Scam of the Day
Scam of the day – May 28, 2025 – FTC Shuts Down Student Loan Scammers
More than forty-two million Americans have student loans with an outstanding balance of more than 1.4 trillion dollars so it is no surprise that scammers are focusing their attention on these students and former students through scams that falsely promise to provide debt relief. I have written numerous times in the past about various student loan debt relief scams. In the Scam of the day for August 14, 2024 I first told you that the Federal Trade Commission had sued Panda Benefit Services which did business as Prosperity Benefit Services and seven other names for falsely claiming that people who paid upfront fees for their program were guaranteed to receive loan forgiveness. They also falsely claimed that they were affiliated with the Department of Education.
Now a final judgement has been issued in the case permanently banning Panda Benefit Services and its affiliates and operators from the debt relief industry and ordering them to turn over assets to the FTC to be used to compensate the victims of the scam. As more details emerge regarding the payment of those funds to victims of the scam, I will report them to you.
TIPS
The old adage still is true. If it sounds too good to be true, it probably isn’t true. Many of these student loan debt relief scammers promise quick loan forgiveness, which is unrealistic. In addition, you should never pay any upfront fees for student loan debt relief assistance. Those fees are illegal and are a sure indication that you are being scammed. Also, remember my motto, “trust me, you can’t trust anyone.” Don’t trust scammers merely because they claim that they are affiliated with the government. You also should never share your FSA ID with anyone.
I will keep you informed as to the progress of this lawsuit and if funds are obtained from the defendants to be returned to the scam victims, I will provide you with the information you need to make a claim.
Finally, if you are interested in knowing about legitimate options for reducing student loans, go to the Department of Education’s website which describes the various loan forgiveness plans offered by the federal government. Here is a link to that information. https://studentaid.gov/manage-loans/forgiveness-cancellation
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 27, 2025 – Facebook Marketplace Scam
Facebook Marketplace is a popular and convenient place for people to buy and sell things so, of course, scammers are drawn to it. Scams on Facebook Marketplace have increased dramatically in the last couple of years. A recent scam turning up on Facebook Marketplace starts when you list an item for more than a few hundred dollars. Shortly thereafter you are contacted by a scammer posing as a legitimate buyer who wants you to use Zelle, Venmo or some other P2P Service to pay you for the item. Peer to Peer Payment Payment Services (P2P) such a Zelle are used by many people to quickly and conveniently send money electronically from your credit card or bank account. Sending money through Zelle only requires you to enter the recipient’s phone number or email address.
Then the fun begins (for the scammer). You next receive an email that purports to have been sent by Zelle indicating that the buyer paid you through a Zelle “business account” and that you need to upgrade your personal Zelle account to a business account in order to receive the payment from the scammer posing as the buyer. You are then told that in order to upgrade your account, the amount sent to you needs to be increased by $300. The scammer then tells you that he or she will gladly send you an additional $300 through Zelle in order to enable the transaction if you merely refund the excess payment to them through Zelle. Of course, soon after refunding the $300, which was never paid by the scammer to begin with, the scam victim realizes he or she has just been scammed out of $300.
TIPS
Unfortunately, Zelle has proven to be easily exploited by scammers and unlike scams targeting your credit cards directly, you may not have as much protection under the law to get your money back if you do get scammed. Although the Consumer Financial Protection Bureau issued guidelines last year indicating that all online money transfers such as this that were done as a scam should be reimbursed by the bank, many banks are refusing to refund money lost by the scam victims.
Making matters worse, while you can tie a credit card to your Venmo account (although they will charge you 3% each time you use it), Zelle requires you to either tie your bank account directly to the Zelle account or your debit card to the account. Either way, if a scammer gets access to your Zelle account, you have turned over your bank account to the scammer.
Also, while Zelle has business accounts, you don’t need to upgrade your account in order to receive a payment from a Zelle business account. Frankly, I don’t think anyone should use Zelle, Venmo or any of the other P2P services for anything other than sending small amounts to friends and family. The potential for scams is too great and your ability to get reimbursed is low.
Finally, anytime someone sends you an overpayment for whatever reason and asks for you to send funds back, you should be skeptical as this is always a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 26, 2025 – New Online Shopping Credit Card Scam
Creative scammers have come up with a new way to scam you when you shop online. For years, I have warned you about phony retail websites that either appear to be that of legitimate retailers such as Wallmart or are just websites that come up high in a search engine search when you are looking to buy a particular item that offer great prices. Unfortunately, this problem has gotten worse with scammers now able to use AI to create phony retail websites that look entirely legitimate. Also, merely because a website comes up high in a search engine search does not mean that it is legitimate. Scammers either pay for a high position or are sufficiently savvy to create a site that the search engines’ algorithms will pick for a high position in a search.
In the past, the scammers would lure you into providing your credit card or debit card (which you should never use for purchases because the law does not protect you as much from fraudulent use) and then use your card to make purchases or if you provided your debit card, they will then access your bank account. Now, however, the scammer are getting greedy. When you attempt to use your credit card on their phony website you will be told that your card has been declined and so you need to use a second card. Once you do, you have now turned over two credit cards to the scammer to use for fraudulent purchases in your name.
So how do you determine if you are on a legitimate website?
TIPS
Scam of the day – May 25, 2025 – Massive Data Breach of 184 Million Accounts Discovered
Last month I told you that Verizon had issued its annual data breach report which appears to exemplify my motto that “things aren’t as bad as you think, they are far worse.” Regardless of how diligent you are in protecting your personal information such as your Social Security number, you are only as safe as the myriad of companies, institutions and government agencies with the worst and most vulnerable security practices that have your personal information. The report confirmed 12,195 data breaches last year, an increase of 34% over the previous year. Data breaches continue to be a major problem for all of us with more than 1.35 billion people affected in 2024.
Security researcher Jeremiah Fowler recently discovered a publicly available, unencrypted database containing 184 million unque account credentials including usernames, passwords, and URLs for many apps and websites including Google, Miocrosoft, Apple, Facebook, Instagram and Snapchat including credentials for bank and financial accounts. One particular problem Fowler noted is that many people use their email accounts to store years of sensitive documnts such as tax returns which if their email accounts are accessed can quickly lead to identity theft.
TIPS
This is a good time to remind everyone to make sure you use strong, unique passwords for each of your online accounts and enable dual factor authentication so that even if a cybercriminal has your user name and password, he or she would not be able to access your account.
Freezing your credit is actually something everyone should do. It is free and easy to do. It protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 24, 2025 – 19 Year Old College Student Pleads Guilty to Hacking PowerSchool
I first told you about the massive data breach at PowerSchool a major education technology software company used by 16,000 educational institutions with 50 million students in January. The hacker claimed to have harvested sensitive personal information of 62.4 million students and 9.5 million teachers. The compromised information included the names, addresses, Social Security numbers and medical information along with much additional personal informaion of students and teachers.
Now Matthew Lane, a 19 year old college student from Massachusetts has entered into a plea agreement and admitted that he hacked PowerSchool. He potentially faces a two year prison sentence.
While we know that identity theft is a major problem for adults, it is also a huge problem for children. According to Michael Bruemmer the Vice President of Consumer Protection for Experian 25% of minors will have their identities stolen before they turn 18. Identity thieves steal the identity of a child and then run up large debts using the credit of the child, who generally does not become aware that his or her identity has been stolen until he or she reaches older teen years when the teenager might first apply for a car loan or financial aid for college.
TIPS
If you find out that you or your children have become a victim of identity theft, notify each of the three credit reporting agencies, Equifax, Experian and TransUnion of the crime and ask them to investigate and remove the false information from your files.
Parents also should, as much as possible, try to limit the places that have their child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and enables you to opt out of information sharing by the school with third parties. You also should freeze the credit reports of your children. Until 2018 there was no national law that allowed the credit reports of children to be frozen, but in the wake of the major Equifax data breach, Congress passed laws that now permit children’s credit reports to be frozen and unfrozen for free.
Here are the links to information about how to freeze your child’s credit reports at each of the three major credit reporting agencies.
https://www.transunion.com/credit-freeze
https://www.equifax.com/personal/education/identity-theft/freezing-your-childs-credit-report-faq
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 23, 2025 – Memorial Day Scams
As we honor our veterans on Memorial Day, May 26th it is important to remember that scammers take Memorial Day as just another opportunity to scam veterans and others. In the case of Memorial Day, you can expect to be solicited by scammers by phone (remember legitimate charities can call you by phone even if you have enrolled in the Do Not Call List because charities are exempt from the Do Not Call List), email or letters asking for your money for various veterans causes or charitable ventures tied to Memorial Day.
Another common scam targets veterans and starts with a telephone call in which the veteran is told that in order to continue to receive various benefits, it is necessary to verify personal information such as the veteran’s birth date, Social Security number or bank account information. Of course, the call is not from the Veterans Administration and the call is not to verify information, but rather to gain information to be used to make the veteran a victim of identity theft.
TIPS
You never know who is on the other line of a telemarketing call, so never trust them. Remember my motto, “trust me, you can’t trust anyone.” If you are at all interested in what the caller appears to be selling or soliciting, ask them to send you written materials that you can then check out to see if it is legitimate. When it comes to charities, a good place to go is www.charitynavigator.org where you can see if a charity is legitimate or a scam as well as actually how much of the money they collect goes toward their charitable purposes and how much towards salaries and administrative costs.
As for calls purporting to be from the Veterans Administration, they do not call you on the phone to verify information. If you receive such a call, you can never be sure who is really calling because clever identity thieves are able to use a technique called “spoofing” to make it appear on your Caller ID as if the call from the identity thief is coming from the VA.
Since you cannot be sure who is calling you when you receive a call asking for personal information, you should never give that information out in response to a phone call, text message or email. Instead if you have the slightest thought that the communication may be legitimate, you should contact the real entity, in this case, the VA at a phone number that you know is accurate to inquire where you will learn that the initial contact was a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 22, 2025 – Celebrity Imposter Scams Increasing
For years I have told you about scammers posing as various popular celebrities luring unsuspecting people into scams However, with the increased of Artificial Intelligence these imposter scams, generally perpetrated through emails, text messages and social media have become both more believable looking and more frequent as the deepfake and other AI technology becomes readily available to less technologically savvy scammers. Scammers pose as celebrities in a variety of scams including phony celebrity endorsed products, cryptocurrency investment scams, romance scams and videos in which the scammers lure unsuspecting victims into downloading malware that can lead to identity theft.
Last summer, AI was used to make a video in which it appeared that Jennifer Lopez was endorsing a skincare product. She was probably even more upset than most celebrities whose names and images are used in phony endorsements and scams because in the skincare product video, the scammers used AI to add fake wrinkles to her face.
Last year a scam group called the “Yahoo Boys” based in Nigeria began using artificial intelligence to change their facial features in Zoom videos to appear to be the person they are posing as in the romance scam. They also can use AI to change their voice and accent to sound legitimate and while doing a video conference with a romance scammer in the past was a good way to see if the person was actually who they claimed to be, now scammers using this technology will be very difficult to recognize as scammers.
Investment scams in which the scammers pose as celebrities, often Elon Musk often appear on social media either offering free cryptocurrencies or phony cryptocurrency investment opportunities.
TIPS
In regard to celebrity endorsements, you should never take them at face value. Confirm on the celebrity’s website to see if they really do endorse a particular product.
Dating sites Match, Tinder, Hinge and Plenty of Fish have a public awareness program to help people recognize romance scams. One tip they give is to use the verification check on your matches to help confirm they are the person who appears in the profile photo.
As for celebrity based romance scam, it is important to recognize that celebrities aren’t reaching out online to people they have never met to start romantic relationships.
Never invest in anything that you do not understand. No one should invest in cryptocurrencies unless they are knowledgeable about the investment. As for trading sites, you should always investigate any site you are considering before investing. See if the platform is registered with the SEC and licensed. You can also look for reviews of the site on cryptocurrency watchdog sites such as CoinMarketCap or CoinGecko. Also, check with the domain registry site https://www.whois.com/ to see who set up the particular site and how long it has been in existence.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 21, 2025 – Watch Out For VIN Cloning When Buying a Used Car
Every car has a Vehicle Identification Number or VIN that is unique for each car. Scammers are taking photos of the VIN number which can be found just below the windshield on the driver’s side of a car that is the same make, model and year of a car that the scammers have stolen and then make a new metallic VIN plate with the cloned number and swap it out for the VIN number of the car the stolen car. They then offer their stolen car for sale. In December of 2019, Meril Bauter responded to an ad for a 2019 Toyota 4Runner on Facebook Marketplace. The scammer sent the VIN number which Ms. Bauter used to do a VIN search and a Carfax search and everything checked out fine even though the actual car was a stolen car whose real VIN had been removed. She then paid $40,000 in cash to the scammer and registered her car. It wasn’t until three years later that the scam was discovered and the car was seized by law enforcement due to its being a stolen car. Fortunately, Farmers Insurance, Bauter’s automobile insurance company paid her claim.
So how do you protect yourself from being a victim of VIN cloning?
TIPS
The VIN number is found not only on the dashboard by the windshield, but also in the front door. Make sure they both match. Also, run your finger over the VIN plate and look for signs that the VIN plate may have been switched. You also should compare the VIN number to the VIN number that appears on the Title and all other documents that relate to the car. It is also important to get a Carfax or other vehicle history report on the vehicle and review it carefully for any discrepancies. This scam often doesn’t involve cars that are the exact make model and year of the stolen car. Additionally, you should have a mechanic inspect any used car you are considering buying for indications that it is not as represented.
Trust me, you can’t trust anyone.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 20, 2025 – T-Mobile Data Breach Settlement Update
In August of 2021 I reported to you about a data breach at T-Mobile initially discovered when hackers started offering for sale on the Dark Web data of what they said was 100 million customers of phone carrier T-Mobile for sale. T- Mobile confirmed the data breach but said that the number of people affected was approximately 76 million people. The information being sold included names, phone numbers, Social Security numbers and addresses. Also being sold were the PINS used by some T-Mobile customers to protect their accounts from identity theft that now are in the hands of hackers. This type of information poses a tremendous threat to victims of the data breach, which is the sixth for T-Mobile in the last four years. Social Security numbers in particular can be used by identity thieves to apply for credit cards and loans in your name. In addition, the phone numbers and the fact that the victims of the data breach are known to be T-Mobile customers enables the hackers to create phony phishing text messages, called smishing, posing as T-Mobile and luring the targeted victim into clicking on a link in the text message that can download destructive malware.
A class action on behalf of victims of the data breach was settled, following which, T-Mobile sent notices to affected customers. Customers could claim reimbursement for out-of-pocket losses and lost time due to dealing with the effects of hte data breach. In addition, anyone else could have made a claim for a cash payment of $25 or $100 if they were a California resident.
Now, finally checks are going out this month to victims of the data breach.
TIPS
Any funds left over from the $350 million dollars T-Mobile agreed to pay pursuant to the settlement after the disbursements are made this month will be split across the board to all victims of the data breach.
People should be wary of any text messages, phone calls or emails that they receive purportedly from T-Mobile, but sent by scammers, regarding the settlement that ask you to click on a link, to provide personal information or to make a payment to be eligible for the reimbursement. If you do have questions regarding the settlement go to the official settlement website
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 19, 2025 – FBI Issues Warning About Home Routers
The Internet of Things is made up of a broad range of devices connected to the Internet including home thermostats, security systems, medical devices, refrigerators, televisions, cars and toys. Our homes have become filled with these devices including Alexa and Siri. The FBI has longed warned consumers about the dangers presented by hacking of various devices that makeup the Internet of Things.
Cybercriminals hack into your devices that are a part of the Internet of Things to enable them to enlist your devices as a part of a botnet by which they can distribute malware while maintaining their anonymity. They also can hack into your Internet of Thing devices to access your home computers or cell phones to steal information for purposes of identity theft or to implant malware on your home computers and cell phones. The risks are extreme, but there are some basic steps you can take to protect yourself.
The key to protecting yourself is having a secure router. The router is the networking device that is used to transfer data between your computer and the Internet. Recently the FBI issued a warning about 13 outdated, end-of-life routers that are no longer supported by their manufacturers with software updates and patches to fix vulnerabilities. Cybercriminals, particularly Chinese cybercriminals are exploiting the lack of security of these routers to gain access to your computers and other devices and install malware and make it part of a botnet. Here is a link to the FBI warning which lists the vulnerable routers which should be replaced with more secure routers. chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.ic3.gov/CSA/2025/250507.pdf
TIPS
In addition to replacing end-of-life routers with newer more secure routers there are also other steps you should be taking to provide better security. Disable remote management settings on your routers and make sure you are using a strong password as well as encryption. Also, make sure you are not using the default factory-set username and password, which would make your router quite vulnerable.
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding. Make sure that you install the latest security patches as soon as they become available. Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.
Finally, make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks. Routers are a critical part of your smart home security. Make sure it will automatically download and install the latest security updates from its manufacturer. If your router is an older router that does not have this capability, you can check the manufacturer’s website regularly for the latest updates, but frankly, you are probably better served by getting a newer, more secure router. Make sure you have a unique password for each of your Internet of Things devices and use dual factor authentication whenever you can for all of these devices.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”