Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – June 27, 2022 – Watch Out for Delivery Scams

Ever since the start of the pandemic, deliveries by UPS, Federal Express, Amazon of online purchases have become part of every day life and even now, as the pandemic is waning, many of us still find the convenience of online shopping very attractive.  Scammers are always taking advantage of whatever is popular with people so it is not surprising that there are many scams related to deliveries following online purchases.  I have written about many of these, but there are always new ones popping up.

Many people are reporting receiving text messages that appear to come from UPS or Federal Express indicating that it is necessary for you to update your delivery preferences.  In order to do so you are asked to click on a link and provide personal information.  Unfortunately, if you click on the link one of two things will happen.  Either you will be taken to a page where you provide your personal information to a criminal who will use the information to make you a victim of identity theft or you will download dangerous malware, such as ransomware, merely by clicking on the link.

TIPS
If you receive an email  or text message from a company that asks you to click on a link or download an attachment, you should hesitate to do so, particularly if it appears bogus.  Never click on any link in an email or text message until you have confirmed that it is legitimate.
As for phone calls, it is important to remember that through a technique called “spoofing,” scammers can make a phone call appear to come from any telephone number that they wish.
Also, although it is important to have security software on all of your electronic devices, you can’t totally rely on your security software to protect you from the latest forms of zero-day defect malware for which there has not yet been issued a security update.
If you have the slightest thought that an email or text message asking you to click on a link may be legitimate, rather than click on the link, go to the website of the company, which in the case of Federal Express is www.fedex.com or call them directly at 1-800-463-3339.  Also, if you wish to track a Federal Express delivery go directly to the website of Federal Express rather than click on any link in an email or text message that purports to take you to the Federal Express website.  Similarly, you can do the same for other delivery services.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – June 26, 2022 – Amazon Phone Call Scam

A famous bank robber was once asked why he robbed banks to which he responded, “because that is where the money is” which is why it is not surprising that scammers have used Amazon as the basis for a wide variety of scams due to so many people buying products through Amazon which reached record levels during the pandemic.

One Amazon related scam starts with an automated phone call that tells you that a purchase has been made on your Amazon account that appears to be fraudulent.  You are then prompted to press 1 on your phone to speak with an Amazon representative to discuss the apparent fraudulent charge on your account.  If you fall for the scam and press 1 to speak with an Amazon representative, you will actually be speaking with a scammer posing as an Amazon representative who will ask you to confirm the credit card number attached to your Amazon account.  Anyone providing that information will soon become a victim of identity theft and credit card fraud.

TIPS

If there is an issue with your Amazon account, Amazon will not call you on the phone.  Instead they will send you an email with your name and account number specifically included in the email.    Even if your Caller ID indicates that the call is from Amazon, you can’t trust it because through a technique called spoofing, scammers can manipulate your Caller ID to make their call to appear legitimate.  If you have a question about your Amazon account, you can either contact them through their website at https://www.amazon.com/gp/help/customer/display.html or call them at 1 (888) 280-4331.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.”  Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – June 25, 2022 – Trojan Subscribers Can Cost You Money

In Homer’s Odyssey, the Trojan horse hid soldiers that when brought through the gates and into the city of Troy led to the fall of Troy.  Trojan subscribers are malware hidden within legitimate apps that while they won’t lead to the downfall of a city can cost the victims of a Trojan subscriber a lot of money.

Trojan subscribers are malicious code that cybercriminals add to legitimate apps and then upload them to app stores under a different name.  The apps can be for a variety of purposes, such as monitoring blood pressure or scanning documents.  When someone downloads one of these infected apps, he or she doesn’t realize that the Trojan subscriber will automatically subscribe to a paid service without the person who downloaded the app being aware of it.

Generally, the cybercriminals who create and use Trojan subscribers get paid a commission on each new subscription to a paid service.

There have been a number of different Trojan subscribers found during the past year including the Jocker Trojan subscriber, the MobOk Trojan subscriber, the Vesub Trpjan subscriber and the GriftHorse.ae Trojan subscribers.  While they all work slightly differently they all manage to effectively sign up their victims to unwanted and costly subscription services.

Google Play and other app stores try to identify apps with Trojan subscribers, but as soon as they take one down, another pops up.  In other instances, Trojan subscribers are found in apps that are not allowed on the regular official app stores.

TIPS

So what can you do to protect yourself from Trojan subscribers?

First and foremost, don’t install apps from unofficial sources.  The risk is far too great that you will be downloading malware.  However, even if you stick to legitimate sources for your apps such as Google Play, you must recognize that getting your app from a legitimate source does not guarantee that the app is malware-free.

Always check out the reviews and ratings of particular apps before you download them.  Also, the longer an app has appeared on a legitimate source such as Google Play, the better the chance that it has been properly vetted and does not contain any malware.  Therefore be a bit wary of apps that have only recently appeared on a legitimate app store.

Another good policy to follow when you download apps is to give the apps only the minimal access to your device that is needed to perform properly.

Finally, make sure that you have installed strong security software on your cellphone and keep it updated with the latest security updates and patches as they become available to protect you from not only Trojan subscribers, but also other threats as well.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – June 24, 2022 – The Danger of Facebook Farming

Many of you may not be familiar with the term “Facebook farming”, but  we have all seen Facebook postings urging us to click that we “like” them.  Sometimes it is an emotional appeal to show support for a sick child.  Sometimes it is to show support for a political message. Often what appears to be a  familiar company promises a chance at a substantial prize merely for liking or sharing a post.

While some of the postings described above urging people to click on links or share the posting are legitimate, unfortunately often they are not.  Often they are done to take advantage of Facebook’s algorithms that value the popularity measured by likes and shares which causes the posts to appear on the Facebook pages of more people.  Although the original content liked or shared may appear sincere or entertaining, the scammers who use this technique, which is called “farming,” then are able to change the content of the post to something entirely different from what was originally shared or liked.  This is done for purposes of sending advertising or gathering marketing information, but, at its worst, it  also can be used to send malware infected content such as keystroke logging malware that can steal personal information from your computer and use it to make you a victim of identity theft.

TIPS

So what should you do?

Posts that promise some sort of prize for sharing or liking their post are most likely scams. If you think that the posting of a company offering a contest might be legitimate, you should go to the company’s website to find out if indeed it is legitimate or not.

As for the other farming scams, you may wish to be a bit skeptical before automatically sharing or liking a post. You may wish to even do a little research yourself to find out if the posting is legitimate.   A 2007 photo of a seven year old Pennsylvania girl with Stage IV cancer posing in her cheerleading uniform has been used numerous times for Facebook farming.  Today that girl is a cancer free young woman whose family is understandably outraged that their daughter’s photograph has been abused by scammers through Facebook farming.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – June 23, 2022 – The Danger of Spam Text Messages

While spam text messages may seem like merely an irritating inconvenience, they also pose a significant threat if you do not respond properly.  Spam text messages that come in on your phone most likely did not even come from another phone, but more likely from a computer using an instant messaging account or even an email address.

The key to avoiding problems is to not respond to the spam text message.  Responding in any way confirms to the spammer that your cell phone number is a legitimate one and by responding you will have opened the door to a barrage of more spam text messages.

The goal of many spam text messages is to get you to click on links or provide personal information asked for under a variety of pretenses.  Never click on any link in a text message or an email unless you have absolutely confirmed that the message is legitimate.  The risk of downloading harmful malware is too great.  Whenever you get an email or a text message, you can never be sure who is really sending it so even if it appears legitimate, you should not provide personal information that can be used to make you a victim of identity theft.

TIPS

If you think that a text message requesting personal information is really coming from your bank or some other legitimate sender, you still shouldn’t click on any links or provide any information in response to the text message.  Rather you should contact your bank or other legitimate source appearing to send the text message at a phone number that you know is legitimate and not one found in the text message.

Examine your cell phone bill regularly to make sure that you are not charged for any spam text messages and if one or more appear, notify your carrier to remove the charge.

You also should block the sender of the spam text messages.  On your Android phone go the three dots at the top right corner of the text.  Click on it.  Select “People” and then “Options” and finally “Block.”  For iPhones click on the “i” at the top right corner of the text and then click on the number and select “Block.”

Finally, you should report the spam text message to your cell phone carrier.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”

Scam of the day – June 22, 2022 – How to Recognize a Scam Before it is Too Late

Scam artists, the only criminals we refer to as artists have a knowledge of psychology that Freud would have envied.  They know how to appeal to every human emotion to lure us into becoming a scam victim.  Scam artists can adapt their art to paint whatever picture they sense will make us vulnerable to their con.  They know how to appeal to our own particular weaknesses and psychological makeup.

They appeal to whatever works.  They construct a network of “people like us” whom we trust; they trumpet legitimate and impressive-sounding business connections; they appeal to our fears; they appeal to our friendship; they appeal to our optimism; they appeal to our desire for quick and easy solutions to life’s problems;  they appeal to our generosity; and they appeal to our greed.

Some scams can be so sophisticated that they can be hard to recognize, so how can you identify a scam before it is too late?

TIPS

One of the best ways of determining if you are involved with a scam is how the scammer requests payment.

If they ask for payment through a gift card, it is definitely a scam.  No legitimate business transaction asks for payment by gift cards.  No governmental agency accepts gift cards as payments.

If they send you a check for more than what is owed you and ask you under a variety of different pretexts to deposit the check and wire the excess money back to them, it is a scam.  The overpayment check scam is used in many different scams, but it always ends up with the victim depositing the legitimate appearing check, getting provisional credit in the victim’s account, wiring money from the account and then having the counterfeit check bounce, the provisional credit rescinded and the money wired from the victim’s own funds in the account gone forever.

If they require payment by a wire from Western Union or other similar companies it is also a red flag that you are dealing with a scam.  Wired payments are quick and easy for the scammer to maintain his or her anonymity.

If they ask you to go to a Cryptocurrency ATM and buy cryptocurrency and use a QR code to send it to the scammer’s account, it is a scam.

If they demand Zelle or Venmo for a business transaction, it is a scam.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – June 21, 2022 – Political Phone Call Scams

The midterm elections are five months away and candidates around the country are actively fund raising.  Scammers are taking advantage of the public’s interest in the  elections to make robocalls in which they pose as candidates asking for donations.  This particular scam can easily seem legitimate. Caller ID can be tricked through a technique called “spoofing” to make it appear to your Caller ID as if the call is coming from a candidate or some political organization and recordings of the candidate can also be incorporated into the call to make the call appear more legitimate.

Even more significantly, calls from political candidates and other political calls are exempt from the federal Do-Not-Call List, so it would be legal for you to get a call from a politician or political group seeking donations even if you are enrolled in the Do-Not-Call List.

So how do you protect yourself from being scammed?

TIPS

Whenever you receive a telephone call, you can never be sure as to who is really contacting you, so you should never give personal or financial information to anyone over the phone whom you have not called.

If you do wish to contribute to a political campaign, the best way to do this is by going to the candidate’s official website and make your contribution.  Even then, make sure that when you are giving your donation online that the website address begins with https instead of just http.  Https indicates that your communication is being encrypted for better security.  If you are being asked to contribute to a political organization rather than a candidate, you should definitely do your research to determine the legitimacy of the organization before making a donation.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – June 20, 2022 – Why You Should Keep Your Cell Phone Number Private

Sometimes we are our own worst enemy when it comes to posting too much personal information on social media that can be leveraged by a criminal for purposes of identity theft.  During the earlier days of the pandemic many people posted photos of their vaccination cards on social media showing their date of birth.  Your birthdate is a significant piece of information that, in the wrong hands can lead to identity theft.

Identity thieves use legal and illegal online sources to gather their victims’ personal information, such as their Social Security number, address, and date of birth and use that information for purposes of identity theft which is a significant threat to everyone.  One important piece of information that many people don’t realize should be kept as private as possible is their cell phone number.  These days your cell phone number is tied to so much of what we do.

When a criminal knows your cell phone number, he or she can leverage that number through commonly available legal databases such as White Pages Premium and learn information such as your current address, past addresses, the names of your family members  and more.  The criminal can also use the number to gain access to your social media accounts and can most significantly use the information gained to answer security questions that would allow the criminal to do a SIM swap whereby your cell phone number would be transferred to a phone of the criminal and thereby defeat dual factor authentication where you get a text message or a code sent to your phone when you go to access your bank account online or any other account that requires significant security.

So what can you do to protect yourself?

TIPS

Limit providing your cell phone number to people and companies as much as possible.  You also may want to consider getting a second phone to use when you have concerns about security.  You also can use apps such as Google Voice https://voice.google.com/about or Burner https://www.burnerapp.com/ that will enable you to create different numbers to use for calls and text messages.

As for dual factor authentication, while sending a code or text message to your cell phone is a simple and effective method of dual factor authentication, you may wish to consider other forms of dual factor authentication such as apps that will generate temporary security codes such as Authy https://authy.com/ or Google Authenticator https://support.google.com/accounts/answer/1066447?co=GENIE.Platform%3DAndroid&hl=en

Perhaps the best thing you can do to  protect your SIM card from SIM swapping is to set up a PIN or password to be used for access to your mobile service provider account. This will help prevent a criminal from calling your carrier posing as you and convincing your mobile carrier to swap your SIM card to the criminal’s phone merely by providing personal identifying information or answering a security question.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – June 19, 2022 – Phony Customer Service Phone Number Scam

Clever scam artists are increasingly setting up phony websites that appear to be for customer service or tech support of many of the companies with which we do business.  Often they either purchase an ad to appear at the top of a search engine search or they manipulate the algorithms used by Google and other search engines to make their phony customer service number appear high on a search. They also purchase telephone numbers that are a single digit off of the legitimate phone numbers for many companies’ tech support or customer support in order to take advantage of common consumer misdials.  Compounding the problem is the fact that many companies, particularly social media companies, do not provide a customer service telephone number to call and speak to a real person about your problem.  They only provide online support.

In 2020 I told you about Dr. Melanye Maclin of Maryland who needed help with her Facebook account and obtained what she thought was the phone number for tech support for Facebook which she got from a posting on Facebook’s Help Community Chat board.  Unfortunately, Facebook doesn’t have a tech support phone number.  The phony tech support number on the chat board was posted by a scammer.  When Dr. Maclin called the phony number, she was instructed by the scammer to enable remote access to her phone which Dr. Maclin did.  Unfortunately, this led to the scammers gaining access to her CashApp account through which the scammers stole $6,332.

TIPS

The best place to look for a telephone number for customer support or tech support is right on your bill or the legitimate website of the company.     Even when you do call legitimate tech support or customer service telephone numbers take extra care to make sure that you are dialing correctly and not calling a clever scammer who may have purchased a telephone number that is a digit off of the correct phone number in an attempt to ensnare people who may misdial the number.

Among the social media services that do not provide tech support by phone are Facebook, Instagram, Snapchat and Twitter.  Here are links to tech support for those social media services:

Facebook:  https://www.facebook.com/help/
Instagram: https://help.instagram.com/
Snapchat: https://support.snapchat.com/en-US
Twitter: https://support.twitter.com/

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

Scam of the day – June 18, 2022 – Father’s Day Scams

Tomorrow is Father’s Day which for many people is an opportunity to show our fathers how much we love and appreciate them.  For scam artists, it is yet another opportunity to scam people.
One of the most common Father’s Day scams involves e-cards which are great, particularly for those of us who forget to send a Father’s Day card until the last minute.

Identity thieves send emails purporting to contain a link to an electronic Father’s Day card, but instead of an electronic greeting card, what they actually  are sending is malware that becomes downloaded when the victim clicks on the link. A common type of malware sent by criminals is keystroke logging malware enables an identity thief to steal personal information from the victim’s computer that can be used for purposes of identity theft.  In other instances, the malware is ransomware which will encrypt all of your data which the hacker threatens to destroy unless you pay a cryptocurrency ransom.

TIPS

Never click on a link to open an electronic greeting card unless the e card specifically indicates who sent the card. Phony e cards will not indicate the name of the sender.  Even if the sender is someone you recognize, you should independently confirm with that person that they indeed sent you an e card before clicking on the link.  Don’t depend upon your security software to protect your phone, computer or tablet because even the most up to date security software will always be behind the latest zero day defect malware.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

  • Categories

Archives