Scam of the Day
Scam of the day – May 17, 2026 – Student Loan Scams
We are in the midst of the college graduation season and along with their diplomas, many graduates will also be taking with them substantial student loans. I have written often about phony student loan debt relief companies and with good reason. More than thirty-eight million Americans have student loans with an outstanding balance of more than 1.4 trillion dollars so it is no surprise that scammers are focusing their attention on these students and former students through scams that falsely promise to provide debt relief. Now, after a five year pause during the pandemic on penalizing student loan borrowers for not making payments, in January of 2025, the Department of Education instructed loan servicers to start reporting late payers to credit bureaus which is resulting in millions of student loan borrowers having their important credit scores drop dramatically. Government figures indicate that two thirds of student loan borrowers are late or behind in their payments and this presents a dire situation to which scammers can be expected to respond by offering phony debt relief to desperate borrowers.
Scammers like Arete Financial Group who charged illegal upfront fees for their services can be expected to flourish in this new environment. Arete would change their clients’ Federal Student Aid (FSA) login ID, password and contact information with their clients’ loan servicer which effectively eliminated contact between the borrowers and their loan servicers. This enabled Arete, according to the FTC, to place the borrower’s loans into temporary forbearance or deferment status without the borrower even being aware of this. Thus when the borrowers sent their payments to Arete that they were told would be credited toward their loans, the money actually was kept by Arete. Some of Arete’s clients saw their loans become delinquent and their income tax refunds garnished to pay for overdue loan payments. The victims of the scam also lost the money they paid to Arete that was intended to be applied toward their loans. Ultimately, Arete settled a lawsuit brought against it by the FTC and funds obtained from Arete through the settlement of the lawsuit was returned to victims of the scam.
TIPS
The old adage still is true. If it sounds too good to be true, it probably isn’t true. Many of these student loan debt relief scammers promise quick loan forgiveness, which is unrealistic. In addition, you should never pay any upfront fees for student loan debt relief assistance. Those fees are illegal and are a sure indication that you are being scammed. Also, remember my motto, “trust me, you can’t trust anyone.” Don’t trust scammers merely because they use names that sound like they are affiliated with the government. You also should never share your FSA ID with anyone.
For information you can trust about federal student loan repayment option, go to https://studentaid.gov/articles/student-loan-forgiveness/ . There you can learn about loan deferments, forbearance, repayment and loan forgiveness programs and there is never an application fee. If you owe private student loans, contact your loan servicer directly. You can also look into student loan refinancing rather than consolidating the loans. Refinancing student loans can result in a lower interest rate. Also, this site is helpful https://www.ed.gov/about/news/press-release/us-department-of-education-opens-revised-income-driven-repayment-plan-and-loan-consolidation-applications-borrowers
Here is a link to an FTC video that explains student loan scams and what you can do to protect yourself. https://www.youtube.com/watch?v=7TjSI4Q6ztQ
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 16, 2026 – Jamaica Lottery Scammer Sentenced to 54 Months in Prison
I have been reporting to you since 2012 about the infamous Jamaican lottery scam through which many Americans, mostly elderly, have been scammed out of money after being told that they have won the non-existent Jamaican lottery. The scam begins when the victim receives a telephone call informing them that they have won this non-existent lottery that they never entered and are then pressured to pay “fees” and “taxes” before their winnings can be sent to them. This scam has been going on since the 1990s.
Earlier this week Jamaican citizen Tajay Singh was sentenced to 54 months in prison for his role in a Jamaica lottery scam that targeted elderly Americans between January 2021 and October 2023 that scammed approximately 30 victims out of more than $4.5 million. Eleven other scammers who participated in this particular lottery scam have also been charged.
TIPS
As I have often told you, it is difficult to win a lottery you have entered. It is impossible to win one that you have not even entered. You should always be skeptical about being told that you have won a lottery you never entered. It is also important to note that it is illegal to play foreign lotteries except when you are actually present in the other country.
While it is true that income taxes are owed on lottery winnings, legitimate lotteries never collect tax money from winners. They either deduct the taxes from the winnings or leave it up to the winners to pay their taxes directly to the IRS. You also should never pay a fee to collect a legal lottery prize.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”
Scam of the day – May 15, 2026 – Meta Sued Again Over Scam Advertising
A year ago I told you that the Wall Street Journal did a scathing story that said that Meta, the parent company of Facebook and Instagram had become the “cornerstone of the internet fraud economy.” According to the story Meta accounted for nearly half of all reported scams involving Zelle at major banks. The story also reported that 70% of new advertisers on Meta’s platforms promote scams or low quality products. Many of the scammers placing these ads, according to the Journal, were Southeast Asian crime networks. The article went on to say that Meta did a poor job of taking down fraudulent ads because it prioritized its 16 billion dollar profit from scam ads over protecting its users from being scammed. For its part, Meta says that according to federal law it is not responsible for scam ads on their sites.
In the Scam of the day for May 1, 2026 I told you that the Consumer Federation of America sued Meta alleging “Meta has adopted policies and practices that it knows allow scam advertisements to proliferate on its platforms while simultaneously profiting off those ads at is users’ expense.” The complaint also accuses Meta of downplaying the scale of fraud on Facebook and Instagram and creating a false impression of safety. Now Meta has been sued on similar grounds by the Santa Clara County government. The lawsuit alleges that Meta used a combination of AI and algorithms to specifically target vulnerable users of Facebook and Instagram with scam advertising.
TIPS
So how do you protect yourself from these phony ads?
You can start off by checking the profile page of the poster to see if it has many followers. Also, legitimate businesses will have websites. Check out these websites to see if they are legitimate.
Asking for payments to be made by wired funds, gift cards, Venmo or Zelle is also a good indication that it is a scam. Venmo and Zelle should never be used for commercial transactions and gift cards are not an accepted method of payment for goods to anyone other than scammers.
Finally, look for customer feedback and review sites such as Trustpilot.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 14, 2026 – Michigan Attorney General Warns About Cryptocurrency ATM Scams
A report from the Federal Trade Commission (FTC) indicates a 1,000 % increase in money lost to scammers through Bitcoin ATMs in the last three years with consumers reporting losses of around $333 million between January and November of 2025. Bitcoin and other cryptocurrency ATMs look just like traditional ATMs, but instead of distributing cash, they take cash in exchange for cryptocurrency and enable the transfer of the deposited cash turned into cryptocurrencies into crypto wallets. Due to the anonymity and immediacy of the cryptocurrency transfers done through a cryptocurrency ATM, it is a favorite method of payment for scammers.
Most of the scams using cryptocurrency ATMs involve imposter scams where the scammer poses as either a law enforcement officer, government official or someone providing tech support for a non-existent problem. What all of these imposter scams have in common is that they scare the targeted victim with a story about an emergency that requires them to take cash from their bank account and use a QR code provided by the scammer to deposit the money into the account of the scammer at a cryptocurrency ATM under the guise of protecting the funds. According to the FTC, people over 60 years old were more than three times more likely to report losing money to a cryptocurrency ATM scam with an average loss of $10,000.
Recently, Michigan Attorney General Dana Nessel issued a warning about scams involving cryptocurrency ATMs saying, “If you receive a call from someone claiming to be from an agency or company who demands you use a Bitcoin ATM to pay a fine or bill, it is most certainly a scam.”
Earlier this year, Massachusetts became the latest state to sue a crypto ATM operator, in this case Bitcoin Depot for enabling criminals to use their machines to scam people. According to the lawsuit, more than half of the money that went through Bitcoin Depot ATMs between August 2023 and January 2025 was related to scams. Indiana has gone so far as to ban cryptocurrency ATMs.
TIPS
Protecting yourself from these imposter scams starts with recognizing that you can never be sure who is actually contacting you when you are contacted by phone, email or text message so you should never click on a link, download an attachment or provide personal information in response to any of those communications unless you have absolutely confirmed that the communication was legitimate. Further there is no circumstance where you will be asked by anyone legitimate to withdraw funds from your bank, deposit them into a cryptocurrency ATM and transfer the funds to them. Only scammers make those requests.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – May 13, 2026 – Canvas Data Breach Update
In the Scam of the day for May 9, 2026 I told you about the data breach at the educational technology company Instructure which makes the hugely popular learning management system Canvas. Canvas is used by school districts and universities around the world. As many as 275 million records of its users were compromised. The notorious ransomware gang ShinyHunters claimed responsibility for the data breach and publicly shared a list of 8,809 school districts, universities and online education platforms from which they claimed to have information. Fortunately, the data breach did not appear to have included passwords, dates of birth or financial information such as credit card data.
ShinyHunters is known for using the psychological tactic of social engineering to gain entry to its target companies’ computers rather than hacking into their computers. They then demand a ransom or threaten to disclose all of the information stolen to other criminals to use. In this case, ShinyHunters even did a second data breach to pressure Instructure to pay the demanded ransom, which the company has now confirmed that it has done. In return for the ransom payment, ShinyHunters has indicated that it has returned the stolen data and destroyed their copies of it. ShinyHunters has also promised not to use the data for further extortion. Whether they can be trusted not to do so is an open question. Certainly it would hurt their future ransomware attacks if they are found not to adhere to their bargains. However, in a similar type of data breach in 2024 of PowerSchool, the data from the breach was later used by other cybercriminals after a ransom had been paid.
TIPS
Even though it appears that passwords were not compromised, it would be prudent for anyone affected by the data breach to change their password. You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. Dual factor authentication should also be set up if it is not already being used.
If you have not already done so, set up dual factor authentication for each of your accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 12, 2026 – Is That Letter From the IRS Real? Maybe.
For years scammers have posed as the IRS in emails, text messages and phone calls luring people to make payments or provide personal information that leads to identity theft. Often these emails and text messages may contain links or QR codes that when clicked on or scanned may download malware. These phishing and smishing (phishing done by text message) communications appear quite legitimate thanks to AI which makes it very simple to create convincing messages that contain the familiar IRS logo. Fortunately, there is an easy way to know immediately if that call, email or text message you receive is actually coming from the IRS. It isn’t. The IRS does not initiate contact with taxpayers by text messages, emails or phone call and does not ask you to submit bank account information via email, text message or over the phone.
Recently, however, the IRS sent out over 1.4 million CP53E notices to taxpayers advising them to update their bank account information with the IRS within 30 days for direct deposit of refunds. This notice is being sent out pursuant to an Executive Order regarding transitioning from paper checks to electronic payments and deposits. The problem is that these new notices contain a QR code that takes you to the IRS website. The IRS has not used QR codes in the past and the use of a QR code in this notice is immediately suspicious. Complicating the situation even further is the fact that many people who are not owed refunds have received this letter by error which makes the letter appear even more suspicious.
Scammers are leaping at the opportunity provided by these notices and are sending phony letters that appear to come from the IRS with QR codes that when scanned will take you to an AI created, legitimate appearing, phony IRS website where you will be prompted to provide your banking information to the scammer, which, if done will lead to identity theft.
So how can you tell if the letter you got from the IRS is legitimate?
TIPS
The short answer to that question is that you can’t tell when you get one of these notices whether or not it was sent by the IRS or your friendly neighborhood scam artist. As I always say, trust me, you can’t trust anyone. Therefore the only safe way to respond to this letter is to go directly to your IRS online account. Here is a link you can trust that will take you to your IRS online account or help you set up an IRS online account if you don’t already have one. https://www.irs.gov/payments/online-account-for-individuals
You also can go to the IRS’ Where’s My Refund site for information about your refund or call the IRS customer service number at 1-800-829-1040 for help.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – May 11, 2026 – Skimmers at Gas Pumps Continue to be a Problem
Skimmers at gas pumps continue to be a major problem. Skimmers are small electronic devices that are easily installed by an identity thief on gas pumps, ATMs and other card reading devices. The skimmer steals all of the information from old style magnetic strip credit card or debit cards which then enables the identity thief to use that information to access the victim’s credit card or bank account when the skimmer is used on a debit card. Each skimmer can hold information on as many as 2,400 cards. In November of 2025, the Department of Justice broke up a multi-state crime ring that installed skimmers inside gas pumps in ten states stealing data from thousands of cards.
MasterCard and Visa announced in December of 2016 that the deadline for the installation of EMV chip card readers on gas pumps was being delayed three years to October 1, 2020. This deadline was further delayed due to the Coronavirus pandemic to April 17, 2021 at which time less than half of the gas pumps in the United States complied with the requirement to install EMV chip card readers. And although that deadline has long since passed, due to the cost involved, many gas pumps still are not enabled for your chip credit card. It has been estimated that about 25% of gas pumps still have not been updated with EMV chip card readers, leaving them susceptible to skimmers.
Using tap-to-pay and mobile wallets such as Apple Pay allow you to bypass the card reader and avoid the problem, however some scammers drill holes in the contactless payment screens on gas pumps where you can merely scan your credit card with its RFID chip or use your mobile wallet rather than insert your card into the card reader. By damaging the contactless payment screen, it becomes inoperable thereby requiring the customer to use the credit card reader on the gas pump where the identity thief had already installed a skimmer to steal your credit card or debit card information.
TIPS
Always look for signs of tampering on any machine you use to swipe your credit card or debit card although the more advanced forms of skimmers are installed in the gas pump’s interior and cannot be detected from an inspection of the outside of the pump. Keys to open the gas pumps to allow the installation of the skimmer are readily available online. If the card inserting mechanism appears loose or in any other way tampered, don’t use it. In regard to the contactless payment screen, if it is not working, there is a high likelihood that it may have been tampered with so in that instance pay for your gas inside the gas station office.
Debit cards, when compromised through a skimmer put the customers at risk of having the bank accounts tied to their cards entirely emptied if the theft is not promptly reported and even if the victim reports the theft immediately, the victim loses access to his or her bank account while the matter is investigated by the bank. Debit cards should not be used for purchases at gas pumps. Instead use your credit card and monitor your account regularly to find out early if you have become a victim of this scam. With a credit card, your liability for fraudulent purchases is limited by law to no more than $50 and I am not aware of any credit card companies that hold their customers responsible for any fraudulent purchases. However, fraudulent debit purchases do not come with the same federal legal protection.
When choosing a particular gas pump, you may wish to pick the pump closest to the building and within the sight line of the attendant. Criminals are less likely to install skimmers in pumps where they could be observed making the illegal installation of a skimmer.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 10, 2026 – Canadian Grandparent Scammer Sentence to 15 Years in Prison
In the Scam of the day for March 6, 2025 I first told you about twenty-five Canadians who were arrested and charged with operating the grandparent scam through a call center in Canada where they contacted elderly victims in 40 American states between 2021 and 2024 during which time they stole $21 million from their victims. The scammers posed as either the targeted victims’ grandchild or an attorney representing the grandchild asking for money to be paid for bail. The scammers sent couriers posing as bail bondsmen to collect the cash and told the elderly victims that there was a gag order that prevented the victims from discussing the phony charges. This week, Stefano Zanetti one of those indicated and the person who coordinated the picking up of the money from the victims in the United States was convicted of wire fraud and conspiracy to commit money laundering and sentenced to 15 years in prison.
I am sure by now all of you are familiar with the grandparent scam where a grandparent receives a telephone call from someone purporting to be their grandchild who has gotten into some trouble, most commonly a traffic accident, legal trouble or medical problems in a far away place. The caller pleads for the grandparent to send money immediately to help resolve the problem. However the caller also begs the grandparent not to tell mom and dad. One would think that no one would be gullible enough to fall for this scam, but don’t be so hard on the victims of this scam. Scam artists have a knowledge of psychology of which Freud would have been envious and are able to use that knowledge to persuade their victims to send money right away. While this scam has been going on for approximately sixteen years, it continues to victimize people.
TIPS
Scammers often use the nicknames of the grandchildren when speaking to their intended victims. Sometimes they get this information from social media while in other instances they get this information from reading obituaries which may contain the names of grandchildren so merely because the correct name is used in the call is no reason to believe the call. Don’t respond immediately to such a call without calling the real grandchild on his or her cell phone or call the parents and confirm the whereabouts of the grandchild. If a medical problem is the ruse used, you can call the real hospital. If legal problems are the hook you can call the real police. You can also test the caller with a question that could be answered only by the real grandchild, but make sure that it really is a question that only the real grandchild could answer and not just anyone who might read the real grandchild’ s social media postings. Prudent families can also come up with a code word to use in an emergency which a scammer will never know.
Due to AI voice cloning the scam has gotten worse with unsophisticated scammers able to use voice cloning technology to disguise their voices to sound like that of the grandchild. The scammers are able to obtain audio of the grandchild they are impersonating through social media posts to use to clone their voice.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it states “Sign up for this blog.”
Scam of the day – May 9, 2026 – Instructure Data Breach Affects Millions of its Customers
Educational technology company Instructure which developed the hugely popular learning management system Canvas which is used by school districts and universities around the world has confirmed that it suffered a data breach earlier this month in which as many as 275 million records of its users were compromised. The notorious ransomware gang ShinyHunters has claimed responsibility for the data breach and has publicly shared a list of 8,809 school districts, universities and online education platforms from which they claim to have information. Fortunately, the data breach does not appear at this time to have included passwords, dates of birth or financial information such as credit card data.
TIPS
Even though it presently appears that passwords were not compromised, it would be prudent for anyone affected by the data breach to change their password. You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. Dual factor authentication should also be set up if it is not already being used.
If you have not already done so, set up dual factor authentication for each of your accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 8, 2026 – Watch Out for Mothers Day Scams
This upcoming Sunday is Mother’s Day and once again we must be vigilant about not falling prey to scams related to this holiday. Anything popular with the public will always be popular with scammers. Although for many of us Mother’s Day is an opportunity to show our mothers how much we love and appreciate them, for scammers it is yet another opportunity to scam people.
One common Mother’s Day scam involves a social media post or an email that you get offering Mother’s Day gifts such as flowers, jewelry, shoes or clothing at tremendously discounted prices. All you need to do is to click on a link to order online. The problem is that many of these offers are indeed scams. If you click on the link, one of two things can happen and both are bad. Sometimes the link will take you to an order form where you provide your credit card information, but never get anything in return. Instead, your credit card information is used to make you a victim of identity theft. Even worse is the other possibility which is by clicking on the link, you will unwittingly download a keystroke logging malware program that will steal all of the personal information stored on your computer and use that information to make you a victim of identity theft.
Be careful when making online purchases. Merely because a website offering great prices may be highly listed on Google or other search engines does not mean that it is legitimate. All it means is that the scammers know how to manipulate the positioning of their website in a Google search. Other times the scammers will merely pay for an advertisement for their website to appear at the top of a search engine search.
Even if you are dealing with a legitimate online company, make sure that your communications are encrypted when you send personal information or credit card information. The easy way to do this is to look to see if the the web address of the company changes when you go to the page to input credit card information from “http” to “https” indicating that your data is being encrypted. And of course, don’t use your debit card for retail purchases either online or in a brick and mortar store because you have less protection from fraud with a debit card than a credit card.
TIPS
It is always dangerous to buy anything online from any store or company with which you are not familiar. Check out the company with your state’s Attorney General, the Federal Trade Commission or just do a Google search to see if the company is legitimate. Even then, you are better off going directly to the company’s website rather than dealing with a company through an email that may just be a forgery of an email from a legitimate company. As always, if the offer you receive sounds too good to be true, it usually is.
You also can use the Google Safe Browsing Tool to see if a particular website you are considering for a Mother’s Day purchase is legitimate. https://transparencyreport.google.com/safe-browsing/search
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”