Scam of the Day
Scam of the day – May 9, 2026 – Instructure Data Breach Affects Millions of its Customers
Educational technology company Instructure which developed the hugely popular learning management system Canvas which is used by school districts and universities around the world has confirmed that it suffered a data breach earlier this month in which as many as 275 million records of its users were compromised. The notorious ransomware gang ShinyHunters has claimed responsibility for the data breach and has publicly shared a list of 8,809 school districts, universities and online education platforms from which they claim to have information. Fortunately, the data breach does not appear at this time to have included passwords, dates of birth or financial information such as credit card data.
TIPS
Even though it presently appears that passwords were not compromised, it would be prudent for anyone affected by the data breach to change their password. You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. Dual factor authentication should also be set up if it is not already being used.
If you have not already done so, set up dual factor authentication for each of your accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 8, 2026 – Watch Out for Mothers Day Scams
This upcoming Sunday is Mother’s Day and once again we must be vigilant about not falling prey to scams related to this holiday. Anything popular with the public will always be popular with scammers. Although for many of us Mother’s Day is an opportunity to show our mothers how much we love and appreciate them, for scammers it is yet another opportunity to scam people.
One common Mother’s Day scam involves a social media post or an email that you get offering Mother’s Day gifts such as flowers, jewelry, shoes or clothing at tremendously discounted prices. All you need to do is to click on a link to order online. The problem is that many of these offers are indeed scams. If you click on the link, one of two things can happen and both are bad. Sometimes the link will take you to an order form where you provide your credit card information, but never get anything in return. Instead, your credit card information is used to make you a victim of identity theft. Even worse is the other possibility which is by clicking on the link, you will unwittingly download a keystroke logging malware program that will steal all of the personal information stored on your computer and use that information to make you a victim of identity theft.
Be careful when making online purchases. Merely because a website offering great prices may be highly listed on Google or other search engines does not mean that it is legitimate. All it means is that the scammers know how to manipulate the positioning of their website in a Google search. Other times the scammers will merely pay for an advertisement for their website to appear at the top of a search engine search.
Even if you are dealing with a legitimate online company, make sure that your communications are encrypted when you send personal information or credit card information. The easy way to do this is to look to see if the the web address of the company changes when you go to the page to input credit card information from “http” to “https” indicating that your data is being encrypted. And of course, don’t use your debit card for retail purchases either online or in a brick and mortar store because you have less protection from fraud with a debit card than a credit card.
TIPS
It is always dangerous to buy anything online from any store or company with which you are not familiar. Check out the company with your state’s Attorney General, the Federal Trade Commission or just do a Google search to see if the company is legitimate. Even then, you are better off going directly to the company’s website rather than dealing with a company through an email that may just be a forgery of an email from a legitimate company. As always, if the offer you receive sounds too good to be true, it usually is.
You also can use the Google Safe Browsing Tool to see if a particular website you are considering for a Mother’s Day purchase is legitimate. https://transparencyreport.google.com/safe-browsing/search
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 7, 2026 – FTC Sending Refunds to Victims of Credit Repair Scam
In the Scam of the day for June 9, 2022 I informed you that the FTC sued credit repair scammer, Financial Education Services. The FTC initiated legal action against Financial Education Services and its owners accusing them of scamming their victims out of more than 213 million dollars. Now four years later the case has been settled and the FTC is sending refunds to people who were scammed by them between May of 2019 and May of 2022.
According to the FTC, Financial Education Services preyed upon consumers with low credit scores and lured them with misleading and false promises into paying for worthless services that Financial Education Services told them would result in their credit scores being increased by hundreds of points. In its lawsuit the FTC alleged Financial Education Services lied to consumers about credit repair and illegally charged their victims upfront fees for credit repair. In an interesting twist, Financial Education Services also then recruited their victims into a pyramid scheme by which they would help sell the same worthless credit repair services to others.
Your credit report is one of the most important documents in your financial life. The information in your credit report as maintained by the three major credit reporting agencies, Equifax, TransUnion and Experian is used to calculate your credit score. This is used by financial institutions to evaluate your creditworthiness and can affect your ability to get a credit card, mortgage loan or a car loan. It also can affect the rate that you will be charged on such loans. In addition, your credit score is used in many states by companies in making hiring decisions and landlords consider credit scores when determining whether or not to rent an apartment or home to someone.
For more information about the FTC refunds to victims of this scam go to the middle of the first page of the http://www.scamicide.com website and click on the icon for FTC Scam Refunds.
TIPS
Don’t fall prey to scammers operating phony credit repair companies and never pay an upfront fee to one of these companies. Advance fees for credit repair companies that operate for profit are banned by the Credit Repair Organizations Act.
Negative information on your credit report remains on your credit report for seven years and bankruptcies for ten years. Anyone who tells you otherwise is just trying to scam you. Many of the scam credit repair companies use illegal tactics such as applying for a federal employer ID to use as your Social Security number when applying for credit. This is illegal.
If you need real credit counseling you can go to this section of the Department of Justice’s website where it lists agencies approved to assist consumers with debt problems. https://www.justice.gov/ust/list-credit-counseling-agencies-approved-pursuant-11-usc-111 You also may consider contacting companies that are affiliated with the National Foundation for Credit Counseling at this link https://www.nfcc.org/
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – May 6, 2026 – Business Owner Loses $24,000 to Sophisticated Phone Scam
Recently, bakery owner Susan Limb of Maryland was disturbed when she received what appeared to be a call from her bank informing her that multiple fraudulent withdrawals had been made from her business account and that immediate action needed to be taken in order to stop the theft. Limb noticed that the phone number shown on her Caller ID confirmed that the call was coming from her bank and the caller even told her that she could confirm that this was really the bank calling by going to the bank’s website to confirm that the phone number she was being called from was indeed from the bank which Limb did. Unfortunately, Limb was not aware that through a very simple technique called “spoofing,” a scammer can make their call appear to come from whatever phone number they wish.
The scammer then told her that to confirm Limb’s identity a security code would be sent to her which she should, in turn, provide to the scammer posing as the bank official. Limb complied with the request which unfortunately turned over to the scammer the numbers sent to Limb through dual factor authentication of her account. The scammers had somehow been able to steal her password, but would not have been able to access her account without the numbers sent to Limb’s phone by text message as her dual factor authentication. Once she turned that number over to the scammers they were able to empty her account. In order to keep the scam going, the phony bank official told her not to log into her account while the bank was investigating the matter and to ignore any automated alerts she might receive from the bank, telling her that the were redundant to the investigation. When Limb did finally check her account, she saw that the money had been withdrawn by the scammers.
TIPS
Like many scams, this one relies initially on appealing to the part of our brain called the amygdala which prompts us to make quick decisions in emergency situations without necessarily taking the time to carefully evaluate the situation. As I often tell you, due to spoofing, anytime you get a phone call, you can never be sure who actually is calling you. Most importantly, you will never legitimately be asked for a security code sent to your phone as part of dual factor authentication by a phone call. Only scammers do this when they try to trick people in order to nullify the protections provided by dual factor authentication. Such security codes are only to be used by you when you access your account on your phone or computer. Only scammers ask for these numbers in a phone call.
If you get such a phone call and think it may possibly be legitimate, merely hang up and call the bank at a phone number you know is legitimate.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 5, 2026 – Indiana Attorney General Warns About Mortgage Relief Scams
Indiana Attorney General Todd Rokita recently issued a warning about scammers posing as mortgage relief service companies contacting people with phony and illegal offers to provide mortgage relief to people having difficulties paying their mortgages. According to the FTC scammers promising mortgage relief services target homeowners behind in their mortgages through false and deceptive telemarketing calls, text messages and online ads in which they promise to obtain mortgage modifications quickly and easily if their targeted victims pay an upfront fee. Often these scammers claim to be affiliated with the federal government.
Last year the FTC returned funds to victims of mortgage relief scams perpetrated by HOPE Services and HouseHoldRelief. In its lawsuit against these companies the FTC said that the they targeted consumers facing foreclosure, especially those who had failed to get any relief from their lenders. Pretending to be a “nonprofit” organization with government ties, they falsely claimed they had a high success rate, special contacts who would help get loan terms modified, and an ability to succeed even when consumers had failed previously. Instead, homeowners who made payments did not have their mortgages modified, and their lenders never received the funds
TIPS
A telltale sign of a mortgage relief scams is the demand for an upfront fee before services are rendered which is illegal. Mortgage scammers also often tell you to stop paying your mortgage and not to communicate with your lender. This is bad advice when you have a problem with your mortgage. Failing to make payments and not communicating with your lender if you are having a problem paying your mortgage will only make the problem worse. Finally, don’t trust any company that guarantees that they can get you a mortgage payment reduction and never transfer title to your home to anyone saying they are trying to help you. That is another sure sign of a scam.
If you do find yourself having difficulty making your mortgage payment, either speak with your lender directly to see if you can get a modification or call a legitimate credit counselor through the Homeownership Preservation Foundation which is a non-profit company that provides free help to modify your mortgage and avoid foreclosure. You can reach them at 1-888-995-HOPE.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type your email address in the tab that states “Sign up for this blog.”
Scam of the day – May 4, 2026 – New Twist on Phony Lottery Scam
Lottery scams generally follow a typical pattern, namely you receive a phone call, email or text message informing you that you have won a lottery that you never entered, but that you need to pay income taxes or administrative fees to the lottery sponsor before you can claim your prize. One thing that all of these methods of communication have in common is that with modern technology it is a simple matter to make these communications at little cost and in vast numbers. Therefore it was a bit of a surprise to learn about a new form of the lottery scam about which the Wisconsin Department of Agriculture, Trade and Consumer Protection recently issued a warning that involved the victims of the scam being notified by a $10 Priority Mail. The letter itself appears to be from a legitimate lottery informing the targeted victim that he or she had won a million dollar prize as part of a charitable initiative. Interestingly, the letter, which is easy for a scammer to create, requested the recipient to keep it a secret that he or she had won the prize for security or legal reasons
TIPS
As I have often told you, it is difficult to win a lottery you have entered. It is impossible to win one that you have not even entered. You should always be skeptical about being told that you have won a lottery you never entered. No legitimate lottery will ask you to keep it a secret that you have won. Only scammers will do that.
While it is true that income taxes are owed on lottery winnings, legitimate lotteries never collect tax money from winners. They either deduct the taxes from the winnings or leave it up to the winners to pay their taxes directly to the IRS. Also no legitimate lottery asks for the payment of administrative fees to receive a lottery prize.
Apparently having the scam delivered by expensive Priority Mail gives the scam an extra appearance of legitimacy that outweighs the cost to the scammer, but don’t be fooled.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”
Scam of the day – May 3, 2026 – Fidelity Data Breach Class Action Settlement
In the Scam of the day for October 14, 2024 I first told you about a data breach at Fidelity Investments affecting 77,000 of its customers. The data breach occurred between August 17 and 19th of 2024 but was not disclosed by Fidelity until October 9th. Sensitive personal information including names, Social Security numbers and financial account details of affected customers were compromised in the data breach. Subsequently a class action was filed on behalf of the victims of the data breach alleging negligence on the part of Fidelity in not properly protecting its customers’ sensitive information. The class action has now been settled. According to terms of the settlement, eligible class members can receive up to $5,000 in compensation for actual documented monetary losses. Alternatively, even if a class member had no out of pocket losses, they can receive a cash payment presently estimated to be $100. All victims of the data breach will also receive identity theft protection insurance and credit monitoring, and monitoring for dark web postings related to their account.
Class members must complete an online claim form to be eligible for a payment. The deadline for filing a claim is July 27, 2026. Here is a link to file a claim online. https://fidelitydatasettlement.com/form/claim A court hearing of July 9, 2026 has been set for a judge to give final approval to the settlement which is expected.
Regardless of whether you were affected by this particular data breach, we are all likely to be victims of future data breaches. So what can you do to protect yourself from data breaches that will be occurring?
TIPS
One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible although in this case investment companies do need your Social Security number for income tax reporting. However, your doctor doesn’t need your Social Security number for his or her records.
You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. If your information is compromised in a data breach, you should immediately change the password for that account.
If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password. However it should be noted that the malware responsible for this particular data breach is able to bypass password requirements and dual factor authentication.
https://www.transunion.com/credit-freeze
https://www.experian.com/freeze/center.html
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 2, 2026 – Cryptocurrency Scammer Sentenced to 23 Years in Prison
Robert Dunlap was recently sentenced to 23 years in prison for operating a cryptocurrency scam that stole more than $20 million from close to 1,000 investors. Between 2018 and 2023 Dunlap sold a digital asset he called Meta-1 Coin which he marketed through social media, seminars and an Internet radio show. Dunlap told the investor victims of his scam that the token was secured by $44 billion in gold and a $1 billion art collection featuring works of Picasso, Dali and Van Gogh. He also told investors that the cryptocurrency was guaranteed and capable of generating returns of as much as 224,923% . He told investors that his coin offering was independently audited and provided his victims with phony records and insurance documents to make his scam appear believable. All of it was a lie. There was no gold or art and the website he created for the cryptocurrency, Meta Exchange used automated trading bots to make it appear that the Meta-1 coin was profitable when it was not.
The SEC instituted a civil fraud action against Dunlap in 2020, obtaining temporary orders against Dunlap, but this did little to slow down his actions as he continued to operate his scam on hundreds more investors before he was finally stopped when the criminal case against him proceeded.
TIPS
While it is never appropriate to blame victims for being scammed, there are a number of basic steps that his victims could have taken that would have indicated that Dunlap’s enterprise was a scam. No one should ever invest in anything until they have independently investigated both the investment and the person offering the investment. A first step in looking into any investment advisor is to search the FINRA BrokerCheck data base which will tell you if the person touting the investment is a registered investment advisor and whether there are any legal actions against the advisor. If anyone had looked up Dunlap they would have learned that he was not a registered broker or a licensed investment advisor. Anyone investing with him after 2020 could have found the SEC civil charges against him for selling unregistered securities and making phony audit documents.
In regard to the Meta-1 Coin investment, anyone looking into it would have found that it was not being traded on any public exchanges. They also would have found that there was no independent verification of any art ownership.
Perhaps the biggest red flag was guaranteed returns of the ridiculously high 224,923%.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 1, 2026 – Meta Sued Again Over Scam Ads
Last June i told you that the Wall Street Journal did a scathing story that said that Meta, the parent company of Facebook and Instagram had become the “cornerstone of the internet fraud economy.” According to the story Meta accounted for nearly half of all reported scams involving Zelle at major banks. The story also reported that 70% of new advertisers on Meta’s platforms promote scams or low quality products. Many of the scammers placing these ads, according to the Journal, were Southeast Asian crime networks. The article went on to say that Meta did a poor job of taking down fraudulent ads because it prioritized its 16 billion dollar profit from scam ads over protecting its users from being scammed. For its part, Meta says that according to federal law it is not responsible for scam ads on their sites.
Recently the Consumer Federation of America sued Meta alleging “Meta has adopted policies and practices that it knows allow scam advertisements to proliferate on its platforms while simultaneously profiting off those ads at is users’ expense.” The complaint also accuses Meta of downplaying the scale of fraud on Facebook and Instagram and creating a false impression of safety.
TIPS
So how do you protect yourself from these phony ads?
You can start off by checking the profile page of the poster to see if it has many followers. Also, legitimate businesses will have websites. Check out these websites to see if they are legitimate.
Asking for payments to be made by wired funds, gift cards, Venmo or Zelle is also a good indication that it is a scam. Venmo and Zelle should never be used for commercial transactions and gift cards are not an accepted method of payment for goods to anyone other than scammers.
Look for customer feedback and review sites such as Trustpilot.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – April 30, 2026 – Virginia Sheriff Warns About Dangers of Check Washing
What is old is new again. Many people continue to pay their household bills by paper checks rather than electronic banking and even when shopping, some people prefer paying by check instead of using a credit card or cash. While there has been much discussion in the news about data breaches involving credit cards, the problems encountered through check washing are still substantial costing consumers and banks more than a billion dollars each year and the problem is getting worse.
Typically, the scam starts when someone pays a bill with a check, mails the envelope containing the check and then somewhere in transit the check is stolen and washed. Check washing is a process by which someone steals a check you have already written and “washes” or removes the name of the payee, often using simple bleach, and also changes the amount as well as the name of the payee. The criminal then cashes your altered check and steals your money.
It is a very simple thing for identity thieves to steal your check from your mailbox if you put it in an envelope to pay a bill and leave it in your mailbox outside your home for your mail carrier to pick up. Identity thieves also break into USPS mail collection boxes and steal mail with checks as well. Finally, rogue clerks at stores may steal your checks. It is then a simple thing to take ordinary bleach, acetone or other similar liquids to wash clean the name of the person to whom the check is made out as well as the amount of the check and insert the identity thief’s name and a new amount.
Recently, the Dinwiddie County Virginia Sheriff’s Office warned the public about a dramatic increase in mail theft from both residential and U.S. Postal Service mailboxes and resulting check washing. Additionally, the Sheriff’s Office said, “Beyond the money, they can use bank routing/account numbers for further identity theft, such as creating counterfeit checks or opening new account.”
TIPS
While businesses can protect themselves from check washing quite readily by using higher technology checks such as those containing three dimensional reflective metallic holograms or checks treated with chemicals that will make the world “void” appear if the check is attempted to be altered, these are costly alternatives for individuals. Fortunately however, you are not powerless and the solution, in fact is quite simple. Instead of writing your checks using a common ball point pen, switch to a gel pen which is a commonly available type of pen whose ink will not vanish under chemical washes. Fountain pens also do not use the type of ink that can be readily washed, but the gel pen is simpler and easier to use (and also less messy).
Unfortunately, more sophisticated criminals will scan your check into their computers and use readily available software to keep the signature from the original check, but delete the amount and the name of the payee on the check thereby allowing them to make perfect counterfeit checks which they can make payable to themselves for any amount they choose thereby defeating the gel pen as a defense so electronic banking is still your best bet.
Another important thing to remember is to cross shred your personal documents including checks that you no longer need and are discarding. Identity thieves go through your trash for their treasure including checks that they can use to make counterfeit checks using your account.
Finally, check your banks statements promptly after receiving them for signs of theft. If you do report checking account fraud more than thirty days after receiving your bank statement, the bank does not have to reimburse you for fraudulent, counterfeit checks. Finally, if you already aren’t doing so, you should consider paying your bills electronically which can be done in an extremely safe manner.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/