Scam of the Day
Scam of the day – April 24, 2026 – Amazon Recall Scam
Whatever is popular with the public is popular with scammers which is why it is not surprising that scammers are sending out text messages that appear to come from Amazon informing their targeted victims that there is a recall of a product that the targeted victim purchased through Amazon Prime. The text message looks legitimate and may even appear to come from a legitimate Amazon telephone number, but it is a simple matter for a scammer to “spoof” a legitimate number to make it appear that the call is originating from Amazon while actually coming from the scammer. The bogus text message informing you of the product recall provides a link that will take you to what appears to be the Amazon website and prompts you to provide your account information and your password. Using AI it is simple for a scammer to create a very legitimate appearing counterfeit Amazon website.
Anyone providing their account information and password would end up having their account taken over by the scammers who would quickly run up purchases and charges to the account.
Last year Amazon took down more than 55,000 phony Amazon websites, but it is a never ending battle because as soon as one is taken down, scammers create a new counterfeit site.
TIPS
Rather than only use a password for your Amazon account, you should either use dual factor authentication or an Amazon Passkey for your account. This will provide added security to your account to prevent your becoming a victim of this type of scam. To set up dual factor authentication on your account, use this link.https://www.amazon.ca/gp/help/customer/display.html%3FnodeId%3DGE6SLZ5J9GCNRW44
Passkeys enable you to use Face ID, Touch ID, Windows Hello or a device PIN rather than a password. In order to set this go to your Amazon account and then click on Login & security, then go to Passkeys and then click Set up.
As I always say, trust me, you can’t trust anyone so if you get a text message about a recall from Amazon, your best course of action is to either contact Amazon Customer Service at 1‑888‑280‑4331 or login to your account online or on the app and you will be able to see if there was a recall.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 23, 2026 – Comcast Settles Data Breach Class Action
In the Scam of the day for December 22, 2023 I first told you about the data breach affecting all thirty-six million customers of Internet service provider Comcast Cable Communications which occurred between October 16, 2023 and October 19, 2023 in which usernames, hashed (encrypted) passwords, birth dates, security questions and answers as well as the last four digits of the Social Security numbers of its customers were compromised. Some people might mistakenly believe that having only the last four digits of their Social Security number in the possession of scammers does not put them in jeopardy. It most certainly does. The first three digits of your Social Security number relate to where you live and is easily determined; the second two digits are group numbers that until 2011 were based on when you obtained your Social Security number and are even available on the Social Security website for years up till 2011, but even for numbers issued after that date, there are only 99 possibilities so it is not particularly difficult for an identity thief to determine your Social Security number with just the last four digits. Armed with your Social Security number, a criminal can make you a victim of costly identity theft quite readily.
A class action against Comcast alleging negligence in protecting the personal information of its customers was filed shortly after the data breach and the case has now settled with Comcast agreeing to pay $117.5 million. As is common in such settlements, Comcast did not admit liability. Class members can receive reimbursement for out-of-pocket expenses and lost time. Alternatively, class members can choose a cash payment of $50. In addition to the cash payments, Comcast is also offering class members three years of credit monitoring, dark web monitoring, authentication alerts, high-risk transaction monitoring, identity theft insurance and monthly credit score tracking. The deadline for filing a claim is August 14, 2026. Here is the link to where you can file a claim. https://forms.ksacms.com/efiling/fr/eform/comcastbreachsettlement_claimform/new?form-version=1&fr-wizard-page=section-1
Regardless of whether you were affected by this particular data breach, we are all likely to be victims of future data breaches. So what can you do to protect yourself from data breaches that will be occurring?
TIPS
One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible. For example, your doctor doesn’t need your Social Security number for his or her records.
You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. If your information is compromised in a data breach, you should immediately change the password for that account.
If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password. However it should be noted that the malware responsible for this particular data breach is able to bypass password requirements and dual factor authentication.
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 22, 2026 – Cryptocurrency Scams Surging
The recent released FBI annual Internet Crime Report for 2025 highlights that cryptocurrency scams were responsible for half of all cybercrime losses last year with losses topping $11 billion. There are a variety of scams that utilize cryptocurrencies as a hook including:
- Scammers contacting their victims through social media or text messages offering high or guaranteed profits through fake cryptocurrency investments and trading platforms.
- Pig butchering scams where scammers perpetrate romance scams in which after taking time to build trust and emotional attachment on the part of their victims they urge their victim to invest in their fake cryptocurrencies and trading platforms.
- Scammers pose as support agents for legitimate cryptocurrency platforms telling their victims that their cryptocurrency wallets have been compromised and they need to share their cryptocurrency keys or recovery phrases in order to protect their funds.
- Free cryptocurrencies being given away by celebrities as shown in social media videos.
TIPS
Always be wary of any promises of guaranteed profits or profits that appear to good to be true. Also, you can check out whether a particular cryptocurrency platform is registered with the SEC at https://www.sec.gov/edgar. You can also check out the legitimacy of cryptocurrency platforms at CoinMarketCap – https://coinmarketcap.com or Coin Gecko https://www.coingecko.com. The apps used in the pig butchering scam may appear to be legitimate, but they are not found on official app platforms such as Google Play or the Apple App Store. Do your homework before investing in cryptocurrencies and only do business with well established cryptocurrency exchanges. Never invest merely because of the recommendation of someone you may have met online.
Your digital wallet is where the key that allows you to access your cryptocurrency account is found. If your key falls into the hands of a hacker, you can easily lose all of your cryptocurrency account so it is of paramount importance to secure your digital wallet. Digital wallets can either be hot wallets or cold wallets. Hot wallets are connected to the Internet which makes them more susceptible to being hacked which is why a cold wallet which is not connected to the Internet, but rather is is kept in a portable hard drive is your best bet.
When doing cryptocurrency transactions online, use a Virtual Private Network (VPN) to provide encryption for your communications which will make the transactions more secure and refrain from using public WIFI for cryptocurrency transactions. Use a strong, complex password for your account and consider using a password manager or store your password on a portable hard drive that you keep in a secure spot.
Use dual factor authentication for your account for additional security, however, it is important to note that many cryptocurrency thefts have occurred when hackers were able to defeat dual factor authentication through SIM swapping whereby they contact the cell phone service provider of their victim, answer a security question and manage to get the cell phone service provider to switch the phone number of the victim to a phone controlled by the criminal thus defeating the dual factor authentication.
The best thing you can do to protect your SIM card from being swapped is to set up a PIN or password to be used for access to your mobile service provider account. This will help prevent a criminal from calling your carrier posing as you and convincing your mobile carrier to swap your SIM card to the criminal’s phone merely by providing personal identifying information or answering a security question.
Finally, I strongly urge anyone considering investing in cryptocurrencies as well as any investment to research the investment thoroughly before investing. No one should ever invest in anything they do not fully understand.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 21, 2026 – Evite Online Invitation Scam
Evite is a popular online invitation platform that allows users to create, send, and manage digital invitations for events such as parties, weddings, meetings, and other gatherings. It’s widely used because it simplifies the process of inviting guests and tracking RSVPs. Evite is trusted and familiar to many users, making it an effective disguise for phishing scams. Because people often receive Evite invitations from friends or colleagues, they may click links without suspicion—especially if the invitation appears to be for a social or professional event. If you click on links in a scam evite invitation you may end up downloading dangerous keystroke logging malware that can steal sensitive personal data such as passwords or account information from your phone or computer that will result in your becoming a victim of identity theft.
TIPS
While your security software may protect you from some malware, no security software can protect you from the latest versions of malware that exploits zero day defects which means that the malware is exploiting previously undiscovered vulnerabilities. The best option whenever you receive an evite or similar online invitation platform email is to contact directly the person or company that appears to be sponsoring the event before ever clicking on the invitation in order to determine whether it is legitimate or not. It may seem paranoid, but even paranoids have enemies.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 20, 2026 – Credit Card Declined Scam
Creative scammers have come up with a new way to scam you when you shop online. For years, I have warned you about phony retail websites that either appear to be that of legitimate retailers such as Wallmart or are just websites that come up high in a search engine search when you are looking to buy a particular item that offer great prices. Unfortunately, this problem has gotten worse with scammers now able to use AI to create phony retail websites that look entirely legitimate. Also, merely because a website comes up high in a search engine search does not mean that it is legitimate. Scammers either pay for a high position or are sufficiently savvy to create a site that the search engines’ algorithms will pick for a high position in a search.
In the past, the scammers would lure you into providing your credit card or debit card (which you should never use for purchases because the law does not protect you as much from fraudulent use) and then use your card to make purchases or if you provided your debit card, they will then access your bank account. Now, however, the scammer are getting greedy. When you attempt to use your credit card on their phony website you will be told that your card has been declined and so you need to use a second card. Once you do, you have now turned over two credit cards to the scammer to use for fraudulent purchases in your name.
So how do you determine if you are on a legitimate website?
TIPS
Scam of the day – April 19, 2026 – Beware of Evil Twins
Whether we are at the airport, a hotel, a shopping mall, a coffee shop or almost anywhere else, you will usually find free public Wi-Fi service offered so that we can use our cell phones, laptops or tablets to connect to the Internet. However with this convenience can come danger. Too many people assume that the Wi-Fi that they are using is secure and this is not always the case. In fact, often an identity thief will go to the same coffee shop or other venue and set up his or her own Wi-Fi which is what you may unwittingly be tapping into when you think you are connecting to the Wi-Fi of the particular coffee shop or other place you find yourself at. Technologically, it is easy to set up a phony Wi-Fi that can steal data from your cell phone, laptop or tablet and use that information to make you a victim of identity theft. Florida Attorney General Ashley Moody issued a warning about these scammer-created phony Wi-Fi networks which she calls “Evil twins.”
So what can you do to make using public Wi-Fi safe?
TIPS
It is always a good idea to make sure that your cell phone, tablet or laptop has a good firewall and is protected by anti-virus and anti-malware security software that is updated with the latest security updates. It is also a good idea not to use public Wi-Fi for banking or other financial transactions or, for that matter, anything that requires you to provide login credentials. Sensitive data should not be sent over public Wi-Fi. If you are going to use public Wi-Fi, the first thing you should do is check the hotspot name. Identity thieves often set up their phony Wi-Fi with names that appear quite similar to the legitimate Wi-Fi. For example, the public Wi-Fi offered at your coffee shop may be named GoodCoffee while the phony one may be something that with a cursory look appears legitimate, such as Go0dCoffee.
Always make sure when using public Wi-Fi that you are on the legitimate Wi-Fi site before proceeding to use it. Many cell phones and other devices automatically connect to nearby networks, which can connect you to the identity thief’s phony Wi-Fi before you realize it. Therefore disable automatic connection to networks. Finally, the best thing you can do to protect your privacy and security when using public Wi-fi is to use a Virtual Private Network app which will encrypt all of your data before sending it through the Wi-Fi connection. Here is a link to an article I wrote about VPNs that will tell you all you need to know (and possibly more) about VPNs. https://au.norton.com/internetsecurity-wifi-how-does-a-vpn-work.html and here is a link to an article that lists ten good VPNs that you can get for free. https://www.techradar.com/vpn/best-free-vpn
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 18, 2026 – NY Attorney General Lawsuit Against Zelle Update
In the Scam of the day for August 16, 2025 I told you about the lawsuit NY Attorney General Letitia James brought against Zelle, the service created by major banks in 2017 that enables people to quickly and easily send money from their bank accounts to other Zelle platform users. Unfortunately, as I have often reported to you, Zelle has been a favorite method for scammers to lure their victims into paying them through a variety of scams. According to Attorney General James, Zelle lacks important verification steps that would help prevent fraud such that scammers can sign up for Zelle using misleading email addresses that make them appear to be legitimate businesses or government agencies. In the lawsuit, James points out the example of someone posing as a Con Edison employee threatening to turn off electricity unless money was sent by Zelle to the scammer who was able to use the name “Coned Billing” for the account.
If this sounds familiar to you, the Consumer Financial Protection Bureau had filed a similar lawsuit against Zelle in December of 2024, but the Trump administration dismissed the lawsuit earlier this year.
The case is presently still in the pre-trial litigation phase where both sides are filing motions and gathering evidence. No trial date has been scheduled.
TIPS
Meanwhile if you are a Zelle user what can you do to protect yourself?
Before signing up for any Zelle you should familiarize yourself with their fraud protection rules. In the fine print you may find that you have little, if any, protection if you use the account to purchase something that ends up being a scam. Consumers should recognize that Zelle should not be used for commercial transactions, but only to transfer small amounts of money to people you know.
In order to protect your account from being hacked and being taken over by a scammer who could access your credit card or bank account, you should use a PIN or other dual factor authentication for your Zelle account.
To avoid having your Zelle account and other accounts from being taken over by scammers, never provide your username, password or PIN in response to any email, text message or phone call unless you have absolutely confirmed that the request for this information is legitimate, which it never is. You can confirm this by contacting your bank by calling them at a telephone number you know is accurate. Even if you get a call that appears to come from your bank or other company with which you do business, your Caller ID can be tricked by a technique called spoofing to make the call appear legitimate when it is not.
Finally, remember no governmental agency asks for or accepts payment by Zelle.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 17, 2026 – Free Piano Scam
Cybersecurity company Proofpoint discovered a scam in which people receive emails offering a free piano which is available often purportedly due to a death in the family or because the owner of the piano is graduating. The scam has largely targeted students and professors at colleges and universities. Often in the email, the scammer poses a someone from the same college or university as that of the targeted victim. In order to receive the free piano, all the targeted victim has to do is contact the moving company that presently has the piano to arrange for delivery. Delivery options in some of the emails have ranged from two day delivery for $915 to ten day delivery for $595. However, in order to have the delivery made, the targeted scam victim is required to pay the moving company in full for the cost of delivery.
A big indication that this is a scam is that the moving company asks for payment by Zelle or cryptocurrencies. No legitimate business demands payment by Zelle or cryptocurrencies, but scammers often do because of the anonymity for these types of payments and the difficulty in tracing or reversing payments made in this manner.
Of course, anyone paying the moving company for the piano never receives a piano and loses whatever money the targeted victim pays. Proofpoint has found that many of these scam phishing emails originate in Nigeria.
TIPS
B.S. Be Skeptical. People may trust emails such as this due to affinity fraud where we tend to trust people with whom we share some kind of connection and getting an email such as this that appears to come from someone at your college or university may cause the person receiving the email to trust it to be legitimate. Particularly if the offer appears to be about getting something for nothing, you should investigate the name of the person offering the free piano as well as confirm that the moving company is legitimate as well. The scammers use the names of legitimate moving companies, but when you contact them or go to their website, you are taken to a phony website or phone number.
Requiring payment by Zelle or cryptocurrencies is another indication that this is a scam.
Finally, it should be noted that while this scam is largely originating in Nigeria, the use of AI makes the emails very believable even where the person creating the email may not have American English as his primary language.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day
Scam of the day – April 16, 2026 – iCloud Storage Phishing Scam
The most effective scams take advantage of legitimate situations. Many people have gotten legitimate messages from Apple telling them that their iCloud storage under their present plan is full. If your iCloud storage is full you can still save your photos and videos to your iPhone or iPad and documents you create will stay on your device, but these photos, videos and documents won’t upload to your iCloud account. Scammers are taking advantage of confusion as to what it means to have your iCloud account full by sending text messages like the one shown below that your iCloud account has been blocked and that your photos, videos and documents may be deleted unless you upgrade your account immediately. Clicking on the link in the text message to upgrade storage brings you to an AI created and legitimate appearing Apple website where you are prompted to provide credit card information which, if provided will lead to identity theft and credit card fraud.
TIPS
The safest way to update your account is to do so in the following manner
On iPhone or iPad
- Open Settings
- Tap your name at the top
- Tap iCloud
- Tap Manage Storage or Manage Account Storage
- Tap Change Storage Plan
- Choose a plan and confirm with Face ID / Touch ID / passcode
On your computer you can update your account by going directly to the Apple website at https://appleid.apple.com
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 15, 2026 – Booking.com Data Breach
Scams involving the popular travel website Booking.com have increased dramatically over the last two years worldwide. The latest problem is a data breach which Booking.com confirmed earlier this week in an email to its users informing them that it had suffered a data breach in which booking details, names, emails, addresses, phone numbers and any other information Booking.com users may have shared with any hotel booked through Booking.com was compromised. Scammers are using this information to contact Booking.com customers posing as Booking.com or a hotel with which the customers has made a reservation through Booking.com and under a variety of pretenses asks for credit card information related to an upcoming hotel stay. The phone calls, text messages or phishing emails will look entirely legitimate and refer to specifics as to actual reservations, making the scam more believable.
TIPS
As always, you can never be sure when you get an email, text message or phone call as to who is really contacting you so you should never click on a link, make a payment or provide personal information in response to any communication unless you have absolutely confirmed that it is legitimate. In response to an email that appears to come from Booking.com, you can either use your Booking.com app to confirm whether the email was legitimate or call Booking.com at a phone number that you know is legitimate or go to the Help Center on the official Booking.com website. Finally, when making a payment for a reservation through Booking.com you should only make the payment on the official website or app.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/