Scam of the Day
Scam of the day – September 7, 2025 – Mavis Wanczyk Scams Continue to Claim Victims
She’s back! Actually, she has never left. I have been writing about scams related to Mavis Wanczyk for eight years but recently I have received emails from Scamicide readers telling me about various new incarnations of a variety of scams that share the same hook which is that Mavis Wanczyk is giving money away to lucky people. Many of you may not remember the name of Mavis Wanczyk, but she was the lucky winner of a 758 million dollar Powerball drawing in 2017. Not long after she claimed her prize, a scam started appearing in which many people received emails with the message line referring to the Mavis Wanczyk Cash Grant. The email indicated that you were chosen to receive a large cash grant from Mavis Wanczyk. All the lucky strangers receiving the emails had to do was provide personal information in order to qualify for the grant. In addition, phony social media accounts on Twitter, Facebook and Instagram were also set up in Ms. Wanczyk’s name through which people were contacted with the same phony offer of free money informing them that in order to qualify for the grant they merely needed to provide personal information.
Recently a Scamicide reader told me that after he had tweeted a message on X (formerly Twitter) he was contacted by a scammer posing as Mavis Wanczyk that she liked his tweet and that she was sharing some of her Powerball winnings with a select amount of people that follow her on social media. Fortunately, the Scamicide reader was smart enough to recognize that this was a scam.
TIPS
It is difficult to win a lottery you have entered. It is impossible to win one that you have never entered and neither lottery winners, nor anyone else is sending out messages through the Internet offering free money to anyone who responds with personal information. Never give out personal information that can make you vulnerable to identity theft unless you have absolutely verified that the party requesting the personal information is legitimate and has a legitimate need for the information.
Finally and most importantly, remember neither Mavis Wanczyk nor any other lottery winner is giving away money to strangers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
Scam of the day – September 6, 2025 – The Danger of E-Skimming
Regular readers of Scamicide are certainly familiar with skimmers which are devices installed on ATMs as well as credit and debit card processors that steal information from credit and debit cards thereby enabling criminals to use that information to make charges on those cards. The increased use in recent years of cards with chip technology has dramatically decreased the amount of fraudulent purchases made through stolen credit and debit card information because the chip card creates a new authorization number each time the card is used thereby negating the value of skimming a credit card with a computer chip. Scanning your card rather than inserting it into a card reader has also made such purchases safer.
Chip card technology, however, offers no protection when credit and debit cards are used for online purchases. The FBI has warned about what it calls E-Skimming which occurs when criminals infect the websites of businesses and government agencies with malware that allows the criminal to steal credit card and debit card information and then use it to make charges using the victim’s credit card or debit card.
TIPS
There are many steps that businesses and government agencies should take to protect their sites from this type of crime. They should update their security software with the most recent security updates; change default login credentials on their systems; segment their network systems to limit access by criminals and educate their employees to the dangers of phishing and spear phishing emails because it is through these phishing and spear phishing emails that most malware is delivered. A good rule for us all to follow is to never click on links in emails unless you have absolutely confirmed that the email is legitimate.
What, can we as consumers do, however, to protect ourselves from becoming a victim of E-Skimming?
First and foremost, while it may be more convenient to leave your credit card on file with an online retailer you regularly use, this is not a good thing to do because it leaves you more vulnerable to having your credit card data stolen in the event of a data breach and as we all know, data breaches are and will continue to be very common.
Consumers should refrain from using their debit cards for anything other than as an ATM card. Use a credit card for all of your card purchases to achieve greater consumer protection. The holder of a credit card used for fraudulent purposes cannot be assessed more than $50 for such use and most credit card companies charge nothing. However, the potential liability of a person whose debit card has been compromised can reach his or her entire bank account tied to the card if the card owner does not report the crime promptly and even if the card owner does report the theft promptly, the debit card owner’s access to his or her own bank account is frozen while the bank investigates the crime.
Finally, you should monitor your credit card statement regularly to determine if your credit card has been compromised.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – September 5, 2025 – Covid-19 Scam Targeting College Students
The Fall college semester has just started and scammers are revisiting a scam first seen during the peak of the Covid-19 pandemic in which the scammers send out emails similar to the one shown below from 2020 to college students claiming to come from the Financial Aid office of the targeted student’s college or university telling them that they are eligible for an economic stimulus check. The targeted victims are instructed to click on a link which then prompts them to log in to their college or university account in order to initiate the process to receive the check that will never come. The problem is that when a student logs in, he or she is not logging into their college or university account, but merely providing their log in credentials to scammers who can use that information to make the student a victim or identity theft or to perpetrate other scams.
TIPS
As I often tell you, whenever you get an email, text message or phone call, you can never be sure as to who is really contacting you so whenever you are asked to click on a link, download an attachment, provide information or make a payment in response to any communication, you should verify that the communication is legitimate. The danger of unwittingly downloading malware or providing information that can lead to identity theft is too great to trust the communication. Trust me, you can’t trust anyone. One indication that this particular email is a scam is the reference to the “Financial Dept.” when most schools refer to this department as the “Financial Aid Department.”
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – September 4, 2025 – Federal Express Phishing Scam
Shown below is a copy of an email I received that purports to be from Federal Express urging me to click on a link (which I deleted when posting today’s Scam of the day) in order to confirm my signature. Clicking on the link in the email would download malware such as keystroke logging malware that can lead to your becoming a victim of identity theft or ransomware. If you look closely at the email, you will note that even though it has the Federal Express logo and looks quite official, there are a number of tip offs that this is indeed a phishing scam. What is not shown on the email as copied below is that it is sent from an address that is not that of Federal Express. The email of the sender is that of a private individual who, most likely, had his or her email account hacked and used as a part of a botnet to send out these types of phishing emails. The email also never refers to the recipient by name. It is also has poor grammar and is illogical in that it asks you to confirm your signature for a package that has not yet been delivered.
Scam of the day – September 3, 2025 – Scammer Posing as General Hospital Star Scams Woman in Romance Scam
Romance scams where scammers convince people that they are in love with them and once they have gained their trust and an emotional connection ask under a variety of pretenses for money has only gotten worse with AI being able to be used for scammers to appear as anyone they wish in videos or change their voice through AI voice cloning to appear legitimate. I have written many times about scammers posing as celebrities to scam people out of their money and this type of scam too has gotten worse with AI.
Recently Abigail Ruvalcaba of Los Angeles was scammed out of her life savings by a scammer who used deepfake technology to pose as General Hospital actor Steve Burton and professed his love for her through the deepfaked videos and then lured her into sending him funds through Zelle, Bitcoin and gift cards. She met the scammer and communicated with him on Facebook. Scammers often will set up phony accounts on Facebook and other social media where they pose as celebrities.
Last year a scam group called the “Yahoo Boys” based in Nigeria began using artificial intelligence to change their facial features in Zoom videos to appear to be the person they are posing as in the romance scam. They also can use AI to change their voice and accent to sound legitimate and while doing a video conference with a romance scammer in the past was a good way to see if the person was actually who they claimed to be, now scammers using this technology will be very difficult to recognize as scammers.
TIPS
There are various red flags to help you identify romance scams. I describe many of them in detail in my book “The Truth About Avoiding Scams.” The most important thing to remember is to always be skeptical of anyone who falls in love with you quickly online without ever meeting you and early into the relationship who then asks you to send money to assist them with a wide range of phony emergencies.
Here are a few other things to look for to help identify an online romance scam. Often their profile picture is stolen from a modeling website on the Internet. If the picture looks too professional and the person looks too much like a model, you should be wary. You also can check on the legitimacy of photographs or video images by seeing if they have been used elsewhere by doing a reverse image search using google.images.com or websites such as tineye.com.
Recently, the dating sites Match, Tinder, Hinge and Plenty of Fish started a new public awareness program to help people recognize romance scams. One tip they give is to use the verification check on your matches to help confirm they are the person who appears in the profile photo.
As for celebrity based romance scam, it is important to recognize that celebrities aren’t reaching out online to people they have never met to start romantic relationships.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – September 2, 2025 – Police Officer Thwarts Tech Support Scam
Tech support scams in which consumers are tricked by scammers into believing there is a problem with their computers that require the expensive services of scammers constitute a major problem. Tech support scams are increasingly common and victimize consumers 60 years or older about five times more often than people between the ages of 20 and 59 according to the Federal Trade Commission (FTC).
The most common tech support scams start with popups on your computer that provide notices of security problems that contain telephone numbers for you to call to fix the problem, Whenever you get a pop-up, email, or text message that appears to tell you that you have a security problem with your computer, you should never click on any links contained in the message or call the telephone number provided. Tech support scams also are perpetrated through phone calls in which you are told that there is a problem with your computer and you need to make a payment to remedy the problem. This is exactly what happened to a man in Waltham, Massachusetts who received such a phone call purportedly from Apple Customer Support telling him that his computer was infected with a virus and he needed to send $12,000 through a cryptocurrency ATM to pay for the cost of remedying the problem.
Fortunately, Dan Collins, an off duty police officer witnessed the elderly man talking on his phone approaching a cryptocurrency ATM carrying $12,000 in cash, identified himself and convinced the targeted scam victim that it was all a scam and saved him the money he was about to send to the scammer.
TIPS
Often when this scam starts with a pop-up on your computer, your computer is frozen and the pop-up tells you that you have a major security problem and warns you that you should not shut down or restart your computer because, they tell you, it would cause serious damage to your computer, the best thing you can do is shut down your computer and restart it.
If, as in this case, the scam starts with a phone call, remember through a technique called “spoofing” the scammers can trick your Caller ID to make the call appear to come from Apple or some other tech company. The truth is that no tech company is going to call you to tell you there is a virus affecting your computer. If you are truly concerned about a security problem, contact tech support at the real tech company you use at a phone number or email address that you have confirmed is accurate rather than a number or email address from the pop-up or phone call.
Finally, anytime you are told purportedly by a company or government agency to make a payment through a cryptocurrency ATM, it is a scam. No company or government agency requires payment through cryptocurrencies.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – September 1, 2025 – Scammer Poses as Country Music Rapper Jelly Roll on Facebook
Posing as a famous person on social media such as Facebook, Twitter and Instagram has proven to be quite lucrative for many scammers who are able to convince unsuspecting victims to rely on the phony accounts. Setting up a social media account is easy to do for a scammer requiring merely a name, a photo and an email address, all of which can be done to make it appear that the account is that of the real celebrity when, in truth it is that of the scammer. Sometimes the scammer will add a middle initial or a slight misspelling of the name of the celebrity to avoid detection. There are even companies that for a few dollars will set up phony celebrity social media accounts for scammers. Despite the efforts of the various social media companies to try to stop this practice, it continues in great numbers. Facebook estimates that there are as many as 60 million phony Facebook accounts including hundreds of its founder Mark Zuckerberg. Facebook tries to remove the accounts when it becomes aware of them, but they spring up soon again like a game of whack-a-mole.
Recently, Ronnie Flint of Springfield, Ohio got a message on the Messenger App of Facebook that appeared to come from country music rapper Jelly Roll informing Flint that he had won a new car in a lottery. He then received a video which appeared to show Jelly Roll informing him that to claim his prize he needed to send money to pay for shipping costs for the car. This was followed up another video in which Jelly Roll told Flint by name that he needed to send the money through Apple gift cards. Flint who is on disability was convinced and sent the money. Unfortunately, this was an AI created video sent from a phony Jelly Roll Facebook acount and the money was lost forever. This scam is being done throughout the country including in Morrisville, Pennsylvania earlier this summer.
AI has made deepfake videos such as the one used in this scam readily available to scammers in which the voice and image will appear to be that of the celebirty when it is all fake.
TIPS
Facebook has a blue verification badge program that helps people know that a celebrity Facebook page is authentic. The blue check verification badge is used by public figures and media organizations to indicate that Facebook has verified the account as legitimate. Many of the Facebook and other social media scams involve getting something for nothing. Whenever you see one of these free giveaways appear in social media be a little skeptical and don’t provide any personal information. Certainly don’t give away any credit card information and don’t click on unverified links. You should never trust a social media account of a celebrity or anyone for that matter that promises to give you something for nothing. As for Facebook accounts of celebrities always look for the blue check verification. In regard to any contest or giveaway attributed to a celebrity, go to the celebrity’s website in order to confirm if it is legitimate.
Also, it is hard to win a lottery, it is impossible to win one that you have not enterred which was the basis of this scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – August 31, 2025 – Back to School Shopping Scams
The new school year is just around the corner and school shopping is in high gear for many parents and students. Much of back to school shopping, like other shopping, is done online and people are constantly looking for bargains from trusted companies such as Walmart and Dick’s Sporting Goods. Scammers are constantly setting up phony retail websites. Some of these phony websites are for totally made up companies that you have never heard of, but which are offering tremendous discounts on popular goods while other phony websites are counterfeit websites of legitimate online retailers. Unfortunately, it is very easy for scammers using AI to construct phony websites with legitimate appearing logos of companies you trust. Last year the cybersecurity software company Trend Micro announced that it had found more than 205,000 phony websites touting back to school sales.
So how do you determine if you are on a legitimate website?
TIPS
Steve Weisman Forbes Column on Tech Support Scams
In addition to Scamicide, I write a weekly column for Forbes Magazine.
Here is a link to an important column I wrote about tech support scams which I urge you to read.
https://www.forbes.com/sites/steveweisman/2025/08/30/tech-support-scams-dramatically-increasing/
Scam of the day – August 30, 2025 – Credit Reporting Bureau TransUnion Data Breach Affects 13 Million People
Data breaches are a common occurence which is disturbing because they can readily lead to your identity being stolen or you becoming a victim of a scam as the hackers leverage the data they steal to lure you into a scam. Credit reporting agency TransUnion is the latest company to be a victim of a data breach in which sensitive personal information including names, addresses, email addresses phone numbers birth dates and, most troubling, Social Security numbers of more than 13 million people was compromised. Similar to recent data breaches at Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany and Qantas,the data was stolen not from TransUnion’s computer networks, but rather from Salesforce, a cloud-based customer relationship management (CRM) company used by TransUnion and many other companies to manage their customer data. The ransomware gang ShinyHunters managed to do this not by hacking Salesforce, but rather by using social engineering to trick TransUnion employees to enable access to the company’s Salesforce account containing its customer data.
Companies must do a better job of protecting themselves from not just technologically sophisticated cyberattacks, but less sophisticated, but equally effective social engineering attacks where the cybercriminals use psychology to manipulate employees to giving them access to important data.
TIPS
Victims of this data breach should freeze their credit if they have not already done so. Actually, freezing your credit is actually something everyone should do. It is free and easy to do. In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/