Scam of the Day
Scam of the day – February 21, 2026 – Smart Home Danger: The Growing Internet of Things Hacking Threat and How to Stay Safe
I have been warning you about dangers in the rapidly expanding Internet of things for more than twelve years. The Internet of Things is made up of a broad range of devices connected to the Internet including home thermostats, security systems, medical devices, refrigerators, televisions, cars and toys. Our homes have become filled with these devices including Alexa and Siri. The FBI has longed warned consumers about the dangers presented by hacking of various devices that makeup the Internet of Things.
Cybercriminals hack into your devices that are a part of the Internet of Things to enable them to enlist your devices as a part of a botnet by which they can distribute malware while maintaining their anonymity. They also can hack into your Internet of Thing devices to access your home computers or cell phones to steal information for purposes of identity theft or to implant malware on your home computers and cell phones. The risks are extreme, but there are some basic steps you can take to protect yourself.
TIPS
Most of the devices that make up the Internet of Things come with preset passwords that can easily be discovered by hackers. Change your password as soon as you set up the product. Also, set up a guest network on your router exclusively for your Internet of Things devices. This is important so that you can keep the sensitive personal information you have on your computer or cell phone from being accessible through a hacking of any of your Internet of Things devices.
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding. Make sure that you install the latest security patches as soon as they become available. Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.
Make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks. Routers are a critical part of your smart home security. Make sure it will automatically download and install the latest security updates from its manufacturer. If your router is an older router that does not have this capability, you can check the manufacturer’s website regularly for the latest updates, but frankly, you are probably better served by getting a newer, more secure router. Make sure you have a unique password for each of your Internet of Things devices and use dual factor authentication whenever you can for all of these devices.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – February 20, 2026 – Deed Copy Scam Resurfaces: How Homeowners Can Avoid This Misleading Fee Trap
Today’s Scam of the day is one that I have been warning you about since 2012, but lately there has been a resurgence of this scam as indicated by the number of Scamicide readers who have inquired about this scam after receiving a confusing notice. The scam begins with a call, email or snail mail letter informing you of the importance of having a copy of the deed to your home. Often these scammers will charge you $90 or more to obtain a copy of your deed for you.
Having an actual copy of your deed is not very important once it has been recorded in the local Registry of Deeds, however it is still a good record to keep. However, obtaining a copy of your deed on your own from your local Registry of Deeds is both simple and rarely costs more than a few dollars at the most. The problem with this particular scam is that technically, it may be legal in the sense that they are offering to obtain a copy of your deed for you for a fee and there is nothing illegal about that. However, the emails and letters you receive offering this service are usually confusing and misleading which is why I consider them to be a scam.
In 2018, Ohio actually passed a law requiring specific disclosures to consumers be made when a fee is requested to obtain a copy of a deed on your behalf. The disclosure must include the actual cost charged by the Registry of Deeds for a deed copy as well as prohibiting charging a fee more than four times the cost charged by the Registry of Deeds.
TIP
This is an easy scam to avoid. If you get such a call, email or letter, merely ignore it. If you want a copy of your deed, merely contact your local Registry of Deeds where you can get one for a nominal cost.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it states “Sign up for this blog.”
Scam of the day – February 19, 2026 – How Money Mule Scams Work: Reshipping Fraud, Work‑From‑Home Schemes, and Romance Scam Transfers
Laundering money derived from a scam is an essential element of many scams. Scammers can be extremely clever at distancing themselves from their scams in order to avoid detection. The people they enlist either as willing or unknowing participants in the laundering of the proceeds of a scam are called money mules. Scams in which innocent people are lured into being unknowing money mules are numerous. One of the more common of these involves work at home scams where your job is to receive goods, often electronics that have been shipped to you, inspect them and then reship them to an address provided to you by your new employer.
The problem is that these goods have been purchased with stolen credit cards and you have just become an accomplice to the crime when you ship them to someone else who will then sell them to turn the merchandise into cash. Other times the scammers will say that your job is to receive funds sent to you by the scammer, deposit the funds in your own bank account and wire the funds to people who the scammers tell you are either clients or suppliers of the scammers’ phony company. Finally, money mules are also used is in a variation of the romance scam where you are asked by your romantic partner to wire funds to someone on behalf of the scammer under a variety of pretenses.
Many times the scammers will use the names of legitimate businesses when attempting to lure people into the reshipping scam.
TIP
As always, if it sounds too good to be true, it usually is. Check out work at home scams with the big two – your local attorney general and the FTC. And, as always, you can Google the name of the particular company offering you the work at home program with the word “scam” next to it and see what turns up.
As for reshipping goods as a work at home job, it is important to remember that there are no such legal jobs for reshippers. They are always a scam and you should steer clear of them. You also should never use your own bank account to transfer funds for an employer. Finally, you should always be skeptical of someone with whom you have recently established an online romantic relationship who either asks you for money (the most common scam) or asks you to pass on money to a third party as directed by the scammer.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – February 18, 2026 – How Airbnb Scams Work: Fake Listings, Phony Websites, and the Rise of the Land Lordz Fraud Network
Airbnb is a deservedly popular service that connects homeowners wishing to rent a room or their entire house with vacationers and other travelers in 191 countries around the world. I have used Airbnb many times. Unfortunately, anything popular with the public is also popular with scammers and reports are increasing about scams involving people paying scammers for renting a non-existent room or a home that the scammer does not own. Many of the victims of these scams do not find out that they have been scammed until they show up at the rental, which may be far away, only to learn that it is not for rent and their money is gone.
Generally, a telltale sign that the Airbnb listing is a scam occurs when the “homeowner” or “host” as they are referred to in Airbnb asks to communicate with the victim off of the Airbnb website. They also ask for the money to be wired to the scammer’s account . As I have told you many times before, once you have wired funds, they are gone forever.
However, in the last six years a more sophisticated Airbnb scam has arisen. Computer savvy criminals created a subscription service called Land Lordz which they lease to less sophisticated criminals to assist them in victimizing Airbnb customers. Land Lordz helps criminals create and manage phony listings on phony websites that look like Airbnb. The phony listings are generally copied from legitimate Airbnb listings and will include fake reviews as well. The phony Airbnb site emphasizes that all payments will go through Airbnb and will therefore be safe and secure. If someone asks for further details, which is common, the scammers email a response with a link that appears to take you to the real Airbnb website, but instead takes you to a phony website that merely appears legitimate and with the use of AI, it is a simple matter for a criminal to create a legitimate appearing website. When the targeted victim of the scam logs into the phony Airbnb website, the scammers are notified and respond by demanding a deposit be wired to them. Once the money is wired, the funds are lost forever.
TIPS
Only communicate with hosts through the Airbnb website and use the Airbnb payment system with a credit card. The credit card companies are quite good at refunding funds lost to scams. Airbnb does not forward payment to the host sooner than 24 hours after the guest checks in. Never use wired funds, certified checks, debit cards or any other method of payment other than a credit card through the Airbnb payment system to pay for accommodations. Always check your browser’s address bar to make sure that you are indeed on the real Airbnb website and don’t click on links to go to a website, but rather always type in the website address independently. Airbnb also provides for dual factor authentication which I urge you to use if you have an Airbnb account for greater for protection.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type your email address on the tab that states “Sign up for this blog.”
Scam of the day – February 17, 2026 – Beware the Fake Amazon Recall Text Scam: How Fraudsters Use Spoofing and Counterfeit Sites to Steal Your Account
Whatever is popular with the public is popular with scammers which is why it is not surprising that scammers are sending out text messages that appear to come from Amazon informing their targeted victims that there is a recall of a product that the targeted victim purchased through Amazon Prime. The text message looks legitimate and may even appear to come from a legitimate Amazon telephone number, but it is a simple matter for a scammer to “spoof” a legitimate number to make it appear that the call is originating from Amazon while actually coming from the scammer. The bogus text message informing you of the product recall provides a link that will take you to what appears to be the Amazon website and prompts you to provide your account information and your password. Using AI it is simple for a scammer to create a very legitimate appearing counterfeit Amazon website.
Anyone providing their account information and password would end up having their account taken over by the scammers who would quickly run up purchases and charges to the account.
In 2024 Amazon took down more than 55,000 phony Amazon websites, but it is a never ending battle because as soon as one is taken down, scammers create a new counterfeit site.
TIPS
Rather than only use a password for your Amazon account, you should either use dual factor authentication or an Amazon Passkey for your account. This will provide added security to your account to prevent your becoming a victim of this type of scam. To set up dual factor authentication on your account, use this link.https://www.amazon.ca/gp/help/customer/display.html%3FnodeId%3DGE6SLZ5J9GCNRW44
Passkeys enable you to use Face ID, Touch ID, Windows Hello or a device PIN rather than a password. In order to set this go to your Amazon account and then click on Login & security, then go to Passkeys and then click Set up.
As I always say, trust me, you can’t trust anyone so if you get a text message about a recall from Amazon, your best course of action is to either contact Amazon Customer Service at 1‑888‑280‑4331 or login to your account online or on the app and you will be able to see if there was a recall.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – February 16, 2026 – Xfinity Data Breach Settlement: Why the Last Four Digits of Your Social Security Number Still Put You at Risk
In the Scam of the Day for December 22, 2023 I first told you about the data breach involving all thirty-six million customers of Internet service provider Comcast Cable Communications which does business as Xfinity in which usernames, hashed (encrypted) passwords, birth dates, security questions and answers as well as the last four digits of the Social Security numbers of its customers. Some people might wrongly believe that having only the last four digits of their Social Security number in the possession of scammers does not put them in jeopardy, it most certainly does. The first three digits of your Social Security number relate to where you live and is easily determined; the second two digits are group numbers that until 2011 were based on when you obtained your Social Security number and are even available on the Social Security website for years up till 2011, but even for numbers issued after that date, there are only 99 possibilities so it is not particularly difficult for an identity thief to determine your Social Security number with just the last four digits. Armed with your Social Security number, a criminal can make you a victim of costly identity theft quite readily.
The data breach of Xfinity is an example of a supply chain data breach where cybercriminals hack makers of software used by many companies, individuals and government agencies and insert their malware into the legitimate software of manufacturers who have not taken proper security precautions in the development of their software. Users of the software trust these companies and too often their trust is misplaced.
Now a class action against Comcast as well as Citrix Systems, Inc and Cloud Software Group who were the supply chain companies involved with the data breach has been preliminarily settled with Comcast agreeing to provide three years of free financial and credit monitoring and identity theft protection, plus either a reimbursement of out-of-pocket loses and lost time of up to $10,000 or an alternative cash payment of $50.A final approval hearing has been scheduled for July 7th.
TIPS
One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible. For example, your doctor doesn’t need your Social Security number for his or her records and neither does your internet provider.
You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. If your information is compromised in a data breach, you should immediately change the password for that account.
If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password. However it should be noted that the malware responsible for this particular data breach is able to bypass password requirements and dual factor authentication.
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – February 15, 2026 – Social Media Scams Surge: Why Most Fraud Now Starts on Facebook, Instagram, and WhatsApp
According to the Federal Trade Commission (FTC) more scams in the United States are started on social media than on any other platform at a cost of 3.8 billion dollars in 2024 and that figure is probably low because many victims, often out of embarrassment, do not report being victimized. A study done by the Fin Tech company Revolut found that 60% of all scams in the UK originated on the Meta platforms Facebook, Instagram and WhatsApp with investment scams being the most common form of scam. Revolut referred to social media as a “hotbed” for scams.
Scammers harvest information about you that you post on social media to learn about your identity and interests and use that information to target you with a wide variety of scams including investment scams, romance scams and sales of phony products. Meta Platforms, the parent company of Facebook, Instagram and WhatsApp earned $16 billion from ads for scams and other phony products. Now Senators Ruben Gallego and Bernie Moreno have introduced bipartisan legislation in the Senate that would require social media platforms to verify government-issued identification of advertisers or the legal existence of businesses advertising on their sites to reduce the number of these scams.
TIPS
Don’t accept friend requests from everyone who asks to be your friend on social media and don’t trust communications or advertisements on social media merely because they look legitimate or appear to come from your friends. Often social media accounts are hacked or cloned and the scammers, posing as your friends, leverage the trust that you have in your friends to lure you into phony investments, phony sales and romances. Further, even if a communication comes from a real friend, often people will forward scams that they have been fooled into thinking are legitimate.
Use your privacy settings to limit who can see the information you post on social media.
Remember it is good rule to never click on links that may appear on social media, text messages or emails unless you have absolutely confirmed that they are legitimate because the risk of downloading malware is too great.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – February 14, 2026 – Panera Bread Data Breach: New Lawsuits Filed as 14 Million Customers’ Information Exposed
It was two weeks ago that I first told you about the data breach at Panera Bread. It was done by the English speaking hacking group ShinyHunters, who successfully stole personal information including customer names, email addresses, phone numbers home addresses and account details for 14 million customers of Panera Bread. In the last year ShinyHunters hacked Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany and Qantas. In the case of Panera Bread, the hackers got access to a Panera Bread database through social engineering in which they posed as an IT worker and lured Panera Bread employees into providing access credentials.
Now two lawsuits have been filed seeking class action status in regard to the data breach. They allege that Panera negligently failed to protect sensitive customer data, which is even worse considering the fact that Panera suffered a similar data breach in March of 2024. Further, the lawsuits allege that Panera still hasn’t notified affected customers about the breach. As more developments occur, I will report them to you.
TIPS
While personal information of the kind compromised in this data breach does not pose the immediate threat of a compromised Social Security number, it does enable a cybercriminal to create more specifically targeted spear phishing attacks that appear legitimate.
Victims of this data breach should freeze their credit if they have not already done so. Actually, freezing your credit is actually something everyone should do. It is free and easy to do. In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – February 13, 2026 – AI‑Powered Fake Retail Websites: How Scammers Trick Online Shoppers Into Surrendering Their Credit Cards
Creative scammers have come up with a new way to scam you when you shop online. For years, I have warned you about phony retail websites that either appear to be that of legitimate retailers such as Wallmart or are just websites that come up high in a search engine search when you are looking to buy a particular item that offer great prices. Unfortunately, this problem has gotten worse with scammers now able to use AI to create phony retail websites that look entirely legitimate. Also, merely because a website comes up high in a search engine search does not mean that it is legitimate. Scammers either pay for a high position or are sufficiently savvy to create a site that the search engines’ algorithms will pick for a high position in a search.
In the past, the scammers would lure you into providing your credit card or debit card (which you should never use for purchases because the law does not protect you as much from fraudulent use) and then use your card to make purchases or if you provided your debit card, they will then access your bank account. Now, however, the scammer are getting greedy. When you attempt to use your credit card on their phony website you will be told that your card has been declined and so you need to use a second card. Once you do, you have now turned over two credit cards to the scammer to use for fraudulent purchases in your name.
So how do you determine if you are on a legitimate website?
TIPS
Scam of the day – February 12, 2026 – Why You Must Freeze Your Credit at All Four Bureaus — Including the Little‑Known NCTUE
A credit freeze is, as the name implies, a freezing of your credit report at your request whereby no one can have access to your credit report even if they have your Social Security number and other personal information about you. You control access to the credit report through a special PIN that you choose. Thus, even if someone was able to steal your Social Security number, they could not parlay that into access to your credit report to be able to purchase things or set up accounts using your name. If you need to thaw out your credit report at such times as you want to apply for credit in the future, it is an easy procedure to do so using your PIN; then, after your new credit has been established, you can freeze your credit report again. Freezing and unfreezing your credit report has been free since 2018.
While many people are aware of the desirability of freezing your credit at Experian, Equifax and TransUnion, most people are not aware of the National Consumer Telecommunications and Utilities Exchange (NCTUE) which is the credit reporting agency used by the major phone service companies. More and more scammers are opening cell phone accounts in the names of their unwary victims who may have actually frozen their credit with Equifax, Experian and TransUnion, but not with NCTUE.
TIPS
Freezing your credit is actually something everyone should do. It is free and easy to do. It protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number. If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html