Scam of the Day
Scam of the day – May 29, 2026 – HR Department Vacation Scam
It is late May and many of us are thinking about taking our summer vacations that we look forward to all year, however, scammers are also taking advantage of our vacation interest to scam us and the companies we work for.
One new scam involves your getting an email that appears to come from your employer’s HR Department luring you to click on a link to submit your request for vacation time. Clicking on the link can either cause you to download dangerous malware that can lead to your becoming a victim of identity theft or luring you into providing your online credentials at work in order to get access to your company’s computers and data.
TIPS
Never click on a link or provide personal information in response to an email or text message unless you have confirmed that the communication is legitimate. Scammers can use email addresses that may appear to be legitimate and it is easy for a scammer to make a text message appear as if it is coming from a trusted phone. If you get a communication that appears to come from your HR department, contact them directly through an email or phone number that you know is legitimate.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 28, 2026 – Carnival Cruise Line Data Breach Class Action Filed
Carnival Cruise Line suffered a massive data breach by the ransomware gang ShinyHunters through social engineering on April 18, 2026 that is estimated to have affected 8.7 million records. The data breach is still being investigated, but is reported to have included names, addresses, birthdates, passport details, phone numbers, email addresses and possibly credit card data and passwords, all of which puts millions of Carnival’s customers in danger of identity theft. A class action has been filed on behalf of the affected Carnival customers that alleges that Carnival did not notify victims of the data breach in a timely manner which put them at increased risk of identity theft. The class action further alleges that Carnival did not implement reasonable data security protections including failing to encrypt sensitive data held by Carnival. As further developments in the case occur, I will report them to you.
TIPS
This data breach and the resulting class action is a good example of companies having to do a better job at protecting their customers data. In particular, companies should be encrypting all sensitive data and limiting access to only employees who require access to particular data. Not enough companies are taking these common sense steps. In addition, companies should be training their employees, particularly those in IT to better defend against socially engineered attacks which rely on the cybercriminals use of psychology to convince employees of targeted companies to provide access to their company computer networks.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 27, 2026 – Missouri Becomes the Latest State to Take on Crypto ATMs
A report from the Federal Trade Commission (FTC) indicates a 1,000 % increase in money lost to scammers through cryptocurrency ATMs in the last three years. Bitcoin and other cryptocurrency ATMs look just like traditional ATMs, but instead of distributing cash, they take cash in exchange for cryptocurrency and enable the transfer of the deposited cash turned into cryptocurrencies into crypto wallets. Due to the anonymity and immediacy of the cryptocurrency transfers done through a cryptocurrency ATM, it is a favorite method of payment for scammers.
Most of the scams using cryptocurrency ATMs involve imposter scams where the scammer poses as either a law enforcement officer, government official or someone providing tech support for a non-existent problem. What all of these imposter scams have in common is that they scare the targeted victim with a story about an emergency that requires them to take cash from their bank account and use a QR code provided by the scammer to deposit the money into the account of the scammer at a cryptocurrency ATM under the guise of protecting the funds. According to the FTC, people over 60 years old were more than three times more likely to report losing money to a cryptocurrency ATM scam with an average loss of $10,000.
Indiana was the first state to outright ban cryptocurrency ATMs. Tennessee joined the parade as the second state to ban cryptocurrency ATMs after their legislature unanimously voted to do so. Their ban will take effect July 1st. Tennessee was prompted to do so after its citizens lost $142 million to cryptocurrency scams. Overall, Americans lost $11.3 billion last year to cryptocurrency ATM scams. A number of states have sued the crypto ATM companies with the most recent being Missouri which sued GPD Holdings LLC who do business as CoinFlip for “knowingly facilitating fraudulent transactions and profiting from them with convoluted and excessive fees through cryptocurrency kiosks..”
TIPS
Protecting yourself from these imposter scams starts with recognizing that you can never be sure who is actually contacting you when you are contacted by phone, email or text message so you should never click on a link, download an attachment or provide personal information in response to any of those communications unless you have absolutely confirmed that the communication was legitimate. Further there is no circumstance where you will be asked by anyone legitimate to withdraw funds from your bank, deposit them into a cryptocurrency ATM and transfer the funds to them. Only scammers make those requests.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – May 26, 2026 – Liberty Mutual Data Breach Class Action Filed
Insurance company Liberty Mutual suffered a data breach on April 30th done by the ransomware group Everest. Stolen data included policyholders’ names, addresses, insurance policy numbers, financial and billing details and other personal information including, some medical information. The breach was not done as a direct breach of Liberty Mutual’s own internal systems, but done through a supply chain attack. Supply chain attacks have become a trend where hackers target companies with less security who have access to the data of the company that is the real target of the criminals. Often it takes the form of injecting malware into software developed by companies that is later used by other companies or government agencies that allows the criminals access to their targeted victims’ data. In other instances, such as the supply chain attacks have attacked companies used by their target companies to manage their customer data.
When Liberty Mutual refused to pay the demanded ransom promptly, Everest added Liberty Mutual to its dark web site where they threaten to post the information stolen. Now a proposed class action has been filed by two affected customers in Massachusetts claiming Liberty Mutual was negligent in its failure to protect sensitive customer data. I will keep you informed as to progress of the lawsuit.
TIPS
This data breach and the resulting class action is a good example of companies having to do a better job at protecting their customers data. In particular, the threat of supply chain attacks must be anticipated by assessing various vender security practices before sharing data, encrypting all sensitive data and limiting access to only employees who require access to particular data. Not enough companies are taking these common sense steps.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 25, 2026 – Gift Cards Are a Scammers Best Friend
Scammers are big fans of gift cards because they are easy to purchase, easy to send to the scammer and impossible to trace to the scammer. According to the FTC, consumers lost 250 million dollars to gift card scams in 2025. It is not even necessary for the scammer to be in possession of the actual gift card to use it. Sending the gift card numbers or taking a picture on your phone and transmitting it to the scammer is sufficient for the scammer to use the gift card to buy things that can then be sold and converted into cash.
In many instances the scams involved scammers posing as large companies or government agencies such as the IRS demanding payments. It is important to remember that no legitimate company and no government agencies asks for or accepts gift cards as a payment method so anytime you are asked for a payment by gift card, you can be confident it is a scam.
In an interesting development, the FTC noted that Target gift cards were the most popular choice for scammers with scammers asking specifically for Target gift cards in twice as many instances as the next most popular gift card and even when the gift card requested by the scammers was not a Target gift card, the scammers asked their victims to purchase the particular gift cards at a Target store.
TIPS
Although it is impossible to stop payment on a gift card or trace the user after the scammer has used it, if you recognize immediately that you have provided a gift card to a scammer, you can report it to the issuer to cancel the card. Here is contact information for some popular gift cards.
Amazon
- Call 1 (888) 280-4331.
- Keep the Amazon card itself and your receipt for the Amazon card.
- Learn about Amazon gift card scams and how to report them. Click on “Contact us.”
Google Play
- Report the gift card scam to Google.
- Keep the Google Play card itself and your receipt for the Google Play card.
- Learn about Google Play gift card scams and how to report them.
Target
- Call Target Gift Card Services at 1 (800) 544-2943
MoneyPak
- Report gift card scams to MoneyPak.
- Keep the MoneyPak card itself and your receipt for the MoneyPak card.
- Learn about MoneyPak gift card scams.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 24, 2026 – Fuel Relief Program Scams
When, according to AAA the average price for a gallon of gas in the United States was $4.82 in July of 2022 I told you in a Scam of the day about scammers posing as government agents offering phony fuel assistance. At that time the Federal Trade Commission (FTC) warned the public about scammers calling, texting and emailing people posing as government representatives of the federal Fuel Relief Program offering assistance. All you needed to do, they told you, was provide some personal and financial information in order to be eligible for the program. Unfortunately, there was no such program then and there is no such program now as we all face high gas prices. Anyone providing their personal or financial information to the scammer will end up becoming a victim of identity theft.
Impostor scams have long been among the most lucrative for scammers. While there are many variations of this scam, the most common variations have involved scammers calling their intended victims on the telephone posing as some governmental agency such as the, FBI, IRS or the Social Security Administration. The scammer then, under a wide variety of pretenses, demands an immediate payment by gift cards, credit card or wired funds. Being asked to pay by gift cards is a definite indication that the call is a scam since no governmental agency requests or accepts payments by gift cards. Alternatively, the scammer demands the victim supply the phony governmental agent with personal information such as your Social Security number which will then be used for identity theft purposes.
TIPS
As I have often reminded you, through the simple technique of “spoofing” it is very easy for a scammer to manipulate your Caller ID to make a call coming to you appear legitimate when it is not. Therefore you can never truly trust your Caller ID. Trust me, you can’t trust anyone. Even though your Caller ID may indicate that the call is coming from a government agency the call my be coming from a scammer.
Whenever you receive a phone call, text message or email, you can never be sure who is contacting you so you should never provide personal or financial information in response to such communications unless you have absolutely confirmed that the communication is legitimate. In this particular case, there is no federal Fuel Relief Program so whoever contacts you claiming to represent the program is a scammer.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/
Scam of the day – May 23, 2026 – Is That New Card You Received From Medicare Legitimate?
I always advise people B.S. – Be skeptical, so it is not surprising that many people are indeed skeptical when they receive a snail mail letter from Medicare containing a new Medicare card with a new ID number, but the truth is that Medicare has sent out 1.3 million new cards to people whose Medicare ID numbers were either compromised in a data breach or otherwise susceptible to fraud. The bad news is that scammers are also aware that Medicare is sending out new cards so scammers using AI to create the letters are also sending out new cards for purposes of identity theft or to swindle their victims out of money.
So how can you tell if the letter and card you receive is legitimate?
TIPS
The real letter from Medicare will come with a paper red, white and blue card with your new number. It does not require you to do anything to activate the card or verify your identity. Letters from scammers may require you to call a phony Medicare customer service number to activate your new card or verify your identity where you will be asked for your Social Security number, bank account information or asked for a payment of a fee. So if you are asked to do anything to verify your identity or activate your new card, it is a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 22, 2026 – Memorial Day Scams
As we honor our veterans on Memorial Day, May 25th it is important to remember that scammers take Memorial Day as just another opportunity to scam veterans and others. In the case of Memorial Day, you can expect to be solicited by scammers by phone (remember legitimate charities can call you by phone even if you have enrolled in the Do Not Call List because charities are exempt from the Do Not Call List), email or letters asking for your money for various veterans causes or charitable ventures tied to Memorial Day.
Another common scam targets veterans and starts with a telephone call in which the veteran is told that in order to continue to receive various benefits, it is necessary to verify personal information such as the veteran’s birth date, Social Security number or bank account information. Of course, the call is not from the Veterans Administration and the call is not to verify information, but rather to gain information to be used to make the veteran a victim of identity theft.
TIPS
You never know who is on the other line of a telemarketing call, so never trust them. Remember my motto, “trust me, you can’t trust anyone.” If you are at all interested in what the caller appears to be selling or soliciting, ask them to send you written materials that you can then check out to see if it is legitimate. When it comes to charities, a good place to go is www.charitynavigator.org where you can see if a charity is legitimate or a scam as well as actually how much of the money they collect goes toward their charitable purposes and how much towards salaries and administrative costs.
As for calls purporting to be from the Veterans Administration, they do not call you on the phone to verify information. If you receive such a call, you can never be sure who is really calling because clever identity thieves are able to use a technique called “spoofing” to make it appear on your Caller ID as if the call from the identity thief is coming from the VA.
Since you cannot be sure who is calling you when you receive a call asking for personal information, you should never give that information out in response to a phone call, text message or email. Instead if you have the slightest thought that the communication may be legitimate, you should contact the real entity, in this case, the VA at a phone number that you know is accurate to inquire where you will learn that the initial contact was a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”
Scam of the day – May 21, 2026 – Tennessee Becomes Second State to Ban Cryptocurrency ATMs
A report from the Federal Trade Commission (FTC) indicates a 1,000 % increase in money lost to scammers through cryptocurrency ATMs in the last three years. Bitcoin and other cryptocurrency ATMs look just like traditional ATMs, but instead of distributing cash, they take cash in exchange for cryptocurrency and enable the transfer of the deposited cash turned into cryptocurrencies into crypto wallets. Due to the anonymity and immediacy of the cryptocurrency transfers done through a cryptocurrency ATM, it is a favorite method of payment for scammers.
Most of the scams using cryptocurrency ATMs involve imposter scams where the scammer poses as either a law enforcement officer, government official or someone providing tech support for a non-existent problem. What all of these imposter scams have in common is that they scare the targeted victim with a story about an emergency that requires them to take cash from their bank account and use a QR code provided by the scammer to deposit the money into the account of the scammer at a cryptocurrency ATM under the guise of protecting the funds. According to the FTC, people over 60 years old were more than three times more likely to report losing money to a cryptocurrency ATM scam with an average loss of $10,000.
Earlier this year, Massachusetts became the latest state to sue a crypto ATM operator, in this case Bitcoin Depot for enabling criminals to use their machines to scam people. According to the lawsuit, more than half of the money that went through Bitcoin Depot ATMs between August 2023 and January 2025 was related to scams. Indiana was the first state to outright ban cryptocurrency ATMs. Now Tennessee has joined the parade as the second state to ban cryptocurrency ATMs after their legislature unanimously voted to do so. The ban will take effect July 1st. Tennessee was prompted to do so after its citizens lost $142 million to cryptocurrency scams. Overall, Americans lost $11.3 billion last year to cryptocurrency ATM scams.
TIPS
Protecting yourself from these imposter scams starts with recognizing that you can never be sure who is actually contacting you when you are contacted by phone, email or text message so you should never click on a link, download an attachment or provide personal information in response to any of those communications unless you have absolutely confirmed that the communication was legitimate. Further there is no circumstance where you will be asked by anyone legitimate to withdraw funds from your bank, deposit them into a cryptocurrency ATM and transfer the funds to them. Only scammers make those requests.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”
Scam of the day – May 20, 2026 – Ohio Woman Loses $500 to Gift Card Scam
Recently a Bellefontaine, Ohio woman received a call that appeared to come from Apple informing her that there was a problem with her iPhone. He then gave her a case number and transferred her call to a scammer posing as a bank representative who told her that illegal content was discovered on her phone. He then transferred her call to a third scammer purportedly an employee of the Federal Trade Commission who told her that in order to resolve this serious matter she needed to get $500 in Apple gift cards and provide the numbers to the phony FTC employee which she did, thereby losing the $500.
TIPS
While calls like this seem to be emergencies and thereby trigger the part of our brain called the amygdala which is where we make quick, emotional decisions in emergency situations without logically considering the circumstances, there are a number of red flags that indicate that the entire matter was a scam. The call itself may appear to be legitimate because scammers can “spoof’ the numbers of legitimate companies such as Apple or governmental agencies, such as the FTC to manipulate your Caller ID to make the call appear to be from Apple or the FTC. However, it is important to note that Apple is not going to call you to inform you of illegal content on your phone and no legitimate company or government agency requires payments to be made by gift cards. Scammers love gift cards because they are easy to keep anonymous and impossible to trace. So anytime you are asked to pay for anything by way of a gift card, it is a scam.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”