Scam of the Day
Scam of the day – September 14, 2025 – Justice Department Charges Investment Advisor with Operating a Massive Ponzi Scheme
Federal Prosecutors in New York along with the SEC have brought both civil and criminal charges against Paul Regan accusing him of masterminding a massive Ponzi scheme in which he is alleged to have swindled 330 investors out of more than 63 million dollars. Regan sold phony investments in precious metals in Columbia and by Obamacare insurance polices that he told investors were guaranteed to bring annual profits of as much as 14% annually and were fully insured. Prosecutors say that none of this was true. They say that Regan used profits from later investors to pay early investors which is the mark of a Ponzi scheme, paid insurance agents that he hired to sell the phony investments although the insurance agents were not licensed to sell investments and kept the rest of the money to fund his own upscale lifestyle.
TIPS
The lesson here is a simple one. No one should ever invest in anything they do not fully understand nor invest with anyone without doing research on the person offering the investment. In this case it would have been a simple matter to determine that investing in Affordable Care Act policies was impossible and anyone who looked into Regan’s history would have found that he had been barred for life by FINRA and had been fined by Oregon state securities regulators for forging documents including the signature of a client’s dead wife and stealing approximately $140,000 from an elderly client suffering from dementia in 2005 as well as pleading guilty in 2017 to fraud charges in Florida related to the sale of promissory notes that promised guaranteed returns.
FINRA’s Central Registration Depository will tell you if the broker you are considering investing with is licensed and if there have been disciplinary procedures against him or her. You can also check with your own state’s securities regulation office for similar information. Many investment advisers will not be required to register with the SEC but are required to register with your individual state securities regulators. You can find your state’s agency by going to the website of the North American Securities Administrators
For more information about this case, check out my column in Forbes https://www.forbes.com/sites/steveweisman/2025/09/11/prosecutors-bring-charges-over-massive-ponzi-scheme/
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – September 13, 2025 – AI Makes Customer Service Number Scams Worse
Since 2017 I have been warning you about scammers planting phony customer service numbers online and using those numbers to trick their victims into providing personal information or paying them money. Scammers construct phony websites that appear to provide a telephone number for customer service or tech support of many of the companies with which we do business. Often the scammers either purchase an ad to appear at the top of a search engine search or they manipulate the algorithms used by Google and other search engines to make their phony customer service number appear high on a search. Through the use of AI, these phony websites look very believable.
Now scammers are manipulating AI to have their phony customer service numbers appear in Google’s AI Overviews and OpenAI’s ChatGPT. People unfortunately believe that AI is totally trustworthy and call those numbers only to be scammed. AI harvests its information from the Internet and savvy scammers will insert their phony customer service number on online review sites, message boards and numerous websites. The more places the phony numbers appear, the more likely AI will pick them up and suggest them to you when you do an AI search.
TIPS
The best place to look for a telephone number for customer support or tech support is right on your bill or the legitimate website of the company. Even when you do call legitimate tech support or customer service telephone numbers take extra care to make sure that you are dialing correctly and not calling a clever scammer who may have purchased a telephone number that is a digit off of the correct phone number in an attempt to ensnare people who may misdial the number.
Also, remember you can’t trust Alexa or Siri to provide you with the correct number because they only access the information appearing at the top of a search engine search. As I indicated earlier, often those numbers are fake numbers put their by scammers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – September 12, 2025 – New Twist on QR Code Scams
Quick Response codes or QR codes have been around since 1994, but they have become much more popular in recent years and can be commonly found on parking meters, in restaurants and in advertising. When you scan a QR code with your phone, it will take you to a website. Unfortunately as the popularity of QR codes has increased with the public, its popularity has also increased with scammers who are setting up phony QR codes to lure you to their bogus website where they solicit personal information used for identity theft or persuade you to make a payment with a credit card or even in some instances, merely by scanning the phony QR code, you will download harmful malware such as ransomware or even malware that will enable the scammer to take over your email account. I have written about QR code scams called “quishing” since 2021.
I have written in the past about a variety of QR code scams, but a new one that has recently surfaced is a variation on the brushing scam. Brushing occurs when online vendors send mechandise to people that they haven’t ordered and then use that person’s information to post positive reviews of the product. However, in the new QR code version of brushing, the targeted victim receives a package containing unordered merchandise without any sender information, but with a QR code that unwary victims will scan and either unwittingly download malware that can steal sensitive information from your cell phone or take you to a website where you are prompted to provide personal information that will be used to make you a victim of identiyt theft.
TIPS
As I often say, “trust me, you can’t trust anyone.” If you receive such a package with no sender information, but merely a QR code, it is a scam and you should not scan the QR code.
Finally, there are companies that have free QR code scanner apps that will not only scan the QR code, but also let you know if it is legitimate and prevent the downloading of malware from bogus QR codes.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”
Scam of the day – September 11, 2025 – “Kind” Can be a Dangerous Word
The Dalai Llama has said that his religion is very simple – it is kindness. And certainly we all could use a bit more kindness in our lives, however, when the word “kindly” appears in an email or text message that you receive, it can be a tip off that you are being contacted by a scammer or identity thief based in a country other than the United States, particularly countries that were once part of the British Empire where they have adopted the use of British speech patterns. According to Tim Bajarin, the chairman of the market research company Creative Strategies in an interview with Reader’s Digest, ‘You’ll often hear it used in countries with British influence, perhaps once a colonial country, where English isn’t their mother tongue.” Nigeria, for instance, a hub of international scams was a British colony from 1900 until 1960 and the British influence is still strong there.
So when you get an email or a text message that appears to be from a governmental agency such as the IRS or a company such as Amazon that uses the word “kindly” in a communication requesting a payment, personal information or asking you to click on a link or download an attachment under any pretense, you should immediately remember BS, be skeptical.
TIPS
It is a simple matter for a scammer to use spoofing to manipulate your Caller ID and make a phone call appear to come from a legitimate source. Similarly phishing emails and text messages can also appear to be sent by legitimate sources when the source is a criminal. Therefore you should never make a payment, click on a link, download an attachment or make a payment in response to any communication unless you have absolutely confirmed that the communication was legitimate.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – September 10, 2025 – Not All Nigerian Email Scams Come From Nigeria
Today’s Scam of the day comes from a regular Scamicide reader and is another version of the Nigerian email scam that continues to plague the online community. In the most common versions of this scam circulating on the Internet today, you are promised great sums of money if you assist a Nigerian or someone elsewhere in his effort to transfer money out of his country. While we refer to this type of scam as the Nigerian Email Scam, as indicated in the email below, not all versions of this scam have a connection to Nigeria.
Common variations of the scam include the movement of embezzled funds by corrupt officials, a dying man who wants to make charitable gifts, a minor bank official trying to move the money of deceased foreigners out of his bank without the government taking it or, as in this case, funds you have been randomly selected to receive.
In most variations of this scam, although you are told initially that you do not need to contribute anything financially to the endeavor, you soon learn that it is necessary for you to contribute increasingly large amounts of money for various reasons, such as fees, bribes, insurance or taxes before you can get anything. Of course, the victim ends up paying money to the scammer, but never receives anything in return.
Here is a copy of the email presently circulating.
Scam of the day – September 9, 2025 – Hacking Your Computer Through Your Smoke Detector
I have been warning you about dangers in the rapidly expanding Internet of things for more than eleven years. The Internet of Things is made up of a broad range of devices connected to the Internet including home thermostats, security systems, medical devices, refrigerators, televisions, cars and toys. Our homes have become filled with these devices including Alexa and Siri. The FBI has longed warned consumers about the dangers of posed by hacking of various devices that makeup the Internet of Things.
Cybercriminals hack into your devices that are a part of the Internet of Things to enable them to enlist your devices as a part of a botnet by which they can distribute malware while maintaining their anonymity. They also can hack into your Internet of Things devices to access your home computers or cell phones to steal information for purposes of identity theft or to implant malware on your home computers and cell phones. Any device you have in your home that is connected to the Internet poses a threat. One device that people hardly give any thought to is your smoke detector. Newer, sophisticated smoke detectors have the capability to send data to your phone or the manufacturer which they do through your router and this make them vulnerable to being hacked.
TIPS
Most of the devices that make up the Internet of Things come with preset passwords that can easily be discovered by hackers. Change your password as soon as you set up the product. Also, set up a guest network on your router exclusively for your Internet of Things devices. This is important so that you can keep the sensitive personal information you have on your computer or cell phone from being accessible through a hacking of any of your Internet of Things devices.
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding. Make sure that you install the latest security patches as soon as they become available. Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.
Make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks. Routers are a critical part of your smart home security. Make sure it will automatically download and install the latest security updates from its manufacturer. If your router is an older router that does not have this capability, you can check the manufacturer’s website regularly for the latest updates, but frankly, you are probably better served by getting a newer, more secure router. Make sure you have a unique password for each of your Internet of Things devices and use dual factor authentication whenever you can for all of these devices.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – September 8, 2025 – Comcast Phishing Email
Reproduced below is a copy of an Xfinity phishing email, sent to me by a Scamicide reader that uses the common ploy of indicating that there is a situation that requires your immediate attention. The version sent to the Scamicide reader contained the Xfinity logo, however it is a simple matter to counterfeit a company logo. Comcast uses the Xfinity name for its consumer cable television, internet, telephone, and wireless services. There are a number of telltale flaws in this particular phishing email. The email address from which it is sent has no relation to Comcast. In addition, the email contains grammatical errors in the second sentence. Poor grammar is often found in phishing emails, many of which originate in country’s where English is not the primary language although more sophisticated non-English speaking scammers are able to use AI to make their grammar correct.
Here is the text of the phishing email. I have removed the link which the scammers instructed the recipient to click on to confirm the account.
From: xxxxxxxxx <rftmhue@demotqd.mostlandl.com>
Date: August 23, 2025 at 1:16:18 PM EDT
To: xxxxxxx@comcast.net
Subject: Comcast:_#66202918 – Suspension:_August 23 2025 3:_37
Action Required! Your recent email are pending, because your account is missing some information we need to collect to comply with our terms. If you do not confirm your account will be lost all our service. To restore normal received/delivery email please take a moment this is only takes under 5 minutes:
Help Support Team
Comcast will occasionally send you service-related emails to inform you of service upgrades or new benefits.
TIPS
Obviously if you do not have an account with Comcast you know that this is a phishing scam, but even if you do have an account with Comcast as I indicated above there are a number of indications that this is not a legitimate email, but instead is a phishing email. Legitimate companies would refer to your specific account number in the email. They also would specifically direct the email to you by your name.
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft. If you receive an email like this and think it may possibly be legitimate, merely contact Comcast at the telephone number that appears on your bill to confirm that it is a scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – September 7, 2025 – Mavis Wanczyk Scams Continue to Claim Victims
She’s back! Actually, she has never left. I have been writing about scams related to Mavis Wanczyk for eight years but recently I have received emails from Scamicide readers telling me about various new incarnations of a variety of scams that share the same hook which is that Mavis Wanczyk is giving money away to lucky people. Many of you may not remember the name of Mavis Wanczyk, but she was the lucky winner of a 758 million dollar Powerball drawing in 2017. Not long after she claimed her prize, a scam started appearing in which many people received emails with the message line referring to the Mavis Wanczyk Cash Grant. The email indicated that you were chosen to receive a large cash grant from Mavis Wanczyk. All the lucky strangers receiving the emails had to do was provide personal information in order to qualify for the grant. In addition, phony social media accounts on Twitter, Facebook and Instagram were also set up in Ms. Wanczyk’s name through which people were contacted with the same phony offer of free money informing them that in order to qualify for the grant they merely needed to provide personal information.
Recently a Scamicide reader told me that after he had tweeted a message on X (formerly Twitter) he was contacted by a scammer posing as Mavis Wanczyk that she liked his tweet and that she was sharing some of her Powerball winnings with a select amount of people that follow her on social media. Fortunately, the Scamicide reader was smart enough to recognize that this was a scam.
TIPS
It is difficult to win a lottery you have entered. It is impossible to win one that you have never entered and neither lottery winners, nor anyone else is sending out messages through the Internet offering free money to anyone who responds with personal information. Never give out personal information that can make you vulnerable to identity theft unless you have absolutely verified that the party requesting the personal information is legitimate and has a legitimate need for the information.
Finally and most importantly, remember neither Mavis Wanczyk nor any other lottery winner is giving away money to strangers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
Scam of the day – September 6, 2025 – The Danger of E-Skimming
Regular readers of Scamicide are certainly familiar with skimmers which are devices installed on ATMs as well as credit and debit card processors that steal information from credit and debit cards thereby enabling criminals to use that information to make charges on those cards. The increased use in recent years of cards with chip technology has dramatically decreased the amount of fraudulent purchases made through stolen credit and debit card information because the chip card creates a new authorization number each time the card is used thereby negating the value of skimming a credit card with a computer chip. Scanning your card rather than inserting it into a card reader has also made such purchases safer.
Chip card technology, however, offers no protection when credit and debit cards are used for online purchases. The FBI has warned about what it calls E-Skimming which occurs when criminals infect the websites of businesses and government agencies with malware that allows the criminal to steal credit card and debit card information and then use it to make charges using the victim’s credit card or debit card.
TIPS
There are many steps that businesses and government agencies should take to protect their sites from this type of crime. They should update their security software with the most recent security updates; change default login credentials on their systems; segment their network systems to limit access by criminals and educate their employees to the dangers of phishing and spear phishing emails because it is through these phishing and spear phishing emails that most malware is delivered. A good rule for us all to follow is to never click on links in emails unless you have absolutely confirmed that the email is legitimate.
What, can we as consumers do, however, to protect ourselves from becoming a victim of E-Skimming?
First and foremost, while it may be more convenient to leave your credit card on file with an online retailer you regularly use, this is not a good thing to do because it leaves you more vulnerable to having your credit card data stolen in the event of a data breach and as we all know, data breaches are and will continue to be very common.
Consumers should refrain from using their debit cards for anything other than as an ATM card. Use a credit card for all of your card purchases to achieve greater consumer protection. The holder of a credit card used for fraudulent purposes cannot be assessed more than $50 for such use and most credit card companies charge nothing. However, the potential liability of a person whose debit card has been compromised can reach his or her entire bank account tied to the card if the card owner does not report the crime promptly and even if the card owner does report the theft promptly, the debit card owner’s access to his or her own bank account is frozen while the bank investigates the crime.
Finally, you should monitor your credit card statement regularly to determine if your credit card has been compromised.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – September 5, 2025 – Covid-19 Scam Targeting College Students
The Fall college semester has just started and scammers are revisiting a scam first seen during the peak of the Covid-19 pandemic in which the scammers send out emails similar to the one shown below from 2020 to college students claiming to come from the Financial Aid office of the targeted student’s college or university telling them that they are eligible for an economic stimulus check. The targeted victims are instructed to click on a link which then prompts them to log in to their college or university account in order to initiate the process to receive the check that will never come. The problem is that when a student logs in, he or she is not logging into their college or university account, but merely providing their log in credentials to scammers who can use that information to make the student a victim or identity theft or to perpetrate other scams.
TIPS
As I often tell you, whenever you get an email, text message or phone call, you can never be sure as to who is really contacting you so whenever you are asked to click on a link, download an attachment, provide information or make a payment in response to any communication, you should verify that the communication is legitimate. The danger of unwittingly downloading malware or providing information that can lead to identity theft is too great to trust the communication. Trust me, you can’t trust anyone. One indication that this particular email is a scam is the reference to the “Financial Dept.” when most schools refer to this department as the “Financial Aid Department.”
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”