Scam of the Day
Scam of the day – February 4, 2025 – Docusign Phishing Scam
DocuSign is a company that provides technology for the transmission of contracts and other documents with features for electronic signatures and is used by many businesses. There has been an increasing number of scams in which phony DocuSign messages are being used to send malware infected links luring people into providing personal information that is used for identity theft purposes.
Copied below is an email I received that purports to be sent by my landlord in regard to a change in the terms of my lease that required my immediate attention. This phishing email prompts me to click on a link to open a document that needed my signature. The phishing email looked very professional and contained the DocuSign logo and appeared legitimate. However, the email address of the sender was one totally unrelated to either DocuSign or anyone with whom I do business. Most likely it was the email address of someone whose email account had been hacked and made a part of a botnet used by the cybercriminal to send out large numbers of these emails. Additionally, I do not rent any real estate so the email couldn’t apply to me. Scammers send these emails out in large numbers hoping that many people who do rent their homes will be lured into clicking on the link
This phishing email was designed to lure the person receiving the email to click on the link and either provide personal information that could be used for identity theft, or, as more likely in this particular phishing attempt, merely by clicking on the link would have downloaded malware such as ransomware or keystroke logging malware into the computer of the person clicking on the link. Keystroke logging malware would have enabled the cybercriminal to steal all of the personal information from the computer and make that person a victim of identity theft. I removed the link from the email displayed below.
|
TIPS
In this case, I actually followed my own advice as to never click on a link regardless of how legitimate the email or text message may appear until confirming that the message is legitimate. In this case I didn’t even need to confirm that it was not legitimate because of the telltale evidence of the email address of the sender and the fact that I do not have any leases.
The lesson here is clear. You can never be sure when you receive an email as to who is really contacting you. Although sometimes it is obvious when the email address of the sender does not correspond to who is represented as sending the email, other times the email account of someone or some company you trust could have been hacked and used to send you the malware. Therefore you should never click on a link or download an attachment in an email until you have absolutely and independently confirmed that it is legitimate.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – February 3, 2025 – Delaware AG Issues Warning About Bitcoin ATM Scams
The Delaware Attorney General recently issued a warning about a dramatic increase in scams involving Bitcoin ATMs. A report from the Federal Trade Commission (FTC) indicates a 1,000 % increase in money lost to scammers through Bitcoin ATMs in the last three years with consumers reporting losses of more than 111 million dollars in 2023. Bitcoin ATMs look just like traditional ATMs, but instead of distributing cash, they take cash in exchange for cryptocurrency and enable the transfer of the deposited cash turned into Bitcoin into crypto wallets. Due to the anonymity and immediacy of the Bitcoin transfers done through a Bitcoin ATM, it is a favorite method of payment for scammers.
Most of the scams using Bitcoin ATMs involve imposter scams where the scammer poses as either a law enforcement officer, government official or someone providing tech support for a non-existent problem. What all of these imposter scams have in common is that they scare the targeted victim with a story about an emergency that requires them to take cash from their bank account and use a QR code provided by the scammer to deposit the money into the account of the scammer at a Bitcoin ATM under the guise of protecting the funds.
According to the FTC, people over 60 years old were more than three times more likely to report losing money to a Bitcoin ATM scam with an average loss of $10,000.
TIPS
Protecting yourself from these imposter scams starts with recognizing that you can never be sure who is actually contacting you when you are contacted by phone, email or text message so you should never click on a link, download an attachment or provide personal information in response to any of those communications unless you have absolutely confirmed that the communication was legitimate. Further there is no circumstance where you will be asked by anyone legitimate to withdraw funds from your bank, deposit them into a Bitcoin ATM and transfer the funds to them. Only scammers make those requests.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – February 2, 2025 – Accused Sextortion Scammer Arraigned
I have been warning you about sextortion scams for nine years. In 2023 I told you that the South Carolina Legislature had passed a bill called Gavin’s Law that further criminalized extorting minors or at-risk adults. It was named after the son of a South Carolina legislator whose teenage son committed suicide after being a victim of sextortion. Now, Hassanbunhussein Abolore Lawal the man accused of being the sextortionist whose actions led to the suicide of Gavin Guffey has been arraigned in a South Carolina court on charges of child exploitation resulting in death, distribution of child sexual abuse material, coercion and enticement of a mionor, cyberestalking, interstate threats with intent to extort and aideing and abetting. Lawal was arrested in Nigeria folliowng joint efforts of law enforcement in Nigerian and the United States and extradited to the United States to face charges.
Some sextortion scams begin with an email in which you are told that your computer and web cam have been hacked and that the scammers have video of you watching porn online. In the email, the scammer threatens to send the videos to people on his contact list unless you pay a ransom in Bitcoin or some other cryptocurrency.
According to the FBI adult predators, often posing as young girls, contact teenage boys on a variety of online platforms such as games or social media and then convince the teenage boys to engage in explicit sexual activity while unbeknownst to the teenaged boy, the predator is recording it. The scammer then reveals to the teenager that the scammer has the recording and threatens to post it online unless a substantial payment is made. According to the FBI there has been a significant increase in the instances of his scam. Many of these scams are organized and based outside the United States, primarily in West African countries such as Nigeria and the Ivory Coast.
TIPS
The FBI advises parents to tell their children to be very careful as to what they share online. Social media accounts which are open to everyone provide predators and scammers with a lot of information that the scammers can use to lure people into scams. Discuss the appropriate privacy settings with your children for all of their accounts.
The FBI also tells parents to remind their children that they can never be sure as to who they are communicating with online and they should be particularly skeptical if they meet someone on a game or app who then asks to communicate with them on a different platform.
In regard to your web cam being hacked, while often this is merely a threat and the scammer has not hacked your web cam, web cams can be hacked. One thing you can do to protect your webcam from being hacked is to make sure that you change the default password on your webcam when you first install it. Another simple thing I do and you can, as well, is to merely put a post-it note over your webcam when it is not in use.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – February 1, 2025 – Trader Joe’s Gift Card Scam
The website TJSummers.com is falesly offering a $750 Trader Joe’s gift card in retrun for completing simple surveys, but there are no gift cards and it is merely a scam designed to gather personal information that can be used for identity theft or to make unauthorized charges on your credit card. People are directed to the TJSummers.com website through ads, emails or social media links. Sometimes, unfortunately, unsuspecting people who see the ads forward them to their friends thinking they are doing them a favor rather than setting them up to be scammed.
If you click on the link to take the survey it takes you to a phony Trader Joe’s website where you are prompted to take a survey that starts out simply enough asking about your shopping habits, however, at the end of the survey you are asked to provide personal information such as your name, email address, phone number and even credit card details purportedly needed for “processing fees.” After completing the survey and providing the information, however, you never receive the promised gift card.
TIPS
The only saying, if something sounds too good to be true, it usually is applies here. No one is giving $750 gift cards to people merely for completing a simple survey. Specifically as to Trader Joe’s, the company does not offer gift cards for sharing information or testing their products. B.S. Be skeptical whenever you see offers like this. The simplest way to find out if such an offer is legitimate is to merely go to the company website where you will find any legitimate offers the company is making.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – January 31, 2025 – New IRS Phishing Scam
Often the scams that are the most effective are the ones that have just a bit of truth to them. For instance, mystery shopper scams often appeal to victims of the scam because they know there actually are people who are paid to shop. And so it is with the latest scam where scammers are posing as the IRS and sending emails and text messages to unsuspecting people telling them that they need to apply and provide personal information in order to claim a Recovery Rebate Credit, also known as an Economic Impact Payment. According to the IRS a million taxpayers who were eligible to take this credit on their 2021 federal income tax return failed to do so. Fortunately, however, taxpayers who didn’t claim this credit on their 2021 federal income tax return don’t have to do anything or provide any information to claim this credit. Eligible taxpayers will receive either a check or a direct deposit into their bank account for the credit.
Scammers however, are capitalizing on people being somewhat aware that the IRS is issuing these credits, but not necessarily aware that they do not have to do anything or provide any information to get their payment.
TIPS
As always even if the phone number sending the text message or the email address sending an email that appear to come from the IRS, you can’t trust it. It is a simple matter for a sophisticated scammer to make the phone number appear on your Caller ID to be from the IRS and the same goes for email.
It is also important to remember that the IRS will not send you an email or a text message asking form personal or financial information, but scammers posing as the IRS will and use any information you provide to make you a victim of identity theft.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – January 30, 2025 – Mavis Wanczyk Scams Continue to Claim Victims
She’s back! Actually, she has never left. I have been writing about scams related to Mavis Wanczyk for eight years but recently I have received emails from Scamicide readers telling me about various new incarnations of a variety of scams that share the same hook which is that Mavis Wanczyk is giving money away to lucky people. Many of you may not remember the name of Mavis Wanczyk, but she was the lucky winner of a 758 million dollar Powerball drawing in 2017. Not long after she claimed her prize, a scam started appearing in which many people received emails with the message line referring to the Mavis Wanczyk Cash Grant. The email indicated that you were chosen to receive a large cash grant from Mavis Wanczyk. All the lucky strangers receiving the emails had to do was provide personal information in order to qualify for the grant. In addition, phony social media accounts on Twitter, Facebook and Instagram were also set up in Ms. Wanczyk’s name through which people were contacted with the same phony offer of free money informing them that in order to qualify for the grant they merely needed to provide personal information.
Recently a Scamicide reader told me about receiving a message through Facebook that purported to be from Mavis Wanczyk informing him that she was giving him $10,000 and that all she needed was for him to set up a Cash App account and provide the details to her so that she could transfer the money to him. Fortunately, he recognized that this was a scam and did not send the account information requested which if sent would have enabled the scammer to access the bank account or debit card linked to the Cash App account and steal his money. Similarly another Scamicide reader communicated with another Mavis Wanczyk impersonating scammer on the question and answer website Quora who lured him into sending money for a variety of reasons such as insurance and delivery costs in order to receive his “free” gift of $10,000 from Mavis Wanczyk.
TIPS
It is difficult to win a lottery you have entered. It is impossible to win one that you have never entered and neither lottery winners, nor anyone else is sending out messages through the Internet offering free money to anyone who responds with personal information. Never give out personal information that can make you vulnerable to identity theft unless you have absolutely verified that the party requesting the personal information is legitimate and has a legitimate need for the information or payments to receive a supposedly free gift.
Finally and most importantly, remember neither Mavis Wanczyk nor any other lottery winner is giving away money to strangers.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it indicates “Sign up for this blog.”
Scam of the day – January 29, 2025 – CDC Phishing Email
Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. Reproduced below is a copy of a new phishing email presently circulating that appears to come from DataTransfer.com a legitimate data transfer service.
As phishing emails go, this one is pretty good. It looks legitimate and the version appearing in your email comes with a legitimate appearing Data Transfer.com logo. Even the email address of the sender does not have obvious indications that it is a scam.
Here is a copy of the DataTransfer.com phishing email presently being circulated.
| Hi xxxxxxxxxx@aol.com, you have received some file(s) from cdc-support@cdc.gov with a total size of 56.49 KB. The file(s) will be deleted after 1 week. Files:Secure Archive.rar Message: The Centers for Disease Control and Prevention (CDC) has issued an urgent public health update. Please download and open the attached file immediately to review essential information and guidelines.
Nice day! |
TIPS
There are a number of indications that this is not a legitimate email from DataTransfer.com, but instead is a phishing email. Most notably, the salutation is addressed to the email address of the recipient rather than their name. in addition, the Center for Disease Control is not sending unsolicited emails to people and it is unlikely that if they did, they would conclude their message with “Nice Day!”
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony website where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or cellphone and use it to make you a victim of identity theft.
If you receive an email like this and think it may possibly be legitimate, merely call the company or organization it purports to be from which in this case is the CDC where you can confirm that it is a scam.
I have disarmed section of the phishing email where it asks you to click on “Download.”
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Also, I have received reports of subscribers having their subscriptions somehow cancelled without their knowledge. If this happens to you, you can resubscribe as indicated above or if you have difficulties doing so, contact Scamicide and we will resubscribe you.
Scam of the day – January 28, 2025 – LinkedIn Job Scams Getting Worse
LinkedIn is the world’s largest professional network and, as such, has long been attractive to scammers seeking to piggy-back on the sites good reputation. Recently the number of job scams being found on LinkedIn has increased dramatically. A recent development is scammers using the name of legitimate companies that are hiring and approaching their victims through LinkedIn’s direct messaging feature. They then create counterfeit websites that look like the websites of the legitimate companies they are posing as and ask the job seekers for personal information as part of the hiring process before holding a job interview by Zoom. The personal information which may include the job seeker’s Social Security number is used for purposes of identity theft. They also may ask for money or your credit card number to pay for background investigations or equipment for the company which legitimate businesses do not do. In other instances, the job seeker is required to pay for equipment or training which the scammer promises to reimburse, but, of course, the money is never paid back. Making the problem even worse is the use of AI to make the photos and websites even more legitimate appearing.
TIPS
Although LinkedIn, Indeed and other websites that carry job postings try to identify and either prevent or remove phony ads from appearing on their websites, you cannot depend on these companies to fully protect you. Trust me, you can’t trust anyone. Certainly a little skepticism helps when you see a job posting for a job that sounds too good to be true. Ads that ask for you to pay upfront costs for any reason should be considered to be a scam as well as any company that requests your credit card information for any reason whatsoever.
To check on the legitimacy of photographs in these ads you can do a reverse image search using Google or websites such as tineye.com. You can also check to see if the wording of the advertisement has been used elsewhere by merely copying a substantial amount of the text into your search engine and see what comes up. Also, research the company itself to determine if it is a legitimate company. Check out the website of the company supposedly offering you a job to see if the legitimate company is offering such a job. Make sure you are using a domain name that you have confirmed is legitimate and not just the one contained in the email sent to you by the scammer. If the job doesn’t appear on the real company’s website, you know it is a scam. It also is a good idea to confirm any job offer you might receive with the HR department of the real company before providing personal information such as your Social Security number.
You also can use the website whois.com to compare the URL of the company that is hiring to see if it really is legitimate. Whois.com will tell you who actually owns the website and how long it has been active. In the case of a scammer’s website, the website may be owned by an entity unrelated to the company and often has only recently been created.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – January 27, 2025 – PowerSchool Data Breach Update
I first told you about the massive data breach at PowerSchool a major education technology software company used by 16,000 educational institutions with 50 million students earlier this month, but now more information is becoming known about the data breach and it is worse than originally thought. The hackers are claiming to have harvested sensitive personal information of 62.4 million students and 9.5 million teachers. In one typical instance the Toronto, Canada School board has notified students, parents and former students involved with the school district since 1985 to the present time that their information had been compromised. The compromised information included the names, addresses, Social Security numbers and medical information along with much additional personal informaion of students and teachers. PowerSchool paid a ransom to the hackers to prevent the publication of the stolen information, but regardless, the data breach still presents the threat of identity theft to the children and teachers whose information was stolen.
While we know that identity theft is a major problem for adults, it is also a huge problem for children. According to Michael Bruemmer the Vice President of Consumer Protection for Experian 25% of minors will have their identities stolen before they turn 18. Identity thieves steal the identity of a child and then run up large debts using the credit of the child, who generally does not become aware that his or her identity has been stolen until he or she reaches older teen years when the teenager might first apply for a car loan or financial aid for college.
TIPS
If you find out that you or your children have become a victim of identity theft, notify each of the three credit reporting agencies, Equifax, Experian and TransUnion of the crime and ask them to investigate and remove the false information from your files.
Parents also should, as much as possible, try to limit the places that have their child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and enables you to opt out of information sharing by the school with third parties. You also should freeze the credit reports of your children. Until 2018 there was no national law that allowed the credit reports of children to be frozen, but in the wake of the major Equifax data breach, Congress passed laws that now permit children’s credit reports to be frozen and unfrozen for free.
Here are the links to information about how to freeze your child’s credit reports at each of the three major credit reporting agencies.
https://www.transunion.com/credit-freeze
https://www.equifax.com/personal/education/identity-theft/freezing-your-childs-credit-report-faq
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – January 26, 2025 – Danger of Skimmers on Gas Pumps
In 2020 the Federal Trade Commission (FTC) issued a warning about the dangers presented by skimmers on gas pumps. I have warned you about the dangers of skimmers for many years. Skimmers are small electronic devices that are easily installed by an identity thief on gas pumps, ATMs and other card reading devices. The skimmer steals all of the information from old style magnetic strip credit card or debit cards which then enables the identity thief to use that information to access the victim’s credit card or bank account when the skimmer is used on a debit card. Each skimmer can hold information on as many as 2,400 cards.
MasterCard and Visa announced in December of 2016 that the deadline for the installation of EMV chip card readers on gas pumps was being delayed three years to October 1, 2020. This deadline was further delayed due to the Coronavirus pandemic to April 17, 2021 at which time less than half of the gas pumps in the United States complied with the requirement to install EMV chip card readers. And although that deadline has long since passed, due to the cost involved, many gas pumps still are not enabled for your chip credit card.
Wider implementation of the use of EMV chip cards at retail stores where their use has been mandated since 2015 has resulted in a dramatic reduction in data breaches and credit card fraud at retailers using this equipment. EMV chip cards are far safer than the old-style magnetic strip cards. Around the country there has been a dramatic increase in the use of skimmers installed by criminals at gas pumps and while the deadline for gas pumps to install chip readers has passed, many gas pumps still do not use EMV chip card readers and so skimmers at gas pumps continue to be a problem.
Last year, the Aurora, Colorado police department issued a warning that scammers were drilling holes in the contactless payment screens on gas pumps where you can merely scan your credit card with its RFID chip rather than insert it into any card reader. By damaging the contactless payment screen, it becomes inoperable thereby requiring the customer to use the credit card reader on the gas pump where the identity thief had already installed a skimmer to steal your credit card or debit card information.
TIPS
Always look for signs of tampering on any machine you use to swipe your credit card or debit card although the more advanced forms of skimmers are installed in the gas pump’s interior and cannot be detected from an inspection of the outside of the pump. Keys to open the gas pumps to allow the installation of the skimmer are readily available online. If the card inserting mechanism appears loose or in any other way tampered, don’t use it. In regard to the contactless payment screen, if it is not working, there is a high likelihood that it may have been tampered with so in that instance pay for your gas inside the gas station office.
Debit cards, when compromised through a skimmer put the customers at risk of having the bank accounts tied to their cards entirely emptied if the theft is not promptly reported and even if the victim reports the theft immediately, the victim loses access to his or her bank account while the matter is investigated by the bank. Debit cards should not be used for purchases at gas pumps. Instead use your credit card and monitor your account regularly to find out early if you have become a victim of this scam. With a credit card, your liability for fraudulent purchases is limited by law to no more than $50 and I am not aware of any credit card companies that hold their customers responsible for any fraudulent purchases. However, fraudulent debit purchases do not come with the same federal legal protection.
When choosing a particular gas pump, you may wish to pick the pump closest to the building and within the sight line of the attendant. Criminals are less likely to install skimmers in pumps where they could be observed making the illegal installation of a skimmer.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/