Scam of the Day

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Scam of the day – January 12, 2025 – Social Security COLA scam

by | Jan 11, 2025 |

The Social Security Administration (SSA) announces cost of living adjustments for Social Security payments in October of each year which become effective the following January.    Last October a 2.5% cost-of-living adjustment (COLA) for Social Security recipients was announced which became effective this month.   The Social Security Administration is reporting that people are receiving emails from scammers that appear to come from the SSA indicating that they will be receiving a $600 COLA.   They tell their intended victim  that in order to receive  the new cost-of-living adjustment (COLA), they must confirm personal information including their name, birth date and Social Security number.   The truth is that this information is not required for a person to receive a cost-of-living adjustment which is automatic and if the person does provide this personal information, the scammer will use it to make the person a victim of identity theft.  This type of phishing email has always been a problem, but with the increased use of AI by scammers the phishing emails appear even more legitimate than previously.

TIPS

You do not have to confirm information or apply for any cost-of-living adjustment to your Social Security benefits.  It is automatically added to a Social Security recipient’s payment.  In addition, you should never give out personal information on the phone to someone you have not called unless you are absolutely sure that the call is legitimate and there is a legitimate need for that information.  Scammers can manipulate your Caller ID through a technique called spoofing into making it appear that the call is from the Social Security Administration or any other entity they wish.

If you are not a subscriber to Scamicide.com and would like to receive  free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – January 11, 2025 – California Wildfire Charity Scams

by | Jan 10, 2025 |

Natural disasters such as wildfires, hurricanes and earthquakes are common occurrences. California is in the midst of devastating wildfires that is destroying the homes of thousands of people.  Natural disasters, such as hurricanes, wildfires, tornadoes and earthquakes bring out the best in people who want to donate to charities to help the victims. Unfortunately natural disasters also bring out the worst in scammers who are quick to take advantage of the generosity of people by contacting them posing as charities, but instead of collecting funds to help the victims of these natural disasters, these scam artists steal the money for themselves under false pretenses.

Charities are not subject to the federal Do Not Call List so even if you are signed up for the federal Do Not Call List, legitimate charities are able to contact you by phone. The problem is that whenever you get a phone call, you can never be sure as to who is really calling you so you may be contacted either by a fake charity or a scammer posing as a legitimate charity. Using a technique called spoofing, the scammers can manipulate your Caller ID to make it appear that the call is coming from a legitimate charity when it is not. Similarly, when you are solicited for a charitable contribution by email, social media or text message you cannot be sure as to whether the person contacting you is legitimate or not.

Through the use of AI, scammers are contacting people through social media with pleas for charitable donations.  Often these social media posts will contain AI enhanced photos and videos and you can never be sure if the posts are legitimate.

TIPS

Never provide credit card information over the phone to anyone whom you have not called or in response to an email or text message. Before you give to any charity, you may wish to check out the charity with http://www.charitynavigator.org where you can learn whether or not the charity itself is a scam. You can also see how much of the money that the legitimate charity collects actually goes toward its charitable purposes and how much it uses for fund raising and administrative costs.

Here is a link to charitynavigator’s  picks for the best charities for donations to help the victims of the California wildfires. https://www.charitynavigator.org/discover-charities/where-to-give/palisades-fire-2025/

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email where it states “Sign up for this blog.”

Scam of the day – January 10, 2025 – Green Bay Packers Online Store Hacked

by | Jan 9, 2025 |

Regular readers of Scamicide are certainly familiar with skimmers which are devices installed on ATMs as well as credit and debit card processors that steal information from credit and debit cards thereby enabling criminals to use that information to make charges on those cards.  The increased use in recent years of cards with chip technology has dramatically decreased the amount of fraudulent purchases made through stolen credit and debit card information because the chip card creates a new authorization number each time the card is used thereby negating the value of skimming a credit card with a computer chip.  Scanning your card rather than inserting it into a card reader has also made such purchases safer.

Chip card technology, however, offers no protection when credit and debit cards are used for online purchases.  The FBI has warned about what it calls E-Skimming which occurs when criminals infect the websites of businesses and government agencies with malware that allows the criminal to steal credit card and debit card  information and then use it to make charges using the victim’s credit card or debit card.

On January 6th, six days before the Green Bay Packers face the Philadelphia Eagles in the opening round of the NFL playoffs, the Packers disclosed that their online store was hacked and an e-skimmer inserted into the site back in October stealing personal information including names, addresses, email addresses and credit card informaion of 8.514 Packer fans.

TIPS

There are many steps that businesses and government agencies should take to protect their sites from this type of crime.  They should update their security software with the most recent security updates; change default login credentials on their systems; segment their network systems to limit access by criminals and educate their employees to the dangers of phishing and spear phishing emails because it is through these phishing and spear phishing emails that most malware is delivered.  A good rule for us all to follow is to never click on links in emails unless you have absolutely confirmed that the email is legitimate.

What, can we as consumers do, however, to protect ourselves from becoming a victim of E-Skimming?

First and foremost, while it may be more convenient to leave your credit card on file with an online retailer you regularly use, this is not a good thing to do because it leaves you more vulnerable to having your credit card data stolen in the event of a data breach and as we all know, data breaches are and will continue to be very common.

Consumers should refrain from using their debit cards for anything other than as an ATM card. Use a credit card for all of your card purchases to achieve greater consumer protection.  The holder of a credit card used for fraudulent purposes cannot be assessed more than $50 for such use and most credit card companies charge nothing. However, the potential liability of a person whose debit card has been compromised can reach his or her entire bank account tied to the card if the card owner does not report the crime promptly and even if the card owner does report the theft promptly, the debit card owner’s access to his or her own bank account is frozen while the bank investigates the crime.

Finally, you should monitor your credit card statement regularly to determine if your credit card has been compromised.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – January 9, 2025 – T- Mobile Sued by State of Washington Over 2021 Data Breach

by | Jan 8, 2025 |

In the summer of 2021 I reported to you about a data breach at T-Mobile in which personal information of 54.6 million customers, former customers and prospective customers was stolen. The compromised information included names, phone numbers, Social Security numbers and addresses.  This type of information poses a tremendous threat to victims of the data breach, which is the sixth for T-Mobile in the last four years.  Social Security numbers in particular can be used by identity thieves to apply for credit cards and loans in your name.  In addition, the phone numbers and the fact that the victims of the data breach are known to be T-Mobile customers can be expected to be used by scammers to create phony phishing text messages, called smishing, posing as T-Mobile and luring the targeted victim into clicking on a link in the text message that can download destructive malware.

In the Scam of the day for July 29, 2022 I informed you that T-Mobile had settled a class action brought against it by victims of the data breach.  According to the terms of the settlement, the company paid $350 million dollars to settle the claims of the victims and spend an additional $150 million dollars to improve its cybersecurity.  Typical in such settlements, T-Mobile did not admit any negligence or wrong doing, however, anytime a company pays a half a billion dollars to resolve a claim, it can be pretty much understood that it is an admission of liability even if not said so in so many words.

Now the State of Washington has just sued T-Mobile alleging according to Washington Attorney General Bob Ferguson that T- Mobile “knew for years about certain cybersecurity vulnerabilites and did not do enough to address them.” Washington is suing under Washington’s counsumer protection laws and in addition to seeking money is also seeking an order from the court for T-Mobile to improve its cybersecurity.

TIPS

What should you do if you are a T-Mobile customer who may be affected by this data breach?  Perhaps the first thing you should do is something you should have already done, but as the Chinese proverb says, “the best time to plant a tree is twenty years ago, the second best time is now.”  Freeze your credit at each of the three major credit reporting bureaus.

Here are links to each of them with instructions about how to get a credit freeze:
You also should change your T-Mobile password and security PIN.
Finally, you should be particularly cognizant of not clicking on links in text messages (and emails as well) unless you have absolutely confirmed that the text message or email is legitimate.  Scammers may well send you emails with malware infected links that appear to relate to the data breach.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, you can sign up using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – January 8, 2025 – Massive Booking.com Scam

by | Jan 7, 2025 |

Today’s Scam of the day is one that I wrote about last April, but judging by an email I recently received from a Scamicide reader the problem does not appear to be resolved.  Scams involving the popular travel website Booking.com have increased dramatically over the last two years worldwide with one hundred hotels in Japan among the hotels targeted last year.  The scam starts with a phishing email to a hotel that lures the unsuspecting hotel employee into clicking on a link and downloading malware that enables the scammer to access the hotel’s Booking.com account and obtain a list of upcoming reservations along with the email addresses of the future travelers.  The scammers then use the hacked Booking.com management portal to send an email to the future visitor in which they demand a credit card payment for the future stay.  Thousands of victims of this scam have responded to the emails which appear totally legitimate by providing their credit card information which leads to identity theft and credit card fraud.

TIPS

The primary responsibility for this scam falls on the hotels whose lack of sufficient security enables the scammers to gain access to their Booking.com accounts, however there are things that we as consumers can do to protect ourselves from this sophisticated scam.  Perhaps first and foremost, as I often advise you, you should never use your debit card for anything other than as an ATM card because while your liability for credit card fraud is limited to no more than $50 (and I have never seen a credit card company ever charge anything for fraudulent use), your risk of loss for fraudulent use of your debit card if it is not reported immediately could result in your entire bank account being stolen.

As always, you can never be sure when you get an email, text message or phone call as to who is really contacting you so you should never click on a link, make a payment or provide personal information in response to any communication unless you have absolutely confirmed that it is legitimate.  In response to an email that appears to come from Booking.com, you can either use your Booking.com app to confirm whether the email was legitimate or call Booking.com at a phone number that you know is legitimate or go to the Help Center on the official Booking.com website.

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/

Scam of the day – January 7, 2025 – Your Porn Name Scam

by | Jan 6, 2025 |

Social Media such as Facebook is filled with surveys, quizzes and games and while they are very popular and often entertaining, they often are exploited by identity thieves. A good example of this is the “10 Concerts, but there is one act that I haven’t seen live.  Which is it?” Facebook quiz.  While this may appear harmless, the information you provide may tell more about you than is safe to make public.  It may provide information about your approximate age and preferences in music which can then be used by a scammer to send you a phishing email tailored to appeal to your particular interests that you may trust and click on a link contained in the email that contains either keystroke logging malware that can be used to steal your identity or ransomware.

A common quiz found on Facebook and other social media asks what would your name be if you were a porn actor or actress with the name to be created by combining names such as the name of the first street you remember living on and the name of your first pet.  Other porn name quizzes use your middle name and the first car you had as your porn name.  While these quizzes may seem entertaining and of little consequence, the truth is that providing information such as your pet’s name can make an identity thief’s job easier as he or she tries to crack your security.  The more personal information they have about you, the easier it is for them to answer security questions and gain access to your accounts.  Quizzes that ask about your favorite place to live or favorite movie characters may seem like simple fun, but may have been posted by an identity thief seeking to gather information the identity thief can use to make you a victim of identity theft.  Particularly problematic is when a pop up appears when you start the quiz requiring you to agree to allow a third-party application access to your Facebook profile.  If you agree to this, you are permitting the quiz poster to gain access to your Facebook profile information, your location and much more.  Don’t do it.

TIPS

We all tend to put too much personal information on social media that can be exploited by scammers and identity thieves to our detriment. My advice is to avoid the problem entirely and not play these online games. However, if you, as many people do, find this game and other similar games to be fun to play, you may want to just adjust your privacy setting to “friends only” so that you limit who gets to see your answers.  You also may want to check out your Facebook profile and remove personal information such as your phone number or home address.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”

Scam of the day – January 6, 2025 – The Danger of Synthetic Identity Theft

by | Jan 5, 2025 |

Although I have been writing about synthetic identity theft for many years, many people are not familiar with the term “synthetic Identity theft.”  Synthetic identity theft poses a significant threat to many people particularly children.  Synthetic identity theft occurs when a criminal takes information from a variety of sources to create a new identity to take out loans, purchase goods and services, or fraudulently obtain credit cards.  Synthetic identity thieves combine real and fake information to form a new fictional person.  They may use your Social Security number and combine it with the name, address and phone number of someone else.  The Federal Trade Commission (FTC) has said that synthetic identity theft is the fastest growing type of identity theft.  Children are the most common victims of synthetic identity theft and it is often many years before the problem is discovered.

The problem of synthetic identity theft has gotten worse in recent years with as much as 85% of identity theft last year being synthetic identity theft which has increased 233% over the last five years.

Commonly with synthetic identity theft, criminals who set up a synthetic identity build the credit score of the synthetic identity by having people using credit cards obtained in the name of the synthetic identity and make regular payments until the credit score of the new synthetic identity is high enough for the ultimate payoff, which is referred to as the “bust out.”  In the bust out phase, the identity thief uses the new synthetic identity to either make large purchases or take out big loans that are never paid back.  Some synthetic identity thieves will take years to build the synthetic identity theft credit score by making payments on cell phone accounts, car loans and more.

TIPS

Some telltale signs of synthetic identity theft include being contacted about an account that you never opened or a debt that you didn’t incur.  Also, look for aliases listed on your credit report that you do not use.  A dramatic lowering of your credit score coupled with a lack of negative information on your primary credit reports are further indications of synthetic identity theft.  The reason that your primary credit report will not show negative information due to synthetic identity theft is because when a criminal uses your Social Security number, but doesn’t use your name, the negative information caused by their actions does not appear on your regular credit report.  Instead, the information is added to a sub-file of your credit report which will, however, cause your credit score to drop tremendously.

If you do find out that you have become a victim of synthetic identity theft, notify each of the three credit reporting agencies, Equifax, Experian and TransUnion of the crime and ask them to investigate and remove the false information from your sub-files.

Children are prime targets and particularly vulnerable to synthetic identity theft.  In 2023 915,000 children in the USA were victims of identity theft, much of it synthetic identity theft. Parents also should, as much as possible, try to limit the places that have their child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and enables you to opt out of information sharing by the school with third parties.

You also should freeze the credit reports of your children.  Until 2018 there was no national law that allowed the credit reports of children to be frozen, but in the wake of the major Equifax data breach, Congress passed laws that now permit children’s credit reports to be frozen and unfrozen for free.

Here are the links to information about how to freeze your child’s credit reports at each of the three major credit reporting agencies.

https://www.transunion.com/credit-freeze

https://www.experian.com/blogs/ask-experian/requesting-a-security-freeze-for-a-minor-childs-credit-report/

https://www.equifax.com/personal/education/identity-theft/freezing-your-childs-credit-report-faq/

If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

Scam of the day – January 4, 2025 – Venotux Cryptocurrency Trading Platform Scam

by | Jan 3, 2025 |

The values of cryptocurrencies have recently increased dramatically with the price of Bitcoin, for example, reaching $100,000 in early December of 2024.  There are many factors that contribute to the rise in the value of cryptocurrencies, including the upcoming presidency of Donald Trump who is strongly in favor of cryptocurrencies.  These developments are causing many people to rush into purchasing cryptocurrencies and scammers are ready to meet this new demand with scams.

One scam we are seeing repeatedly is exemplified by Venotux.com which is a scam cryptocurrency trading platform promoted using deepfake videos of celebrities such as Ronaldo, Elon Musk, Bill Gates, Mark Zuckerberg and Drake that appear to endorse Venotux on YouTube, TikTok, Instagram and Facebook.  The ads containing the fake endorsements promise investors to receive 0.31 free Bitcoins merely for setting up an account on Venotux.  Victims of the scam who set up an account are able to see the free Bitcoin added to their account when they go online to their account.  However, if they attempt to withdraw funds from their account, they see a message that informs them that they must make a minimum deposit of 0.005 Bitcoin in order to activate the account’s withdrawal capabilities.

The truth is no free Bitcoin was ever deposited into their account by Venotux.  Venotux is a total scam.  Once enough people have fallen for the scam and made deposits of Bitcoin in order to be able to withdraw funds, the site closes down and all of the Bitcoin deposited by the victims of the scam is stolen by the scammers.  This scam has been repeated using a number of different phony trading sites such as Bitsowex.com, Bitxspark.com, Nevofex.com, Tokenely.com and Xbirex.com.

TIPS

Never invest in anything that you do not understand.  No one should invest in cryptocurrencies unless they are knowledgeable about the investment.  As for trading sites, you should always investigate any site you are considering before investing.  See if the platform is registered with the SEC and licensed.  You can also look for reviews of the site on cryptocurrency watchdog sites such as CoinMarketCap or CoinGecko.  Also, check with  the domain registry site https://www.whois.com/ to see who set up the particular site and how long it has been in existence.

Some red flags that this is a scam are that legitimate trading platforms do not give away Bitcoin for setting up an account with them and no legitimate site requires users to deposit funds before withdrawing funds for their accounts.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”

Scam of the day – January 3, 2025 – Watch Out For Task Scams

by | Jan 2, 2025 |

Task scams are scams in which you are solicited to do simple tasks such as liking videos or rating product images online and get paid for your efforts.  Too bad it is a scam. The scammers promise that you will earn a commission on each click.  The scam starts with a text message offering online work by “product boosting” or doing “optimization tasks” in an app or online platform the scammer provides.  As you complete each task, the app will appear to show that you have accumulated commission earnings, but it is all a lie.    After a while the scammer then asks you to deposit your own money, generally by way of cryptocurrency to complete your next set of tasks and to get your commission earnings out of the app.  However, there are no earnings and once you make the payment, it is gone forever.

TIPS

A good place to start to avoiding this scam is to recognize that generic texts or WhatsApp messages offering jobs of any kind are scams.  Real employers don’t seek workers that way.  In addition, no one is offering to pay ordinary people to rate or like things online.  The FTC requires transparency when people are paid to promote products, leave reviews, or engage in other forms of online endorsement. If you are being paid (or receiving free products) to rate or “like” something, you must disclose this connection. This is typically done with statements like “Sponsored” or “Ad” in the post or review. Most online platforms (like Amazon, Yelp, and Google) have strict rules against “paid reviews” that are not disclosed as sponsored content.

If a company asks you to leave fake reviews (pretending to be an ordinary customer) or manipulate public perception without disclosing your role, this could be considered fraud or “astroturfing.” Some states (like New York) have taken action against companies and individuals engaged in this practice.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”

  • Categories

Archives