Scam of the Day
Scam of the day – September 28, 2025 – Senators Question Dating Apps About Vulnerability to Scams
Romance scams where scammers convince people that they are in love with them and once they have gained their trust and an emotional connection ask under a variety of pretenses for money has only gotten worse with AI being able to be used for scammers to appear as anyone they wish in videos or change their voice through AI voice cloning to appear legitimate. I have written many times about scammers posing as celebrities to scam people out of their money and this type of scam too has gotten worse with AI.
Senators Maggie Hassan of New Hampshire and Marsha Blackburn of Tennessee have sent a letter to Match Group which owns the dating apps Tinder, Hinge and OkCupid a letter requesting its records related to how scammers are using their platforms and what the company is doing to prevent romance scams. In particular the senators expressed concerns about how the algorithms used by Tinder, Hinge and OKCupid contribute to romance scams. The senators requested the documentation be provided to them by October 15th.
TIPS
I will follow up on this story when the Match Group provides the requested information to senators Hassan and Blackburn, but meanwhile there are various red flags to help you identify romance scams. I describe many of them in detail in my book “The Truth About Avoiding Scams.” The most important thing to remember is to always be skeptical of anyone who falls in love with you quickly online without ever meeting you and early into the relationship who then asks you to send money to assist them with a wide range of phony emergencies.
Here are a few other things to look for to help identify an online romance scam. Often their profile picture is stolen from a modeling website on the Internet. If the picture looks too professional and the person looks too much like a model, you should be wary. You also can check on the legitimacy of photographs or video images by seeing if they have been used elsewhere by doing a reverse image search using google.images.com or websites such as tineye.com.
Scammers often will ask to move your conversation to WhatsApp, email or text quickly, but you are better off maintaining your communication on the dating app. You can also suggest a video call early in the relationship. Last year a scam group called the “Yahoo Boys” based in Nigeria began using artificial intelligence to change their facial features in Zoom videos to appear to be the person they are posing as in the romance scam. They also can use AI to change their voice and accent to sound legitimate and while doing a video conference with a romance scammer in the past was a good way to see if the person was actually who they claimed to be, now scammers using this technology will be very difficult to recognize as scammers, however, not all romance scammers are using this sophisticated technology so it is still helpful to request a video call.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 27, 2025 – Stellantis Data Breach
Data breaches are a common occurrence which is disturbing because they can readily lead to your identity being stolen or you becoming a victim of a scam as the hackers leverage the data they steal to lure you into a scam. Stellantis, the parent company for automakers Chrysler, Dodge, and Fiat announced recently that it had suffered a data breach in which names and contact information of 18 million of its customers was stolen. Disturbingly, Stellantis indicated that the actual data breach occurred last May although it was only being reported now. Similar to recent data breaches at Google, TransUnion, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany, Farmers Insurance and Qantas, the data was stolen not from Stellantis’ computer networks, but rather from Salesforce, a cloud-based customer relationship management (CRM) company used by Stellantis and many other companies to manage their customer data. The ransomware gang ShinyHunters managed to do this not by hacking Salesforce, but rather by using social engineering to trick TransUnion employees to enable access to the company’s Salesforce account containing its customer data.
Companies must do a better job of protecting themselves from not just technologically sophisticated cyberattacks, but less sophisticated, but equally effective social engineering attacks where the cybercriminals use psychology to manipulate employees to giving them access to important data.
TIPS
Victims of this data breach should freeze their credit if they have not already done so. Actually, freezing your credit is actually something everyone should do. It is free and easy to do. In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 26, 2025 – Mail Theft and Bank Fraud
Cameron Martinas Curry and Quavaun Enreco Rhodes of Georgia were recently convicted of stealing mail from collection boxes in the Augusta, Georgia area and altering checks that had been mailed to have the money paid to them. Criminals around the country are increasingly stealing mail with checks in them from U.S. Postal Service mailboxes, “washing” the checks with simple nail polish remover to remove the name of the person or company to whom the check was made out and then writing in their own name. In other instances, the criminals will also change the amount of the check. In recent years Boston and New Orleans, for example, had large numbers of such mailbox thefts of checks that were then altered and cashed.
Identity theft is a high tech, low tech and no tech crime and while we often tend to focus our attention on high tech identity theft tactics such as spear phishing, no tech tactics such as fishing for mail with a plastic bottle covered in glue that is lowered into blue public mailboxes to capture mail being sent with checks is making a comeback. In other instances criminals, as was done here, can either steal or buy a USPS mailbox key which are sold on the Dark Web, that part of the Internet where criminals buy and sell goods and services, for as much as $1,000. Some criminals, rather than use the “washed” checks themselves are now selling the checks on the Dark Web to other criminals directly. In addition, criminals can also can use the account number of your check to create counterfeit checks to access your checking account.
I have warned you for years about leaving mail with checks or credit card information in your personal mailbox outside of your home with the flag raised to alert your postal carrier that there is mail in your box to be retrieved is a bad idea because it also alerts identity thieves who can easily steal the mail. However, mailing checks in official U.S. Postal Service blue mailboxes we now know is also problematic.
TIPS
This is an easy crime to avoid. The best course of action is to pay your bills electronically and avoid the problem altogether. However, if you cannot do so or prefer to send a paper check by mail, you should use a gel pen that is not easily “washed” to write your checks and you should mail envelopes with checks in them directly from inside the post office.
Unfortunately, more sophisticated criminals will scan your check into their computer and use special software to keep the signature from the original check, but delete the amount and the name of the payee on the check thereby allowing them to make perfect counterfeit checks which they can make payable to themselves for any amount they choose thereby defeating the gel pen as a defense to check washing so electronic banking is still your best bet.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – September 25, 2025 – Georgia Prisoner Operates Scam While in Prison
Recently Russell Tafron Weatherspoon, was convicted of masterminding a multistate scam between March 2022 and April 2024 in which he and other co-conspirators called targeted victims throughout the country posing as local law enforcement officers using an app that allowed them to spoof the phone numbers of legitimate law enforcement agencies so that their calls would manipulate their targeted victims’ Caller ID to make the calls appear to be actually coming from real law enforcement officers. The scammers told their victims that arrest warrants had been issued for them due to their failure to appear to testify in a court proceeding that they had been subpoenaed to attend. The scammers, conversant with legal terminology, directed their victims to obtain a bond to avoid arrest.
What makes this case somewhat different from similar scams is the fact that Weatherspoon was directing this scam while serving time in a Georgia state prison for a 2020 conviction of aggravated assault and violation of the Street Gang Terrorism and Prevention Act. The calls were made by Weatherspoon and other inmates using cellphones that were delivered to Weatherspoon by drones.
TIPS
No legitimate law enforcement agency will call you on the phone and threaten arrest unless a payment is made. Official notices for missing a court appearance would be sent by mail rather than a phone call. In this instance, anyone receiving such a call who might be concerned that the call was legitimate should call the clerk’s office for the court where the trial was alleged to have occurred to confirm that indeed this was a scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 24, 2025 – Beware of Evil Twins
Whether we are at the airport, a hotel, a shopping mall, a coffee shop or almost anywhere else, you will usually find free public Wi-Fi service offered so that we can use our cell phones, laptops or tablets to connect to the Internet. However with this convenience can come danger. Too many people assume that the Wi-Fi that they are using is secure and this is not always the case. In fact, often an identity thief will go to the same coffee shop or other venue and set up his or her own Wi-Fi which is what you may unwittingly be tapping into when you think you are connecting to the Wi-Fi of the particular coffee shop or other place you find yourself at. Technologically, it is easy to set up a phony Wi-Fi that can steal data from your cell phone, laptop or tablet and use that information to make you a victim of identity theft. Last year, Florida Attorney General Ashley Moody issued a warning about these scammer created phony Wi-Fi networks which she calls “Evil twins.”
So what can you do to make using public Wi-Fi safe?
TIPS
It is always a good idea to make sure that your cell phone, tablet or laptop has a good firewall and is protected by anti-virus and anti-malware security software that is updated with the latest security updates. It is also a good idea not to use public Wi-Fi for banking or other financial transactions or, for that matter, anything that requires you to provide login credentials. Sensitive data should not be sent over public Wi-Fi. If you are going to use public Wi-Fi, the first thing you should do is check the hotspot name. Identity thieves often set up their phony Wi-Fi with names that appear quite similar to the legitimate Wi-Fi. For example, the public Wi-Fi offered at your coffee shop may be named GoodCoffee while the phony one may be something that with a cursory look appears legitimate, such as Go0dCoffee.
Always make sure when using public Wi-Fi that you are on the legitimate Wi-Fi site before proceeding to use it. Many cell phones and other devices automatically connect to nearby networks, which can connect you to the identity thief’s phony Wi-Fi before you realize it. Therefore disable automatic connection to networks. Finally, the best thing you can do to protect your privacy and security when using public Wi-fi is to use a Virtual Private Network app which will encrypt all of your data before sending it through the Wi-Fi connection. Here is a link to an article I wrote about VPNs that will tell you all you need to know (and possibly more) about VPNs. https://au.norton.com/internetsecurity-wifi-how-does-a-vpn-work.html and here is a link to an article that lists ten good VPNs that you can get for free. https://www.techradar.com/vpn/best-free-vpn
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 23, 2025 – Social Security Phishing Email
Reproduced below is a very convincing phishing email sent by scammers posing as the Social Security Administration that attempts to lure you into clicking on a link that purports to provide a statement of your Social Security benefits. However, if you were to click on the link (which I have deleted) you would either be prompted to provide information that would lead to identity theft or download dangerous malware such as keystroke logging malware that can steal information from your computer including sensitive passwords and other information. The emails grammar is quite good, but that could merely reflect the use of AI to assist in creating the phishing email.
The Social Security Administration does not send emails or text messages generally. If you have set up a My Social Security Account online (which I strongly recommend) the SSA would have your email address and would send you an annual email reminder to encourage you to review your Social Security statement online, however, the SSA never sends links to download your statement, but rather would prompt you to log in securely at ssa.gov to view your information.
Even more telling, the email of the sender has nothing to do with the Social Security Administration.
From: Social Security Administration <contacto@kinestops.com>To:***********Date: 09/20/2025 4:45 PM EDTSubject: Stay Ahead: Download Your Updated Social Security Statement NowYour Social Security Statement is streamlined and easier to read than ever before. That is because we have redesigned the Statement to provide you the most useful information up front and at a glance.
We encourage you to view your Statement at least once a year to review:
Your earnings record (to make sure it is accurate and notify us if you see any errors); Your personalized monthly retirement benefit estimates (which display how much you can expect to receive depending on when you decide to start your benefits between ages 62 and 70); Other useful information that will explain your benefits and help you prepare for your future
You can view your latest Statement file to your account at :
www.************************We hope you find your Statement useful and informative.
TIPS
So how can you tell if an email is really from the Social Security Administration (SSA)? Fortunately, the answer to that question is easy. The SSA does not initiate contact with taxpayers by phone, email or text messages. Anyone contacting you by these methods of communication who claims to be an SSA employee is a scammer.
In addition, there are numerous red flags to indicate that this is a scam. First and foremost, the email address of the sender has no relation to the SSA, but was most likely the email address of someone whose email account has been hacked and made a part of a botnet to send out vast amounts of phishing emails. In addition, nowhere in the email does the name of the recipient appear, only his email address.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 22, 2025 – Farmers Insurance Data Breach Affects 1.1 Million Customers
Data breaches are a common occurrence which is disturbing because they can readily lead to your identity being stolen or you becoming a victim of a scam as the hackers leverage the data they steal to lure you into a scam. Farmers Insurance announced it has suffered a data breach affecting more than 1.1 million of its customers. Similar to recent data breaches at Google, TransUnion, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany and Qantas,the data was stolen not from Farmers computer networks, but rather from Salesforce, a cloud-based customer relationship management (CRM) company used by Farmers and many other companies to manage their customer data. The ransomware gang ShinyHunters managed to do this not by hacking Salesforce, but rather by using social engineering to trick TransUnion employees to enable access to the company’s Salesforce account containing its customer data.
Companies must do a better job of protecting themselves from not just technologically sophisticated cyberattacks, but less sophisticated, but equally effective social engineering attacks where the cybercriminals use psychology to manipulate employees to giving them access to important data.
TIPS
Victims of this data breach should freeze their credit if they have not already done so. Actually, freezing your credit is actually something everyone should do. It is free and easy to do. In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
#farmersdatabreach
Scam of the day – September 21, 2025 – Social Security Imposter Scams
Imposter scams have long been among the most lucrative for scammers. While there are many variations of this scam, the most common variations have involved scammers emailing their victims posing as a popular company with which we all do business or calling their intended victims on the telephone posing as some governmental agency such as the IRS or the Social Security Administration. The scammer then, under a wide variety of pretenses, demands an immediate payment or personal information that can lead to your becoming a victim of identity theft.
Imposter scams where the scammers pose as representatives of the Social Security Administration (SSA) are common. A recent version involves an email that you get informing you that there has been a problem with your Social Security account and that in order to correct the problem, you need to download security update software. However, if you download the software you will end up downloading malware that enables the scammer to steal all of the information from your computer or phone including credit card information and banking information and passwords. Scammers are also sending emails threatening suspension of Social Security benefit payments due to the targeted victim’s name and Social Security number being used in money laundering and drug trafficking.
Other popular scams come in the form of phone calls, emails or text messages purportedly from the SSA requiring you to provide your Social Security number and banking information in order to receive additional Social Security payments
TIPS
As I have often reminded you, whenever you are contacted by phone call, email or a text message you can never be sure who is actually contacting you. B.S. Be skeptical. Through the simple technique of “spoofing” it is very easy for a scammer to manipulate your Caller ID to make a call coming to you appear legitimate when it is not. Therefore you can never truly trust your Caller ID. Trust me, you can’t trust anyone. Email addresses can also be made to appear legitimate as can text messages when they are actually coming from a scammer.
Never click on a link, download an attachment, provide personal information or make a payment in response to an email, text message or phone call unless you have absolutely confirmed that the communication is legitimate.
The real Social Security Administration will never ask for your personal information such as your Social Security number, date of birth or banking information. If you do get a communication asking for personal information and you think it may be legitimate merely contact your local Social Security office or call them at 1-800-772-1213.
The Social Security Administration also does not contact people by email, text messages or phone calls and does not suspend benefit payments.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
#socialsecurityscams
Scam of the day – September 20, 2025 – Gold Bar Scams Getting Worse
The Boston office of the FBI recently issued a warning scams involving people lured under false pretenses to cash in their savings, buy gold bars and deliver the gold to scammers. Earler this year ABC News did a story entitled “Gold Grifters” also exposing these scams. I have been warning people about this scam since I described it in the Scam of the day for May 7 2024 when I told you that Ravinkle Mathon was arraigned in a Maryland court accused of attempting to scam an elderly man out of $200,000 in an elaborate scam that has increased dramatically in the last year. Police say that the scam began with a phone call from Mathon to an elderly man in which Mathon posed as a federal agent telling the targeted victim that his identity had been stolen and that he needed to protect his savings by withdrawing all of his funds, purchasing gold with the funds and then turn the gold over to the alleged scammer for safe keeping. Fortunately, a family member of the targeted victim became aware of the scam and notified police who set up a sting and arrested Mathon when he came to collect the gold..
Scammers posing as government officials also perpetrate this scam by telling their targeted victims that their accounts have been hacked or are in danger of being hacked and that they need to liquidate their assets and purchase gold or some other precious metal in order to protect their assets. The scammers then send a courier to collect the gold, purportedly for safe keeping on behalf of the targeted victim. Once they have the gold, they disappear leaving the victim penniless.
With the value of gold increasing, scammers have increasingly turned to this type of scam which according to the FBI resulted in losses of $126 million in 2024. According to the FBI, many of the perpetrators of this crime are foreigners who have little difficult leaving the country with gold bars.
TIPS
The primary thing to keep in mind in order to avoid this scam is to remember that no government agency or legitimate business will ever request that you purchase gold or other precious metals for any purpose and certainly not to protect them from criminals.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.
#goldscams
Scam of the day – September 19, 2025 – Treasury Refund Text Smishing Scam
According to the Federal Trade Commission (FTC) last year more scams originated through text messages (smishing) than phone calls and with good reason. Scammers are aware that people are more likely to open and read a text message rather than an email The open rates for text messages are more than 90% while the open rates for emails is less than 30%. In addition, many email providers have filters that are able to identify and filter out phishing emails while the filtering capabilities on text messages is much less. Additionally, people tend to trust text messages more than emails. Text message also may prompt a quick response before the targeted victim can critically consider the legitimacy of the text message. For all of these reasons, we are seeing many more text message based scams nationally, such as the one in which you are told you owe toll road payments.
A new text message scam presently circulating, a copy of which is shown below, tells you that you have a tax refund that you must apply for by providing your online banking information or other personal information within a couple of days or lose the refund. This particular text message appears to come from the Michigan Department of the Treasury, but similar text messages are being sent to people in all 50 states. If you provide the information requested it will lead to identity theft and clicking on the link provided may download dangerous malware.
TIPS
Regardless of how official such a the communication may appear, you should never provide personal information to anyone in response to a telephone call, email or text message because in none of those situations can you be sure that the person contacting you is legitimate. If you do receive a communication from a bank, government agency or any other person or entity that you think might have a legitimate need for personal information from you, you should call the real entity at a telephone number that you know is legitimate in order to ascertain the truth.
In this particular case, no tax authority communicates with taxpayers regarding refunds by text messages and you do not lose any refund if you do not respond within a short period of time.
Unusually long phone numbers of ten or more digits sending such text messages is often an indication of a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
#smishing, #textmessagescam