
Dear Customer,
We appreciate the opportunity to serve your online needs.
Our records show an Unusual Account Activity such as invalid login attempts into your online and eMail.
Please download the attach file below fill out all the requested details to complete this verification process.
*****************************
If you have questions, Wells Fargo, Online Customer Service is available 24 hours a day, 7 days a
©2019 Thanks You Wells Fargo, Online Customer Service Team”

TIPS

An indication that this is a phishing email is that the email address from which it was sent had nothing to do with Wells Fargo but most likely was sent from a computer that was part of a botnet of computers hacked into and controlled remotely by the scammer.  In addition, legitimate emails from your bank would include the last four digits of your account and include your name in the salutation rather than the generic “Dear Customer” of this phishing email.   Often such phishing emails originate in countries where English is not the primary language and the spelling and grammar are poor. This email contains a couple of grammatical errors.  Obviously, if you are not a Wells Fargo customer, you will recognize immediately that this is a scam.

As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call your bank or other institution from which the email purports to originate at a telephone number that you know is accurate and you will be able to confirm that it is a scam.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 4, 2020 – Annual Report of the Do-Not Call Registry

Since it began in 2003, the National Do Not Call list has grown to include  more than 239 million phone numbers.  When you register your phone number with the Do Not Call list it becomes illegal for telemarketers to contact you by phone.  The Do Not Call list does not apply to charities so you still may be contacted by charities even if you have registered for the Do Not Call list. However, when you receive a call from someone purporting to be representing a charity, you can never be sure who is really calling so you should never give your credit card number to someone who calls you allegedly from a charity. If you are interested in a particular charity, contact the charity directly to make your contribution.

If you are registered for the Do Not Call list and you do receive a call from a telemarketer, you can be confident that the call is a scam because no legitimate telemarketer would call you if you are enrolled in the Do Not Call list. It is also important to note that while telemarketing is not in and of itself illegal, telemarketing through robocalls is always illegal.   Registering for the Do Not Call list will not stop robocalls. Illegal automated robocalls continue to be a major source of complaint for many people with the most common subjects of illegal robocalls being debt reduction, vacation and timeshares and warranty plans.  Recently Congress passed a new law intended to reduce robocalls, but the new legislation is not expected to totally resolve the problem.

Each year, the Federal Trade Commission issues an annual report for the Do Not Call List and this year’s report for 2019, the previous year, shows the greatest number of scam robocalls involve reducing debt scams, medical and prescription scams and impostor scams, such as calls in which the caller pretends to be an IRS employee.  Here is a link to data from that annual report. https://www.ftc.gov/system/files/documents/reports/national-do-not-call-registry-data-book-fiscal-year-2019/dnc_data_book_2019.pdf?utm_source=govdelivery

The FTC is reporting that people are now receiving emails informing them that their registration in the Do Not Call list is expiring and that they have to register their phone numbers again. They are then directed to a phony website that gathers information that can be used for purposes of identity theft. The important thing to know is that you never have to reregister your phone number with the Do Not Call list. Once you have registered a number it is permanently on the Do Not Call list until the number is disconnected or you ask for your number to be removed.

TIPS
Registering for the do not call list is easy and free.  Merely go to www.donotcall.gov to register your phone number.

Verizon has recently implemented new services to help its customers avoid illegal robocalls.  The new Call Filter service offers spam alerts and new protections from robocalls for its wireless customers.  Customers will receive alerts when a call is most likely a scam.  The new Call Filter service will also automatically block robocalls based of the customer’s preferred risk level.  The Call Filter service is offered in a free version and an enhanced version that among other things will enable customers to create a personal robocall block list.  For more information about the Call Filter Services and how to sign up go to https://www.verizonwireless.com/solutions-and-services/call-filter/

There are a number of other options for preventing robocalls including a number of apps that for free or a small fee will  reduce and in some instances prevent robocalls.
Samsung’s SmartCall informs you if the call you are receiving is from a known robocaller. This feature is available with newer Samsung Galaxy phones. Here is a link to information about SmartCall and instructions as to how to activate this app.
http://www.samsung.com/levant/apps/smart-call/

Google also has a spam blocker that will warn you when you are receiving a robocall and your screen will turn red. Here is a link to information about the app and how to install it.
https://play.google.com/store/apps/details?id=com.google.android.dialer&hl=en

AT&T also offers free apps to block robocalls on iPhones and Android phones. Here is a link to information about these apps.
https://www.att.com/features/security-apps.html?partner=LinkShare&siteId=TnL5HPStwNw-yrUS1uDw9WGvN._xt67yew&source=ECay0000000CEL00O

Verizon’s CallerName ID is a free service for iPhones and Android phones that will alert you to suspected robocallers. Here is a link to Verizon’s app.
https://www.verizonwireless.com/solutions-and-services/caller-name-id/

T-Mobile offers a free scam blocker of known robocallers for Android phones which you can activate by merely dialing #662#

Sprint offers a paid service to protect your iPhone or Android phone from robocalls. For more information, use this link
http://explore.t-mobile.com/callprotection

For landlines as well as smartphones there are a number of apps such as Nomorobo, Truecaller, Hiya, RoboKiller and YouMail that offer robocall blocking for free or for small monthly charges. Here is a link to those apps. I have used Nomorobo for years and find it to be tremendously useful

https://www.nomorobo.com/
https://www.truecaller.com/
https://hiya.com/
https://www.robokiller.com/
https://play.google.com/store/apps/details?id=com.youmail.android.vvm&hl=en_US                                                                                                                                                                        https://www.youmail.com/home/apps

Finally, you can just choose to ignore any calls that come from numbers you do not recognize.   This is a good option.  If they are legitimate calls, they will leave a message and you can call them back.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 3, 2020 – Wawa Data Breach Class Action Filed

In the December 22, 2019 Scam of the day, I informed you about the massive data breach suffered by Wawa,  a convenience store chain of more than 850 stores around the country.  Wawa  had recently disclosed that it had suffered a data breach that went undiscovered for nine months in which credit and debit card numbers, card expiration dates and cardholders’ names were stolen by hackers.  In response to the data breach, the CEO of Wawa issued a detailed letter to affected customers in which you can find the information to activate free credit monitoring offered by Wawa.   Here is a link to that letter.  https://www.wawa.com/alerts/data-security

Now a lawsuit seeking class action status has been filed on behalf of affected Wawa customers by the law firm of Chimicles, Schwartz, Kriner & Donaldson-Smith who allege in their lawsuit that the data breach was the result of Wawa’s “inadequate data security measures and cavalier approach to data security.”  If you shopped at a Wawa store during 2019 you may wish to consider joining the class action.  Here is a link to the law firm’s website with information about the class action.  https://chimicles.com/wawa-data-breach-class-action-investigation/

TIPS

This data breach is a lesson to us all to carefully monitor our credit card statements for indication of fraudulent use.  If you find that your card has been used by a hacker, you should immediately report it to your credit card company.  While federal law allows credit card companies to hold you responsible for fraudulent charges on your credit card to a maximum of $50, I have never heard of a credit card company that ever held a customer responsible for any amount of fraudulent charges promptly reported.  This is a good time to remind you to also refrain from ever using your debit card for anything other than an ATM card because the laws do not protect you from fraudulent use of your credit card to the extent that you are protected when using your credit card.  Potentially you risk losing the entire bank account tied to your debit card if you do not promptly report any fraudulent use.

This is also a good time if you have not yet frozen your credit reports with each of the three major credit reporting agencies, Equifax, Experian and TransUnion, to do so now to protect yourself from possible identity theft. it is free and easy to do.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
https://www.transunion.com/credit-freeze/place-credit-freeze
https://www.experian.com/freeze/center.html

If you have not enrolled in an identity theft protection service, this data breach is also a good reminder to us all to consider signing up for one.  I have looked into many of these services and have given my endorsement to Identron, which I believe provides the best overall identity theft protection services including credit monitoring and much more.  Here is a link to Identron https://www.identron.com/partner/steven-j-j-weisman-esq/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 2, 2020 – Federal Express Phishing Email

Shown below is a copy of an email recently received by a Scamicide reader that purports to be from Federal Express urging the email recipient to click on a link to the oddly worded “message with the required information” without any indication as to to what the “required information” relates.  This is just another clever, legitimate appearing phishing email attempting to lure you into clicking on the link.  DO NOT CLICK ON THE LINK.  Clicking on the link either in a similar email that you might receive or the one shown below  would either take you to another legitimate looking page where you would be prompted to input personal information that would be used to make you a victim of identity theft or would download on to your computer a keystroke logging program that will steal all of the information from your computer including passwords, credit card numbers, your Social Security number and other personal information that would be used to make you a victim of identity theft.   Phishing emails like this are also used to trick people into unwittingly downloading ransomware. If you look closely at the email, you will note that even though it has the Federal Express logo and looks quite official, there are a number of tip offs that this is indeed a phishing scam.  What is not shown on the email as copied below is that it is sent from an address that is not that of Federal Express.  The email of the sender is that of a private individual who, most likely, had his or her email account hacked and used as a part of a botnet to send out these types of phishing emails.  The email also never refers to the recipient by name.  It is also important not to click on the “unsubscribe” link because that too may be loaded with malware.

FedEx Express
We have sent you a message with the required information.
Click here to open this email in your browser.
Thanks for choosing FedEx®.
More details
This message was sent to **************. Please click unsubscribe if you don’t want to receive these messages from FedEx Express in the future.
©2019 FedEx. The content of this message is protected by copyright and trademark laws under U.S. and international law.
Review our privacy policy. All rights reserved
TIPS
If you receive on any email from a company that asks you to click on a link, you should hesitate to do so, particularly if it appears bogus as this one does. Never click on any link in an email or text message until you have confirmed that it is legitimate.  Also, although it is important to have security software on all of your electronic devices, you can’t totally rely on your security software to protect you from the latest forms of zero-day defect malware for which there has not yet been issued a security update.   If you have the slightest thought an email or text message asking you to click on a link may be legitimate, rather than click on the link, go to the website of the company, which in this case is www.fedex.com or call them directly at 1-800-463-3339.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 1, 2020 – Device Activation Scams

Over the holidays many people received digital assistants such as Google Home or Alexa as well as other devices that are part of the ever-increasing Internet of Things which are devices connected to the Internet for our convenience.  These devices must be activated in order to be used and that is where the scam comes in.  In many instances, people attempting to call the company for assistance in activating the device end up calling fake tech support or customer service numbers that have been set up by scammers who manage to manipulate the algorithms used by Google and other searches to have their phone number or phony website appear in the first position in a search.  If you call the number provided or go to the counterfeit website, you will be lured into paying a charge of anywhere from $80 to $100 to activate your new device, but actually all that you have achieved is making a payment to a scammer and providing the scammer with your credit card number.  Clever scam artists, the only criminals we refer to as artists are increasingly setting up phony websites that appear to be for customer service or tech support of many of the companies with which we do business or purchasing telephone numbers that are a single digit off of the legitimate phone numbers for many companies’ tech support or customer support in order to take advantage of common consumer misdials.

TIPS
The best place to look for a telephone number for customer support or tech support is on the instruction booklet that may come with your device or the legitimate website for the company.  When calling, take extra care to make sure that you are dialing correctly so you don’t end up talking to a scammer.

It is also important to remember that no company that provides Internet of Things devices charges anything to activate your device.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 31, 2019 – Bank Text Message Scam

Phony text messages purporting to be from your bank or credit card company is a scam about which I have been warning you for more than six years, but appears to be a scam that is dramatically increasing.  Recently, on its Facebook page,  M&T Bank issued the following warning about its customers receiving phony text messages that appear to come from the bank.  Victims of the scam are lured by the phony text messages into believing there is a problem with their accounts and lure into providing personal information used to make them victims of identity theft.

 

We have recently seen an increase in cases of phishing – fraudulent attempts to lure you into sharing financial or personal information through text, phone or email messages. Please know that M&T Bank will not call or send email or text messages requesting customer login credentials, PINs, passwords or personal information.  If you think you received a fraudulent message, please delete it or forward the email to phishing@mtb.com. Do not click on links or open attachments within the message.

To learn more about how you can protect yourself from scams, visit mtb.com.

 

Phony text messages like this can be particularly problematic if you have signed up to receive text message alerts from your bank. Whenever you receive a text message you can never be sure who is really sending it to you, so you should never call a telephone number indicated in the text message, provide information or click on links in such text messages which may either download ransomware malware on to your phone or keystroke logging malware that can lead to your becoming a victim of identity theft.  The best course of action when you receive such a text message, if you have a concern that it may be legitimate, is to merely independently contact your bank to determine whether or not the text message was a scam, but be careful that you do not misdial the telephone number of your bank as some scammers purchase phone numbers similar to those of legitimate banks and credit card companies hoping that they will receive calls from unwary consumers who may have merely misdialed the telephone number of their bank or credit card company.

TIPS

Regardless of how official such a text message may appear, you should never provide personal information to anyone in response to a telephone call, email or text message because in none of those situations can you be sure that the person contacting you is legitimate.  If you do receive a communication from a bank, government agency or any other person or entity that you think might have a legitimate need for personal information from you, you should call the real entity at a telephone number that you know is legitimate in order to ascertain the truth.  Banks do not call, text or email their customers asking for personal information.  You should always be skeptical of anyone asking for such information.  Of course, if you receive a text message that appears to come from a bank at which you do not have an account, you can be confident it is a scam. If the email provides for you to respond to stop future texts, don’t do it. Sending such a message to a scammer merely alerts them to the fact that yours is an active phone number. Finally, although today’s Scam of the day focuses on phony bank text messages, it is a good idea to sign up to receive text alerts from your bank which can be customized for your own particular needs. Legitimate text alerts from your bank will never solicit personal information from you.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – December 30, 2019 – Jury Duty Scam

I have been warning you about the jury duty scam for seven years, but it continues to snare many unwary victims. Recently, the Sheriff of Oakland County, Michigan issued a warning about this scam and there have been increasing reports of this scam being perpetrated throughout the country.The scam starts with a telephone call that you receive purportedly from a law enforcement officer informing you that you have failed to appear for jury duty and that a warrant has been issued for your arrest.  You are told, however, that you can avoid arrest and greater fines by paying a fine through a wire transfer, gift card, credit card or even iTunes card.  Of course, the phone call is a scam.  Even if you have missed jury duty, you will never be called by legitimate court officers and shaken down for a payment. An FBI warning last year about this scam noted that often the scammers will use a technique called “spoofing” to make the call appear on your Caller ID as if it is coming from a legitimate law enforcement agency or court.

In another variation of the jury duty scam, when you respond that you have not missed jury duty, you are asked to provide your Social Security number for verification of your identity.  In this case, the scammer is seeking your Social Security number to make you a victim of identity theft.

TIPS
Initial contacts from courts regarding jury duty are always in writing through the mail although some systems will permit you to receive future notices through email.  Under no circumstances will you receive telephone calls or text messages indicating that you have failed to report for jury duty.  No court will demand payment over the phone for failing to appear for jury duty and they will not ask for your Social Security number.  If you do receive such a call and you think that there is even the possibility that you might have forgotten to report for jury duty, merely call the local clerk of courts in order to  get accurate information. Of course anyone calling you and telling you that you can pay your fine to them over the phone  is a scammer.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”

  • Categories