Scam of the Day
Scam of the day – October 28, 2024 – Solar Panel Scams
Using solar panels to provide your home’s electricity is good for the planet and there are various government programs that will provide incentives to install solar panels on your home, however, scammers are also posing as legitimate solar panel companies and al that they do is steal your money. Scammers often go door to door promising free solar panels and tell you that you will never have to pay another electric bill because the government programs, grants and rebates will cover the entire cost of installation and the panels will provide for free all the electricity you need. Sound to good to be true? It often is. While there are some government programs that pay for installing solar panels for qualifying consumers, installing solar panels generally isn’t free.
TIPS
Do your homework. Be skeptical if a company offering to install solar panels on your home tells you that the government will pay for the entire cost or even tell you that they are affiliated with the government. Both of those statements are false. If you are interested in going solar get quotes from reputable, licensed companies. Als check out the Department of Energy’s guide for homeowners. https://www.energy.gov/eere/solar/homeowners-guide-going-solar
Make sure you fully understand any contract you are asked to sign. It always makes sense to have a lawyer review contracts like this and don’t sign a contract electronically on a tablet provided by the solar company when you aren’t able to see the entire contract. Warranties, cancellation policies, payment schedules are important aspects of any solar contract of which you should be aware and look for hidden fees. Again, that is why a lawyer would be helpful
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – October 27, 2024 – Phony Norton Invoice Scam
The phony invoice scam is a common scam popular with scammers because it is quite effective. It starts when you receive an email that purports to be from a popular company with which many of us do business that indicates that you owe them a significant payment. The scammers count on people being concerned that they are being wrongfully charged for a product they did not order. You are provided a telephone number to call if you dispute the bill. If you call the number, you will be prompted to provide personal information that will be used to make you a victim of identity theft.
Recently, a loyal Scamicide reader sent me a phony Norton invoice she received similar to many I have seen in the past. Norton is a company that provides a wide range of digital security services and identity theft protection services. As always, the purpose of a phishing email is to lure you into clicking on links contained within the email or providing personal information, in this case by phone if you call to dispute the phony bill . If you click on links in phishing emails, you end up downloading malware and if you provide the requested information, it ends up being used to make you a victim of identity theft. This particular phishing email provides a phone number to call if you wish to dispute the obviously phony invoice. If you call the number in the phishing email you will be asked for personal information that will be used to make you a victim of identity theft. The phone number is not that of Norton customer service The real phone number of Norton customer service is the toll free number 1 (855) 815-2726. The number in the phony invoice is not a toll free number.
There are a number of red flags that indicate that this is a scam. Your name does not appear anywhere in the invoice. Also, the email was sent from an email address that has no relation to Norton.
Scam of the day – October 26, 2024 – TSA Precheck Scams
Scams related to the Transportation Security Administration’s (TSA) PreCheck program have substantially increased in the last few years. For those people unfamiliar with the PreCheck program, the TSA has a long standing program called TSA PreCheck which enables you to go through an expedited screening at the airport in special lines without having to remove your shoes, belts or jackets.
In order to obtain PreCheck status you need to both apply online and then schedule an appointment at one of 380 enrollment centers. The in-person appointment which includes fingerprinting and a background check is generally completed in ten minutes.
Unfortunately, scammers, of course, have been taking advantage of people trying to sign up for the TSA PreCheck program and are setting up phony websites that appear to be official websites of the TSA. They then lure you into providing personal information they use to make you a victim of identity theft as well as steal the money they charge you online for a phony TSA PreCheck enrollment. Recently we have seen the scammers charging $140 for their worthless services. The actual enrollment price is $78 for five years and $70 to renew.
TIPS
Part of the problem is that some sophisticated scammers are adept at manipulating the algorithms used by Google Chrome and other search engines so that the phony websites appear high on a search. Merely because a website appears high on a search does not mean that it is legitimate. The only legitimate site where you can apply for the TSA PreCheck program is https://www.tsa.gov/precheck
Also, it is important to note that when you first apply for the TSA PreCheck program, you cannot pay online. You can register for the program, but you pay when you have your in-person appointment. Therefore any site that asks you to pay online for your initial TSA PreCheck status is a scam. TSA PreCheck status is good for five years, but it can be renewed. When you renew, you can do the entire process including payment online.
The renewal process also has been exploited by scammers sending you emails posing as the TSA encouraging you to click on links to renew your status. This is problematic since when you actually need to renew your status, you will get an email from the real TSA and it can be difficult to distinguish the phony TSA email from that of the real TSA so your best bet is to check directly with the TSA to see about renewing your status. You can use this link to find about your present status, whether you need to renew and how to do so properly. https://universalenroll.dhs.gov/programs/precheck
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – October 25, 2024 – Halloween Costume Scams
Celebrating Halloween has become a major event in recent years with many adults searching for elaborate costumes and of course whenever many people are interested in something, scammers appear ready to take advantage of that interest. Scammers have set up phony Halloween costume websites, often posing as legitimate costume websites. Often the ads for their phony websites are posted on social media as well as appearing high in search engine searches because the scammers either purchase an advertisement in order to get a high position in a search engine search or because they are skilled enough to manipulate the algorithms the search engines use to obtain a high ranking. Pictured below is one of the phony ads that has appeared in social media. Anyone ordering online from one of these phony websites will end up providing their credit card to a scammer.
TIPS
The 90% discount in the advertisement pictured above should give you pause because generally anytime the price is too good to be true, it is a scam. Also, whenever you order anything online you should use your credit card rather than your debit card because the protection you get from fraud when using your credit card is much greater than the protection you get when using your debit card.
Scam of the day – October 24, 2024 – New Gmail Account Takeover Scam
Scammers are contacting people through text messages that appear to come from Google in which the scammers tell their targeted victims that their Gmail account has been hacked and that they need to click on a link in the text message recover their account. Anyone falling for this scam would have found themselves directed to a phony, but legitimate appearing login portal where they would be prompted to provide their login credentials which would have enabled the scammers to take over their Gmail account.
The scammers perpetrating this scam have taken the scam to new heights by calling people following up on the text message telling them that there has been unauthorized use of their Gmail account and that they need to go to the phony login site to recover their account. Again, anyone doing so would turn over their account to a scammer.
This particular scam is technologically sophisticated with spoofed phone numbers and AI created voices used in the phone calls.
TIPS
As I often remind you, you can never be sure when you are contacted by phone, email or text message who is actually contacting you so you should never click on a link, download an attachment or provide personal information in response to any communication without first verifying the legitimacy of the communication. In the case of a text message or phone call that purports to tell you about a problem with your Gmail account, you should contact Google Gmail help center directly.
Also, if you haven’t done so, you should set up dual factor authentication for your Gmail account so that even if a scammer manages to trick you into providing your login credentials, the scammer won’t be able to access your account. Here is the link to where you can set up dual factor authentication for your Gmail account. https://support.google.com/mail/answer/185839?hl=en&co=GENIE.Platform%3DDesktop
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – October 23, 2024 – Brazil Police Arrest Hacker Responsible for Largest Data Breach
In August 15th’s Scam of the day I told you about the massive data breach at National Public Data, a prominent data broker company used by other companies for background checks. Last April a cybercriminal who we now know to be Luan Goncalves who allegedly did this and other data breaches using the name USDoD claimed to have stolen personal data of 2.9 billion people in the United States, the UK and Canada and was offering the data for sale for 3.5 million dollars on the dark web, that part of the Internet where criminals buy and sell goods and services. He later released the data for free on the dark web. The data included sensitive personal information including names, birth dates, phone numbers and, of most concern, Social Security numbers of 272 million people.
Recently Goncalves was arrested by Brazilian Federal Police, however, Goncalves claims he was only the broker for the stolen records and that it was another hacker who used the name SXUL who actually did the cyberattack.
TIPS
Regardless of whether Goncalves was the primary hacker or not, the question for all of us is how do we respond to data breach after data breach.
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – October 22, 2024 – Scammers Use Celebrity Names and Images
For years I have told you about scammers posing as various popular celebrities in ads and on social media luring people into making payments for worthless products. However, with the increased of Artificial Intelligence these phony ads and scams have become both more believable looking and more frequent as the deepfake and other AI technology becomes readily available to less technologically savvy scammers. Scammers pose as celebrities in a variety of scams including phony celebrity endorsed products, cryptocurrency investment scams and videos in which the scammers lure unsuspecting victims into downloading malware that can lead to identity theft.
Security software company McAfee recently released its list of the top ten celebrities whose names are used in scams. They are, in order, Scarlett Johansson, Kylie Jenner, Taylor Swift, Anya Taylor-Joy, Blake Lively, Johnny Depp, and Addison Rae. Kylie Jenner’s name and image were used for phony social media giveaway scams involving phony cosmetic products. Taylor Swift, unsurprisingly, has had her name and likeness used in phony product endorsement scams and phony product giveaway scams.
Last summer, AI was used to make a video in which it appeared that Jennifer Lopez was endorsing a skincare product. She was probably even more upset than most celebrities whose names and images are used in phony endorsements and scams because in the skincare product video, the scammers used AI to add fake wrinkles to her face.
TIPS
Trust me, you can’t trust anyone. Always confirm any endorsement or connection between a celebrity and any product or program. Confirm on the celebrity’s website to see if they really do endorse a particular product or program.
While it can be difficult to do, you can also identify many deepfake videos in a number of ways. One unusual thing that deepfakes often get wrong is how they show fingers. Often deepfakes have a sixth finger or leave off a thumb. Teeth, eyes and ears may also be flawed in appearance. Another flaw often that appears in deepfakes is accessories such as necklaces, earrings, scarves and even shirt buttons may appear warped.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – October 21, 2024 – Bogus Nude Photo Generator Downloads Malware
Deepfake porn by which someone is able to use deepfake software to take the photo of someone they know or a celebrity to create what appear to be nude photos or videos of the unwary victim has been a problem for a few years as the technology becomes easier to use and more available. In particular high school boys have abused deepfake technology to make and circulate deepfake nude photos and videos of their female classmates. Now in apparent poetic justice some of those deepfake purveyors are downloading malware when the try to use deepfake porn sites.
The Russian cybercrime gang FIN7 which has also been known as Carbanak has created seven websites that advertise what they refer to as a “DeepNude Generator” which provides artificial intelligence deepfake technology to enable anyone using their site to create deepfake nude photos and videos. People either downloading the software of signing up for a free trial end up downloading various forms of malware including ransomware. FIN7 has also used their technical expertise to manipulate the algorithms used by search engines to enable them to get a prominent listing in searches for porn sites.
TIPS
The easy piece of advice to avoid the problem of downloading malware in this manner is to merely avoid doing deepfake porn which is generally illegal. The problem is that the temptation for some people is just too great. Compounding the problem is that the probable target of FIN7 which has used cybercrime to steal more than 1.2 billion dollars is not individual users, but large companies where they hope to lure employees into downloading the malware at work and enable FIN7 to use their malware against large companies that can be profitable targets for ransomware and other malware.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email where it states “Sign up for this blog.”
Scam of the day – October 20, 2024 – Porch Pirates Stealing AT&T iPhones Delivered by Federal Express
The popularity of online shopping has brought a dramatic increase in the number of packages delivered by companies such as UPS and Federal Express. The popularity of online shopping has also resulted in a new term entering the lexicon in recent years, namely, “porch pirate,” which is the name given to criminals who cruise through neighborhoods looking for packages to steal that have been left on the doorsteps of homes by delivery services.
Recently there has been a dramatic increase in the theft of AT&T iPhones in New York, Pennsylvania, Delaware, Michigan, Georgia, Florida and Texas here porch pirates are showing up within minutes of a delivery to snatch the phones. One problem is that while Verizon and T-Mobile require signatures for cell phone deliveries, AT&T generally does not. Making the problem worse is that recently when some porch pirates were arrested following the theft of cell phones from porches in Texas, they were found to have AT&T tracking numbers. As of this time, it is not known how they or other porch pirates are obtaining this information.
TIPS
In regard to protecting yourself from porch pirates generally, if you are not going to be home at the expected time of a delivery, an easy solution is to either have the package delivered to your place of work or have a neighbor who will be home be on the lookout for deliveries to your home. You also can request that all deliveries require a signature, although this can slow down the delivery process if you aren’t home and end up requiring you to drive to a distribution center if repeated attempts at delivery are thwarted because no one is home to sign for the package.
Another option for protecting yourself is renting a locker at a local package receiving center. These can be found in most big cities. One of the companies that provide this service in New York City is https://www.golocker.com/ You also can rent an Amazon Locker where your Amazon deliveries can be sent. https://www.amazon.com/gp/help/customer/display.html?nodeId=GXCWH4CXLKJD8Z52
Amazon Prime also offers Key In-Garage Delivery which is a simple and secure way to have Amazon deliveries delivered to your garage if you are not home. Here is a link with more information https://www.amazon.ca/key-delivery
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – October 19, 2024 – FTC Refunding Money to Victims of Extended Vehicle Warranty Scam
In 2022 I first told you that the FTC filed a lawsuit against American Vehicle Protection Corporation (AVP) accusing it of scamming people with phony, expensive extended car warranties. American Vehicle Protection Corporation (AVP) lied to consumers, telling them that AVP was affiliated with the automobile manufacturers and further lied about the protection provided by their expensive policies. Making matters worse, they also marketed their worthless products through telemarketing calls to people who were registered on the Do Not Call List.
In July of 2023 the case was settled with AVP being permanently banned from the automobile warranty business. A 6.5 million dollar penalty was imposed, but all but $500,000 was suspended due to AVP’s inability to pay. Now the FTC is sending checks to victims of the scam. For more information about the refunds go to the first page of Scamicide.com to the section entitled “FTC Scam Refunds.”
Extended warranty scams have been with us for years. Actually, they are not “extended” warranties at all because if you read the fine print you will notice that although the notice that often comes through a postcard looks official, it is not from either the car manufacturer who issued your original warranty or the car dealer who sold you the car. The warranties themselves vary from scammer to scammer with some of the “extended” warranties being relatively worthless, but with all of them based on misrepresentations.
If you are registered for the Do Not Call list and you do receive a call from a telemarketer attempting to sell you an extended warranty, you can be confident that the call is a scam because no legitimate telemarketer would call you if you are enrolled in the Do Not Call list. It is also important to note that while telemarketing is not, in and of itself, illegal, commercial telemarketing, such as the sale of these “extended warranties” through robocalls is always illegal.
TIPS
In regard to car warranties, it is always a good idea to check with your local auto dealer as to what warranties cover your car. Never trust anything that comes to you by way of an illegal robocall or telemarketing call if you have enrolled in the federal Do Not Call List. Never feel pressured to act immediately when someone calls you on the phone with an unsolicited offer and never give any personal information including your credit card over the phone to someone who calls you because you can never be sure who is actually calling.
Registering for the Do Not Call List is easy and free. Merely go to http://www.donotcall.gov to register your phone number.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/