Scam of the Day
Scam of the day – April 21, 2025 – Gift Cards are a Scammers Best Friend
Scammers are big fans of gift cards because they are easy to purchase, easy to send to the scammer and impossible to trace to the scammer. According to the FTC, consumers lost 228 million dollars to gift card scams last year. It is not even necessary for the scammer to be in possession of the actual gift card to use it. Sending the gift card numbers or taking a picture on your phone and transmitting it to the scammer is sufficient for the scammer to use the gift card to buy things that can then be sold and converted into cash.
In many instances the scams involved scammers posing as large companies or government agencies such as the IRS demanding payments. It is important to remember that no legitimate company and no government agencies asks for or accepts gift cards as a payment method so anytime you are asked for a payment by gift card, you can be confident it is a scam. For example Apple gift cards cannot be used for anything other than buying Apple products which are a favorite of scammers who use them to buy high end Apple products and sell them on the black market to launder the stiolen funds.
In an interesting development, the FTC noted that Target gift cards were the most popular choice for scammers with scammers asking specifically for Target gift cards in twice as many instances as the next most popular gift card and even when the gift card requested by the scammers was not a Target gift card, the scammers asked their victims to purchase the particular gift cards at a Target store.
TIPS
Although it is impossible to stop payment on a gift card or trace the user after the scammer has used it, if you recognize immediately that you have provided a gift card to a scammer, you can report it to the issuer to cancel the card. Here is contact information for some popular gift cards.
Amazon
- Call 1 (888) 280-4331.
- Keep the Amazon card itself and your receipt for the Amazon card.
- Learn about Amazon gift card scams and how to report them. Click on “Contact us.”
Google Play
- Report the gift card scam to Google.
- Keep the Google Play card itself and your receipt for the Google Play card.
- Learn about Google Play gift card scams and how to report them.
iTunes
- Call Apple Support right away at 1 (800) 275-2273. Say “gift card” to connect with a live representative.
- Ask if the money is still on the iTunes card. If so, Apple can put a freeze on it. You might be able to get your money back from them.
- Keep the iTunes card itself and your receipt for the iTunes card.
- Learn about iTunes gift card scams and how to report them.
Target
- Call Target GiftCard Services at 1 (800) 544-2943
MoneyPak
- Report gift card scams to MoneyPak.
- Keep the MoneyPak card itself and your receipt for the MoneyPak card.
- Learn about MoneyPak gift card scams.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – April 20, 2025 – MyChart Phishing Scam
This is a very convincing phishing email. It contained the first name of the Scamicide reader who forwarded it to me. I have blocked out the name to protect the reader’s privacy. I also have disarmed the links contained in the email which, if clicked on, would have taken you to an official appearing site where you would have been prompted to provide your username and password. Providing this information to a scammer would result in identity theft.
Here is a copy of the MyChart phishing email presently being circulated
Hello XXXX,
You have a new message in MyChart! Please sign in to read your message.
Thanks for using MyChart
Sign In to MyChart
MyChart is available on the go!
To change what notifications you receive and how you receive them,
log in to MyChart and choose Notifications from the Preferences menuTIPS
This is a particularly insidious phishing email because the email address from which it was sent could appear to be legitimate and is not one that is obviously the email address of someone whose email account was hacked and made a part of a botnet of computers used to send out such phishing emails. Also, the targeted victim’s name was included in the email.
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony website where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.
If you receive an email like this and think it may possibly be legitimate, merely call your health care provider where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of legitimate numbers to trap you if you make a mistake in dialing the real number.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 19, 2025 – Hertz Data Breach
Data breaches are all too common and the latest data breach involves car rental company Hertz which also operates the Dollar and Thrifty car rental companies. Customer information for the three car rental companies was compromised in a data breach involving Cleo Communications, a company that is a third party vendor that provides file transfer services for the Hertz parent company. The breach occurred between October 2024 and December 2024, but was just now disclosed to the public. The compromised information included names, contact information, birth dates, credit card information, driver’s license information as well as Social Security numbers for what Hertz says was a smaller group of people.
The compromised information can readily lead to identity theft.
TIPS
Victims of this data breach should freeze their credit if they have not already done so. Freezing your credit is actually something everyone should do. It is free and easy to do. In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – April 18, 2025 – The Tariff Scams are Coming
With the political and economic news constantly filled with reports about tariffs being imposed by President Trump on 90 countries around the world with the amount of the tariff varying from a low of 10% which was the amount imposed on the Heard Island and McDonald Islands which are inhabited only by penguins to a high of 125% on China. As they always do when something is prominent in the news, scammers are eager to take advantage of the situation for new scams. In the last few months scammers have registered more than 300 websites including one entitled “U.S. Customs and Tariffs” that we can expect they will be using to scam businesses and individuals into making payments. We can expect companies and even individuals to start receiving phishing emails with phony invoices for goods that contain an indication of a charge for the tariffs and direction to the phony AI created websites to make the payments.
Another tariff related scam starts with an email that appears to come from Federal Express, UPS or some other delivery service claiming that they have a package for you, but in order to have it delivered you need to pay a tariff through a link to a legitimate appearing, but phony website. In a variation on the previous delivery scam, someone posing as a Federal Express or other delivery service employee actually comes to your home the day after you received a delivery asking you to pay for the tariff on the delivery you received. In this case the scammer has learned of the delivery through hacking your computer.
TIPS
The truth is that tariffs are typically paid by importers when goods enter the country. These costs are often passed on to consumers as part of the purchase price of the product, but are not included as a separate item on a bill for a consumer good. Anyone or any company that is not an importer receiving a bill asking them to pay a tariff is being contacted by a scammer and you should ignore it. Also, neither Federal Express nor any other delivery service collects tariffs from people to whom they deliver items.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type your email address on the tab that states “Sign up for this blog.”
Scam of the day – April 17, 2025 – Facebook Cloning Continues to be a Problem
Recently I got a Facebook friend request from a good friend of mine. The only problem was that we were already were Facebook friends.
If one of your friends received a Facebook friend request that appeared to come from you, it does not mean that your account was hacked. It does mean however that, most likely, your account was cloned in the sense that someone has set up a Facebook account or some other social media account in your name or a slight variation of it in order to trick people into trusting messages that they post, to lure them into scams or to trick them into clicking on links containing malware.
This is nothing new. Facebook estimates that there are as many as 60 million phony cloned Facebook accounts including hundreds of its founder Mark Zuckerberg. Facebook tries to remove the cloned accounts when it becomes aware of them, but they consistently spring up again soon thereafter. You also should let your friends know that your account has been cloned and warn them not to accept any new friend requests from you. If you do find that someone has set up a Facebook account in your name, you should contact Facebook as soon as possible in order for Facebook to take action to cancel the phony cloned account. Here is a link you can use to report such a phony or cloned account. https://www.facebook.com/help/306643639690823?helpref=uf_permalink
TIPS
As indicated above, if you do receive a friend request from someone who already is a Facebook friend of yours, you should contact the friend to let them know that their Facebook account has been cloned so they can report it to Facebook and get the phony, cloned account taken down. It is also important to remember that there will be times that you are contacted by what appear to be real friends or acquaintances where the truth is that it really is not them contacting you, but someone posing as them. Never click on links in any email or text message unless you have absolutely confirmed that the communication is legitimate. Never provide personal information in response to any communication as well until you have confirmed that it is legitimate. As I always warn you, trust me, you can’t trust anyone.
This is probably also a good time to remind you about steps you can take to actually make your Facebook account more impervious to actually being hacked. The first thing you should do is make sure you have a strong password. For some advice about choosing a strong password, go to the Search scams tab in http://www.scamicide.com and write in “strong password” which will bring up a number of Scams of the day in which I described how to pick a strong password.
You should also enable two factor authentication for your account which will dramatically strengthen the security of your Facebook account. Here is a link with more information about how to install dual factor authentication for your Facebook account. https://m.facebook.com/help/148233965247823?helpref=faq_content
You also may want to review your privacy settings on Facebook to make them less vulnerable to hackers. Here is a link with more information about adjusting your privacy settings on Facebook. https://m.facebook.com/help/193677450678703?helpref=hc_fnav&refid=69
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”
Scam of the day – April 16, 2025 – Sophisticated Airbnb Scam
Airbnb is a deservedly popular service that connects homeowners wishing to rent a room or their entire house with vacationers and other travelers in 191 countries around the world. I have used Airbnb many times. Unfortunately, anything popular with the public is also popular with scammers and reports are increasing about scams involving people paying scammers for renting a non-existent room or a home that the scammer does not own. Many of the victims of these scams do not find out that they have been scammed until they show up at the rental,which may be far away, only to learn that it is not for rent and their money is gone.
Generally, a telltale sign that the Airbnb listing is a scam occurs when the “homeowner” or “host” as they are referred to in Airbnb asks to communicate with the victim off of the Airbnb website. They also ask for the money to be wired to the scammer’s account . As I have told you many times before, once you have wired funds, they are gone forever.
However, in the last six years a more sophisticated Airbnb scam has arisen. Computer savvy criminals created a subscription service called Land Lordz which they lease to less sophisticated criminals to assist them in victimizing Airbnb customers. Land Lordz helps criminals create and manage phony listings on phony websites that look like Airbnb. The phony listings are generally copied from legitimate Airbnb listings and will include fake reviews as well. The phony Airbnb site emphasizes that all payments will go through Airbnb and will therefore be safe and secure. If someone asks for further details, which is common, the scammers email a response with a link that appears to take you to the real Airbnb website, but instead takes you to a phony website that merely appears legitimate and with the use of AI, it is a simple matter for a criminal to create a legitimate appearing website. When the targeted victim of the scam logs into the phony Airbnb website, the scammers are notified and respond by demanding a deposit be wired to them. Once the money is wired, the funds are lost forever.
TIPS
Only communicate with hosts through the Airbnb website and use the Airbnb payment system with a credit card. The credit card companies are quite good at refunding funds lost to scams. Airbnb does not forward payment to the host sooner than 24 hours after the guest checks in. Never use wired funds, certified checks, debit cards or any other method of payment other than a credit card through the Airbnb payment system to pay for accommodations. Always check your browser’s address bar to make sure that you are indeed on the real Airbnb website and don’t click on links to go to a website, but rather always type in the website address independently. Airbnb also provides for dual factor authentication which I urge you to use if you have an Airbnb account for greater for protection.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type your email address on the tab that states “Sign up for this blog.”
Scam of the day – April 15, 2025 – Mavis Wanczyk Lottery Scams Continue to Snare Victims
She’s back! Actually, she has never left. I have been writing about scams related to Mavis Wanczyk for eight years but recently I have received many emails from Scamicide readers telling me about various new incarnations of a variety of scams that share the same hook which is that Mavis Wanczyk is giving money away to lucky people. Many of you may not remember the name of Mavis Wanczyk, but she was the lucky winner of a 758 million dollar Powerball drawing in 2017. Not long after she claimed her prize, a scam started appearing in which many people received emails with the message line referring to the Mavis Wanczyk Cash Grant. The email indicated that you were chosen to receive a large cash grant from Mavis Wanczyk. All the lucky strangers receiving the emails had to do was provide personal information in order to qualify for the grant. In addition, phony social media accounts on Twitter, Facebook and Instagram were also set up in Ms. Wanczyk’s name through which people were contacted with the same phony offer of free money informing them that in order to qualify for the grant they merely needed to provide personal information.
Numerous Scamicide readers have told me that they have encountered the phony Mavis Wanczyk scammers on Instagram including one Instagram post that reads “I’m Mavis Wanczyk, the mega winner of $758 Million in Mega Millions Jackpot. I’m donating $50,000 to first 100 followers as a lucky winners.” Apparently, the fake Mavis Wanczyk is not very good at grammar or even remembering that the real Mavis Wanczyk won Powerball not Mega Millions. Instagram takes down the phony Mavis Wanczyk accounts as soon as they learn about them, but they continue to reappear shortly thereafter.
TIPS
It is difficult to win a lottery you have entered. It is impossible to win one that you have never entered and neither lottery winners, nor anyone else is sending out messages through the Internet offering free money to anyone who responds with personal information. Never give out personal information that can make you vulnerable to identity theft unless you have absolutely verified that the party requesting the personal information is legitimate and has a legitimate need for the information. Also never pay anything to a lottery claiming you owe fees in order to claim your prize. This is a telltale sign of a scam. No legitimate lottery requires the payment of a fee to collect your winnings or requires you to pay the lottery income taxes on the prize. While income taxes are due on lottery winnings, those taxes are either deducted by the lottery sponsor before giving you your prize or the prize is given to you in full and you are responsible for the payment of any taxes. No lottery collects taxes on behalf of the IRS.
You should never give anyone access to your social media accounts because scammers use your account to scam others who trust you and fall for scams that appear to come from you.
Finally and most importantly, remember neither Mavis Wanczyk nor any other lottery winner is giving away money to strangers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
Scam of the day – April 14, 2025 – Hacking Your Computer Through Your Smoke Detector
I have been warning you about dangers in the rapidly expanding Internet of things for more than eleven years. The Internet of Things is made up of a broad range of devices connected to the Internet including home thermostats, security systems, medical devices, refrigerators, televisions, cars and toys. Our homes have become filled with these devices including Alexa and Siri. The FBI has longed warned consumers about the dangers of posed by hacking of various devices that makeup the Internet of Things.
Cybercriminals hack into your devices that are a part of the Internet of Things to enable them to enlist your devices as a part of a botnet by which they can distribute malware while maintaining their anonymity. They also can hack into your Internet of Thing devices to access your home computers or cell phones to steal information for purposes of identity theft or to implant malware on your home computers and cell phones. Any device you have in your home that is connected to the Internet poses a threat. One device that people hardly give any thought to is your smoke detector. Newer, sophisticated smoke detectors have the capability to send data to your phone or the manufacturer which they do through your router and this make them vulnerable to being hacked.
TIPS
Most of the devices that make up the Internet of Things come with preset passwords that can easily be discovered by hackers. Change your password as soon as you set up the product. Also, set up a guest network on your router exclusively for your Internet of Things devices. This is important so that you can keep the sensitive personal information you have on your computer or cell phone from being accessible through a hacking of any of your Internet of Things devices.
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding. Make sure that you install the latest security patches as soon as they become available. Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.
Make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks. Routers are a critical part of your smart home security. Make sure it will automatically download and install the latest security updates from its manufacturer. If your router is an older router that does not have this capability, you can check the manufacturer’s website regularly for the latest updates, but frankly, you are probably better served by getting a newer, more secure router. Make sure you have a unique password for each of your Internet of Things devices and use dual factor authentication whenever you can for all of these devices.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – April 13, 2025 – Is the American Community Survey a Scam?
Many people are receiving letters, phone calls and even visits from people representing that they are with the United States Census Bureau taking a survey known as the American Community Survey. While it is true that the official United States Census is only done once every ten years, the Census Bureau does a limited survey of 3.5 million randomly selected people in all of the states as well as Washington D.C. and Puerto Rico each year.
So how can you tell if you are being contacted and solicited for information by a legitimate census worker or by a scammer merely using the American Community Survey as a ruse to gather personal information from you in order to make you a victim of identity theft? First of all, the real American Community Survey does not ask for your Social Security number or credit card information. If you are asked for that information, it is a scam.
TIPS
It is important to note that the Census Bureau will always initially contact you through a snail mail letter informing you that you have been selected to participate in the survey. The letter will also provide you with instructions as to how to complete the survey online. If you fail to complete the survey online a paper survey will be sent to you after three weeks. Once the survey has been completed either online or on paper, you may be called on the phone if the Census Bureau needs to clarify any information. You will not be asked for your Social Security number or any bank or credit card information.
A Census Bureau representative may come to your home to follow up on the survey. He or she will always have a photo ID with the U.S. Department of Commerce seal and an expiration date. If you are concerned that the person may be a scammer you can always contact your Census Bureau regional office to confirm that the visit is legitimate.
If you are contacted about participating in the American Community Survey, it is prudent to confirm that you have been selected to participate in the survey. You can do this by calling your Census Bureau regional office. Here is a link with the phone numbers for each region. https://www.census.gov/about/regions.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – April 12, 2025 – Why You Should Keep Your Cell Phone Number Private
Sometimes we are our own worst enemy when it comes to posting too much personal information on social media that can be leveraged by a criminal for purposes of identity theft. During the earlier days of the pandemic many people posted photos of their vaccination cards on social media showing their date of birth. Your birthdate is a significant piece of information that, in the wrong hands can lead to identity theft.
Identity thieves use legal and illegal online sources to gather their victims’ personal information, such as their Social Security number, address, and date of birth and use that information for purposes of identity theft which is a significant threat to everyone. One important piece of information that many people don’t realize should be kept as private as possible is their cell phone number. These days your cell phone number is tied to so much of what we do.
When a criminal knows your cell phone number, he or she can leverage that number through commonly available legal databases such as White Pages Premium and learn information such as your current address, past addresses, the names of your family members and more. The criminal can also use the number to gain access to your social media accounts and can most significantly use the information gained to answer security questions that would allow the criminal to do a SIM swap whereby your cell phone number would be transferred to a phone of the criminal and thereby defeat dual factor authentication where you get a text message or a code sent to your phone when you go to access your bank account online or any other account that requires significant security.
So what can you do to protect yourself?
TIPS
Limit providing your cell phone number to people and companies as much as possible. You also may want to consider getting a second phone to use when you have concerns about security. You also can use apps such as Google Voice https://voice.google.com/about or Burner https://www.burnerapp.com/ that will enable you to create different numbers to use for calls and text messages.
As for dual factor authentication, while sending a code or text message to your cell phone is a simple and effective method of dual factor authentication, you may wish to consider other forms of dual factor authentication such as apps that will generate temporary security codes such as Authy https://authy.com/ or Google Authenticator https://support.google.com/accounts/answer/1066447?co=GENIE.Platform%3DAndroid&hl=en
Perhaps the best thing you can do to protect your SIM card from SIM swapping is to set up a PIN or password to be used for access to your mobile service provider account. This will help prevent a criminal from calling your carrier posing as you and convincing your mobile carrier to swap your SIM card to the criminal’s phone merely by providing personal identifying information or answering a security question.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/