Scam of the Day
Scam of the day – August 25, 2025 – Scattered Spider Hacker Sentenced to 10 Years in Prison
Regular readers of Scamicide are familiar with Scattered Spider which is the name of a hacking group largely made up of teens and young men in their twentys in the United States and the UK who have managed, primarily through social engineering rather than sophisticated technologically based hacking to perpetrate massive ransomware attacks against companies such as Caesars Entertainment and MGM resorts. Last week, Noah Michael Urban, a 20 year old Floridian became the first member of Scattered Spider to be convicted and sentenced for his crimes related to a variety of crimes including, most notably stealing more than $13 million of crytocurrencies from at least 59 victims. Along with financial penalties, he was sentenced to serve 10 years in prison, which is most notable since the prosecutors had only requested an 8 year prison sentence.
The method he used to steal cryptocurrencies from his victims’ cryptowallets was through SIM swapping. A Subscriber Identity Module, more commonly known as a SIM card, is an integrated circuit that stores information used to authenticate subscribers on mobile devices, such as a cell phone. The SIM card is able to be transferred between different devices, and often is, when people update into a newer cell phone. SIM swapping is the name for the crime where someone convinces your phone carrier to transfer your SIM card to a phone controlled by the criminal. Sim swapping is a way for a criminal to defeat dual factor authentication where to access an account, in addition to a password, a security code is required. The new security code is created each time the holder of an account goes to access his or her account and it is generally sent to the cell phone of the account holder which is why if the criminal is able to swap the victim’s SIM card to the criminal’s phone, he or she can get access to the account.
In order to do a SIM swap, the criminal uses harvested information to answer security questions asked when the criminal, posing as the real account holder when the scammer contacts the cell phone service provider posing as the account holder and asks to do a SIM swap into a new phone. Much of this harvested information came from data breaches done by Scattered Spider.
The best thing you can do to protect your SIM card from SIM swapping is to set up a PIN or password to be used for access to your mobile service provider account. This will help prevent a criminal from calling your carrier posing as you and convincing your mobile carrier to swap your SIM card to the criminal’s phone merely by providing personal identifying information or answering a security question.
TIPS
I have written in the past about how to avoid SIM swaps by setting up a passcode or PIN on your mobile service carrier account to avoid a scammer being able to access the account merely by answering a security question.
AT&T will allow you to set up a passcode for your account that is different from the password that you use to log into your account online. Without this passcode, AT&T will not swap your SIM card. Here is a link with instructions as to how to set up the passcode. https://www.att.com/esupport/article.html#!/wireless/KM1051397?gsi=9bi24i
Verizon enables customers to set up a PIN or password to be used for purposes of authentication when they contact a call center. Here is a link with information and instructions for setting up a PIN with Verizon. https://www.verizonwireless.com/support/account-pin-faqs/
T-Mobile will allow you to set up a passcode that is different from the one you use to access your account online. This new passcode is used when changes to your account are attempted to be made such as swapping a SIM card. This code will not only protect you from criminals attempting to call T-Mobile and swap your SIM card, but will also prevent someone with a fake ID from making changes to your account at a T-Mobile store. Here is a link to information and instructions for adding a new passcode to your account. https://www.t-mobile.com/customers/secure
Sprint customers can establish a PIN that must be provided when doing a SIM swap, in addition to merely answering a security question, the answer to which may be able to be learned by a clever identity thief. Here is a link to information about adding a PIN to your Sprint account. https://www.sprint.com/en/support/solutions/account-and-billing/update-your-pin-and-security-questions-on-sprint-com.html
And if you are particularly paranoid, like me, you can arrange with your cell phone service carrier that your SIM card cannot be switched except in person by you.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – August 24, 2025 – The Hidden Danger of Drive By Downloads
We all generally know to avoid sketchy websites that may be infected with malware that can lead to serious problems if you unwittingly download the malware such as ransomware, keystroke logging malware that can lead to identity theft or other types of malware. However, even if you make a concerted effort to avoid websites that may be likely to contain malware, you still may find yourself in danger. According to a study by Menlo Security 42% of the most visited websites on the Internet were vulnerable to malware being planted on these thought-to-be safe websites.
A major problem is that many popular websites use outdated servers that make them vulnerable to malware and data breaches. Another problem comes from many websites including content from third parties such as companies that provide advertising. Malvertising is the name for malware infected advertising that can turn up on legitimate websites and can be downloaded on to your computer or phone by either clicking on links in the advertising or even, in some cases, by merely going to the website where the tainted advertising appears even if you never click on the ad.
In other instances scammers infect legitimate websites with malware by exploiting security flaws. Merely by going to an infected website you can end up downloading the malware without clicking on any links.
TIPS
The first thing to do to protect yourself from being victimized by malware found on websites is to avoid those websites that may appear not to be legitimate. You also should have strong security software on all of your electronic devices including your computer and cell phone, making sure that you update your security software with the latest security patches as soon as they are made available. Keeping your browser updated with the latest versions is also important as many browsers provide some level of protection from malware infected sites.. Finally, you may wish to install ad blocking software that prevents you from becoming victimized by malvertising in all forms.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”
Scam of the day – August 23, 2025 – Google Forms Scam
Google Forms is a terrific free tool that lets you create surveys, quizzes and forms for gathering data. It is widely used in education, business and in people’s personal affairs. It is easy to use, acciesible through a shareable link and secure. Unfortunately, however, scammers take advantage of its acceptance as a legitimate tool to use it to perpetrate a variety of scams including scams by which it is used to create fake login pages that appear to be those of banks or colleges as well as to create phony surveys with promises of prizes in exchange for providing personal data. Scams using Google Forms increased by 63% last year and appear to be happening with even more frequency in 2025. Scams using Google Forms are sent through Google’s own mail servers so they can avoid email security filters making them appear more legitimate. Unfortunately, if you provide the asked for personal information, you set yourself up to become a victim of identity theft.
TIPS
Trust me, you can’t trust anyone. If you get a Google Forms email that appears to come from your bank, college or any other institution, confirm with the real bank or other sender by phone or email before provdiing any personal information. As for Google Forms communications offering a payment in return for personal information or contests asking you to provide personal information, the risk of being scammed is too great to respond by providing the requested information.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – August 22, 2025 – Magazine Interview Scam
A new scam presently circulating starts wiwth an email with a subject line of “Formal Interview Invitation” with the email being a request for an interview from a writer purportedly doing a story about a mentor of the person receiving the email. The email indicated that the mentor had suggested the person getting the email as a good source for the article. The email contained many questions that were to be included in the proposed interview for which the person receiving the email would get a $1,200 “honorarium” for participating in the interview either by phone or Zoom.
The name of the writer used in the email was indeed a professional journalist and the magazine mentioned was also legitimate. However, the person receiving the email was skeptical enough to contact the named writer through LinkedIn rather than through the contact information contained in the email only to find that her skepticism was warranted as the writer did not send the email. It was sent by a scammer whose next step would have been to ask for the bank account number and routing number of the person receiving the email, purportedly to wire money into her account, but actually to use that information along with her name to create counterfeit checks and acces her bank account.
TIPS
As always, if it sounds too good to be true, it generally is. Magazines do not generally pay anything to people they interview for stories. This was a sophisticated scam and one that relies on initially gathering personal information about the targeted victim and her job, all of which is relatively easy to do through AI. This scam is turning up in emails to young professionals, academics and people working in the media, but it can be expected to expand. The lesson here is to always confirm any such offer and never provide personal information, particularly banking information unless you have absolutely confirmed the legitimacy of the offer.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – August 21, 2025 – AI Investment Scams
Convicted Ponzi schemer Bernie Madoff who stole 50 billion dollars from unsuspecting victims may be the last person from whom you would accept investing advice, but in fact, his advice, as contained in a 2014 jailhouse interview Madoff gave to the Wall Street Journal is helpful to people hoping to avoid the fate of Madoff’s many victims. With great “chutzpah,” Madoff blamed his victims for their losses. He said that his investors were “sophisticated people” who should have known better. “People asked me all the time, how did I do it. And I refused to tell them, and they still invested. Things have to make sense to you. You should ask good questions.” About this he is correct. No one should ever invest in anything that they do not totally understand.
And this leads us to Artificial Intelligence (AI). It’s capabilities are constantly being touted in news stories and online posts. Scammers are always alert to whatever is capturing the interest of the public and, in this case, scammers are contacting people falsely claiming they have developed AI programs that can make investment decisions guaranteed to make large profits. In particular, the scammers are tying their AI claims to investments involving cryptocurrencies which many people invest in, but don’t fully understand which is a dangerous combination.
Scammers have actually used AI to create YouTube videos touting cryptocurrency investments showing the CEO of the company persuading people to invest with his company. In this case, however, the CEO doesn’t exist. His image and voice were merely creations of AI.
TIPS
The bottom line is that Bernie Madoff was right about one thing. No one should ever invest in anything without totally understanding the investment and the inherent risks. If you understand cryptocurrencies and still wish to invest in them, that is fine, but all investment decisions should be made only after being properly informed. You may want to check out the SEC’s investor education website at www.investor.gov.
Before investing with anyone, you should also investigate the person offering to sell you the investment with FINRA’s Central Registration Depository. http://www.finra.org/industry/crd This will tell you if the broker is licensed and if there have been disciplinary procedures against him or her. You can also check with your own state’s securities regulation office for similar information. Many investment advisers will not be required to register with the SEC, but are required to register with your individual state securities regulators. You can find your state’s agency by going to the website of the North American Securities Administrators Association.http://www.nasaa.org/2709/how-to-check-out-your-broker-or-investment-adviser/
Here is a link to the SEC’s warning about possible problems you can encounter when investing in Bitcoins or other cryptocurrencies.
https://www.sec.gov/oiea/investor-alerts-bulletins/investoralertsia_bitcoin.html
Finally, YouTube is not the place to go to in order to find investments.
Scam of the day – August 20, 2025 – Bogus DeepNude Generator Scam
Deepfake porn by which someone is able to use deepfake software to take the photo of someone they know or a celebrity to create what appear to be nude photos or videos of the unwary victim has been a problem for a few years as the technology becomes easier to use and more available. In particular high school boys have abused deepfake technology to make and circulate deepfake nude photos and videos of their female classmates. Now in apparent poetic justice some of those deepfake purveyors are downloading malware when the try to use deepfake porn sites.
The Russian cybercrime gang FIN7 which has also been known as Carbanak has created seven websites that advertise what they refer to as a “DeepNude Generator” which provides artificial intelligence deepfake technology to enable anyone using their site to create deepfake nude photos and videos. People either downloading the software of signing up for a free trial end up downloading various forms of malware including ransomware. FIN7 has also used their technical expertise to manipulate the algorithms used by search engines to enable them to get a prominent listing in searches for porn sites.
TIPS
The easy piece of advice to avoid the problem of downloading malware in this manner is to merely avoid doing deepfake porn which is generally illegal. The problem is that the temptation for some people is just too great. Compounding the problem is that the probable target of FIN7 which has used cybercrime to steal more than 1.2 billion dollars is not individual users, but large companies where they hope to lure employees into downloading the malware at work and enable FIN7 to use their malware against large companies that can be profitable targets for ransomware and other malware.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email where it states “Sign up for this blog.”
Scam of the day – August 19, 2025 – Phony Norton Invoice Scam
The phony invoice scam is a common scam popular with scammers because it is quite effective. It starts when you receive an email that purports to be from a popular company with which many of us do business that indicates that you owe them a significant payment. The scammers count on people being concerned that they are being wrongfully charged for a product they did not order. You are provided a telephone number to call if you dispute the bill. If you call the number, you will be prompted to provide personal information that will be used to make you a victim of identity theft.
Recently, a loyal Scamicide reader sent me a phony Norton invoice she received similar to many I have seen in the past. Norton is a company that provides a wide range of digital security services and identity theft protection services. As always, the purpose of a phishing email is to lure you into clicking on links contained within the email or providing personal information, in this case by phone if you call to dispute the phony bill . If you click on links in phishing emails, you end up downloading malware and if you provide the requested information, it ends up being used to make you a victim of identity theft. This particular phishing email provides a phone number to call if you wish to dispute the obviously phony invoice. If you call the number in the phishing email you will be asked for personal information that will be used to make you a victim of identity theft. The phone number is not that of Norton customer service The real phone number of Norton customer service is the toll free number 1 (855) 815-2726. The number in the phony invoice is not a toll free number.
There are a number of red flags that indicate that this is a scam. Your name does not appear anywhere in the invoice. Also, the email was sent from an email address that has no relation to Norton.
Scam of the day – August 18, 2025 – New Twist on the Jury Duty Scam
I have been warning you about the jury duty scam for twelve years, but it continues to snare many unwary victims. This scam generally starts with a phone call from someone posing as a police officer or court official telling you that you have missed jury duty and must pay a fine or risk being arrested. Often in these scams you are told that you can pay the fine through a credit card or, as is being done more and more, by a gift card or cryptocurrency which you are told to pay through a cryptocurrency ATM. Other times they ask for your Social Security number to confirm your identity. Of course, the phone call is a scam. Even if you have missed jury duty, you will never be called by legitimate court officers and shaken down for a payment.
Scammers will use a technique called “spoofing” to make the call appear on your Caller ID as if it is coming from a legitimate law enforcement agency or court. In some instances of the scam you are asked to confirm your identity by providing your Social Security number which will then be used to make you a victim of identity theft. The scam has evolved to where people are also being contacted by text messages or emails from scammers posing as a representative of the local court system.
Now in a new twist on this scam the caller directs you to a phony website that appears to be a legitimate government website (you can thank AI for that) where you are prompted to insert your birthdate and Social Security number for identification purposes. The website then prompts you to either pay the fine on the site or sends you to a cryptocurrency ATM to make the payment.
TIPS
Initial contacts from courts regarding jury duty are always in writing through the mail although some systems will permit you to receive future notices through email. Under no circumstances will you receive telephone calls or text messages indicating that you have failed to report for jury duty. No court will demand payment over the phone for failing to appear for jury duty and no court ever requires a payment be made via cryptocurrencies or gift cards. If you do receive such a call and you think that there is even the possibility that you might have forgotten to report for jury duty, merely call the local clerk of courts in order to get accurate information. Of course anyone calling you and telling you that you can pay your fine to them over the phone using your credit card or a gift card is a scammer.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – August 17, 2025 – Landline Identity Theft
A new scam that takes advantage of old technology is landline identity theft which has rececently been used by scammers to hack into someone’s bank account without knowing the password for the account. Many people no longer use landlines, but may not have noticed that an old landline number of theirs is still tied for security purposes to their bank account. Scammers will contact the phone company posing as the consumer to have their landline number moved to the cell phone of the scammer. The scammer then asks the bank to change his password whereupon the bank using its security protocol sends a verification code to the old landline phone number now controlled by the scammer which enables the scammer to then change the password and access the victim’s bank account.
Many people neglect or fail to remember to update their security settings for their accounts and an old phone number or email address in the hands of a scammer can lead to disaster.
TIPS
The first thing to do to avoid becoming a victim of this scam is to review all of the recovery and security settings on all of your accounts to make sure they are up to date and delete any old phone numbers or email addresses. You also should contact your phone service provider and have a PIN put on your account so that your number cannot be transferred to another phone without the PIN being used. If you are particularly paranoid, which I am sometimes, you may even arrange with your phone service provider to not transfer your phone number to another phone unless you do it in person.
Consider using an authenticator app for your accounts such as Google Authenticator, Authy or Microsoft Authenticator for the dual factor authentication on your accounts rather than, as is most common, having a code sent to your phone.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – August 16, 2025 – New York AG Sues Zelle For Enabling Fraud
New York Attorney General Letitia James is not afraid of bringing legal actions against powerful corporations that put profit over the security of their customers. In the Scam of the day for February 4, 2024 I told you about the lawsuit she brought against Citibank for failing to protect its customers from scams. Now she is taking on Zelle, the sevice created by major banks in 2017 that enables people to quickly and easily send money from their bank accounts to other Zelle platform users. Unfortunately, as I have often reported to you, Zelle has been a favorite method for scammers to lure their victims into paying them through a variety of scams. According to Attorney General James, Zelle lacks important verification steps that would help prevent fraud such that scammers can sign up for Zelle using misleading email addresses that make them appear to be legitimate businesses or government agencies. In the lawsuit, James points out the example of someone posing as a Con Edison employee threatening to turn off electricity unless money was sent by Zelle to the scammer who was able to use the name “Coned Billing” for the account.
If this sounds familiar to you, the Consumer Financial Protection Bureau had filed a similar lawsuit against Zelle in December of 2024, but the Trump administration dismissed the lawsuit earlier this year.
TIPS
Meanwhile if you are a Zelle user what can you do to protect yourself?
Before signing up for any Zelle you should familiarize yourself with their fraud protection rules. In the fine print you may find that you have little, if any, protection if you use the account to purchase something that ends up being a scam. Consumers should recognize that Zelle should not be used for commercial transactions, but only to transfer small amounts of money to people you know.
In order to protect your account from being hacked and being taken over by a scammer who could access your credit card or bank account, you should use a PIN or other dual factor authentication for your Zelle account.
To avoid having your Zelle account and other accounts from being taken over by scammers, never provide your username, password or PIN in response to any email, text message or phone call unless you have absolutely confirmed that the request for this information is legitimate, which it never is. You can confirm this by contacting your bank by calling them at a telephone number you know is accurate. Even if you get a call that appears to come from your bank or other company with which you do business, your Caller ID can be tricked by a technique called spoofing to make the call appear legitimate when it is not.
Finally, remember no governmental agency asks for or accepts payment by Zelle.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/